Skip to content

Introduction

Concrete Experience

IMAGE ALT TEXT HERE

Objectives

  • Understand the concept of packet analysis and its importance in network security.
  • Learn how to analyze network packets using tools like Wireshark.
  • Identify common network protocols and their headers within captured packets.
  • Analyze network traffic patterns to identify anomalies and potential security threats.

TLO Knowledge and Skills

Condition:

  • Given a classroom, applicable references, and a practical exercise, The Cyber Mission Force student will demonstrate an understanding of Packet Analysis

Knowledge:

  • Packet Analysis Overview
  • Nmap Capabilities
  • Netcat/Cryptcat
  • Network Scan Methodologies

  • Host Scan Methodologies:

    • No-Operation (NOOP) Sled
    • One-Byte NOOP Sled
    • Multi-Byte NOOP Sled
    • Trampoline Sled
  • Defense Packet Analysis Shell Code:

    • Connect back
    • Port Bind
  • Defense Packet Analysis

    • Man in the Middle attack
    • IP Spoofing
    • IPv6 Vulnerabilities
    • Neighborhood Discovery Protocol
    • Trespassing
  • Routing Headers

    • Ethernet
    • IPv4
    • IPv6
    • TCP
    • UDP
    • HTTP
    • ICMP

Skills:

  • Conduct basic port scans and interpret output
  • Identify source and destination addresses from various types of packet headers
  • Find the TTL of a packet from it's header
  • Determine if a packet is fragmented based on it's header
  • Identify a message type within an ICMP header
  • Identify host information from a SMTP header
  • Identity binary data within an HTTP message body