Capturing and analyzing network traffic is a foundational skill for many cybersecurity positions. Learn how to use popular tools like the free protocol analyzer Wireshark and sniffing tool tcpdump in this walkthrough from Infosec Skills author Mike Meyers.
How to use Wireshark to analyze network traffic
In this episode of Cyber Work Applied, Mike explains what a protocol analyzer is and how cybersecurity professionals use them to filter network traffic for red flags that need further investigation.
Watch the full breakdown below of how the attack works:
How to use Wireshark for protocol analysis | Free Cyber Work Applied series
New episodes of Cyber Work Applied are released every other week. Check out the full collection of free Cyber Work Applied training videos.
Wireshark demo and walkthrough
The edited transcript of the network traffic analysis walkthrough is provided below, separated into each step Mike covers in the video.
What is a protocol analyzer?
(0:00–0:55) Protocol analyzers are tools that we use to analyze the network traffic coming in and out of a specific host computer. Usually, although not necessarily required, the one we’re sitting on at any given moment.
I never really liked the word protocol