Cybersecurity for Beginners: How to use Wireshark
Ғылым және технология
Wireshark Tutorial: Learn how to use Wireshark in minutes as a beginner, check DNS requests, see if you are hacked, or applications are spying on you, and what ad trackers a site might have. Try the new Malwarebytes for free: mwb.link/4ay7nag (sponsor)
Buy the best antivirus: thepcsecuritychannel.com/best...
Join the discussion on Discord: discord.tpsc.tech/
Get your business endpoints tested by us: tpsc.tech/
Contact us for business: thepcsecuritychannel.com/contact
Пікірлер: 168
1) More content on Wireshark would be great (aka Tutorials). 2) How much does Wireshark cost?
@Taffy84
19 күн бұрын
It's free
@squirlmy
7 күн бұрын
Open Source and free forever, unlike for example Metasploit, which is partly open and partly with proprietary upgrades.
Wireshark is one of the most important tool in IT. Mastering this tool is such a great advantage. Thank you!
I have always wanted to learn more about Wireshark but felt imitimidated by it but this video does a good job of breaking down some of the confusion around it. Modern computers are so complicated! I would love to see more videos about Wireshark or of this nature.
Been using this alongside Portmaster. Makes me giddy to know that my tweaks and mods to minimize telemetry on Windows 10/11 work! :D I'd only see Windows telemetry being blocked by Portmaster when Windows tries to check for updates in the BG.
@cryptoafc7655
28 күн бұрын
Portmaster made my windows go in blue screen mode
@KyanoAng3l0
28 күн бұрын
@@cryptoafc7655 Better bring it up to the Portmaster devs or in their community (can't mention the name here cos YT auto-deletes comments that mention other socials, lol). I haven't encountered that yet, but Portmaster does use a kernel driver so BSODs are possible.
@ttrqs
28 күн бұрын
@@KyanoAng3l0 havent encountered bsod aswell, using portmaster for 1 week now
@rrakesh6434
28 күн бұрын
May i know what kind of tweaks mods you do to reduce telemetry. I am interested to know
@Holycurative9610
27 күн бұрын
@@rrakesh6434 winaero tweaker is pretty good for W10/11.
Yes, great video. I'm in cybersecurity program in college and so far I'm doing the general studies but I can't wait to get into the cybersecurity stuff like this.
Been using Wireshark on personal PC for years. While working it was Network Instruments that was pre-2009. Thanks for the videos.
really intersting tutorial, would love to see more wireshak tutorials! :D
I've always liked using Wireshark to monitor connections from other devices a like IoT devices etc. It's super useful for that. Good video as always.
@regisegek4675
28 күн бұрын
Indeed
Thanks for breaking down Wireshark. Its still intimidating, but Im getting better at it. Glad I found your channel!
Very nice to see my machine isn't sending any DNS requests on the background. (excluding of course, whatever other protocols there are. And the software updates from time to time!) I'm on Linux Mint of course. And I would love a tutorial for other Linux users as I had some trouble with getting it to work (also the starting screen where you select what to capture has many other options, at least fore me. Though thanks to the filters I see there is only 1 wireless connection point!). And of course would be nice to know what those other protocols are! (even if they can just be ignored)
Excellent info picked up,through this video. Yea I'd love too see some more videos like this,is good too understand more of what it all means,cheers buddy!
Wireshark is such an important tool. I use it all of the time both at work and at home. Such a great tool. Good video for beginners.
Thanks for the video. Would love to see more Wireshark instructional videos. You do a great job of simplifying complexity.
been waiting for a vid like this, ty
Loved the video, simple and powerful! Hope more to come on wireshark
Thanks, this was really informative!
Totally awesome! Thank you for Sharing! 💯✴
This video seems like it's missing an important part of the usefulness of wireshark. How do I identify what I don't know what I'm looking for? No shit if I connect to youtube I'll see youtube but what about unrecognized connections from potentially malicious software on my PC
@joepjoep9531
28 күн бұрын
You have to look at this differently it’s made for people who never used it before you can’t start somewhere in the middle or very complicated if you are learning something new
@ayush0477
28 күн бұрын
You are right it is for network analysis, but he is only showing a small use case of wireshark
@pcsecuritychannel
28 күн бұрын
Wireshark is an investigative tool, not anti-malware. If you want a quick and easy way to detect malware, this isn't it.
@seansingh4421
27 күн бұрын
In that scenario you would wanna look for network connections involving unusual ports, so lets say you have a typical Windows home edition PC, but you spot a some random executables (Apps and .exe) successfully connecting via Port 22, Port 3389 BUT you don’t even have Remote Desktop feature because that’s unavailable in Home editions. This is just one example and trust me this can be a rabbit hole of being over suspicions but this is one example of an outbound C&C connection
@johnsmith1953x
26 күн бұрын
@@pcsecuritychannel Sounds like an opportuniy for something AI to "sit" on top of wireshark and do this.
great stuff 👍 many useful cases for this tool last time i used it was to check my dns traffic to make sure it was all configured/encrypted correctly for a deeper dive, chris greer has some good wireshark content on youtube, explains filters well
Good video for absolute beginners
Well done. Super easy to understand!
