Network Traffic Analysis with Wireshark Training (NTA01)
Highlights:
70% Hands-On Training, geared to give you experience
Exciting Capture-the-Flag challenges, based on realistic packet captures
Focus on methodology to remove the noise and analyze pertinent traffic
Expert Trainers with Real-World Experience
Available Live Online or Live In-Person
This packet analysis course focuses on capturing, filtering, and analyzing network traffic to identify security vulnerabilities, track down network intrusions, troubleshoot network issues, and perform network forensics. The course includes real-world, hands-on scenarios featuring packet captures from network attacks and forensics investigations. Attendees will learn how to reconstruct network intrusions and extract information, such as credentials, images, malware, and Indicators of Compromise (IOCs) from packet capture files. Attendees will also learn how to piece together and extract network evidence and tie the evidence to a suspect. Wireshark is the primary tool used throughout this course, but other tools and techniques are covered as well.
Who Should Attend
Do you...
Perform malware analysis
Perform penetration testing
Care if someone is a Man-In-The-Middle (MITM), sniffing your traffic at Starbucks, the hotel, etc.
Troubleshoot network applications or network latency
Track down infected users and top bandwidth consumers
Perform incident response
Want to know if you are infected with malware
If any of the above apply to you, you should attend the course.
Prerequisites
General knowledge of TCP/IP, networking, and the OSI Model. Exposure to networking protocols and technologies such as DNS, DHCP, ICMP, FTP, HTTP, SMTP, and ARP.
OVERVIEW
Network and Traffic Analysis Basics
Wireshark Overview and Use
Working with Captured Packets – Lower-Level Protocols
Working with Captured Packets – Higher-Level Protocols
Basic Real World Scenarios
Protocol Dissection
Topics Covered
TCP Flags
Wireshark
IPv4
IPv6
ARP
DHCP
ICMP
DNS
SMTP
FTP
TFTP
HTTP
HTTPS
Wireshark Filtering
Wireshark Colorization
Wireshark Statistics
Trace File Formats
Network Miner
Exporting Objects
Packet Capture Data Extraction
Base64
GeoIP
Social Media
Browser Credentials
HTTP Methods
HTTP User-Agents
SSL/TLS
Network and Packet Analysis
OSI Model
Sniffing Techniques
Packet Analyzers
Clear Text Protocols
Man-In-The-Middle (MITM)
Unicast Traffic
Broadcast Traffic
Multicast Traffic
TCP
UDP
Ports
Control Channels
Data Channels
Covert Channels
Wireshark Searches
Wireshark Streams
Wireshark Profiles
Capture Filtering
Display Filtering
Encryption
Encoding / Decoding
Network Traffic Analysis Methodology
Protocol Dissection
HTTP Cookies
Protocol Decoding
Layer 2 Man-In-The-Middle (MITM) Attack Packet Capture
Wireshark Course Duration
3 days
Continuing Education Credits
21
Locations
Wireshark training located in O'Fallon, Illinois, close to Scott Air Force Base and St. Louis
Our Network Traffic Analysis with Wireshark course is offered less than 15 minutes from downtown St. Louis at our O'Fallon, Illinois training facility, located at:
7 Eagle Center, O'Fallon, IL 62269
“Gained a better understanding of Wireshark by using many examples.”
We also offer private onsite courses, at your location. We love to travel and will gladly send a trainer to your location. Please Contact Us for more information.
FORMAT
Live, Instructor-Led Training with a dynamic trainer that is a cybersecurity professional. Instructors have real-world experience with the material covered in the course.
Schedule
March 11-13 (M-W), 8:30am - 4:30pm, 2019
May 28-30 (T-Th), 8:30am - 4:30pm, 2019