In this task, as a level one security operations center (SOC) analyst at an undisclosed company, I have received an alert about a suspicious file being downloaded on an employee’s computer. The employee received an email with a password-protected spreadsheet attachment, and upon opening it with the provided password, a [...]
Introduction In the realm of cybersecurity, understanding and efficiently responding to security threats is paramount. This blog post delves into the intricacies of Indicators of Compromise (IoCs) and the Pyramid of Pain, a conceptual framework crucial for enhancing organisational defences against cyber-attacks. Indicators of Compromise (IoCs) IoCs are pieces of [...]
Exploring Beyond Detection Tools In the realm of cybersecurity, detection tools are indispensable for identifying threats, but there’s a broader spectrum of methods available to bolster these efforts. This blog delves into the various detection methodologies that organizations can leverage to fortify their defenses against cyber threats. The Detection and [...]
Some security terms for reference below: [...]
Introduction to TcpdumpTcpdump is a pivotal tool for those in security analysis, acting as a network protocol analyser. It operates via a command-line interface, allowing the capture and analysis of network traffic. It’s widely available on Linux distributions and Unix-based systems, including macOS®, enabling you to save and later examine [...]
Introduction Capturing network traffic effectively is a foundational skill in network analysis. This post demystifies the process of packet capture using Wireshark, focusing on interface selection, configuration, and best practices. This is a reference page me me please see the video Chris here (152) Wireshark Tutorial for BEGINNERS // How [...]
Wireshark, is significance in network analysis the following is a common list of Protocols in and the filters to view them FTP (File Transfer Protocol) SSH (Secure Shell) Telnet SMTP (Simple Mail Transfer Protocol) DNS (Domain Name System) DHCP (Dynamic Host Configuration Protocol) TFTP (Trivial File Transfer Protocol) HTTP (Hypertext [...]
Investigating packet details using Wireshark is an essential capability for any security analyst. This comprehensive guide is designed to deepen your understanding of packet analysis, focusing on the examination of network packets and the identification of suspicious activities. Introduction to Internet Protocol (IP) IPv4 Header Fields IPv6 Header Fields Wireshark: [...]
Step-by-Step Guide to Ethical Packet Crafting 1. Grasp the Essentials of Packet Crafting 2. Prepare Your Testing Environment 3. Install Required Software 4. Crafting and Dispatching Packets with Hping 5. Analysing Results with Snort 6. Advanced Packet Crafting Techniques 7. Concluding the Examination Essential Considerations Closing Thoughts Packet crafting is [...]
The Vital Role of Packet Analysis in Cybersecurity In the dynamic world of cybersecurity, the role of security analysts is integral to maintaining network integrity. One of their primary tasks involves the meticulous monitoring and analysis of network traffic flows. This is where the concept of packet captures becomes indispensable. [...]
