Identify Common Cyber Network Attacks with Wireshark

Focused View

Chris Greer

2:34:16

123 View

1. Course Overview

1. Course Overview.mp4

01:43

2. When to Break Out Wireshark for Threat Hunting

1. Course Introduction.mp4

01:30

2. When to Break out Wireshark for Threat Hunting.mp4

01:56

3. Starting with IDS Alerts and Firewall-Server Event Logs.mp4

02:37

4. Packet Analysis and the MITRE ATT&CK Framework-Cyber Kill Chain.mp4

01:27

5. Module Review.mp4

00:28

3. Analyzing Port Scans and Enumeration Methods

01. Module Intro.mp4

01:19

02. Network and Host Discovery Scans.mp4

02:58

03. Lab 1 - Detecting Network Discovery Scans with Wireshark.mp4

05:59

04. Lab 2 - Identifying Port Scans with Wireshark.mp4

05:32

05. Lab 2 - Part 2 - Detecting Port Scans.mp4

03:25

06. Lab 3 - Analyzing Malware for Network and Port Scans.mp4

07:39

07. Lab 3 - Part 2 - Analyzing Malware for Network and Port Scans.mp4

03:24

08. How OS Fingerprinting Works.mp4

02:55

09. Lab 4 - Detecting OS Fingerprinting with Wireshark.mp4

06:50

10. Lab 4 - Part 2 - Detecting OS Fingerprinting.mp4

06:08

11. How HTTP Path Enumeration Works.mp4

01:36

12. Lab 5 - Analyzing HTTP Path Enumeration with Wireshark.mp4

07:05

13. Module Review.mp4

00:33

4. Analyzing Common Attack Signatures of Suspect Traffic

01. Module Intro.mp4

00:33

02. How to Find -Suspect- Traffic Patterns.mp4

02:13

03. Spotting Network Attacks - The Top 10 Things to Look For.mp4

02:26

04. Lab 4 - Analyzing TCP SYN Attacks.mp4

04:04

05. Identifying Unusual Country Codes with GeoIP.mp4

02:14

06. Lab 7 - Spotting Suspect Country Codes with Wireshark.mp4

05:16

07. Lab 8 - Filtering for Unusual Domain Name Lookups.mp4

04:54

08. Analyzing HTTP Traffic and File Transfers.mp4

02:50

09. Lab 9 - Analyzing HTTP Traffic and Unencrypted File Transfers.mp4

06:14

10. Spotting Data Exfiltration, Brute Force Password Behavior, and Reverse Shell.mp4

02:36

11. Lab 10 - Analysis of a Brute Force Attack.mp4

05:31

12. Module Review.mp4

00:44

5. Identifying Common Malware Behavior

1. Module Intro.mp4

00:38

2. What Is Malware- How Can I Spot It-.mp4

02:25

3. Indicators of Compromise in Malware Analysis.mp4

01:15

4. Lab 11 - Malware Analysis with Wireshark - Part 1.mp4

09:51

5. Lab 11 - Malware Analysis with Wireshark - Part 2.mp4

02:57

6. Module Review.mp4

01:09

6. Identify Shell, Reverse Shell, Botnet, and DDoS Attack Traffic

01. Module Intro.mp4

00:45

02. How to Identify Shells and Reverse Shells.mp4

02:29

03. Lab 12 - Analyzing Reverse Shell Behavior.mp4

03:44

04. How to Spot Botnet Traffic.mp4

03:20

05. Lab 13 - Identifying Botnet Traffic with Wireshark.mp4

05:44

06. Lab 13 - Identifying Botnet Traffic - Part 2.mp4

03:58

07. How to Identify Data Exfiltration.mp4

03:01

08. Lab 14 - Analyzing Data Exfiltration with Wireshark.mp4

06:42

09. Module Review.mp4

00:21

10. Course Review.mp4

01:18

Description

This course will teach you how to quickly spot cyber attacks and indicators of compromise in network traffic with Wireshark.

What You'll Learn?

Cyber attacks are everywhere. Are they lurking in your network? Every IT professional needs to develop the skills with Wireshark to quickly spot them. In this course, Identify Common Cyber Network Attacks with Wireshark, you’ll gain the ability to threat hunt at the packet level. First, you’ll explore how network and OS Fingerprinting scans work and how to identify them. Next, you’ll discover how to spot indicators of compromise in malware infections. Finally, you’ll learn how to isolate botnet and data exfiltration traffic. When you’re finished with this course, you’ll have the skills and knowledge of threat hunting with Wireshark needed to identify common cyber network attacks on your network.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Security

Wireshark

Chris Greer

Instructor's Courses

Chris Greer is a network analyst for Packet Pioneer, delivering training and packet analysis consulting services to customers all over the world. He specializes in using Wireshark to combat network and application performance problems on networks of all sizes. Chris leverages his 20 years of practical experience in network monitoring, analysis, and troubleshooting to heighten the experience of any attendee to his interactive and energetic courses. When he is not digging deep into packets or teaching others the art of analyzing them, he can be found writing for several industry blogs, presenting on vendor webinars, recording tips for his YouTube channel or speaking at technology conferences including Sharkfest - the Wireshark Developer and User conference.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.