Build on what you learned in Protocol Analysis I, this time using command line tools and techniques. You will use the ubiquitous tcpdump program, starting with simple capture tasks and then building up to complex filtering and display options. In the process, you will dig deeply into TCP and IP header fields, learning how these can be used to find the traffic you’re interested in. You will examine ICMP, SSH, and HTTP traffic, including that from web shells commonly used in attacks. With the techniques learned in this exercise, you will be able to gather and filter packet capture data from server systems, then later process it on graphical security operations workstations.

    Prerequisites

    The Protocol Analysis I lab or equivalent knowledge of Wireshark and TCP/IP packet capture. Familiarity with how to use the command line in Linux/Unix systems.

    Expected Duration

    2 hours, self-paced. Pause and continue at any time.
    2 CPEs awarded on successful completion.

    .

    Cyber Workforce Platform

    Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec sed finibus nisi, sed dictum eros.
    Copyright © 2024 Divi. All Rights Reserved.