Time
4 hours 21 minutes
Difficulty
Beginner
CEU/CPE
5

Video Transcription

00:00
All right, s Oh, uh, hey, who's that? You You know,
00:05
You know, I think that just might be the single greatest pop star alive.
00:09
All right, well dressed a little bit. I won't get Joe going on that. We're gonna dump it, I won't go. So I'm gonna hop out of the president presentation here for a second. I'll jump into the lab environment will kind of get that agenda. So I didn't want to show you some different commands.
00:24
A CZ Well, a cz show you the wire shark tool. So you'll see. I'm kind of Jennings. Things up here might take a murmur. So the reason I do that is I didn't want to run out of time on my lap sessions. That would kind of be kind of awkward to try to gen stuff up. And then nothing was working. So I'm just gonna power it up real quick, just as it takes a minute or so. Here, having all kind of ramble as we do that,
00:43
we'll get it going.
00:45
So we're starting off here with wire shark, probably just because it's gonna go a little faster than the other lab environment, and then we'll jump into the windows commands. So don't worry about all these little error messages that are popping up. If you decide Thio, if you have access to the cyber labs you decide to do, Ah, wire, Shark lab, then you're kind of be able to read through those.
01:02
I'm just gonna kind of go through and show you wire shark. I'll show you
01:06
capturing some packets. I opened up the packing to show you like some of the stuff that's in it. Now we're not gonna go in depth as far as like grabbing a using a password or anything like that. This is really just showing you like I P addresses and the packets. Just because we're not actually, as I mentioned, showing you are, you know, doing any type of attack here.
01:23
I'm just gonna open up a white shark. Of course, I could cook the shortcut icon, but you know, like, where's the where's the real fun? And, you know, there's no fun and clicking shortcuts there, so I'll just open up a terminal here and just thio pseudo pseudo terminal
01:38
pseudo wires.
01:41
So it's gonna ask me for a password, and I'm not gonna tell you what? That is a super secret.
01:45
But if you do the lab, you know, you'll get that. Ignore that error messages. Like I said, just ignore the air's. So now we have Warner shirt. This is this is what it looks, right? So we got different shortcut icons at the top here where we can, you know, start a capture stop cat capture, etcetera.
01:57
We could also do different things from the actual drop down menu here,
02:01
and we're actually gonna go ahead and we'll just start capture. So let's go to capture the options. And again, don't follow along here. You don't worry about follow along.
02:12
So I'm gonna select my network interface, which is gonna be a e th zero or zero.
02:17
The other thing I'm gonna do is just unchecked these boxes. I do wanna have a promiscuous mode, so that way I'm letting everything through. I'm just gonna say start.
02:24
So, uh, you're not gonna see anything here initially, you see, a little bit, but again, it's kind of like All right, well, nothing's happening.
02:30
Let's make something happen. All right?
02:34
I'm gonna open another terminal window here. We're just gonna do a quick ping. So We kind of talked about the ping command. What's actually take a look? At what? That So, uh, I think this is the I P address. We'll find out in a second here.
02:46
So we just got a ping and we're gonna see what kind of replies we get back. So, as I mentioned, you know, with the window is when we do the paying room, see, basically the same stuff were two c i p addresses
02:57
that we're trying to ping, and we're to see how long it's taken for the information to come back to us. And if we even are getting information back
03:04
as I'm rambling, what you notice in the ground there's all this is moving, right?
03:08
So we're basically capturing packets.
03:12
We can let their run for a moment or so. I'm just gonna go ahead and just stop it. So all this control c and just kill this terminal window. So what's actually take a look at, like, one of these? Right, So we see we got ICMP packets or UDP.
03:23
Don't worry about what that is for this session. If you decide to be a network engineer, you'll obviously learn all about the different packaging. Joe's giggling because he knows. But we'll just take a look at this one right here. So what we have in this packet as it moves away from me
03:38
on the screen there, we're gonna crank open these. So we got our frame here.
03:43
User Net R I p protocol.
03:46
What? You're gonna notice years. We've got our source i P address and then our destination i p address. So if you remember,
03:53
based on how this is occurring are based on the i P address I used in the Ping, we're seeing that information, right?
04:00
So this is our return.
04:01
Let's go back for you to be one.
04:04
I hope it all these up again.
04:06
So the other thing you're seeing here is our Mac address
04:11
for the particular device as well as this. Ones are
04:15
local. Mac are broadcast address. Excuse me. So we see the f f f f f f f all the way through. Basically, you have 12
04:24
components here of your Mac address or 12 for getting out. I want to say this, but basically you have 12 characters, so to speak in your back in any Mac address again. Not something we're covering here. But you see that we could get potentially getting some good information from these package. So if I was doing, like an attack on Joe, for example,
04:42
paying his servers,
04:44
nor his devices and see, you know, one of the I P addresses where the Mac addresses for those devices and also get some different information about the frames themselves, You know how long thinking to get information back
04:56
from that particular device?
04:59
The other thing we could see if we were doing it here, we could actually potentially see a user name and password of is being transmitted in plain text. We could grab that from here is so I didn't want to go to in depth of wire certain that's gonna stop capture there.
05:12
But this is kind of what it looks like. And just some of the information that you could get from now. This is by no means
05:17
for sure, of course, or even a session. There's a lot of stuff you could do with wire shark, but I don't wantto overload you in this particular session. So any questions for me, Joe, Anything else you want me to show him in wire shark Quick. I don't think in wire short. We do have one question we can ask. Now we have one of our one of our students is asking
05:35
currently working on her master's in computer science, which is just starting off with networking or somewhere else
05:44
s. So, what is your Is your undergrad a different degree, I guess. What? My question on that. But yeah, I would say, if you're going for your masters in computer science and you're transitioning like, if your undergrad is like history or something like that, then yes, I would actually start off with. Networking is kind of your phone.
05:59
I think the bulls off there, you know? So
06:01
there's a network engineer and then cybersecurity itself. Kind of build off of that yet
06:12
everything. But the point does still stand okay.
06:16
Yeah. Yeah. And actually, as part of your masters, it should be kind of building you off
06:21
somewhat rare that they wouldn't. If you don't have an I t back on, they wouldn't. Normally most masters wouldn't take you in the program
06:30
if you don't have an I t back. But there's probably some other that do. It still stands as Joe mentioned that you start out with networking and they kind of work your way up. You know, learn some scripting, different scripting like python or something. Which, by the way, Joe has some courses coming on soon. And then also, you know, from their kind of build out into more the cyber security focus in your master's program.
06:48
And I would assume that whatever program you're doing,
06:51
he's kind of structured along those lines.
06:55
And then I'm actually gonna answer this next one from Bradley. Any resource is involving detailed information on various packet types that could be suggested. We've got a couple. The first, really is. We've actually got a wire short class that is either up or is about to go up on our site. It's gonna have a bunch of really deep dive information on it. Additionally, wire shark. If you go to the wire short website,
07:14
their help documentation is
07:15
absolutely spectacular. It's a really, really good place to get started.
07:20
Absolutely. Absolutely.
07:24
Yeah, we d'oh, we do have yet, So if you basically start from the catalogue the word wire shark, you'll see all sorts of things

Up Next

Introduction to IT & Cybersecurity

In this FREE IT and cybersecurity training for beginners, you will learn about the four primary disciplines of information technology (IT) and cybersecurity. This introduction to IT course is designed to help you decide which career path is right for you.

Instructed By

Instructor Profile Image
Joe Perry
Senior Technical Instructor at FireEye, Inc
Instructor
Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor