Wireshark Scenario
This collection of resources, from the Cybersecurity Education for Advanced Manufacturing Organizations project, is a part of the Wireshark Scenario. This scenario is a training module that introduces Wireshark, a free program used to monitor and inspect network traffic. The module teaches the basics of navigating and using Wireshark for purposes such as decoding network traffic streams, filtering out unnecessary data, manipulating network devices, and more.
Collection Contents:
This scenario includes a PowerPoint presentation, a document with best practices for learning, a lab overview, lab instructions, lab questions and answers, and a document with a link to six video lessons on Wireshark. The presentation outlines the purpose of packet capture software, different ways to present and format data with Wireshark, and the manipulation of network devices to capture network traffic. Also covered is capturing network data with Wireshark and using filters to control the display and capture of network data.
The 3-page lab overview includes a summary, learning outcomes, a list of systems used, a description of the general lab, a diagram of setup and deploy, and a list of resources for more information. The lab requires students to generate standard network traffic and then use Wireshark to capture that data. Throughout the lab, "students will learn the difference between Wireshark’s packet list, packet details and packet bytes data display panels." They will also implement filters to limit the amount of data shown, use Wireshark’s protocol follow feature to decode and inspect captured network data, and more. PDF and Word copies are included.
The 13-page lab includes a scenario overview and lab instructions. The lab comprises of the following three parts: installing systems, logging into Kali and activating the network device connected to the manufacturing network, and using Wireshark to capture and view network traffic in different formats. PDF and Word copies are included.
The lab form includes five questions requiring either written responses or screenshots of Wireshark. A 3-page answer sheet is also provided. Both documents include PDF and Word copies.
The learning standards and best practices document includes best practices for the following two activities: transmission confidentiality and integrity, and system monitoring. PDF and Word copies are included.
For orientation purposes the Wireshark-Overview.pdf is included as a separate attachment and offers a sample of the type of material included in this learning module.
Below is a list of the files contained within the .zip attachment. The size of each file is included in parenthesis.
wireshark-ate (13 files, 8.2 MB)
- Packet Capture Using Wireshark Background (wireshark-Background.pdf 1.09 MB)
- Packet Capture Using Wireshark Background (wireshark-Background.pptx 2.92 MB)
- NIST Standards and other best practices (Wireshark-BestPractices.docx 13 KB)
- NIST Standards and other best practices (Wireshark-BestPractices.pdf 80 KB)
- Lab 1 (wireshark-lab.docx 2.27 MB)
- Lab 1 (wireshark-lab.pdf 884 KB)
- Wireshark Lab Form Wireshark-Lab-Answers.doc 812 KB)
- Wireshark Lab Form (Wireshark-Lab-Answers.pdf 688 KB)
- Wireshark Lab Form (Wireshark-Lab-Form.doc 27 KB)
- Wireshark Lab Form (Wireshark-Lab-Form.pdf 83 KB)
- Wireshark Overview (hardening-Lab-Form.doc 46 KB)
- Packet Capture Using Wireshark Overview (Wireshark-Overview.doc 974 KB)
- Packet Capture Using Wireshark Overview (Wireshark-Overview.pdf 226 KB)
- Video Links (wireshark-Videos.docx 14 KB)
- Video Links (wireshark-Videos.pdf 21 KB)
Comments