From the course: Protecting Your Network with Open-Source Software
Join today to access over 24,700 courses taught by industry experts.
Packet capturing with Wireshark
From the course: Protecting Your Network with Open-Source Software
Packet capturing with Wireshark
- [Instructor] Wireshark is one of the most well-known packet and protocol analysis software. This type of software is also called packet sniffer because it collects and inspects packets, like dogs sniffing for evidence in a crime scene. In this lesson, our goal is to observe three-way handshaking using Wireshark. Transmission Control protocol, or TCP, is a connection-oriented protocol that ensures packets are error-free and in the correct sequence on the receiving side. For TCP to establish a reliable connection, it has to go through this process called three-way handshaking. The process consists of three steps, which is why it's called three-way handshaking. The first one is SYN or synchronize. The second one is SYN/ACK or synchronize and acknowledge. And finally, ACK, or acknowledge. Here is a diagram that shows how three-way handshaking occurs. When starting your Wireshark instance, remember that you're running it as root. The root privilege gives you access to network interfaces.…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
(Locked)
What is packet analysis?3m 11s
-
(Locked)
ARP poisoning example4m 44s
-
(Locked)
Packet capturing with Wireshark4m 3s
-
(Locked)
Exploring Wireshark's advanced features2m 3s
-
(Locked)
Wireshark hands-on3m 18s
-
(Locked)
Challenge: Filtering with IP addresses and port numbers1m 24s
-
(Locked)
Solution: Filtering with IP addresses and port numbers1m 12s
-
(Locked)
-
-
-