From the course: Wireshark: Malware and Forensics
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Solution: Firewall rules - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
Solution: Firewall rules
(upbeat music) - [Instructor] We've opened up smallFlows.pcap and in the display filter, entered tcp.stream equal 60. I'll do a shortcut and just say follow the TCP stream. And then I'll modify that to equal 60, press Enter, and now we have tcp.stream equals 60 go to frame 904. Now it's right there, but if there were a lot of packets to search through I could just go here and go to specified packet and what we'll do is type 904. And there it is, which it was right there but it's just a little shortcut I wanted to show you. Alright, so now what we'll do is go to tools firewall access control list rules. Now, once it open the dialog box defaults at IP tables what I'll do is drop down and select Cisco iOS extended. And then I want you to search for the IP address. 65.54.95.140 and equals port 80, and that's right here. And then we'll say copy, and I'm going to close that. So now what we'll do is we'll just paste it right…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
Baseline your network4m 11s
-
(Locked)
Displaying data using filters3m
-
(Locked)
Creating complex filters5m 24s
-
(Locked)
Capture filters3m 18s
-
(Locked)
Using statistics3m 14s
-
(Locked)
Save, export, and print6m 28s
-
(Locked)
Coloring rules3m 55s
-
(Locked)
Using a ring buffer4m 24s
-
(Locked)
Challenge: HTTP packets39s
-
(Locked)
Solution: HTTP packets1m 27s
-
(Locked)
Challenge: Firewall rules1m 27s
-
(Locked)
Solution: Firewall rules3m 37s
-
-
-
-