Capturing packets on the wire
In the last section, we discussed what the OSI model is and the layers that formulate and structure the model. We reviewed how a packet is constructed and then directly compared the packet structure to the communication exchange we see between the PLC and engineering software. In this section, we are going to dive deeper into Wireshark and focus on some key features that I personally use during my engagements to capture traffic. As a recap, in Chapter 5, Span Me If You Can, we used Wireshark to verify that our mirror port was set up and configured correctly.
Now, I want to preface this upcoming content with two very distinct points, and give shout-outs to fellow security experts in the industry, as well as to content that I have personally leveraged in the past to hone my skills:
Both these resources provide different types of content. I have Wireshark 101 by...
