Class 01: Network Traffic Analysis with Wireshark - HeraldoM332/301-Reading-Notes GitHub Wiki

I think it's important because it is useful for understanding networking as a whole.

What does “OSI” stand for?

Open Systems Interconnection

List the 7 layers of the OSI model and what each one is responsible for.

Physical Layer: Responsible for the actual physical connection between the devices

Data Link Layer: Responsible for node-to-node delivery of the message

Network Layer: Responsible for transmission of data from one host to the other located in different networks

Transport Layer: Responsible for providing services to the application layer and takes services from the network layer

Session Layer: Responsible for the establishment of connection, maintenance of sessions, and authentication, and also ensures security

Presentation Layer: The data from the application layer is extracted here and manipulated as per the required format to transmit over the network.

Application Layer: These applications produce the data, which has to be transferred over the network

Distinguish which layers are the “hardware layers”, and which layers are the “software layers”. What does that even mean?

Software Layers: Software layers are where each 'layer' of a system deals with a certain function of a system which, usually, gets more and more detailed as you burrow down into the layer stack.

Application Layer, Presentation Layer, Session Layer, Transport Layer, Network Layer

Hardware Layers: A layer of programming that allows a computer OS to interact with a hardware device at a general or abstract level rather than at a detailed hardware level

Data Link Layer, Physical Layer, Network layer

How can the OSI model be used in troubleshooting?

Using the OSI model as a framework helps in systematically approaching network troubleshooting, allowing you to isolate and address issues more effectively by focusing on specific layers and their functionalities.

I believe wireshark is important because it helps us reveal a lot of information regarding networks.

What is Wireshark?

Network protocol analyzer

What is a packet?

Packet is the name given to a discrete unit of data in a typical Ethernet network.

What 3 high-level things does Wireshark accomplish? How could these be used for nefarious purposes? For benevolent purposes?

3 high level: Packet Capture and Analysis, Troubleshooting and Diagnostics, Security Analysis

If used correctly it can be used to troubleshoot issues, make network improvements. Enhance network security. If used for malicious purposes it can capture sensitive information. Expose vulnerabilities in systems and inject malware.

Things I want to know more about

I would like to know more about how it long takes to master Wireshark and if it is more or less complicated or easy to use

As for OSI I would like to be able to read it more easily

Resources:

https://www.comptia.org/content/articles/what-is-wireshark-and-how-to-use-it

https://www.geeksforgeeks.org/open-systems-interconnection-model-osi/