The book contains many case studies, and for most of them there is an associated network traffic capture file. The captures below can be opened with Wireshark. You may also want to check the topology diagram for the lab.
| File | Description |
|---|---|
| UNIX Authentication (Chapter 2) | |
| NSS-LDAP-getent.cap | NSS LDAP — getent lookup |
| NSS-LDAP-login.cap | NSS LDAP — user login |
| PAM-LDAP-login.cap | PAM LDAP — user login |
| NSS-Hesiod.cap | NSS Hesiod — user authentication |
| Windows Authentication (Chapter 3) | |
| NT-NetworkLogon.cap | Windows NT network logon |
| Steve-Startup-And-Logon.Cap | Domain member start-up and user logon |
| Alan-NTDOMAIN-Logon-Simon.cap | Windows NT domain user logon |
| XP-Client-Steve-CIFS-Logon.cap | Windows XP client — CIFS logon using Kerberos |
| NTLM Authentication (Chapter 4) | |
| NTLM-External-AccessByIP-Client-Server-DC.cap | NTLM pass-through — client/server/DC |
| NTLM-External-AccessByIP-DC-to-DC.cap | NTLM pass-through — DC to DC |
| Kerberos Authentication (Chapter 4) | |
| Kerberos-CIFS.Cap | Kerberos authentication — CIFS file access |
| Telnet Authentication (Chapter 4) | |
| Telnet-Login.Cap | Telnet login authentication |
| Telnet-Krb5.Cap | Telnet Kerberos 5 authentication |
| FTP Authentication (Chapter 4) | |
| FTP-GSSAPI.Cap | FTP GSS-API authentication |
| HTTP Authentication (Chapter 4) | |
| HTTP-Anonymous.Cap | HTTP anonymous authentication |
| HTTP-Basic.Cap | HTTP basic authentication |
| HTTP-Digest.Cap | HTTP digest authentication |
| HTTP-GSSAPI-NTLM.Cap | HTTP GSS-API / NTLM authentication |
| HTTP-SSL.Cap | HTTP over SSL/TLS |
| HTTPS-ClientAuthentication.Cap | HTTPS client certificate authentication |
| POP3 / IMAP Authentication (Chapter 4) | |
| IMAP-Authentication-CRAM-MD5.cap | IMAP SASL CRAM-MD5 authentication |
| IMAP-Authentication-DIGEST-MD5.cap | IMAP SASL DIGEST-MD5 authentication |
| POP3-NTLM-Authentication.CAP | POP3 NTLM authentication |
| SMTP Authentication (Chapter 4) | |
| SMTP-Login-Auth.Cap | SMTP login authentication |
| LDAP Authentication (Chapter 4) | |
| LDAP-Simple-Bind.Cap | LDAP simple bind authentication |
| LDAP-SASL-Digest.Cap | LDAP SASL Digest-MD5 authentication |
| LDAP-SASL-GSS-API.Cap | LDAP SASL GSS-API authentication |
| Sun RPC Authentication (Chapter 4) | |
| RPC-NullAuthentication.Cap | RPC AUTH_NULL authentication |
| RPC-UnixAuth.Cap | RPC AUTH_UNIX authentication |
| Remote Access / PPP (Chapter 5) | |
| PPTP-PAP.Cap | PPTP with PAP authentication |
| PPTP-Chap.Cap | PPTP with CHAP authentication |
| PPTP-MS-Chap-v.1.Cap | PPTP with MS-CHAP v1 |
| PPTP-MS-Chap-v.2.Cap | PPTP with MS-CHAP v2 |
| 802.1X / Port-Based Access Control (Chapter 5) | |
| 8021x-EAP-MD5.Cap | 802.1X with EAP-MD5 |
| 8021x-PEAP-MS-CHAPv2.Cap | 802.1X with PEAP / MS-CHAPv2 |
| Wireless Authentication (Chapter 5) | |
| WiFi-Open-Authentication.Cap | Wi-Fi open authentication |
| WiFi-Shared-Authentication.Cap | Wi-Fi shared key authentication |
| IPSec / VPN (Chapter 5) | |
| IPSec-XAUTH.Cap | IPSec IKE XAUTH authentication |
| Centralized Authentication (Chapter 5) | |
| TACACS.Cap | TACACS+ authentication |
| Lab Reference | |
| LabDiagram.PDF | Lab topology diagram (PDF) |
| LabDiagram.jpg | Lab topology diagram (JPEG) |
To open these capture files you will need Wireshark:
Download Wireshark — Free packet analyser