![]() I am going now to show you my workaround. The exercise is taken from a website (see References) that contain a bunch of samples of PCAP, which you can refer to find more scenarios and put yourself at test. Now we take a look to a potential scenario that a security analyst could face. Traffic analysis with a malware infection You can see PCAP files like logs created by a dedicated application, in order to allow us to run our duties using Wireshark. ![]() Using PCAP files, teams can attend to detect network problems and resolve data communications using various programs. They also contribute to controlling the network traffic and determining network status. These files contain packet data of a network and are used to analyse the network characteristics. In this article, we are going to work with PCAP files. You don’t have to confuse it with Burp Suite. It also doesn’t modify packets it reads them. It only allows analysts to discover and investigate the packets in depth. ![]() Note that Wireshark is not an Intrusion Detection System (IDS). investigating incidents, by looking at the traffic that passed through the network.manage the network, fixing troubles affecting daily operations, e.g.identify security issues like intrusion attempts, compromised systems, detecting suspicious content.The inspection of these packets allows us to accomplish a variety of duties such as: Once the packets are captured, they can be stored and later utilized by IT teams for further analysis. The tool that I am going to speak about is used for PCAP (Packet Capture), which is a practice involving he interception of data packets travelling over a network.
0 Comments
Leave a Reply. |