TCPIP Packet Analysis
As a Security Analyst, you must have a complete mastery over TCP/IP protocol. Packet Analysis is making use of a packet sniffer to capture the packets and analyze the flow of data between two devices communicating on a network.
The objective of this lab is to familiarize students with how to sniff a network and analyze packets for any attacks on the network. The primary objectives of this lab are to:
Packet Analysis is a technique used to intercept data in information security, where many of the tools that are used to secure
the network can also be used by attackers to exploit and compromise
the same network. The core objective of sniffing is to steal data, such as sensitive information, email text, etc., or sniff the traffic that is being transmitted between two parties.
Packet Analysis involves intercepting network traffic between two target network nodes and capturing network packets exchanged between nodes. A packet sniffer is referred to as a network monitor that is used legitimately by a network administrator to monitor the network for vulnerabilities by capturing the network traffic and should there be any issues, proceeds to troubleshoot the same.
Similarly, sniffing tools can be used by attackers in promiscuous mode to capture and analyze all the network traffic. Once attackers have captured the network traffic they can analyze the packets and view the user name and password information in a given network as this information is transmitted in a cleartext format. An attacker can easily intrude into a network using this login information and compromise other systems on the network.
Hence, it is very crucial for an Information Security Auditor or a Penetration Tester to be familiar with network traffic analyzers and he or she should be able to maintain and monitor a network to detect rogue packet sniffers, MAC attacks, DHCP attacks, ARP poisoning, spoofing, or DNS poisoning, and know the types of information that can be detected from the captured data and use the information to keep the network running smoothly.
TCPIP Packet Analysis
The Security Analyst Exercises / TCPIP Packet Analysis contains the following Exercises:
- TCP/IP Packet Analysis Using Wireshark
The Virtual Private Cloud for this Lab set utilizes:
Security Analyst Exercises are available as part of the following subscription:
Each subscription provides 6 months access to 15 Different Exercises.
Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Penetration Testing Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.
Lab exercises are included for:
- TCPIP Packet Analysis
- Information Gathering
- Vulnerability Analysis
- External Penetration Testing
- Internal Network Penetration Testing
- Firewall Penetration Testing
- IDS Penetration Testing
- Password Cracking Penetration Testing
- Social Engineering Penetration Testing
- Web Application Penetration Testing
- SQL Penetration Testing