Wireshark Configuration for Cyber Security Analysis

Focused View

Chris Greer

1:28:00

101 View

1. Course Overview

1. Course Overview.mp4

01:42

2. Top Five Wireshark Features for Forensic Analysis

1. Introduction to Cyber Security Analysis with Wireshark.mp4

02:42

2. Lab 1 - Creating a Security Profile.mp4

07:22

3. Lab 2 - The Statistics View.mp4

05:16

4. Lab 3 - Configuring GeoIP Location Resolution.mp4

05:31

5. Lab 4 - Configuring Custom Columns.mp4

04:42

6. Lab 5 - Configuring Name Resolution.mp4

05:28

7. Lab 6 - Exporting HTTP Objects and Files.mp4

03:23

8. Lab 7 - Reassembling and Exporting FTP Files.mp4

03:23

9. Module Summary.mp4

00:38

3. Filters and Coloring Rules for Spotting Suspect Traffic

01. Intro to Filters and Coloring Rules in Wireshark.mp4

01:25

02. Analyzing Unusual DNS Activity.mp4

01:15

03. Lab 7 - Part 1 - Filtering for Unusual DNS Activity.mp4

09:13

04. Lab 7 - Part 2 - Filtering for Unusual DNS Activity.mp4

02:36

05. Analyzing Traffic from Unusual Country Codes.mp4

00:58

06. Lab 8 - Filtering for Traffic Based on Country Location.mp4

04:30

07. Analyzing Suspect TCP Behavior and Flags.mp4

02:17

08. Lab 9 - Part 1 - Filtering for Suspect TCP Behavior.mp4

06:14

09. Lab 9 - Part 2 - Filtering for Suspect SSH Traffic.mp4

01:40

10. Lab 10 - Filtering for Executable Files.mp4

05:27

11. Lab 11 - Analyzing Traffic over Non-standard Ports.mp4

05:18

12. Summary.mp4

00:33

4. Configuring Wireshark for Decrypting Traffic

1. Module Introduction.mp4

01:16

2. Capturing the TLS Session Keys.mp4

02:02

3. Lab 12 - Decrypting TLS Traffic in Wireshark.mp4

02:05

4. Course Summary.mp4

01:04

Description

This course will teach you the best settings and filters to use in Wireshark for quickly spotting malware behavior, enumeration and scans, and other suspect traffic.

What You'll Learn?

Properly configuring Wireshark can greatly help to track down IoCs and can reduce the time required for Cyber Security professionals to perform network forensics. In this course, Wireshark Configuration for Cyber Security Analysis, you’ll learn to quickly spot suspect traffic with Wireshark. First, you’ll explore the top five Wireshark settings that all Security Professionals should implement when analyzing traffic. Next, you’ll discover how to create filters and coloring rules that will make suspect traffic stand out. Finally, you’ll learn how to decrypt TLS traffic for analyzing secure communications. When you’re finished with this course, you’ll have the skills and knowledge of Wireshark needed to speed up traffic analysis and incident response.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Wireshark

Chris Greer

Instructor's Courses

Chris Greer is a network analyst for Packet Pioneer, delivering training and packet analysis consulting services to customers all over the world. He specializes in using Wireshark to combat network and application performance problems on networks of all sizes. Chris leverages his 20 years of practical experience in network monitoring, analysis, and troubleshooting to heighten the experience of any attendee to his interactive and energetic courses. When he is not digging deep into packets or teaching others the art of analyzing them, he can be found writing for several industry blogs, presenting on vendor webinars, recording tips for his YouTube channel or speaking at technology conferences including Sharkfest - the Wireshark Developer and User conference.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.