Thank you for this wonderful tutorial!
Very simple and straight forward tutorial.
Ok so: 1 - How do I know if a DNS is malicious or unwanted 2 - How do I prevent useless or dangerous DNS manually 3 - Am I going to have to do that to each DNS
@KeshavKumar-gc9pu
28 күн бұрын
Use a trusted DNS
@ttrqs
28 күн бұрын
u can look at a program called "portmaster", it blocks unsafe dns/ads/telemetry etc system-wide
@pcsecuritychannel
28 күн бұрын
1. Ask yourself, is it unexpected? Can you think of a reason for it? If not, investigate further and try to locate the source of the traffic by eliminating other noise. 2 and 3. If there is a cryptominer on your system connecting to mining sites, the solution would be to remove the miner, not prevent the "dangerous" DNS. The DNS isn't what is dangerous, no such thing.
@hiru92
28 күн бұрын
use dns over https or tls, like rethink dns, nextdns etc
Hello Leo, many thanks for a great content as always. Would you ever consider doing a content on how to use Wireshark for hunting malware?!
Good tutorial but I think you miss a important point for some people who can not see any readable DNS query. If DNS query is encrypted(maybe by HTTPS), WireShark can not capture those DNS query in readable string.
Yes please, Leo, more videos like this one. Thanks as always.
I liked the video, it was very interesting thanks Leo😄❣️
I’m interested in computer science and how they connect with the world. It’s fascinating but intimidating and overwhelming.. I subscribed hoping you’ll put up more content like this. Break it down for us..
Thank You So Much For The Video Sir Please Make More Videos On How To Use Wireshark 💓✨
I don't know if you do this already but maybe create a 'related series' as an aside to the main thrust of the channel. Anyway those are my thoughts and content like this is very useful for 'dipping' the toe in, which may be useful down the track.
Yes, please do more videos to add on this one (advance). Is there anything further to see if the connections are not easily identifiable? Is there a way to pinpoint a remote connection quickly?
An interesting video subject would be on what to do when you find your computer connecting to places you don't want it to.
This is an awesome video thanks.
Great video!
Now I know you have a website. =) Glad to know.
enjoyable video ,thank you . one question how do we stop the spyware. a video on how to turn it off, individually would be most welcome . 🙂
Merci 😊😊😊
Just a note at the beginning you can select multiple network adapters by holding CTRL as well.
Yes, more vids like this!
Please create a video on accessing malicious and phishing domains while using NextDNS. A general review of NextDNS would also be be nice!
would love a more deep dive to understand what other kinds of network requests are being made if a malicious software is installed.
Hi Leo, thank you as always informative. One more thing what does it mean - red SSDP, notify
That Wallpaper look sick! Where did you get it? @The Pc Security Channel
Thanks !!!!!!
DNS can be also encrypted using DNS over TLS or DNS over HTTPS. So than you cannot see any DNS requests which was made. ISP also cannot see it 😊
Cool. Thanks!
I would like to snoop on WiFi traffic to the various WiFi-enabled devices that are proliferating in my house. This is mostly a curiosity, but I expect there will also be surprises, some perhaps concerning. I've been told that I can use Wireshark to do this, but I need to add a separate dedicated WiFi interface on my PC that supports "promiscuous mode". I found some trailing edge WiFi dongles that are supposed to support promiscuous mode, but I also need a compatible driver. This is where I have hit a dead-end, as I have been warned that the drivers for these trailing edge WiFi interfaces often have embedded malware, and I don't have a sacrificial PC available to dedicate to this effort. Any light you can shed on this in a future video would be of interest to me.
Compare it to some really old programs like smsniff, currports, systernals process explorer or the process explorer inside Panda AV that shows which programs connect and where in readable form with a log.
You need to do a video, kaspersky vs malwarebytes premium
Very good vid.
Not going to lie if you start using Wireshark and if you have familiarity with osi model like layer with layer 3 routers packets and layer 2 switches frames then it's not bad at all. To read the traffic and knowing udp tcp protocols you're golden. I think I need help with adjusting ethernet adapter into promiscuous mode and the other mode. And what's the functionality.
My old Outpost Firewall used to show me similar information, separated by the apps (or component of the O.S.) which was generating the connection... Is there a tool for this or is there an option available on Wireshark for monitoring this? Or is only doable on firewalls?
This reminds me of back in late 90s early2000s there was a free app (can’t remember name) that backtracked incoming pings.
