I conducted a network analysis using Wireshark while initiating an attack on a target machine running Ubuntu from Kali Linux. During this process, I captured packets transmitted to and from the Ubuntu IP address. I filtered the captured packets to focus specifically on this IP address, which allowed me to analyze relevant traffic. I then conducted a detailed examination of the communication patterns, payloads, and protocols used xamination of the communication patterns, payloads, and protocols used.
The Detection Lab project was designed to establish a powerful controlled environment for simulating and detecting cyber attacks. We focused on ingesting and analyzing logs within a Security Information and Event Management (SIEM) system, generating test telemetry that accurately replicates real-world attack scenarios. This hands-on experience significantly enhanced our understanding of network security, attack patterns, and effective defensive strategies.
- Mastered advanced SIEM concepts with practical applications that can be implemented immediately.
- Gained proficiency in analyzing and interpreting network logs to draw insightful conclusions.
- Acquired the ability to generate and identify attack signatures and patterns with confidence.
- Expanded knowledge of network protocols and security vulnerabilities, positioning ourselves as informed cybersecurity experts.
- Cultivated critical thinking and problem-solving skills essential for tackling cybersecurity challenges.
- Leveraged a Security Information and Event Management (SIEM) system for efficient log ingestion and analysis.
- Used network analysis tools (such as Wireshark) to capture and examine network traffic effectively.
- Employed telemetry generation tools to create realistic network traffic and simulate attack scenarios.
Drag and drop screenshots here or use Imgur and reference them using imgsrc.
Each screenshot should include clear, informative text explaining its significance.
Example below:
*Ref 1: Network Diagram