When investigating web traffic, analysts often run across encrypted traffic. Task 8 Encrypted Protocol Analysis: Decrypting HTTPS – Credential stealing and unauthorised access.As a result of this, using this protocol in unsecured environments could create security issues like: Let’s simulate a cleartext protocol investigation with Wireshark!įile Transfer Protocol (FTP) is designed to transfer files with ease, so it focuses on simplicity rather than security. As mentioned earlier at the beginning of the Wireshark room series, the analyst should have the required network knowledge and tool skills to accomplish this. For a security analyst, it is important to create statistics and key results from the investigation process. Proper analysis is more than following the stream and reading the cleartext data. Investigating cleartext protocol traces sounds easy, but when the time comes to investigate a big network trace for incident analysis and response, the game changes. Task 6 Cleartext Protocol Analysis: FTP –
0 Comments
Leave a Reply. |