SlideShare uma empresa Scribd logo

Packet analysis using wireshark

Transferir como PPTX, PDF
B
Basaveswar Kureti

Brief introduction about wireshark and practical usecases of packet analysis

Tecnologia
1 de 20
PACKET ANALYSIS USING WIRESHARK CEH TWITTER:@BASAVESWARK
WHAT IS WIRESHARK ? WIRESHARK IS A FREE AND OPEN SOURCE PACKET ANALYZER. IT IS USED FOR NETWORK TROUBLESHOOTING, ANALYSIS, SOFTWARE AND COMMUNICATIONS PROTOCOL DEVELOPMENT, AND EDUCATION
FEATURES • DEEP INSPECTION OF HUNDREDS OF PROTOCOLS, WITH MORE BEING ADDED ALL THE TIME • LIVE CAPTURE AND OFFLINE ANALYSIS • MULTI-PLATFORM: RUNS ON WINDOWS, LINUX, MACOS, SOLARIS, FREEBSD, NETBSD, AND MANY OTHERS • CAPTURED NETWORK DATA CAN BE BROWSED VIA A GUI, OR VIA THE TTY-MODE TSHARK UTILITY • THE MOST POWERFUL DISPLAY FILTERS IN THE INDUSTRY • RICH VOIP ANALYSIS • READ/WRITE MANY DIFFERENT CAPTURE FILE FORMATS: TCPDUMP (LIBPCAP), PCAP NG, CATAPULT DCT2000, CISCO SECURE IDS IPLOG, MICROSOFT NETWORK MONITOR, NETWORK GENERAL SNIFFER® (COMPRESSED AND UNCOMPRESSED), SNIFFER® PRO, AND NETXRAY®, NETWORK INSTRUMENTS OBSERVER, NETSCREEN SNOOP, NOVELL LANALYZER, RADCOM WAN/LAN ANALYZER, SHOMITI/FINISAR SURVEYOR, TEKTRONIX K12XX, VISUAL NETWORKS VISUAL UPTIME, WILDPACKETS ETHERPEEK/TOKENPEEK/AIROPEEK, AND MANY OTHERS • CAPTURE FILES COMPRESSED WITH GZIP CAN BE DECOMPRESSED ON THE FLY • COLORING RULES CAN BE APPLIED TO THE PACKET LIST FOR QUICK, INTUITIVE ANALYSIS • OUTPUT CAN BE EXPORTED TO XML, POSTSCRIPT®, CSV, OR PLAIN TEXT
CAPTURING LIVE TRAFFIC
COLORING RULES
DISPLAY FILTERS • Filter specific addresses ip.addr == 192.168.1.5 ip.src ==192.168.1.5 ip.dest ==192.168.1.5 • Filter specific protocols dns || http (OR) dns or http • Filter specific ports tcp.port == 443 udp.port == 1234 • Identity TCP issues, packet loss tcp.analysis.flag • Cleaning up or Pruning noise !(arp or dns or icmp)
DISPLAY FILTERS (CONTINUED) • Follow tcp stream tcp.stream eq 32 • DNS Queries udp contains facebook • HTTP Request/Responses http.request http.response.code == 200 • TCP Traffic flags tcp.flags.syn == 1 tcp.flags.reset == 1 • SIP Traffic sip rtp
DEMO TIME
SOME QUICK SHORTCUTS
USE CASE # 1 VOIP CALL RECORDING
VOIP CALL RECORDING (CONTINUED..)
VOIP CALL RECORDING (CONTINUED..)
USE CASE # 2 DNS QUERY
USE CASE # 2 DNS QUERY (CONTINUED)
USE CASE # 3 TROUBLESHOOTING INTERNET ACCESS ISSUE (UNABLE TO ACCESS A PARTICULAR MUSIC SITE)
USE CASE # 4 UNDERSTANDING SSL FLOW
USE CASE # 4 UNDERSTANDING SSL FLOW (CONTINUED..)
REFERENCES • https://en.wikipedia.org/wiki/Wires hark • https://www.wireshark.org/ • Practical Packet Analysis by by Chris Sanders • https://www.youtube.com/watch?v= 68t07-KOH9Y • https://en.wikipedia.org/wiki/User_ Datagram_Protocol • https://en.wikipedia.org/wiki/Trans mission_Control_Protocol • http://www.informatics.buzdo.com/ _images/f912-1.gif • http://1.bp.blogspot.com/- gTRV25VTdb8/T55rvji6cEI/AAAAAA AACXM/9clbBo- y0nY/s1600/dnslookups.png
APPENDIX
APPENDIX (CONTINUED)

