This lab focuses on analyzing network traffic captures using Wireshark to investigate and extract critical information related to network protocols, configurations, and user activity. Wireshark, a powerful packet analysis tool, is used to interpret data captured from various network protocols, including HTTP, HTTPS, SNMP, CDP, HSRP, ICMPv6, and TFTP. Through this walkthrough, learners will develop hands-on skills to inspect packet details, apply filters, and analyze payloads to uncover important insights such as network configurations, device information, authentication credentials, and service assignments.
The scenarios presented in this lab simulate real-world network traffic flows, including encrypted and plaintext communications, offering opportunities to decrypt TLS traffic and analyze its content. We will utilize Wireshark filters to isolate specific traffic patterns, extract hidden details from protocol payloads, and identify critical metadata such as certificate statuses, management addresses, and configuration updates.
Key areas explored in this lab include:
Inspecting Cisco Discovery Protocol (CDP) and Hot Standby Router Protocol (HSRP) packets to gather device and network configuration details.
Analyzing SNMP queries and