Course Outline

  • Command-Line Tools and How to Use Them
  • TShark and Dumpcap Command-Line Tools
  • Capinfos Command-Line Tool
  • Editcap Command-Line Tool
  • Mergecap Command-Line Tool
  • Text2pcap Command-Line Tool
  • Split and Merge Trace Files
  • Advance usage of Capture and Display Filters
  • Writing advanced Capture filters scripts
  • Writing Advanced Display filters
  • Using triggered filters
  • The Expert System Advance Usage
  • Dealing with congestion - shattered windows and flooding
  • Baseline network communications
  • Unusual network communications
  • Vulnerabilities in the TCP/IP resolution process
  • Lab exercises and case studies
  • Who is talking?
  • Port Scans
  • Mutant Scans
  • IP Scans
  • Application Mapping
  • OS Fingerprinting
  • Lab exercises and case studies
  • VoIP Analysis
  • SIP analysis and troubleshooting
  • RTP, RTCP and media analysis
  • Creating VoIP filters and analysis profiles
  • Lab exercises and case studies
  • Applications Analysis and Troubleshooting
  • HTTP analysis and troubleshooting
  • FTP analysis and troubleshooting
  • DNS operation and troubleshooting
  • Video transmission analysys
  • Databases network-related problems
  • Network Security and Forensics Basics
  • Gather information – what to look for
  • Unusual traffic patterns
  • Complementary tools
  • Detecting Security Suspicious Patterns
  • MAC and IP address spoofing
  • Attacks signatures and signature locations
  • ARP poisoning
  • Header and sequencing signatures
  • Attacks and exploits
  • TCP splicing and unusual traffic
  • DoS and DDoS Attacks
  • Protocol scans
  • maliciously malformed packets
  • Lab exercises and case studies

Requirements

In-depth knowledge of the TCP/IP protocol stack, along with participating in the “Basic Network Troubleshooting using Wireshark” course or equivalent knowledge. The participants should bring their laptops with Wireshark software (free download from the site - www.wireshark.org)
  21 Hours
 

Need help picking the right course?
Call us +971 4871 6715

Testimonials

First of all it was very interesting practically for all topics covered by this training. Well balanced with theory, practise labs and breaks. Some of tips and tricks I have introduced to my work yet.

Dawid Woźny - Martyna Antonowicz, ATOS PGS sp. z o.o.

Course was very interesting and help me understood thoroughly protocols construction. I am very glad that i attended with this course.

Martyna Antonowicz, ATOS PGS sp. z o.o.

That the Wojciech Wójcik knowledge is really huge.

Kornel - Martyna Antonowicz, ATOS PGS sp. z o.o.

trainer listen to participants

Bartosz - Martyna Antonowicz, ATOS PGS sp. z o.o.

The exercises and analysis portion is very enriching and enlightening.

MINDEF

The network forensics portion to identify unusual network traffic and possible attacks through investigation of pcap files.

MINDEF

Related Courses

Basic Network Troubleshooting Using Wireshark

  21 hours
The purpose of the course is to provide the participant with basic knowledge of the Wireshark protocol analyzer. The course focuses on deep understanding of the tool, as the basics for using it for network troubleshooting. The course starts with
Read More...

Understanding Multicast using IPv4

  21 hours
Transport of baseband audio and video streams across IP networks using multicast signalling protocols is becoming increasingly used in broadcast networks. This 3 day course/workshop covers the theory and practice of implementing these protocols
Read More...

Network Troubleshooting with Wireshark

  21 hours
Network packet analysis is a technique used to view, in real time, the raw data sent and received over a network interface. This is useful for troubleshooting network configuration and network application problems. Wireshark is a free open source
Read More...

Advanced Network Troubleshooting with Wireshark

  21 hours
Wireshark is a free open source packet analyzer used for troubleshooting network issues. Network packet analysis is a technique used to view, in real time, the raw data sent and received over a network interface. This is useful for troubleshooting
Read More...

TCP/IP Network Traffic Analysis with Wireshark

  35 hours
Wireshark is a free open source packet analyzer used for troubleshooting network issues. Network packet analysis is a technique used to view, in real time, the raw data sent and received over a network interface. This is useful for troubleshooting
Read More...

Practical TCP/IP

  28 hours
This 4 day course involves a mixture of expository based (utilising protocol analyser traces where appropriate) and practical experiments to test and verify the operation of TCP/IP networks. The major aspects of the TCP/IP protocol stack are
Read More...

Understanding IPv6

  14 hours
A 2 day theoretical course (with some practical demonstrations) covering the fundamentals of Internet Protocol v6 – including addressing, protocol formats, ICMP v6, discovery processes and IP v6 routing. Audience: Network Planners,
Read More...

Understanding IPSec VPNs

  14 hours
This 2 day course investigates the theory and technology associated with IPSec VPN’s.VPN’s are setup using Cisco IOS Routers and ASA Firewalls using the web interface. The workings of the protocols are examined using debug commands and
Read More...

Cisco CCNA Syllabus in 5 Days

  35 hours
A 5 day practical networking course designed to familiarise students with Cisco IOS (version 12). The course details the key commands used to configure and secure Cisco routers and switches, and covers the CCNA syllabus - including wired and
Read More...

DNS and BIND: Setting Up, Managing and Securing Your DNS Server

  14 hours
DNS (domain name system) is the "phone book" of the internet, providing a directory of computer names and their IP addresses. BIND is the most common Linux implementation of DNS. When you open a website or send and receive an email, a DNS
Read More...

Shadowsocks: Set Up a Proxy Server

  7 hours
Shadowsocks is an open-source, secure socks5 proxy. In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy. By the end of this training, participants will be able
Read More...

Metro-Ethernet Service and Troubleshooting

  28 hours
This 4 day coursework is intended for Telecom management and technology professionals who have to maintain MetroEthernet services across the globe. The course introduces all the prevailing standards, Troubleshooting guides, vendor options and
Read More...

VoIP with Cisco CallManager Express

  35 hours
VoIP (Voice over Internet Protocol) is a technology that makes it possible for users to make voice calls over an Internet connection instead of through a regular phone line. In this instructor-led, live training, participants will learn how to
Read More...

Tinc VPN

  14 hours
Tinc VPN is an open source peer-to-peer virtual private network (VPN) daemon that is compatible with most operating systems. Tinc VPN makes use of tunneling and encryption to build a secure private network between hosts. In this instructor-led,
Read More...

Understanding Modern Information Communications Technology

  7 hours
Read More...