In this video from our Packet Analysis with Wireshark course by Atul Tiwari we learn how to perform ICMP analysis in Wireshark. Eavesdropping on ICMP traffic can provide a lot of data to a savvy adversary - or pentester!
Wireshark is the world’s foremost and most widely-used network protocol analyzer. Network analysis and troubleshooting data packets in a network is always a daunting task. But Wireshark always comes to the rescue in such situations. As Wireshark is used widely inside commercial, non-profit, educational and at various places, it becomes crucial for IT people to have thorough knowledge about Wireshark’s capabilities to get insights at a microscopic level in a network and know what’s happening in order to analyze, troubleshoot, monitor and sometimes capture sensitive credentials passing through the wires. Wireshark is useful even in session hijacking of authenticated users and it is the industry leading tool that every ethical hacker, network admin, system admin and even malicious hackers or black hat hackers uses to perform advanced security analysis and attacks.
What skills do you gain in this course?
- Know what’s happening inside the network traffic
- Filter traffic based on your own rules that you created
- How to capture the traffic in multiple datasets
- How to split and merge large captured traces
- Perform various attacks based on protocol issues
- Find TCP and HTTP headers for further analysis
- See only endpoints, target traffic for a single requirement
- Filter for one protocol, one port or port range, one IP address or range of IP
- Identify network intrusions using filters and colorizing rules
- Identify port scanning and DoS attacks on your networks
- Remotely capturing the traffic
- IP and port filtering
- Capture VoIP telephony and listen to the conversations
- Baseline your network traffic for your organization
- EMAIL, DNS, HTTP, TCP, ARP, Ipv4, Ipv6, etc., analysis
- ICMP analysis
- Make and apply display filters
This video is from module 4, where we analyze different protocols, listen to VoIP communications and playback using the captured packets. As a network engineer, one can dive into Wireshark’s plugins, create rules for detecting unauthorized scanning, network flooding of the network and intrusion detection, and fixing issues, as well. Make your own traffic baseline for organization.