Cybersecurity for Beginners: How to use Wireshark

Рет қаралды 206,916

The PC Security Channel

Күн бұрын

Пікірлер: 201

@steventelfer8186 8 ай бұрын

Wireshark is one of the most important tool in IT. Mastering this tool is such a great advantage. Thank you!

@Adam-ey2jc 8 ай бұрын

I have always wanted to learn more about Wireshark but felt imitimidated by it but this video does a good job of breaking down some of the confusion around it. Modern computers are so complicated! I would love to see more videos about Wireshark or of this nature.

@KyanoAng3l0_Mtvtks 8 ай бұрын

Been using this alongside Portmaster. Makes me giddy to know that my tweaks and mods to minimize telemetry on Windows 10/11 work! :D I'd only see Windows telemetry being blocked by Portmaster when Windows tries to check for updates in the BG.

@cryptoafc7655 8 ай бұрын

Portmaster made my windows go in blue screen mode

@KyanoAng3l0_Mtvtks 8 ай бұрын

@@cryptoafc7655 Better bring it up to the Portmaster devs or in their community (can't mention the name here cos YT auto-deletes comments that mention other socials, lol). I haven't encountered that yet, but Portmaster does use a kernel driver so BSODs are possible.

@ttrqs 8 ай бұрын

@@KyanoAng3l0_Mtvtks havent encountered bsod aswell, using portmaster for 1 week now

@rrakesh6434 8 ай бұрын

May i know what kind of tweaks mods you do to reduce telemetry. I am interested to know

@Holycurative9610 8 ай бұрын

@@rrakesh6434 winaero tweaker is pretty good for W10/11.

@RealitySetsIn 7 ай бұрын

Yes, great video. I'm in cybersecurity program in college and so far I'm doing the general studies but I can't wait to get into the cybersecurity stuff like this.

@_Garm_ 8 ай бұрын

really intersting tutorial, would love to see more wireshak tutorials! :D

@shackcf 7 ай бұрын

Been using Wireshark on personal PC for years. While working it was Network Instruments that was pre-2009. Thanks for the videos.

@Embbrr 5 ай бұрын

Would love more videos like this, I was struggling with learning a lot of protocols for my IT program I am in, and this video was explained perfectly, The examples on screen were very easy to follow, and your approach to explaining how exactly things worked was very easy to follow, need a full series like this, from Zero to Hero! Great job honestly.

@CoderSal-XIII 7 ай бұрын

Wireshark is such an important tool. I use it all of the time both at work and at home. Such a great tool. Good video for beginners.

@buraduri 8 ай бұрын

This video seems like it's missing an important part of the usefulness of wireshark. How do I identify what I don't know what I'm looking for? No shit if I connect to youtube I'll see youtube but what about unrecognized connections from potentially malicious software on my PC

@joepjoep9531 8 ай бұрын

You have to look at this differently it’s made for people who never used it before you can’t start somewhere in the middle or very complicated if you are learning something new

@pcsecuritychannel 8 ай бұрын

Wireshark is an investigative tool, not anti-malware. If you want a quick and easy way to detect malware, this isn't it.

@seansingh4421 8 ай бұрын

In that scenario you would wanna look for network connections involving unusual ports, so lets say you have a typical Windows home edition PC, but you spot a some random executables (Apps and .exe) successfully connecting via Port 22, Port 3389 BUT you don’t even have Remote Desktop feature because that’s unavailable in Home editions. This is just one example and trust me this can be a rabbit hole of being over suspicions but this is one example of an outbound C&C connection

@johnsmith1953x 7 ай бұрын

@@pcsecuritychannel Sounds like an opportuniy for something AI to "sit" on top of wireshark and do this.

@d1m18 7 ай бұрын

@@pcsecuritychanneldo you recommend any tools for this?

@Italiangentleman2394 5 ай бұрын

Going back to school for cyber security and studying for sec+ and cysa+ you have been very helpful

@Plazmal 8 ай бұрын

I've always liked using Wireshark to monitor connections from other devices a like IoT devices etc. It's super useful for that. Good video as always.

@regisegek4675 8 ай бұрын

Indeed

@DudeWhoSaysDeez 7 ай бұрын

Can you monitor all traffic on your network from just one computer?

@SyberPrepper 8 ай бұрын

Thanks for the video. Would love to see more Wireshark instructional videos. You do a great job of simplifying complexity.

@joepjoep9531 8 ай бұрын

Good video for absolute beginners

@FakeJeep 8 ай бұрын

Very simple and straight forward tutorial.

@random-user-in-yt 8 ай бұрын

Good tutorial but I think you miss a important point for some people who can not see any readable DNS query. If DNS query is encrypted(maybe by HTTPS), WireShark can not capture those DNS query in readable string.

