Time
4 hours 21 minutes
Difficulty
Beginner
CEU/CPE
5

Video Transcription

00:00
fine. We'll not. Finally. Next. We're gonna look at wire shirt now. Wire shirt is an amazing tool we talked about in other videos we've got an entire class on. We talked about it all the time because wire shark is the gold standard in packet capture tools. Now, what is packet capturing? Capturing is monitoring your network for communications that are happening on that network.
00:16
That's the way you're going. You'll be able to use that to perform inventory auditing to find out. Okay, Some things are never that shouldn't be or something that's not supposed or something that
00:25
is supposed to be our network doesn't seem to be. It will let you follow http streams that election rebuild traffic. It gives you a taunt of useful information. When I was in training, the building that we were in actually wasn't allowed. We weren't allowed to bring in like CDs of anything except for text files.
00:40
We weren't allowed to bring in music or anything like that.
00:43
Using wire shark in a couple of plug ins, we brought in a wire shark capture of a download of an MP of MP three's and reconstituted those MP three's fromthe wire shirt captures so that we could have music to work on a lot of training.
00:57
I think I think I'm far enough away from training and I can't get in, get in trouble for that anymore. It was in the Navy, so I
01:02
hopefully they don't come looking for me for it.
01:04
So let's look at wire shark
01:08
where it starts again. It's a free tool. It's free download. You can just pull it from the website. Is Google wire shark? It will be your first result.
01:15
Now, when you pull it up, it's gonna have a bunch of information that's not really relevant to us right now. Just telling you kind of what it's working on. You're gonna select what you're gonna monitor on. In this case, I'm monitoring on what the V M believes is an Ethernet port.
01:26
There you go. So this window here that's gonna pop up is where you're gonna spend a lot of time. If you're doing network network analysis, their network administration. Now there's nothing here right now because there's no data being transferred. There's no communication happening yet,
01:38
So to fix that, we're gonna crack open our power shell again.
01:44
Got wire shark here and I'm gonna pull it to one side so that you can see what we're about to do.
01:55
It's moving very, very sluggishly. PM's air Great videos of great, but trying to do both at the same time to be a challenge. You see, that's gonna work.
02:07
There we go
02:09
very slowly.
02:13
All right, so we're monitoring over Ethernet now I'm gonna run a command called w get. And you don't really need to worry too much about whatever you get does. Basically what it does is it reaches out to a Web page and tries to pull that Web page back.
02:24
So we're just gonna try it with Google
02:29
and bam. You see Aton of information suddenly pop up? Where's your Because now we've got actual network communication happening so you can look at this. You're going to see all of this information, the source, the source. I'd be the destination I p protocol length.
02:40
And you can use this to analyze that network traffic and breaking apart. You can say OK, so this first thing, this D. N s look up, D. N s is the domain name service, so it's actually trying to evaluate what is www dot google dot com.
02:53
So it sends this message to the N S A to a d n a server. It gets the response it finds out with the I P addresses,
02:59
and it's able to actually use that to reach out to Google and find Google's I P.
03:02
Which is what you see here in this destination
03:06
again, this isn't a wire. Short classes just give you a brief demo of what? Using wire short looks like and how valuable tool it is to assist that mint.
03:14
Close it, in this case will choose to quit without saving very often. You want to save the data just because you're storing network information
03:22
on that screen?
03:23
All right, that was wire shark. Now the final tool in the one we're gonna do our final demo with is the Microsoft Management Council. Now this is again. This is one that I'm extremely extremely personally familiar with, because I used it from a Microsoft management. All of my system and work.
03:36
It's a tool that's built into Windows. It's been built into Windows since
03:40
roof
03:42
Windows x p. It's been built in for a long time. What Microsoft Management Council does. It actually takes a bunch of the different management profile. So user management, network management, computer management, all the different things you need to do wantto on a machine or on a network. And it puts them into a single location as what we call as
04:00
snap ins or plug ins. Basically,
04:02
So we pull up an emcee,
04:06
run the command it's gonna ask to run
04:11
as an administrator,
04:14
which, for those who didn't know that already, the pop of the Windows now shows that you want to let it make changes. Your computer, that's all that's actually happening, is it's running is an administrator.
04:23
So
04:24
we got our council route.
04:26
What we're gonna do whenever we're trying to perform an action, we're gonna go to file, we're gonna add or remove a snap in,
04:30
which is their weird word for a plug in it all. It really is now on a local machine. What we're going to do today is we're gonna create a new user. So we've got local users and groups is one of our optional snap ins. We add it's gonna say local computer or another. So for managing across the network, we can use this to manage computer somewhere else. Right now, we're just gonna do local.
04:49
We see that. That's the only snapping we want right now.
04:51
Okay,
04:55
full screen. This.
04:58
Now we've got a new Now we've got this new option that we could mess with the local users and groups. We got users here,
05:02
and we've got the current listed users that exist. Guess, default account Administrator user. And this utility account
05:10
to create a new one will just right click hit new user.
05:15
User name is Demo
05:16
with the full name of demonstration.
05:19
If I can spell
05:23
optional description
05:25
will create them a default password
05:34
and create.
05:38
Now, that should show up.
05:42
There you go.
05:43
We've got a demo account. Now we can log out of this machine and log back in with that password.
05:48
See?
05:49
So what I'm attempting to do right now is log out of the account that I created that with and log into the demo account to demonstrate it.
05:56
That is being very challenging because, of course,
05:59
VM czar, sometimes a nightmare.
06:01
There we go
06:04
in all of this and I'm just gonna project about all of this is a great
06:10
thing for people, people to see just because, you know, you may have to assign mentioned before kind of adapt. You know, it's a sys admin. Because a lot of things may go on your V m or whatever you're trying to do may not work properly. You kind of have to adjust it and keep moving forward. So you may have seen what can we talk
06:25
that under the user wanna hit user now? It actually had a second account available because Windows 10 is going to try and display all of its local accounts to you.
06:31
So we've got our demonstration account or default password
06:36
user's password must be changed. And now you have your normal experience with creating an account. So this is really all you have to do under the hood when you're doing systems administration
06:46
to create new users. Now, different people are gonna
06:49
different groups. We're gonna have different methodologies. They're gonna have different management systems. But I am a personal I'm an evangelist of the MMC because again it's built by windows. It's built into windows. It's just a phenomenal
07:01
and we created our new password.
07:04
There we go use your existing to be logged in now that process is very, very simple to do because of the fact these tools exist for Windows. That's something that has a sys admin. You're going to do it all the time. We talked about it being the first and last person Users meet. There you go. That's a great example.

Up Next

Introduction to IT & Cybersecurity

In this FREE IT and cybersecurity training for beginners, you will learn about the four primary disciplines of information technology (IT) and cybersecurity. This introduction to IT course is designed to help you decide which career path is right for you.

Instructed By

Instructor Profile Image
Joe Perry
Senior Technical Instructor at FireEye, Inc
Instructor
Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor