Expanded

Identify Common Cyber Network Attacks with Wireshark

This course will teach you how to quickly spot cyber attacks and indicators of compromise in network traffic with Wireshark.
Course info
Level
Intermediate
Updated
Oct 12, 2021
Duration
2h 34m
Table of contents
Course Overview
When to Break Out Wireshark for Threat Hunting
Analyzing Port Scans and Enumeration Methods
Analyzing Common Attack Signatures of Suspect Traffic
Identifying Common Malware Behavior
Identify Shell, Reverse Shell, Botnet, and DDoS Attack Traffic
Description
Course info
Level
Intermediate
Updated
Oct 12, 2021
Duration
2h 34m
Your 10-day individual free trial includes:

Expanded library

This course and over 7,000+ additional courses from our full course library.

Hands-on library

Practice and apply knowledge faster in real-world scenarios with projects and interactive courses.
*Available on Premium only
Description

Cyber attacks are everywhere. Are they lurking in your network? Every IT professional needs to develop the skills with Wireshark to quickly spot them. In this course, Identify Common Cyber Network Attacks with Wireshark, you’ll gain the ability to threat hunt at the packet level. First, you’ll explore how network and OS Fingerprinting scans work and how to identify them. Next, you’ll discover how to spot indicators of compromise in malware infections. Finally, you’ll learn how to isolate botnet and data exfiltration traffic. When you’re finished with this course, you’ll have the skills and knowledge of threat hunting with Wireshark needed to identify common cyber network attacks on your network.

About the author
About the author

Chris Greer is a network analyst for Packet Pioneer, delivering training and packet analysis consulting services to customers all over the world. He specializes in using Wireshark to combat network and application performance problems on networks of all sizes. Chris leverages his 20 years of practical experience in network monitoring, analysis, and troubleshooting to heighten the experience of any attendee to his interactive and energetic courses.

More from the author
Protocol Deep Dive: QUIC
Advanced
1h 34m
Apr 1, 2021
More courses by Christopher Greer
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Chris Greer, and welcome to my course, Identify Common Cyber Network Attacks with Wireshark. I'm a network analyst and a Wireshark instructor at Packet Pioneer, and I'm excited to show you how all IT professionals can use this tool to quickly spot cyberattacks and network traffic. After all, even with our IDS systems in place, cybersecurity attacks have become so common that threat hunting with Wireshark is no longer an optional skill for IT pros. Engineers need to quickly spot enumeration scans, malware behavior, data exfiltration efforts, and other suspect traffic with Wireshark, especially during incident response. But before we can do that, we first need to know how these common attack methods work and how to identify them at the packet level. So join me, and you'll get hands‑on experience with pcap examples of common threats and learn how to spot them in Wireshark. In this course, you'll learn how to filter for network scans and OS fingerprinting, how to spot traffic exfiltration in the packets, you'll learn the top 10 attack patterns to search for, and how to identify common indicators of compromise in malware behavior. By the end of this course, you'll have the skills necessary to quickly spot cyber network attacks with Wireshark. Before beginning the course, you should have already viewed the first course in this path, Wireshark Configuration for Cybersecurity Analysis. I hope that you'll join me on this journey to learn how to threat hunt with Wireshark, here at Pluralsight.