Introduction

The Wireshark program makes the unseen seen. Knowing what data is travelling through your wires is essential for every security person. Everybody knows that the data flows from place to place on the network in packets. Few people take the time to capture those packets and see what they really look like. Visualizing packets is one of the most important things you can do to develop your skill in information security. You will find that there's a wealth of information about a network accessible at every port. Having a solid understanding of programs like Wireshark will assist you in finding security problems. Also, as you will see in the lab will show you exactly why you should avoid using insecure protocols.

NetLab+ Assignment

Use the NetLab+ server to do NISGTC Security+ Lab 01: Network Devices and Technologies- Capturing Network Traffic. You only have to do part 1. Follow the lab step by step and take screenshots at the points below:

  • Part 1.1, Step 10: Take a screenshot of the output of tcpdump
  • Part 1.1, Step 16: Take a screenshot of Wireshark open with packets in view.
  • Part 1.4, Step 2: Take a screenshot of the output of the tail command

Install Wireshark at Home

Now that you have an idea of what Wireshark can do, use the link above to download and install Wireshark on your own computer (or a school computer if you don't have one). Start a packet capture on your computer and collect packets for a while. Export your captured packets from Wireshark and submit them with the lab.

Turn In

  • The three screenshots from NetLab+
  • You packets in a file name lab1.pcapng

Grading

  • 10 points for your screenshots.
  • 10 points for your packet capture.