You'll learn how to properly read and interpret packets
and packet headers including IP, TCP, ICMP, and UDP.
You will learn how to distinguish between normal,
abnormal, and malicious traffic. You will also create
and respond to attacks such as Smurf, Tribe Flood
Network, Stacheldracht, and Targa among others. You
will see how man-in-the-middle attacks are perpetrated,
and how to prevent them. You will see how hackers
bring down routers and switches, and will learn how
to protect network infrastructures as well as properly
setup and maintain an Intrusion Detection System.
Who Should Take This Class?
Anyone in an information technology related
field. New information security personnel, IT security
officers, information security professionals, security
auditors, network engineers, network administrators,
troubleshooters and technicians. Appropriate for anyone
interested in network security and the forensic value
of performing packet analysis - technical CEOs and
law enforcement as well.
Why This Class?
Don't pay thousands of dollars to attend a crowded
class where either the instructor has no time for
your questions or is not capable of answering your
questions. Small class sizes (fifteen or less) mean
that your questions will get answered, and additional
help will be given when needed. Your instructor is
a seasoned IT professional with over 22 years of experience
and the ability to break down complex material into
material you will understand.
What Are Some Applications
Of Packet Analysis?
1. Gleaning clear-text usernames and passwords
from network traffic. Used by hackers for unauthorized
access. Used by IT professionals to test security
of network traffic.
2. Performance and fault analysis to discover network
bottlenecks and communication problems.
3. Differentiating normal from abnormal and malicious
4. Authenticating and analyzing what Intrusion Detection
Systems and Firewalls are recording as attacks.
5. Making certain that the information captured in
network traffic logs is reliable, and will withstand
scrutiny when used in a legal or administrative proceeding.
Students should have at least one network
certification such as Network+ or CCNA, or equivalent
The Domain Name System
Packet Capture Exercises
Normal and Malicious Activity
Traffic Analysis using TCPdump
Traffic Analysis using Ethereal
Insertion and Evasion Attacks
Examining Embedded Protocol Header Fields
Operating System Fingerprinting
Creating TCPdump Filters
Creating Ethereal Filters
Introduction to Snort
Creating Snort Rules
Formatting Rule Options
The Mitnick Attack
Calculating Attack Severity
IDS Sensor Placement
Host/Network Based IDS
Common Exploits and Their Signatures - Exercises
Packet Analysis - Exercises
Incident Response Procedures - Exercises
Your Instructors and Hosts
Steve Hailey, President and CEO of CyberSecurity Institute
Mike Andrew, Vice President of
CyberSecurity Institute - Mike's
Dates and Locations
IS CLOSED - CLASS IS FULL/PRIVATE
TO SCHEDULE PRIVATE/CORPORATE TRAINING FOR THIS
Jan 7-9 2012
CLASS IS FULL - WAITING LIST ONLY, CONTACT:
|For in-house training,
please contact us for a quote by using firstname.lastname@example.org