If you’re interested in learning cybersecurity one of the things you’ll want to learn is how to dissect network packets.
In order to dissect network packets the first thing you need to know is how to capture network packets with a packet sniffer as they traverse the network. Learn how to sniff packets with Wireshark or tcpdump. I wrote about that here:
https://medium.com/cloud-security/what-is-packet-sniffing-f03f50aa230
Once you understand how to sniff packets and capture them and understand packet header specifications, then you reverse engineer what is in the packets. That knowledge helps you inspect the packets to see what attackers are doing in the packets they send across the network.
Not only can you dissect network packets, you can also use this knowledge to help you reverse engineer malware. Being able to review and convert hex and binary data enables analysts to understand malicious code without access to the original source code. Binary is the raw machine code(s) executed by the processor, while hex is used in editors like IDA Pro and Ghidra to view, manipulate, and identify malicious signatures, file structures, and API calls.
If you’re interested in learning more about cybersecurity match check out these posts:
Cybersecurity Math: How you can use math to reconcile cybersecurity
https://medium.com/cloud-security/cybersecurity-math-34485d45c7d0
Numbering systems (base 2, base 10, base 16): Counting in different numeric languages and why it matters in cybersecurity
https://medium.com/cloud-security/numbering-systems-base-2-base-10-etc-49845c7a3f87
Counting in Hexadecimal (Base 16): When the numbers run out, use letters
https://medium.com/cloud-security/counting-in-hexadecimal-base-16-bd02cf6a88fb
Hexadecimal To Binary To Decimal: Conversion without exponentials
https://medium.com/cloud-security/hexadecimal-to-binary-to-decimal-4ead383064bc
Math in Network Packets: Bits, bytes, and packet headers — starting with the ethernet header
https://medium.com/cloud-security/math-in-network-packets-18aa038fa300
Calculating Packet and IP Header Lengths: Digging into a packet header to decipher the field values
https://medium.com/cloud-security/calculating-packet-and-ip-header-lengths-ba8552bbd32f
Calculating the Next Layer in a Packet: Understanding which header follows the IP header in IPv4 or IPv6
https://medium.com/cloud-security/calculating-the-next-layer-in-a-packet-d67ff8399d6f
Calculating the size of a TCP Packet Payload
https://medium.com/cloud-security/calculating-the-size-of-a-tcp-packet-payload-4d35c708bff
For more posts like these follow the Learn Security section on this blog.
— Teri Radichel