Sniffing the Network - Securing Your Networks | Coursera

Für UnternehmenFür Kursteilnehmer

Blättern
Beliebte Kurse
Anmelden
Kostenlose Teilnahme

Sniffing the Network

Loading...

IT Security: Defense against the digital dark arts

4.8 (10,394 Bewertungen) | 140.000 Teilnehmer angemeldet

Kurs 5 von 5 in Google IT-Support Spezialisierung

Kostenlos anmelden

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: ● how various encryption algorithms and techniques work as well as their benefits and limitations. ● various authentication systems and types. ● the difference between authentication and authorization. ● how to evaluate potential risks and recommend ways to reduce risk. ● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves.

Lehrplan anzeigen

Kompetenzen, die Sie erwerben

Cybersecurity, Wireless Security, Cryptography, Network Security

Bewertungen

4.8 (10,394 Bewertungen)

5 stars
83.57%
4 stars
13.47%
3 stars
2.07%
2 stars
0.51%
1 star
0.34%

LR

30. Juni 2020

Thank you Google, Qwiklabs and the Coursera team for giving me this wonderful opportunity to learn the vast IT world. Thank you for providing me with the knowledge and the start to a career in IT.

PB

8. Jan. 2021

This was by far the hardest module to finish, but I did it and I especially would like to thank Coursera's support people for that. They rooted me on, and kept telling me not to give up. Thanks!

Aus der Unterrichtseinheit

Securing Your Networks

In the fourth week of this course, we'll learn about secure network architecture. It's important to know how to implement security measures on a network environment, so we'll show you some of the best practices to protect an organization's network. We'll learn about some of the risks of wireless networks and how to mitigate them. We'll also cover ways to monitor network traffic and read packet captures. By the end of this module, you'll understand how VPNs, proxies and reverse proxies work; why 802.1X is a super important for network protection; understand why WPA/WPA2 is better than WEP; and know how to use tcpdump to capture and analyze packets on a network. That's a lot of information, but well worth it for an IT Support Specialist to understand!

Sniffing the Network5:15

Wireshark and tcpdump6:45

Intrusion Detection/Prevention Systems6:45

Unterrichtet von

Google

Testen Sie den Kurs für Kostenlos

Skript

Now, in order to monitor what type of traffic is on your network, you need a mechanism to capture packets from network traffic for analysis and potential logging. Packet Sniffing or Packet Capture, is a process of intercepting network packets in their entirety for analysis. It's an invaluable tool for IT support specialists to troubleshoot issues. There are lots of tools that make this really easy to do. Before we dive into the details of how to use them, let's cover some basic concepts of Packet Sniffing. By default, network interfaces and the networking software stack on an OS are going to behave like a well-mannered interface, They will only be accepting and processing packets that are addressed with specific interface address usually identified by a MAC address. If a packet with a different destination address is encountered, the interface will just drop the packet. But, if we wanted to capture all packets that an interface is able to see, like when we're monitoring all network traffic on a network segment, this behavior would be a pain for us. To override this, we can place the interface into what's called Promiscuous Mode. This is a special mode for Ethernet network interfaces that basically says, "Give me all the packets." Instead of only accepting and handling packets destined for its address, it will now accept and process any packet that it sees. This is much more useful for network analysis or monitoring purposes. I should also call out that admin or root privileges are needed to place an interface into promiscuous mode and to begin to capture packets. Details for various platforms on how to get into promiscuous mode can be found in the supplemental reading section. Many packet capture tools will handle this for you too. Another super important thing to consider when you perform packet captures is whether you have access to the traffic you like to capture and monitor. Let's say you wanted to analyze all traffic between hosts connected to a switch and your machine is also connected to a port on the switch. What traffic would you be able to see in this case? Because this is a switch, the only traffic you'd be able to capture would be traffic from your host or destined for your host. That's not very useful in letting you analyze other hosts traffic. If the packets aren't going to be sent to your interface in the first place, Promiscuous Mode won't help you see them. But, if your machine was inserted between the uplink port of the switch and the uplink device further upstream now you'd have access to all packets in and out of that local network segment. Enterprise manage switches usually have a feature called Port Mirroring, which helps with this type of scenario. Port Mirroring, allows the switch to take all packets from a specified port, port range, or the entire VLAN and mirror the packets to a specified switch port. This lets you gain access to all packets passing on a switch in a more convenient and secure way. There's another handy though less advanced way that you can get access to packets in a switched network environment. You can insert a hub into the topology with the device or devices you'd like to monitor traffic on, connected to the hub and our monitoring machine. Hubs are a quick and dirty way of getting packets mirrored to your capture interface. They obviously have drawbacks though, like reduced throughput and the potential for introducing collisions. If you capture packets from a wireless network, the process is slightly different. Promiscuous Mode applied to a wireless device would allow the wireless client to process and receive packets from the network it's associated with destined for other clients. But, if we wanted to capture and analyze all wireless traffic that we're able to receive in the immediate area, we can place our wireless interface into a mode called monitor mode. Monitor mode, allows us to scan across channels to see all wireless traffic being sent by APs and clients. It doesn't matter what networks they're intended for and it wouldn't require the client device to be associated or connected to any wireless network. To capture wireless traffic, all you need is an interface placed into monitor mode. Just like enabling promiscuous mode, this can be done with a simple command, but usually, the tools used for wireless packet captures can handle the enabling and disabling of the mode for you. You need to be near enough to the AP and client to receive a signal, and then you can begin capturing traffic right out of the air. There are a number of open source wireless capture and monitoring utilities, like Aircrack-ng and Kismet. It's important to call out that if a wireless network is encrypted, you can still capture the packets, but you won't be able to decode the traffic payloads without knowing the password for the wireless network. So, now we're able to get access to some traffic we like to monitor. So, what do we do next? We need tools to help us actually do the capture and the analysis. We'll learn more about those in the next lesson.

