The Packet Sniffing with Wireshark module provides you with the instructions and devices to develop your hands-on skills in the following topics.
- Packet Sniffing for Password Brute Force Attempts
- Packet Sniffing for Telnet Passwords and Commands
Lab time: It will take approximately 1 hour to complete this lab
The following exam objectives are covered in this lab:
- CAS-002 1.3: Given a scenario, analyze network and security components, concepts and architectures.
- CAS-002 3.3: Given a scenario, select methods or tools appropriate to conduct an assessment and analyze results
Exercise 1 - Packet Sniffing for Password Brute Force Attempts
There are protocols that display information in plaintext which is not a secure method for network transmission as protocol analyzers can pick up the transmitted data. Telnet is an application-level protocol used for remote administration of computing devices such as Routers, Switches, and Servers.
Exercise 2 - Packet Sniffing for Telnet Passwords and Commands
Many protocols display information in plaintext which is not a secure method for transmission. Telnet is one of the primary communication and contention protocols used for essentially any enabled computing device. Most Routers, Switches and Servers will have this function. However, that doesn’t mean it’s been enabled.
Exercise 3 - Packet Sniffing for HTTP Image Capture and Extraction
Through traffic capture, Wireshark can be used to view all information during transit, if this data is unencrypted such as images flowing to a device, Wireshark will record them and save the traffic information which can be extracted into JPEG formats for by an analyst.