Recomendados

Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
wireshark
wiresharkwireshark
wiresharkMirza Baig
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 

Recomendados

Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
wireshark
wiresharkwireshark
wiresharkMirza Baig
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark pptbala150985
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptxSalmanKhan222894
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Basic networking
Basic networkingBasic networking
Basic networkingPredieCatherynestrella Reyes
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisYoram Orzach
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersYoram Orzach
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffingguestfa1226
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniquesinbroker
 
COMPUTER NETWORKING
COMPUTER NETWORKINGCOMPUTER NETWORKING
COMPUTER NETWORKINGKiran Buriro
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 

Mais conteúdo relacionado

Mais procurados

Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisYoram Orzach
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersYoram Orzach
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisDavid Sweigert
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniquesinbroker
 
COMPUTER NETWORKING
COMPUTER NETWORKINGCOMPUTER NETWORKING
COMPUTER NETWORKINGKiran Buriro
 

Mais procurados (20)

Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing software
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptx
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Basic networking
Basic networkingBasic networking
Basic networking
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filters
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Wireshark
WiresharkWireshark
Wireshark
 
Sample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark AnalysisSample Network Analysis Report based on Wireshark Analysis
Sample Network Analysis Report based on Wireshark Analysis
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniques
 
COMPUTER NETWORKING
COMPUTER NETWORKINGCOMPUTER NETWORKING
COMPUTER NETWORKING
 

Destaque

Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Ashley Wheeler
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Yoram Orzach
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkAl Imran, CISA
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"abend_cve_9999_0001
 
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric VanderburgEthical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric VanderburgEric Vanderburg
 
Using WireShark with AirPCAP
Using WireShark with AirPCAPUsing WireShark with AirPCAP
Using WireShark with AirPCAPDavid Sweigert
 
Introduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless NetworksIntroduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless NetworksYoram Orzach
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvYoram Orzach
 

Destaque (18)

Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
N map presentation
N map presentationN map presentation
N map presentation
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric VanderburgEthical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
 
WiFi Pineapple - Alex R
WiFi Pineapple - Alex RWiFi Pineapple - Alex R
WiFi Pineapple - Alex R
 
Using WireShark with AirPCAP
Using WireShark with AirPCAPUsing WireShark with AirPCAP
Using WireShark with AirPCAP
 
Introduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless NetworksIntroduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless Networks
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
 

Semelhante a Packet analysis using wireshark

Practical 7 - Using Wireshark Tutorial and Hands-on
Practical 7 - Using Wireshark Tutorial and Hands-onPractical 7 - Using Wireshark Tutorial and Hands-on
Practical 7 - Using Wireshark Tutorial and Hands-onQaisSaifQassim
 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gleDug Song
 
Computer Networking 101
Computer Networking 101Computer Networking 101
Computer Networking 101Sameer Mahajan
 
PRADS presentation (English) @ University of Oslo by Ebf0 and kwy
PRADS presentation (English) @ University of Oslo by Ebf0 and kwyPRADS presentation (English) @ University of Oslo by Ebf0 and kwy
PRADS presentation (English) @ University of Oslo by Ebf0 and kwyRubén Romero
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferenceCengage Learning
 
