The purpose with this week is, to provide you with the minimal basic knowledge about the TCP/IP stack and related network protocols (TCP, IP, DNS, DHCP and ARP), necessary to monitor network traffic and understand the possible attacks that can be made against these protocols.
Since all of you succeed in installing Virtual Box and Kali Linux last week,I will assume you all have Kali installed for this week (I only need to provide Linux-info). If this is NOT true for you, you must install Wireshark before this lesson.
But ideally (if not already done) install Virtual Box and Kali Linux as explained last week before this lesson (remember to check the SHA256Sum for the kali-download)
:book: Read these sections from the Wikipedia Article
OR
:tv: Watch the first 43 minuttes of this video
Investigating TCP/IP, DNS and DHCP with Wireshark
Today we will focus on posible attacks that can be made against individual layers/protols. We will do this to increase our knowledge about network monitoring with Wireshark, and while doing this, introduce new penetration testing tools.
First of all, make sure you have completed most of the exercises + reflections from day-1 in this week. Then
:book: ARP explained When ever this short article says “OSI Model” just think TCP/IP Model instead (5 min.)