Wireshark 101: The OSI Model, Hak5 116 - - vimore.org

Wireshark 101: The OSI Model, Hak5 116

Wireshark 101: The OSI Model, Hak5 116

YouTube

Today on HakTip, Shannon Morse discusses the OSI Model and how it relates to Wireshark for packet analysis. Today we're checking out more Wireshark - understanding protocols and the OSI model. If you're still wondering why the heck one would use Wireshark, now is the time to pay attention. We're having some fun with packet sniffing and analysis. But what is that? Packet sniffing is pretty self-descriptive. You're digging under the applications on your computer or network and looking through the packets that are flowing along your connection. Analyzing these packets will help you determine if there is a problem with the network, checking to see if someone is on your network who shouldn't be, figuring out what traffic is making you hit your data cap, or finding out if some malicious is going on. Wireshark supports a bunch of different protocols when you want to analyze data, such as TCP, ARP, HTTP, DNS, and more. When capturing data, Wireshark makes you go into something called Promiscuous Mode. It's kind of like chilling in a dark corner of a coffee shop and overhearing all the conversations around you. They aren't directed at you, but since you're in proximity, you can still hear what people are talking about. If you've ever seen this thing called the OSI model, it'll give you a good idea of how this information in a computer is transferred and how it's actually seen by an end user. The OSI model has 7 layers to it, starting with application at the top. This is what mom sees when she logs into her operating system. Presentation is next and shows the computer data in a way the application can understand, such as a jpeg, or an mp3, etc.Third down is Session, which will manage the connection between two hosted computers, and it makes sure your connection doesn't just stop suddenly. Transport is fourth down, and is where TCP and UDP live. It manages traffic between point a and point b to make sure data gets transferred error free. This is where things like proxy servers and firewalls live. Then Network, which is where routers live. The network layer makes sure the routing of data between two physical points is correct. Data link is sixth down, and operates using MAC address, bridges, and more to identify physical devices. Lastly is Physical which is the actual hardware that data is transferred through. By understanding that different protocols work on different OSI layers, it'll help you figure out and fix problems on your network. Application layer includes: HTTP SMTP FTP Telnet Presentation: ASCII, JPEG, MP3, MPEG Session:: NetBIOS, SAP etc Transport: TCP, UDP, etc Network: IP Data link: Ethernet, etc Physical: Cat 5. Each layer sits on top of another to ensure proper delivery of data from one place to another. If any of these layers fail, you then end up with an error. By understanding that I can't browse the internet if there is some sort of IP error, I know that my network layer is at fault. If I know that everything works correctly on my end and someone else isn't receiving my information, I know it is a problem with one of their OSI layers, and we can then fix the problem. This is why we have pretty Wireshark, which will help us determine which protocol is failing, what layer, and be able to fix it. Now that we understand the OSI model layers, lets take a look at Wireshark. I've done a packet capture of my Wi-Fi with some quick internet browsing. Everything is working correctly, so no OSI layers are erroring out. If you want to take a look at the layers in Wireshark though, there is a way. Go to Statistics at the top and click on Protocol Hierarchy. This gives you statistics based on the packets and bytes transferred at each stage of the capture. Protocols are divided by type. You start with the frame (which is physical), then go down to Ethernet (Data link layer). Drop down to Internet Protocol on the Network layer, then TCP and UDP on the Transport layer. Under here we have SSL at the Session layer and HTTP on the Application layer. BAM. Now you know how your network is set up in the form of layers, and Wireshark makes all of this easy as pie. Let me know what you think. Send me a comment below or email us at tips@hak5.org. And be sure to check out our sister show, Hak5 for more great stuff just like this. I'll be there, reminding you to trust your technolust. -~-~~-~~~-~~-~- Please watch: "Bash Bunny Primer - Hak5 2225" https://www.youtube.com/watch?v=8j6hrjSrJaM -~-~~-~~~-~~-~-



Wireshark 101: Downloading, Displaying, and the BPF Syntax! HakTip 117

On this HakTip, Shannon Morse reviews options to download and display Wireshark windows, as well as the BPF Syntax. We had a comment from our Youtube page fr