Music city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lakeMusic city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lakeTimothy Spann
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Joel W. King
 
Debugging applications with network security tools
Debugging applications with network security toolsDebugging applications with network security tools
Debugging applications with network security toolsConFoo
 
2018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 72018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 7FRSecure
 
BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.Sumutiu Marius
 
17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)Jeff Green
 
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...Positive Hack Days
 
Webinar: How to troubleshoot bandwidth hogs and take action.
Webinar: How to troubleshoot bandwidth hogs and take action.Webinar: How to troubleshoot bandwidth hogs and take action.
Webinar: How to troubleshoot bandwidth hogs and take action.ManageEngine, Zoho Corporation
 
Telco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalTelco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalJunho Suh
 
MPLAB® Harmony Ecosystem
MPLAB® Harmony EcosystemMPLAB® Harmony Ecosystem
MPLAB® Harmony EcosystemDesign World
 
Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)packetloop
 
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...Dataconomy Media
 

Semelhante a Packet analysis using wireshark (20)

Practical 7 - Using Wireshark Tutorial and Hands-on
Practical 7 - Using Wireshark Tutorial and Hands-onPractical 7 - Using Wireshark Tutorial and Hands-on
Practical 7 - Using Wireshark Tutorial and Hands-on
 
Network Situational Awareness with d00gle
Network Situational Awareness with d00gleNetwork Situational Awareness with d00gle
Network Situational Awareness with d00gle
 
Computer Networking 101
Computer Networking 101Computer Networking 101
Computer Networking 101
 
PRADS presentation (English) @ University of Oslo by Ebf0 and kwy
PRADS presentation (English) @ University of Oslo by Ebf0 and kwyPRADS presentation (English) @ University of Oslo by Ebf0 and kwy
PRADS presentation (English) @ University of Oslo by Ebf0 and kwy
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
 
Music city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lakeMusic city data Hail Hydrate! from stream to lake
Music city data Hail Hydrate! from stream to lake
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
Debugging applications with network security tools
Debugging applications with network security toolsDebugging applications with network security tools
Debugging applications with network security tools
 
2018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 72018 FRSecure CISSP Mentor Program- Session 7
2018 FRSecure CISSP Mentor Program- Session 7
 
BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.BlackHat Hacking - Hacking VoIP.
BlackHat Hacking - Hacking VoIP.
 
17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)17.) layer 3 (advanced tcp ip routing)
17.) layer 3 (advanced tcp ip routing)
 
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...
Обнаружение вредоносного кода в зашифрованном с помощью TLS трафике (без деши...
 
Webinar: How to troubleshoot bandwidth hogs and take action.
Webinar: How to troubleshoot bandwidth hogs and take action.Webinar: How to troubleshoot bandwidth hogs and take action.
Webinar: How to troubleshoot bandwidth hogs and take action.
 
Telco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_finalTelco junho cost-effective approach for telco network analysis in 5_g_final
Telco junho cost-effective approach for telco network analysis in 5_g_final
 
MPLAB® Harmony Ecosystem
MPLAB® Harmony EcosystemMPLAB® Harmony Ecosystem
MPLAB® Harmony Ecosystem
 
Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)Finding Needles in Haystacks (The Size of Countries)
Finding Needles in Haystacks (The Size of Countries)
 
Part 6 : Internet applications
Part 6 : Internet applicationsPart 6 : Internet applications
Part 6 : Internet applications
 
Ethernet basics
Ethernet basicsEthernet basics
Ethernet basics
 
Chinmay Padhye
Chinmay PadhyeChinmay Padhye
Chinmay Padhye
 
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...
Calum McCrea, Software Engineer at Kx Systems, "Kx: How Wall Street Tech can ...
 

