1
00:00:00,480 --> 00:00:01,560
Welcome back, everyone.

2
00:00:01,590 --> 00:00:10,290
This is new shaggin, and I welcome you, all of you, for this wonderful, lovely cause that's on trend

3
00:00:10,290 --> 00:00:18,480
hunting with Wireshark people who are either on networking or system administration or any of the IP

4
00:00:18,840 --> 00:00:26,940
people might be aware about Wireshark, but this is one of the most powerful and robust tools that can

5
00:00:26,940 --> 00:00:32,490
be used for troubleshooting many IP related stuff, Web application challenges.

6
00:00:32,880 --> 00:00:41,430
And you can actually go very deep inside to understand what really went wrong and what could be the

7
00:00:41,430 --> 00:00:46,130
big fix, what could be the solutions to come over from that challenge.

8
00:00:46,620 --> 00:00:51,390
Now we are going to use washrag, especially for the threat.

9
00:00:51,390 --> 00:00:59,640
Hunting in our case will understand how can we use Wireshark tool to find out any malicious strophic?

10
00:00:59,820 --> 00:01:01,470
That could be a phishing e-mail.

11
00:01:01,710 --> 00:01:03,840
It could be any malicious file.

12
00:01:04,050 --> 00:01:07,340
It could be any malicious user in the network.

13
00:01:07,590 --> 00:01:09,420
So it's going to be a lot of fun.

14
00:01:09,660 --> 00:01:15,240
And I hope you want to enjoy this entire course and let's get started.

15
00:01:16,050 --> 00:01:23,690
So the first thing that we'll be doing is, will be I'll be taking you through the wash to the you know,

16
00:01:23,910 --> 00:01:31,330
how the two product really looks like so far that will have to get the Wireshark to install on our system.

17
00:01:31,770 --> 00:01:40,140
So what you can do is you can make use of any browser, let's say I can go for it and then simply search

18
00:01:40,140 --> 00:01:41,160
for Warshak.

19
00:01:43,920 --> 00:01:52,560
Those who have been using it for them, it won't be a challenge just to give you an idea there to support

20
00:01:52,630 --> 00:01:57,670
it for those 64 32 Mac OS and Linux as well.

21
00:01:57,990 --> 00:02:02,690
And, of course, we can will be also using it on our candy machine as well.

22
00:02:03,060 --> 00:02:10,920
But sometimes because it is not something where you you need to have a secure environment, you can

23
00:02:10,920 --> 00:02:13,710
make use of it even on the infected machines.

24
00:02:13,740 --> 00:02:14,060
All right.

25
00:02:14,520 --> 00:02:19,950
So we'll be making use of it on the Windows machine and of the machine as well, which is, again,

26
00:02:19,950 --> 00:02:22,560
going to be a big machine in a way.

27
00:02:24,030 --> 00:02:26,780
So once that is downloaded, you just click on it.

28
00:02:27,060 --> 00:02:33,630
There will be multiple click, click, click, and you get installed with teashop, which is the UCLA

29
00:02:33,630 --> 00:02:34,350
version of it.

30
00:02:34,560 --> 00:02:40,440
If you want to impress your colleagues or your friends about how how the workshop really looks like

31
00:02:40,440 --> 00:02:41,130
on the cloud.

32
00:02:41,520 --> 00:02:43,860
This is for you for the rest of the folks.

33
00:02:44,100 --> 00:02:50,790
If you really want to make use of it for this wonderful UI, you can go for Wireshark as well.

34
00:02:50,790 --> 00:02:53,980
Wireshark to learn other than dishrag.

35
00:02:54,060 --> 00:02:58,580
You also get to have you also will be having unmap installed by default.

36
00:02:58,920 --> 00:03:05,700
There will be a gap of options to also get installed for you as BITA.

37
00:03:06,060 --> 00:03:09,810
So this will be the Add-On Software which usually get installed with it.

38
00:03:11,280 --> 00:03:12,450
Once it is installed.

39
00:03:12,450 --> 00:03:14,310
You can quickly search for Wireshark.

40
00:03:15,360 --> 00:03:23,610
Once you hit, enter the first thing that comes for you to select the interfaces, select this one and

41
00:03:25,230 --> 00:03:26,370
this by default.

42
00:03:26,370 --> 00:03:33,360
Whatever the traffic that is there on your wireless interface that we have just selected, you get to

43
00:03:33,360 --> 00:03:34,890
see all the traffic with it.

44
00:03:35,220 --> 00:03:43,290
And for those who are new to the networking or new to security or anything, you will be talking about

45
00:03:43,290 --> 00:03:48,480
the entire Wireshark stack one by one for them to give them more idea about it.

46
00:03:48,900 --> 00:03:50,160
So what are all you can do?

47
00:03:50,160 --> 00:03:51,330
There are a lot of fun.

48
00:03:51,330 --> 00:03:53,400
You can have a look at the statistics.

49
00:03:53,640 --> 00:04:01,410
You can get to know the entire hierarchy of the protocol where very you can get the idea where you can

50
00:04:01,510 --> 00:04:10,110
get the idea what all protocols we have as per the stacks from the IP for BTP, IP and everything.

51
00:04:10,110 --> 00:04:18,660
In fact, you can also get the idea about what are the different ports and different IP addresses available

52
00:04:19,110 --> 00:04:21,350
or in fact are communicating.

53
00:04:21,690 --> 00:04:26,580
So you get to know how many packets are displayed on real time.

54
00:04:27,030 --> 00:04:28,020
That's 100 percent.

55
00:04:28,230 --> 00:04:34,470
If you filter if you apply any kind of a filter, let's say I apply, will talk about it in more detail.

56
00:04:34,830 --> 00:04:41,340
But just to give you an example, if let's say I apply a filter for IP address, you can get to see

57
00:04:41,340 --> 00:04:49,650
these are the one one one that are these many packets has been selected, which are nine point five

58
00:04:49,650 --> 00:04:52,670
percent of the entire package that are going back and forth.

59
00:04:52,680 --> 00:04:53,020
All right.

60
00:04:53,430 --> 00:04:55,140
So this is just an idea.

61
00:04:55,140 --> 00:05:00,120
Just to show you how this really looks like, you can zoom zoom in a bit more.

62
00:05:00,120 --> 00:05:04,350
You can zoom out as well there once once you select any of the packet.

63
00:05:04,590 --> 00:05:06,120
These are multiple stacks.

64
00:05:06,420 --> 00:05:15,270
You can get to get through the frames to 800 packets to IP address to Tsipi IP mode and even application

65
00:05:15,270 --> 00:05:19,890
headers as well, which could be SCDP, DNS, SBP, all the strophic.

66
00:05:19,890 --> 00:05:20,140
Right.

67
00:05:20,580 --> 00:05:24,050
So this is just about the interaction going further.

68
00:05:24,060 --> 00:05:27,660
There are a lot of fun and trust me, you would enjoy this.

69
00:05:27,840 --> 00:05:28,200
All right.

70
00:05:28,210 --> 00:05:32,200
So be with me to the scores and we'll catch you in the next one.

71
00:05:32,520 --> 00:05:33,030
Thank you.