YouTube

Advanced NMap Techniques - Hak5 2415

Dan Tentler joins us to share some tips about NMap and Mass Scan! https://phobos.io/ https://twitter.com/viss -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

YouTube

Hak5 2425

Elliot Buller of TinyLabs joins us to talk RFID duplication with the Keysy. Learn more about the cloner at https://shop.hak5.org/products/keysy

YouTube

Wireshark Tip 4: Finding Suspicious Traffic in Protocol Hierarchy

This tip was released via Twitter (@laurachappell). When you suspect a host has been compromised, always open the Protocol Hierarchy window. Look for unusual ap

YouTube

The OSI Model - CompTIA Network+ N10-004: 4.1

THE N10-004 EXAM HAS BEEN RETIRED. See the latest Network+ videos at http://www.FreeNetworkPlus.com The OSI seven layer model is an important concept for any n

YouTube

Wireshark Packet Sniffing Usernames, Passwords, and Web Pages

Subscribe! http://danscourses.com - In this beginner tutorial, I demonstrate capturing packets with Wireshark. Protocols that are analyzed are Telnet, SSH, FTP,

YouTube

Going Deeper Into GNURadio Companion, Hak5 1601

Advanced Software Defined Radio - Shannon and Darren get deeper into GNURadio Companion on Pentoo for more RTL-SDR fun. All that and more, this time on Hak5! A

YouTube

Address Resolution Protocol (ARP) Explained

https://nwl.cl/2xthPQM - ARP (Address Resolution Protocol) is used on Ethernet (LAN) to find the MAC address of another host. When a host on the network doesn't

YouTube

Project Cuckoo - Hak5 2410

Glytch joins us to talk all things Project Cuckoo, his Wifi Pineapple Drone built from scratch. Files and tutorial links: http://glytch.tech/Watch-Dogs-Inspire

YouTube

The lifestyle in a combat zone

If you want to know a little about how life is like when you are in a combat zone then in this video i share what that lifestyle was like for me. * Keep in mi

YouTube

How easy is it to capture data on public free Wi-Fi? - Gary explains

You should always exercise caution when connecting to open Wi-Fi. But here is the question, just how easy is it to capture data from public free Wi-Fi? Gary exp

YouTube

Linux Terminal 201: Networking Commands You Should Know! - HakTip 152

Learn about Linux commands, such as ping, traceroute, and netstat in this episode of HakTip! ------------------------------- Shop: http://www.hakshop.com Suppor

YouTube

The OSI Model Demystified

Follow the Insanity at: https://www.FailedNormal.com Downloadable Podcasts at: https://failednormal.podbean.com iTunes: https://itunes.apple.com/us/podcast/fail

YouTube

Maltego 101: What is Maltego? Haktip 109

In this episode of HakTip, Shannon introduces Maltego, a data collection program for penetration testers. Maltego is a program built into Kali Linux that lets

YouTube

[[PAYLOAD]] - Stealing Files With Optics? - Hak5 2320

https://linux.die.net/man/1/qrencode http://mikefrobbins.com/2017/06/15/simple-obfuscation-with-powershell-using-base64-encoding/ -----☆-----☆-----☆-----☆---

YouTube

Wireshark 101: How to Wireshark, Haktip 115

On this HakTip, Shannon Morse breaks out Wireshark for a beginning look at the packet sniffing tool. Today we're starting a short series on Wireshark! Hopefu

YouTube

OSI Model Explained | OSI Animation | Open System Interconnection Model | OSI 7 layers | TechTerms

Learn computer network layers or OSI layers in a computer network, OSI Model, OSI reference model or open system interconnection model or networking model inclu

YouTube

NMap 101: Fun With Firewalls! HakTip 102

Shannon Morse shares several commands you can use to evade firewalls and intrusion detection systems on NMap. Welcome to HakTip -- the show where we breakdown

YouTube

HakTip - How to Capture Packets with Wireshark - Getting Started

In celebration of all things Shark Week, I'm biting into the basics of Wireshark!

YouTube