Último

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Último (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Packet analysis using wireshark

  • 2. WHAT IS WIRESHARK ? WIRESHARK IS A FREE AND OPEN SOURCE PACKET ANALYZER. IT IS USED FOR NETWORK TROUBLESHOOTING, ANALYSIS, SOFTWARE AND COMMUNICATIONS PROTOCOL DEVELOPMENT, AND EDUCATION
  • 3. FEATURES • DEEP INSPECTION OF HUNDREDS OF PROTOCOLS, WITH MORE BEING ADDED ALL THE TIME • LIVE CAPTURE AND OFFLINE ANALYSIS • MULTI-PLATFORM: RUNS ON WINDOWS, LINUX, MACOS, SOLARIS, FREEBSD, NETBSD, AND MANY OTHERS • CAPTURED NETWORK DATA CAN BE BROWSED VIA A GUI, OR VIA THE TTY-MODE TSHARK UTILITY • THE MOST POWERFUL DISPLAY FILTERS IN THE INDUSTRY • RICH VOIP ANALYSIS • READ/WRITE MANY DIFFERENT CAPTURE FILE FORMATS: TCPDUMP (LIBPCAP), PCAP NG, CATAPULT DCT2000, CISCO SECURE IDS IPLOG, MICROSOFT NETWORK MONITOR, NETWORK GENERAL SNIFFER® (COMPRESSED AND UNCOMPRESSED), SNIFFER® PRO, AND NETXRAY®, NETWORK INSTRUMENTS OBSERVER, NETSCREEN SNOOP, NOVELL LANALYZER, RADCOM WAN/LAN ANALYZER, SHOMITI/FINISAR SURVEYOR, TEKTRONIX K12XX, VISUAL NETWORKS VISUAL UPTIME, WILDPACKETS ETHERPEEK/TOKENPEEK/AIROPEEK, AND MANY OTHERS • CAPTURE FILES COMPRESSED WITH GZIP CAN BE DECOMPRESSED ON THE FLY • COLORING RULES CAN BE APPLIED TO THE PACKET LIST FOR QUICK, INTUITIVE ANALYSIS • OUTPUT CAN BE EXPORTED TO XML, POSTSCRIPT®, CSV, OR PLAIN TEXT
  • 6. DISPLAY FILTERS • Filter specific addresses ip.addr == 192.168.1.5 ip.src ==192.168.1.5 ip.dest ==192.168.1.5 • Filter specific protocols dns || http (OR) dns or http • Filter specific ports tcp.port == 443 udp.port == 1234 • Identity TCP issues, packet loss tcp.analysis.flag • Cleaning up or Pruning noise !(arp or dns or icmp)
  • 7. DISPLAY FILTERS (CONTINUED) • Follow tcp stream tcp.stream eq 32 • DNS Queries udp contains facebook • HTTP Request/Responses http.request http.response.code == 200 • TCP Traffic flags tcp.flags.syn == 1 tcp.flags.reset == 1 • SIP Traffic sip rtp
  • 10. USE CASE # 1 VOIP CALL RECORDING
  • 13. USE CASE # 2 DNS QUERY
  • 14. USE CASE # 2 DNS QUERY (CONTINUED)
  • 15. USE CASE # 3 TROUBLESHOOTING INTERNET ACCESS ISSUE (UNABLE TO ACCESS A PARTICULAR MUSIC SITE)
  • 16. USE CASE # 4 UNDERSTANDING SSL FLOW
  • 17. USE CASE # 4 UNDERSTANDING SSL FLOW (CONTINUED..)
  • 18. REFERENCES • https://en.wikipedia.org/wiki/Wires hark • https://www.wireshark.org/ • Practical Packet Analysis by by Chris Sanders • https://www.youtube.com/watch?v= 68t07-KOH9Y • https://en.wikipedia.org/wiki/User_ Datagram_Protocol • https://en.wikipedia.org/wiki/Trans mission_Control_Protocol • http://www.informatics.buzdo.com/ _images/f912-1.gif • http://1.bp.blogspot.com/- gTRV25VTdb8/T55rvji6cEI/AAAAAA AACXM/9clbBo- y0nY/s1600/dnslookups.png