top of page
Search

Project 13: Utilizing Wireshark to analyze Http/s traffic

  • Writer: Ben Lee
    Ben Lee
  • Jul 10, 2023
  • 2 min read

I've been watching this Cybersecurity Youtuber 'Unixguy' for several months now.


He works as a Cybersecurity Consultant and is very knowledgable about the industry. I've been using his content as a sort of compass on what to do and what to learn in my cybersecurity journey.



One of his advice is to take this guided project from Coursera.com to beef up my resume especially when there isn't much to it right now (School hasn't started yet). So I've taken the initiative to do this guided project while studying other stuff (currently doing rooms in tryhackme.com)


Here is the overview of the project


Scenario:


The first task:


For the first task, to install and set up users belonging to the wireshark group, I used the command, 'sudo usermod -aG wireshark $USER' to append the USER to the wireshark group.


Task 2:


In this task, I learned how to start a packet capture and save the packet into a file


Task 3:


In this task, I applied a display filter to detect packets coming from port 443. I'm already a bit familar with this from touching this topic in the Google's Cybersecurity program.


To begin this, I went to a website called duckduckgo.com and captured the traffic.

Then I used 'tcp.port == 443' to filter out HTTPS traffic.



Then there was a practice task which basically made me apply what I learned:



I did it!


Task 4:


For the task, I used google.com


I used the filter 'tls.handshake.type == 1' to narrow down the address.


Found it!


I also used a couple other filters like 'ip.src == ' and 'ip.dst == '



Final task:


For this task, I captured packets from 2 websites, google.com and duckduckgo.com


Narrowed down google.com ip address


Then I applied more filters using the 'or' expression:



I then completed the task using the '!' expression combined with 'and' and 'or'


Finally, I had to complete a quiz to finish up the course. Wish me luck!


I did it!


Cert achieved!


Overall, this was a fun project that refreshed my memory on Wireshark and a great addition to my resume! Thank you Unixguy!

 
 
 

Comentários

bottom of page