From the course: Wireshark: Network Troubleshooting
Join today to access over 25,300 courses taught by industry experts.
Solution: Identify a scanning signature - Wireshark Tutorial
From the course: Wireshark: Network Troubleshooting
Solution: Identify a scanning signature
(upbeat music) - [Presenter] Okay, now let's check our work. First you are to use your favorite gen AI tool and enter the following prompts. What are signs that someone is scanning the network and how can you use Wireshark to see if someone is scanning the network? And then you were to read through the information to get a feel as to what you should do next. Next, you were to open Nmap_Scan.pcapng. Now the first thing I wanted you to do is go to Statistics Protocol Hierarchy. Now this is a nice first step because you can take a look at what protocols are out there, maybe to see if there's something that's unusual. Now, within the protocol list, you see two SIP packets and I'll scroll right down here. Now that's session initiation protocol. Now this is unusual as the subnet you're on doesn't have any VoIP phones. And I had you read an article to learn that SIP is a popular scanning target. Now we'll close that. Next, we learned that scanning tools often scan a range of ports…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Troubleshooting the Network4m 28s
-
(Locked)
Spotting an ARP Storm1m 55s
-
(Locked)
Identifying bursty traffic2m 42s
-
(Locked)
Protecting from packet sniffing2m 16s
-
(Locked)
Examining Macof attacks6m 29s
-
(Locked)
Challenge: Identify a scanning signature2m 31s
-
(Locked)
Solution: Identify a scanning signature6m 11s
-
(Locked)
-