COURSE OUTLINE 1 Introduction(History) Key functions Interface analysis 2 Traffic Analysis/OSI Review Protocol Filtering 3 IP and port filtering Wireshark.

Slides:



Advertisements
Similar presentations
F3 Collecting Network Based Evidence (NBE)
Advertisements

International Academy Design and Technology Technology Classes.
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
SYSTEM ADMINISTRATION Chapter 19
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
Capture Packets using Wireshark. Introduction Wireshark – – Packet analysis software – Open source.
Presented by Serge Kpan LTEC Network Systems Administration 1.
Network Hosts Analyzer Hadas Shumovitch Elad Levi Tal Katz
Packet Capture Using Ethereal. Definition for Sniffer: A program and/or device that monitors data traveling over a network. Sniffers can be used both.
Computer Security and Penetration Testing
ITIS3100 By Fei Xu. Acknowledge This document is basically a digest from “Wireshark User's Guide for Wireshark 1.0.0” You can download the software.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Introduction An introduction to the equipment and organization of the Internet Lab.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Configuring Network Devices Working at a Small-to-Medium Business or ISP – Chapter.
Introduction to Networking. Key Terms packet  envelope of data sent between computers server  provides services to the network client  requests actions.
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
University of Calgary – CPSC 441.  Wireshark (originally named Ethereal)is a free and open-source packet analyzer.  It is used for network troubleshooting,
Hands-on Networking Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
Copyright © 2002 OSI Software, Inc. All rights reserved. PI-NetFlow and PacketCapture Eric Tam, OSIsoft.
Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.
Introduction to Networking. Key Terms packet  envelope of data sent between computers server  provides services to the network client  requests actions.
1. There are different assistant software tools and methods that help in managing the network in different things such as: 1. Special management programs.
Computer Networking Course Introduction Dr Sandra I. Woolley.
 Spring 2011  CSCI 27 Computer Networking Course Overview.
Module 12: Routing Fundamentals. Routing Overview Configuring Routing and Remote Access as a Router Quality of Service.
Company LOGO Networking Components Hysen Tmava LTEC 4550.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
WINDOWS NETWORKING KRISTEN WILLIAMS MOSES IKE. OBJECTIVES Introduction to Networking – OSI Reference Model Connecting Network Devices - NICs Installing.
© 2010 Cisco Systems, Inc. All rights reserved. 1 CREATE Re-Tooling Exploring Protocols with Wireshark March 12, 2011 CREATE CATC and Ohlone College.
Practice 4 – traffic filtering, traffic analysis
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: TCP/IP Architecture.
Sniffer, tcpdump, Ethereal, ntop
Network Sniffer Anuj Shah Advisor: Dr. Chung-E Wang Department of Computer Science.
Networks Part 3: Packet Paths + Wireshark NYU-Poly: HSWP Instructor: Mandy Galante.
Network Components David Blakeley LTEC HUB A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN.
1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.
Network Management CCNA 4 Chapter 7. Monitoring the Network Connection monitoring takes place every day when users log on Ping only shows that the connection.
POSTECH 1/39 CSED702D: Internet Traffic Monitoring and Analysis James Won-Ki Hong Department of Computer Science and Engineering POSTECH, Korea
COMP2322 Lab 1 Introduction to Wireshark Weichao Li Jan. 22, 2016.
Troubleshooting Tools Kyle Broussard and Alexandra Mikolai.
Review of IPv4 Routing Veena S, MCA Dept, PESIT Mar 09-10, 2013.
Page 1 Monitoring, Optimization, and Troubleshooting Lecture 10 Hassan Shuja 11/30/2004.
Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.
Chapter 5e.  Upon completion of this chapter, you should be able to:  Find IP configuration settings on Windows & Linux  Troubleshoot IP configuration.
CompTIA CompTIA Academic/E2C Security+ Study Guide JK0-022
Configuring Network Devices
Instructor Materials Chapter 8 Configuring Cisco Devices
Troubleshooting ip Chapter 5e.
What is a Firewall?.
Lab 2: Packet Capture & Traffic Analysis with Wireshark
Network Tools and Utilities
1.
Instructor Materials Chapter 9: Testing and Troubleshooting
A Quick Guide to Ethereal/Wireshark
COMP2322 Lab 1 Wireshark Steven Lee Jan. 25, 2017.
Troubleshooting Network Communications
Traffic Analysis with Ethereal
Packet Sniffing.
Firewalls Routers, Switches, Hubs VPNs
Wireshark CSC8510 David Sivieri.
CS580 Special Project: IOS Firewall Setup using CISCO 1600 router
Firewall.
Troubleshooting ip Chapter 5e.
Presentation transcript:

COURSE OUTLINE 1 Introduction(History) Key functions Interface analysis 2 Traffic Analysis/OSI Review Protocol Filtering 3 IP and port filtering Wireshark and Linux firewall interaction Demonstration of detecting unauthorized traffic 4 Tshark command line interface overview Demonstrate how credentials can be stolen Network card Modes: Monitoring/Remote Capture

Why is Wireshark relevant ? Network security Prevention Performance Troubleshooting

Brief History(What was happening in the 80’s?) How did technicians troubleshoot networks ? ANY IDEAS ?

The Oscilloscope In the 1980’s to answer this question and thoroughly examine a network an oscilloscope was the main technology used.

What could the Oscilloscope do? An oscilloscope showed square-ish electrical pulses that bounced up and down observing the change of an electrical over time. Then the observed waveform could be analyzed.  Technicians could determine the time and voltage values of a signal.  Technicians could calculate the frequency of a signal.  Technicians could observe the change of an electrical signal over time.

Packet Switched Networks

Packets instead of pulses With the growth of packet-switched networks. Packet analysers such as Tcp dump combined with clever low-level programming (pcap) meant you could see what was in each message going across the network.

Enter Gerald Combs

Ethereal/Wireshark In the late 1990s Gerald Combs a computer science graduate was working for a small internet service provider. He began writing Ethereal in 1998 which led to Riverbed Technology expanding the concept under Wireshark in Today Wireshark has won several industry awards and is today one of the best open source packet analyzers available today for UNIX and Windows.

What is Wireshark? Wireshark is a free and open source network protocol analyser(also known as a network sniffer) that enables users to interactively browse the data traffic on a computer network.  500,000 downloads a month.  The IT industry has embraced Wireshark as the go-to tool for network troubleshooting, optimization and security.

Network Tools Ping, Tracert, Netstat, Arp They test end basic connectivity First “filling of the network behaviour ”

SNMP Tools Continuous monitoring and mapping Events and notifications Map systems.

Where is Wireshark used ? Network administrators use it to troubleshoot network problems Hunt down unauthorized Network traffic Troubleshoot slow network performance Confirm Firewall settings Determine whether a machine has malware IT Security becoming a huge asset in the workplace Knowledge of Wireshark is a huge plus in IT admin Jobs.

Where to Locate it? For Internet connectivity monitoring (Before or after the firewall?) For WAN monitoring (Connect laptop to the LAN switch, with port mirror to the monitored router. For server monitoring(Connect the laptop to the LAN switch, with port mirror to the monitored server.)

Welcome to the interface

WordPress wireshark01site.wordpress.com

During installation main sure WinPcap is installed. Remember from earlier slide. Pcap is the (API) for capturing network traffic.

Initial Screen

Organize your layout

OSI MODEL + Wireshark Interface

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.