Durchsuchen Sie unseren Katalog

Melden Sie sich kostenlos an und erhalten Sie individuelle Empfehlungen, Aktualisierungen und Angebote.

Coursera Footer

Beliebte Online-Kurse

Sinn und Zweck im Leben finden
Medizinische Forschung verstehen
Japanisch für Anfänger
Einführung in Cloud Computing
Grundlagen der Achtsamkeit
Grundlagen des Finanzwesens
Maschinelles Lernen
Maschinelles Lernen mittels Sas Viya
Die Wissenschaft des Wohlbefindens
Contact-Tracing im Kontext von COVID-19
KI für alle
Finanzmärkte
Einführung in die Psychologie
Erste Schritte mit AWS
Internationales Marketing
C++
Predictive Analytics und Data-Mining
UCSD: Learning How to Learn
Michigan: Programming for Everybody
JHU: R-Programmierung
Google CBRS CPI Training

Beliebte Online-Spezialisierungen

Natural Language Processing (NLP)
KI für Medizin
Guter Umgang mit Worten: Redaktionelles Schreiben
Modellbildung von Infektionskrankheiten
Die Aussprache des US-amerikanischen Englisch
Software-Testautomatisierung
Deep Learning
Python für alle
Data Science
Geschäftsgründungen
Excel-Kenntnisse für Beruf
Data Science mit Python
Finance for Everyone
Kommunikationsfähigkeiten für Ingenieure
Verkaufstraining
Career Brand Management
Wharton: Unternehmensanalytik
Penn: Positive Psychology
Washington: Maschinelles Lernen
CalArts: Grafikdesign

Online-Zertifikate

Zertifikate über berufliche Qualifikation
MasterTrack-Zertifizierungen
Google IT-Support
IBM Datenverarbeitung
Google Cloud Data Engineering
IBM Applied AI
Google Cloud Architecture
IBM Cybersecurity Analyst
Google IT Automation with Python
IBM z/OS Mainframe Practitioner
UCI: Angewandtes Projektmanagement
Zertifizierung in Instructional Design
Zertifizierung in Bauwesen und -management
Zertifizierung in Big Data
Zertifizierung Maschinelles Lernen für Analytics
Zertifizierung in Innovation Management & Entrepreneurship
Zertifizierung in Nachhaltigkeit und Entwicklung
Zertifizierung in Soziale Arbeit
Zertifizierung KI und maschinelles Lernen
Zertifizierung in Räumliche Datenanalyse und Visualisierung

Online-Abschlussprogramme

Abschlüsse in Informatik
Business-Abschlüsse
Abschlüsse im Gesundheitswesen
Abschlüsse in Data Science
Bachelorabschlüsse
Bachelor of Computer Science
MS Elektrotechnik
Bachelor Completion Degree
MS Management
MS Informatik
MPH
Master-Abschluss in Buchhaltung
MCIT
MBA online
Master of Applied Data Science
Global MBA
Master in Innovation & Entrepreneurship
MCS Data Science
Master in Informatik
Master-Abschluss in Public Health

Coursera

Info
Was wir anbieten
Leitung
Jobs
Katalog
Zertifikate
MasterTrack™-Zertifikate
Abschlüsse
Für Unternehmen
Für Regierungen
Für Campus

Community

Kursteilnehmer
Partner
Entwickler
Beta-Tester
Übersetzer
Blog
Tech-Blog
Lehrzentrum

Mehr

Nutzungsbedingungen/AGB
Datenschutz
Hilfe
Barrierefreiheit
Presse
Kontakt
Verzeichnis
Partnerunternehmen

Überall lernen

Erhältlich bei Google Play

© 2021 Coursera Inc. Alle Rechte vorbehalten.