@ttrqs 8 ай бұрын

been waiting for a vid like this, ty

@davidbell7094 8 ай бұрын

Excellent info picked up,through this video. Yea I'd love too see some more videos like this,is good too understand more of what it all means,cheers buddy!

@wannabedal-adx458 7 ай бұрын

1) More content on Wireshark would be great (aka Tutorials). 2) How much does Wireshark cost?

@Taffy84 7 ай бұрын

It's free

@squirlmy 7 ай бұрын

Open Source and free forever, unlike for example Metasploit, which is partly open and partly with proprietary upgrades.

@faithtechnology3542 4 ай бұрын

hey just wanna tell you that you are a great guy these videos are so easy to understand

@damianpodgorski6977 7 ай бұрын

Loved the video, simple and powerful! Hope more to come on wireshark

@Alchemetica 8 ай бұрын

Yes please, Leo, more videos like this one. Thanks as always.

@jaycolife2314 7 ай бұрын

I’m interested in computer science and how they connect with the world. It’s fascinating but intimidating and overwhelming.. I subscribed hoping you’ll put up more content like this. Break it down for us..

@codydietrich4246 7 ай бұрын

Well done. Super easy to understand!

@urik7793 7 ай бұрын

Just a note at the beginning you can select multiple network adapters by holding CTRL as well.

@ao4514 8 ай бұрын

Hello Leo, many thanks for a great content as always. Would you ever consider doing a content on how to use Wireshark for hunting malware?!

@bernieoldham7580 7 ай бұрын

enjoyable video ,thank you . one question how do we stop the spyware. a video on how to turn it off, individually would be most welcome . 🙂

@rdsii64 7 ай бұрын

An interesting video subject would be on what to do when you find your computer connecting to places you don't want it to.

@muhammadsalmanafzal9396 8 ай бұрын

would love a more deep dive to understand what other kinds of network requests are being made if a malicious software is installed.

@wissy006 8 ай бұрын

I liked the video, it was very interesting thanks Leo😄❣️

@HazexDimond 8 ай бұрын

great stuff 👍 many useful cases for this tool last time i used it was to check my dns traffic to make sure it was all configured/encrypted correctly for a deeper dive, chris greer has some good wireshark content on youtube, explains filters well

@x9v8k 8 ай бұрын

Yes, please do more videos to add on this one (advance). Is there anything further to see if the connections are not easily identifiable? Is there a way to pinpoint a remote connection quickly?

@vaclovas-art 7 ай бұрын

DNS can be also encrypted using DNS over TLS or DNS over HTTPS. So than you cannot see any DNS requests which was made. ISP also cannot see it 😊

@xbeast7585 8 ай бұрын

Thank You So Much For The Video Sir Please Make More Videos On How To Use Wireshark 💓✨

@TheRealWillM 7 ай бұрын

I don't know if you do this already but maybe create a 'related series' as an aside to the main thrust of the channel. Anyway those are my thoughts and content like this is very useful for 'dipping' the toe in, which may be useful down the track.

@UserforPhone 7 ай бұрын

I am very curious about why there is no option to have a professional packet capturing software like Wireshark for mobile/Android?

@bretjohnd.morales9310 7 ай бұрын

Now I know you have a website. =) Glad to know.

@GustavoMsTrashCan 7 ай бұрын

Thank you for this wonderful tutorial!

@priyojitdeb1891 8 ай бұрын

Thanks, this was really informative!

@miltonthecat2240 7 ай бұрын

I would like to snoop on WiFi traffic to the various WiFi-enabled devices that are proliferating in my house. This is mostly a curiosity, but I expect there will also be surprises, some perhaps concerning. I've been told that I can use Wireshark to do this, but I need to add a separate dedicated WiFi interface on my PC that supports "promiscuous mode". I found some trailing edge WiFi dongles that are supposed to support promiscuous mode, but I also need a compatible driver. This is where I have hit a dead-end, as I have been warned that the drivers for these trailing edge WiFi interfaces often have embedded malware, and I don't have a sacrificial PC available to dedicate to this effort. Any light you can shed on this in a future video would be of interest to me.

8 ай бұрын

Please create a video on accessing malicious and phishing domains while using NextDNS. A general review of NextDNS would also be be nice!

@gyl9735 4 ай бұрын

I like the way you explain it and it is really helpful!!! thanks

@yt4me2lurn Ай бұрын

Hi, once you see the packets that show the sites you may not want, can you block those or will they just keep communicating each time you go to that site ?

@VentelHD 5 ай бұрын

I collected all ad urls and added them to my hosts file. Can now browse anyplace without background ad data exchanges without consent.

