Overview

Introduction

The Packet Sniffing with Wireshark module provides you with the instructions and devices to develop your hands-on skills in the following topics.

  • Packet Sniffing for Password Brute Force Attempts
  • Packet Sniffing for Telnet Passwords and Commands

Lab time: It will take approximately 1 hour to complete this lab

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-002 1.3: Given a scenario, analyze network and security components, concepts and architectures.
  • CAS-002 3.3: Given a scenario, select methods or tools appropriate to conduct an assessment and analyze results

Exercise 1 - Packet Sniffing for Password Brute Force Attempts

There are protocols that display information in plaintext which is not a secure method for network transmission as protocol analyzers can pick up the transmitted data. Telnet is an application-level protocol used for remote administration of computing devices such as Routers, Switches, and Servers.

Exercise 2 - Packet Sniffing for Telnet Passwords and Commands

Many protocols display information in plaintext which is not a secure method for transmission. Telnet is one of the primary communication and contention protocols used for essentially any enabled computing device. Most Routers, Switches and Servers will have this function. However, that doesn’t mean it’s been enabled.

Exercise 3 - Packet Sniffing for HTTP Image Capture and Extraction

Through traffic capture, Wireshark can be used to view all information during transit, if this data is unencrypted such as images flowing to a device, Wireshark will record them and save the traffic information which can be extracted into JPEG formats for by an analyst.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.