Lab – analyzing SMB packets
In this hands-on exercise, you will explore the security risks and discover how data is exchanged over a network between hosts that uses the SMB protocol. To get started with this exercise, follow these steps:
- First, go to https://www.7-zip.org/ to download the 7-Zip application and install it on your computer, as shown here:
Figure 6.52 – 7-Zip application
- Next, go to https://wiki.wireshark.org/SampleCaptures and download the
smbtorture.cap.gz
file onto your computer, as shown in the following screenshot:
Figure 6.53 – SMB sample capture file
- Next, use the 7-Zip application to unzip/extract the
smbtorture
Wireshark capture file. - Open the extracted
smbtorture
file using the Wireshark application, as shown here:
Figure 6.54 – SMB packets
As shown in the preceding screenshot, a client with an IP address of 192.168.114.1
is...