• Practiced troubleshooting with Wireshark, captured traffic and analyzed acquired traffic. Used display and capture filters to examine details.
• Generated, captured and analyzed RADIUS, DNS, HTTP and Telnet unencrypted traffic. Decrypted a RADIUS encrypted password.
• Generated, captured and analyzed SSH and HTTPS encrypted Traffic. Decrypted HTTPS traffic in Wireshark.
• Wireshark
• 1. Used Wireshark and much of its functionalities to capture network traffic currently flowing and analyzing traffic by opening a stored pcap file.
• 2. Generated and captured RADIUS traffic. Analyzed and viewed in Wireshark. Reviewed RADIUS architecture elements and decrypted the password using Wireshark.
• 3. Reviewed the basics of HTTP and analyzed the differences between Wireshark’s filters. Connected to an HTTP server and initiated HTTP authentication. Captured the traffic in Wireshark.
• 4. Initiated HTTP form-based authentication and captured in Wireshark. Identified the username and password in the form POST and recognized the vulnerabilities in an HTTP form.
• 5. Started a telnet session with a remote device using Powershell and captured traffic in Wireshark. Analyzed the capture from a security perspective.
• 6. Opened an SSH session and captured the traffic. Compared the results to telnet. Filtered traffic based on the host and recognized different conversations that can occur within a single capture.
• 7. Generated and captured HTTPS traffic and decrypted the HTTPS traffic in Wireshark.
