This week has come to an end and I’ve completed the Networking chapter in the cybersecurity 101 path. This path has given me the foundation to understanding how the internet and devices on the internet work. Towrds the end of this week I was introduced to several tools that are used within networking. These tools give us the ability to analyse packets from a deeper level, to extract the box and witness what is inside, what it contains and how the contents evolve overtime.

The first tool I learnt was Wireshark. A tool that gives us the ability to investigate and sniff live traffic, and analyze packet captures. Learning the basics of this software, gave me the ability to inspect packets and uncover information from different layers of the TCP/IP model.

The second tool in my artillery is, TCPdump. This is the tool used when I want to witness the communication of protocols. These complex interactions are usually encapsulated within a easy to use interface. As TCP is a connection-oriented protocol, a three-way handshake needs to commence before transmission of data takes place between devices. Through TCPdump we’re able to see the delicacies of a Three-way handshake, which is a “three” step process… Obviously. This tool lets us capture and save packets to files, filter captured files, and control how captured packets are displayed.

The last tool in the bag is NMAP. A network scanner allowing us to scan a network for live hosts, the services running on live hosts, and much more.

These tools were a lot to learn, and I couldn’t help feeling a bit overwhelmed with all the information given to me. I’m on a 17 day streak on TryHackMe, and maybe it’s a sign of burnout, as this engine has been running non-stop XD! This Saturday and Sunday will be my days of rest and revising all the info learnt this week. The next post will be a reflection post for the week.