Introduction¶
Concrete Experience¶
Objectives¶
- Understand the concept of packet analysis and its importance in network security.
- Learn how to analyze network packets using tools like Wireshark.
- Identify common network protocols and their headers within captured packets.
- Analyze network traffic patterns to identify anomalies and potential security threats.
TLO Knowledge and Skills¶
Condition:¶
- Given a classroom, applicable references, and a practical exercise, The Cyber Mission Force student will demonstrate an understanding of Packet Analysis
Knowledge:¶
- Packet Analysis Overview
- Nmap Capabilities
- Netcat/Cryptcat
-
Network Scan Methodologies
-
Host Scan Methodologies:
- No-Operation (NOOP) Sled
- One-Byte NOOP Sled
- Multi-Byte NOOP Sled
- Trampoline Sled
-
Defense Packet Analysis Shell Code:
- Connect back
- Port Bind
-
Defense Packet Analysis
- Man in the Middle attack
- IP Spoofing
- IPv6 Vulnerabilities
- Neighborhood Discovery Protocol
- Trespassing
-
Routing Headers
- Ethernet
- IPv4
- IPv6
- TCP
- UDP
- HTTP
- ICMP
Skills:¶
- Conduct basic port scans and interpret output
- Identify source and destination addresses from various types of packet headers
- Find the TTL of a packet from it's header
- Determine if a packet is fragmented based on it's header
- Identify a message type within an ICMP header
- Identify host information from a SMTP header
- Identity binary data within an HTTP message body