Immersive Labs writeup (practice writeup)
Quite recently, I did Immersive Labs' Packet Analysis - Wireshark and this is my first practice writeup. "How many cipher suites are supported in TLSv1.3 within this capture?" (4 suites) First, open up the remote VM named " Understanding Wireshark". From there, head to folder "labfiles" > "tls_1_3.pcapng" Wireshark search term: "tls.handshake.type==1". Went Transport Layer Security section (second screenshot) > Cipher suites Scrolling down, found Cipher Suites section: Cipher Suites (4 suites) " Which cipher suite is used in the current capture?" (TLS_AES_256_GCM_SHA384) Here I did guesswork; the first cipher is the latest cipher used in the current capture (which I got lucky) After further research, there was an article that talked about SSL/ TLS handshake. The article for reference: https://www.linuxbabe.com/security/ssltls-handshake-process-explained-with-wireshark-screenshot (Huh.... So this is what I a...