From the course: Wireshark: Malware and Forensics
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Investigating attacks - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Investigating attacks
- [Instructor] In this packet capture, we have a brute force password attack. This is trying to get to an FTP server. As you can see, there are a number of different packets that say FTP and what is the username and what is the password. If we go down below and as we can see here request command pass, I'm going to right-click and I'll say prepare as a filter selected so we know that I'm only wanting to see the password requests and press Enter. Now, if we look over here on the right-hand side, and I'll take the coloring rules off so you can see a little bit better, it's going through many different iterations of a password attempt: E-E capital B, E-E lowercase V, E-E uppercase V, et cetera. It tries to go through all those iterations to get a response and to get accepted into the system. And that is why your lockout value should be around three because you don't want this brute force attack to occur on your network. So…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.