Wireshark Basics (2)

In Part-1 of the Wireshark Basics video, we looked at how to capture traffic in promiscuous mode, apply display filters for ICMP, TCP etc. In Part-2 we will look at how to reverse engineer network applications using Wireshark. As an example we will fire up a port scanning exercise using the Nmap utility and try and understand how it scans ports by looking at the network traffic dump using Wireshark. This video will be useful to anyone who desires to understand the workings of a port scanning utility or wants to know how to reverse engineer a network application's workings.

Enable Javascript or Download Flash Playe if you see this!

Links:

1. Wireshark Basics

2. Packet Sniffing using TcpDump

3. Raw Sockets Basics

4. Packet Sniffing Programming Basics

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the founder of an online startup (currently in stealth mode). Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net