@kaeez 8 ай бұрын

What browser are you using?

@giausjulius4 4 ай бұрын

Maybe we would go more in depth on this software sometime? What do the colors mean, if anything? How do you really determine what is and isn't a good IP once you see something you don't recognize? How do VPNs interact with and change the packets you see? Stuff like that. I'm just getting into the whole cybersecurity scene. Although I've been careful since the days of Limewire to never click links, ads, and to distrust anything I see in emails, etc, I haven't ever really been big in actually finding out what goes wrong in the system and network. I visit the same sites that I've always gone to. But I find myself wondering if somehow they are getting in anyway even if I've been careful just by little things I notice happening on my PC once in a while such as the CMD window opening for just a moment and disappearing, a game minimizing to desktop with no input, etc. These coupled with data leaks from big tech leaking email, account info, and so on. It's probably totally benign and I'm being paranoid but you never know.

@HaveanOreshnik 7 ай бұрын

this is a tool that is great for checking if your computer has been RATTED right?

@peterwassmuth4014 8 ай бұрын

Totally awesome! Thank you for Sharing! 💯✴

@Isazeledon19 Ай бұрын

The most useful video, thnaks

@tuttoaposto4011 7 ай бұрын

Does Wireshark show only the activity on the computer it’s downloaded to, or the LAN the computer is part of?

@username_0_0 6 ай бұрын

i love your desktop wallpaper. Please share downloadable link to download the same wallpaper.

@johnduty4505 7 ай бұрын

What about reading the cap file...how can that be done?

@shinigamirenegade 7 ай бұрын

Not going to lie if you start using Wireshark and if you have familiarity with osi model like layer with layer 3 routers packets and layer 2 switches frames then it's not bad at all. To read the traffic and knowing udp tcp protocols you're golden. I think I need help with adjusting ethernet adapter into promiscuous mode and the other mode. And what's the functionality.

@Jerry-vt4zf 7 ай бұрын

You need to do a video, kaspersky vs malwarebytes premium

@AcvaristulLenes 7 ай бұрын

What to do to get rid of the 12 or so UAC notification whenever we start Wireshark?

@therealmrarchive 4 ай бұрын

links to amazon popped up when I tested wireshark on my own personal computer. Shoved the link in a url blocker. No more amazon lol X D

@Ulfeneimer 7 ай бұрын

That Wallpaper look sick! Where did you get it? @The Pc Security Channel

@coisasnatv 7 ай бұрын

My Gigabyte GA-990FXA-UD5 R5 motherboard connects to the internet in the middle of the night after I turn it off.

@zapa1pnt 7 ай бұрын

If Windows, go into settings and turn off "wake on LAN".

@coisasnatv 7 ай бұрын

@@zapa1pnt Is disabled. By the way, the motherboard does this without a hard drive attached. It turns itself on in a kind of low-power mode and connects to the Internet.

@zapa1pnt 7 ай бұрын

@@coisasnatv: Well, if you can't find it in the BIOS, you will need to unplug it, after shutdown. 😁✌🖖

@coisasnatv 7 ай бұрын

@@zapa1pnt I already do. But how many people don't know? How many people are affected by this? Gigabyte is famous for doing this, google the topic and you will see that Gigabyte has been caught with his pants down more than once doing exactly the same thing.

@blueyhis.zarsoff1147 7 ай бұрын

How about an app for a phone and firewall to block outgoing requests?

@MrBeeytube 8 ай бұрын

Great video!

@eaudesolero5631 4 ай бұрын

is there a browser that does not make any queries to any links until i actually click on it? it simply puts a place holder, the link...

@pipjersey8303 8 ай бұрын

i dont see that much DNS listings on mine, just a couple from kaspersky, maybe it didn't install right?

@stephie3206 8 ай бұрын

Merci 😊😊😊

@ethimself5064 8 ай бұрын

Is Malewarebytes still poot for on the fly? I trust it is still great at scans

@HeavenlyWarrior Ай бұрын

If that doesn't block the connection it's pretty pointless. Netguard on Android can do that and can block every single individual app or site that the app connects. I don't know if there's something like that for Windows.

@HabeebSule 7 ай бұрын

This is an awesome video thanks.

@DarrelDinkem 7 ай бұрын

how would one check a hacked PC on this environment?

@GYTCommnts 8 ай бұрын

My old Outpost Firewall used to show me similar information, separated by the apps (or component of the O.S.) which was generating the connection... Is there a tool for this or is there an option available on Wireshark for monitoring this? Or is only doable on firewalls?