What browser are you using?
Portmaster and winaero tweaker are my ho to programs for shutting down telemetry.
Is Malewarebytes still poot for on the fly? I trust it is still great at scans
I am very curious about why there is no option to have a professional packet capturing software like Wireshark for mobile/Android?
can you do us a favor and review costume os like tiny11, Ghost Spectre, windows x lite, from a security prespective many people want to use them. just give us a genral security test of them please. :(
this is a tool that is great for checking if your computer has been RATTED right?
i dont see that much DNS listings on mine, just a couple from kaspersky, maybe it didn't install right?
What about reading the cap file...how can that be done?
What to do to get rid of the 12 or so UAC notification whenever we start Wireshark?
How about an app for a phone and firewall to block outgoing requests?
Cool!
How did you get it in Dark Look/Mode?
hey , I wonder how MacOS handle this? can you do these on MacOS also?
My Gigabyte GA-990FXA-UD5 R5 motherboard connects to the internet in the middle of the night after I turn it off.
@zapa1pnt
20 күн бұрын
If Windows, go into settings and turn off "wake on LAN".
@coisasnatv
20 күн бұрын
@@zapa1pnt Is disabled. By the way, the motherboard does this without a hard drive attached. It turns itself on in a kind of low-power mode and connects to the Internet.
@zapa1pnt
20 күн бұрын
@@coisasnatv: Well, if you can't find it in the BIOS, you will need to unplug it, after shutdown. 😁✌🖖
@coisasnatv
20 күн бұрын
@@zapa1pnt I already do. But how many people don't know? How many people are affected by this? Gigabyte is famous for doing this, google the topic and you will see that Gigabyte has been caught with his pants down more than once doing exactly the same thing.
is it normal to have remote desktop to be running in the background?
how would one check a hacked PC on this environment?
Waiting for eset smart security 17.
How to know about suspicious connection
I'm sure my FBI agent has this task well in hand. For my safety, of course.
always there is a "tool" to...
Better use Portmaster
I have little snitch. Not as deep as this, but it is powerful
how to restart everything it does something watching my pc
Shout out to Safing Portmaster it blocks a lot of this spying
Now if we could just firewall all traffic until I actually open google, or open my video game, then I would be happy
When will you finally release an app showing you who is watching through your eyes?
👍
Hello Everyone, From The UK👋
This is why you need to be careful if you work from home.Only connect your work laptop to guest wifi
Boot up Win7 with wireshark. Boot up Win11 with wireshark. Now throw away that Win11 installer.
thanks
just use peerblock
Can you test Firewall of Avast Free? Thanks
It helped me discover a virus on my mums phone once as the virus attempted to scan the WiFi network my computer and mum's phone were connected to.
the biggest question is are wireshark is safe to used it since all virus check website say have something on it?
@Holycurative9610
27 күн бұрын
If you try to download a cracked version of any program it will come up as having a virus because of the software used to crack the program This is piracy and if you want the full version of a paid program then go pay them for it and you don't have false positives for virus alerts. Wireshark is free and used by a lot of people so it is very unlikely to come preloaded with a virus. I've just installed Wireshark and there are NO viruses at all...
So you live in Canary Wharf?
"What applications are reaching out and what data is being sent?" -> You only show how to look at DNS requests, this show nothing about what data applications are sending. You only show which DNS queries your PC as a whole is making. "Maybe you are even hacked and your computer is connecting to attackers" -> By just looking at DNS that shows nothing, maybe they are using IPs instead of domain names. Maybe they use some Amazon or Google endpoint which doesn't make it clear either. Maybe they embedded a Tor tunnel. Once a domain has been resolved, it wouldn't re-resolve unless you've flushed your DNS cache or forcefully look up the domain again (using nslookup for example). I would've preferred to see how to isolate traffic from a specific application to see exactly what it does and exactly what data is being sent.
I appreciate this video, but this tutorial is a little too basic. would love to see something more in depth in the future.
when ever I see them ads server or address, it will be paste into my "hosts" file
is epic games spyware because when i launch my laptop fans starting turning
pretty simple idk why people are crying in the comments 😂
nice
Measly content for a tutorial....
Shame on you i use linux
@tenpoundsterlingtn7756
28 күн бұрын
Use all three OS, PC MAC Linux.
@ll-gv1rq
18 күн бұрын
Which distro?😂
@BunnyKhatri-pd8zm
18 күн бұрын
@@ll-gv1rq debian
@BunnyKhatri-pd8zm
18 күн бұрын
@@tenpoundsterlingtn7756 how did Pc become an os?
@BunnyKhatri-pd8zm
18 күн бұрын
@@ll-gv1rq debian
loolll I WILL NOT HACK THE WORLD, LEAVE ME ALONE
I know I just don't care