1
00:00:01,460 --> 00:00:08,090
In this lecture I will give a brief introduction about why shock so why a shark is a network racket

2
00:00:08,110 --> 00:00:16,180
analyzer that displays the details of captured network traffic it is an open source and free software

3
00:00:16,480 --> 00:00:23,650
that is considered the de facto standard across many commercial and non-profit enterprises government

4
00:00:23,830 --> 00:00:27,330
agencies and educational institutions.

5
00:00:27,690 --> 00:00:34,600
And since white shark is an open source application developer to call the sectors for unsupported protocol

6
00:00:34,630 --> 00:00:43,950
for example and added to a shark it is used by I.T. professionals especially in the network and security

7
00:00:43,950 --> 00:00:51,720
fields for bass lining performance troubleshooting and security analysis which is the main bar was for

8
00:00:51,720 --> 00:01:01,570
using white shark as a tool in the cyber ops field it was named as here yet originally but then renamed

9
00:01:01,660 --> 00:01:10,160
to our shark in 2006 to capture and analyze traffic that is not distinct to your machine using white

10
00:01:10,160 --> 00:01:10,780
shark.

11
00:01:10,890 --> 00:01:14,780
The network interface card must work in the must guess mode

12
00:01:18,080 --> 00:01:24,950
and you can install wire shark on the ABC or the server that you want to troubleshoot or indicate the

13
00:01:24,950 --> 00:01:30,900
traffic to another machine where white shark is installed using network tap.

14
00:01:31,080 --> 00:01:39,020
Have that floats all network traffic or who's board metering only switch and this last option is the

15
00:01:39,050 --> 00:01:40,010
most common one

16
00:01:42,870 --> 00:01:51,690
so when walking with wire shark we have different kinds of filters captcha filters that are life filters

17
00:01:51,960 --> 00:01:59,070
that we have to use since interfaces have limit capture credibility that is lower than their actual

18
00:01:59,070 --> 00:02:01,820
bandwidth and also because of hard disk.

19
00:02:01,820 --> 00:02:09,380
I mean really mutations to enhance while shock performance and to focus the analysis on specific packet

20
00:02:09,390 --> 00:02:11,080
types.

21
00:02:11,810 --> 00:02:17,790
And we have display filters which are after capture filters that display a subset of the packets captured

22
00:02:18,060 --> 00:02:23,590
using the capture filter and its main barbers is to focus the analyses.

23
00:02:23,730 --> 00:02:29,520
They are more granular in church and there is no that lose because we do not filter back it captures

24
00:02:29,850 --> 00:02:32,280
as the cases we capture.

25
00:02:32,280 --> 00:02:33,310
Filters.

26
00:02:33,480 --> 00:02:40,380
Then we have color filters that were renamed to color in groups that have the same text of display filters

27
00:02:40,650 --> 00:02:48,210
and can be considered modified or another type of those and we can use existing filters of all these

28
00:02:48,210 --> 00:02:56,220
types that come by default with white shark and that can be modified or we can create new ones that

29
00:02:56,220 --> 00:03:00,120
will be saved to be used later without the need to rewrite them again.

30
00:03:00,840 --> 00:03:07,410
So in this lecture I have given a brief introduction about white shark and in the next picture we will

31
00:03:07,410 --> 00:03:11,190
start our hands on by downloading and installing it.