Wireshark: Traffic Analysis
Premium roomLearn the basics of traffic analysis with Wireshark and how to find anomalies on your network!
medium
120 min
54,499
To access material, start machines and answer questions login.
In the previous two rooms, we have covered how to use Wireshark and do packet-level searches. Now, it is time to investigate and correlate the packet-level information to see the big picture in the network traffic, like detecting anomalies and malicious activities. For a security analyst, it is vital to stop and understand pieces of information spread in packets by applying the analyst's knowledge and tool functionality. This room will cover investigating packet-level details by synthesizing the analyst knowledge and Wireshark functionality for detecting anomalies and odd situations for a given case.
Prerequisites
Setup and Environment
Before moving forward, start the Virtual Machine by clicking the Start Machine button below. The machine will start in split view and will take about two minutes to load. In case the machine is not visible, you can click the Show Split View button at the top of the task.
You can use this Virtual Machine to follow along with the walkthrough and make the exercises at the end of this room.
Note: DO not directly interact with any domains and IP addresses in this room. The domains and IP addresses are included only for reference reasons.
Ready to learn Cyber Security?
The Wireshark: Traffic Analysis room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in