Tag: Wireshark
-
Wireshark Display Filters
Wireshark Display Filters Lab – Overview and Setup This lab focused on becoming more familiar with using Wireshark display filters to isolate specific types of traffic. Exercise 1 – Filtering DNS Queries for a Specific Domain Task: Find the packet record number(s) where a DNS query name contains the string glenhighland. There are many ways…
-
Fragmentation
IP Fragmentation Lab – Overview and Setup This lab focused on exploring the behavior and structure of IP fragmentation. The exercises require close analysis of fragmented IP packets using either Wireshark or tcpdump. Exercise 1 – Analyzing the First Two IP Fragments Look at the first two records. They are related fragments and are the…
-
IPv4
Lab 1.4 – IPv4 Packet Analysis This lab focused on examining network traffic at the IPv4 layer, with an emphasis on identifying abnormal or suspicious behavior within the packet capture. Lab Setup For this exercise, I used the capture file called ipv4.pcap. Once downloaded, I opened the file in Wireshark and began my analysis. Exercise…
-
The Network Access/Link Layer
Link Layer Analysis Lab – Overview and Setup This set of exercises focuses on analyzing network activity at the Link Layer. Lab Setup For this lab, I used Wireshark to analyze a file called link.pcap. Exercise 1 – Analyzing the First Record 1. In the first record, what is 192.168.11.11 trying to find? To answer…
-
Introduction to Wireshark
The goal of this lab is to familiarize myself with the basic functionalities of Wireshark. Exercise 1 – Wireshark Profile Setup To kick off the lab, I started by setting up a custom Wireshark configuration profile. These profiles are really helpful because they let you tailor things like display columns, settings, and layout to match…