@sauplink7975 2 ай бұрын

To achieve what you were doing with Outpost Firewall-monitoring traffic per application or OS component-you can use Wireshark but with some limitations, as it primarily focuses on packet-level analysis rather than app-based monitoring. However, with the right filters, you can approximate similar functionality by analyzing traffic specific to certain processes or connections. Wireshark allows you to apply **display filters** to identify specific network traffic based on protocols, IP addresses, or ports, which indirectly helps monitor app activity. However, it does not directly show traffic sorted by applications unless you pair it with OS tools to map the process to network traffic. For more straightforward app-based monitoring, a dedicated firewall or monitoring tool like **PRTG Network Monitor** or **SolarWinds Deep Packet Inspection** might be more suitable【7†source】【9†source】. If you want a direct replacement for the Outpost Firewall's style of monitoring, consider using **NetFlow** or **Deep Packet Inspection (DPI)** tools, which can classify traffic by app category and offer more detailed insights into app-level connections【9†source】. If you still prefer Wireshark, combining it with system monitoring tools could provide a similar overview, but it will require manual filtering and linking to specific processes.

@mahamadousimpara4320 5 ай бұрын

I want to see the entire on my network not just for my computer!!!

@ToecutterPA 7 ай бұрын

How did you get it in Dark Look/Mode?

@Lossh2004 7 ай бұрын

is it normal to have remote desktop to be running in the background?

@MrScoodles 5 ай бұрын

I see my private IP address sending and receiving HTTP requests from public IP addresses. Is this weird? Why isn't it my public IP address that is handling these requests?

@alleeadl289 8 ай бұрын

can you do us a favor and review costume os like tiny11, Ghost Spectre, windows x lite, from a security prespective many people want to use them. just give us a genral security test of them please. :(

@bruceparker3139 8 ай бұрын

hey , I wonder how MacOS handle this? can you do these on MacOS also?

@KirenKK-te7pb 6 ай бұрын

Wireshark has to be a " backdoor" to catch " backdoor entries " too. The ethics of the admin of any empowerment matters as much as the expected service😅!

@TheTitaniumSkull 8 ай бұрын

This reminds me of back in late 90s early2000s there was a free app (can’t remember name) that backtracked incoming pings.

@CSGhostAnimation 8 ай бұрын

Now if we could just firewall all traffic until I actually open google, or open my video game, then I would be happy

@alberts6096 28 күн бұрын

there should be a function in wireshark make a image of all connection, install software, make image again and compare.

@ZephniStrife 6 ай бұрын

I don't know why but my instant reaction to something like this is: How can I trust it? As it could quite easily see current webpages you are on or applications you're typing passwords into, and then hide its ip: protocol transaction with a server... but it's probably fine 👀

@markhutchinson8760 7 ай бұрын

Yes, more vids like this!

@Holycurative9610 8 ай бұрын

Portmaster and winaero tweaker are my ho to programs for shutting down telemetry.

@gerry2345 7 ай бұрын

Very good vid.

@PaddyPatPatrick 8 ай бұрын

Hello Everyone, From The UK👋

@darksphere4679 Ай бұрын

i took an entire. class in community college on wireshark, and i was afraid of it after this class. but now. not so much

@fiefieviolet 6 ай бұрын

This is so complex, its like a programming language. I initially thought it was just gonna be a program that detects and blocks everything

@AdamsDouglas-z8m 5 ай бұрын

Lol

@kimsena268 8 ай бұрын

Waiting for eset smart security 17.

@buzzbang9164 8 ай бұрын

how to restart everything it does something watching my pc

@vulcan4d 8 ай бұрын

Boot up Win7 with wireshark. Boot up Win11 with wireshark. Now throw away that Win11 installer.

@girl4632 7 ай бұрын

How to know about suspicious connection

@denizorsel1029 6 ай бұрын

Skoda octavia is not that bad if you are still looking into it =)

@You_Could_Be_Next 8 ай бұрын

I'm sure my FBI agent has this task well in hand. For my safety, of course.

@timchalmers1700 7 ай бұрын

Cool. Thanks!

@jonmike9339 7 ай бұрын

This is why you need to be careful if you work from home.Only connect your work laptop to guest wifi

@uzijoe 8 ай бұрын

Better use Portmaster

@ImSimpIicity 8 ай бұрын

Thanks !!!!!!

@SKULLETON_Clips 7 ай бұрын

Good video

@Druid4026 8 ай бұрын

the biggest question is are wireshark is safe to used it since all virus check website say have something on it?

@Holycurative9610 8 ай бұрын

If you try to download a cracked version of any program it will come up as having a virus because of the software used to crack the program This is piracy and if you want the full version of a paid program then go pay them for it and you don't have false positives for virus alerts. Wireshark is free and used by a lot of people so it is very unlikely to come preloaded with a virus. I've just installed Wireshark and there are NO viruses at all...