All prices exclude VAT
The course language is Polish. English can be provided.
Last updated
Course Code
nettbswsadv
Duration
21 hours
Remote: 3 or 6 days
Onsite: 3 days
Requirements
In-depth knowledge of the TCP/IP protocol stack, along with participating in the “Basic Network Troubleshooting using Wireshark” course or equivalent knowledge. The participants should bring their laptops with Wireshark software (free download from the site - www.wireshark.org)
Overview
This course is a continuation of the "Basic Network Troubleshooting Using Wireshark" course, and comes to provide the participants with advanced capabilities for network troubleshooting. The course provides an in-depth knowledge of network behaviour and problems, along with the capabilities to isolate and solve security and advanced applications problems. The course is based on theory, class exercise and labs.
Course Outline
- Command-Line Tools and How to Use Them
- TShark and Dumpcap Command-Line Tools
- Capinfos Command-Line Tool
- Editcap Command-Line Tool
- Mergecap Command-Line Tool
- Text2pcap Command-Line Tool
- Split and Merge Trace Files
- Advance usage of Capture and Display Filters
- Writing advanced Capture filters scripts
- Writing Advanced Display filters
- Using triggered filters
- The Expert System Advance Usage
- Dealing with congestion - shattered windows and flooding
- Baseline network communications
- Unusual network communications
- Vulnerabilities in the TCP/IP resolution process
- Lab exercises and case studies
- Who is talking?
- Port Scans
- Mutant Scans
- IP Scans
- Application Mapping
- OS Fingerprinting
- Lab exercises and case studies
- VoIP Analysis
- SIP analysis and troubleshooting
- RTP, RTCP and media analysis
- Creating VoIP filters and analysis profiles
- Lab exercises and case studies
- Applications Analysis and Troubleshooting
- HTTP analysis and troubleshooting
- FTP analysis and troubleshooting
- DNS operation and troubleshooting
- Video transmission analysys
- Databases network-related problems
- Network Security and Forensics Basics
- Gather information – what to look for
- Unusual traffic patterns
- Complementary tools
- Detecting Security Suspicious Patterns
- MAC and IP address spoofing
- Attacks signatures and signature locations
- ARP poisoning
- Header and sequencing signatures
- Attacks and exploits
- TCP splicing and unusual traffic
- DoS and DDoS Attacks
- Protocol scans
- maliciously malformed packets
- Lab exercises and case studies
Testimonials
We also do Consultancy!
We work with leading clients across a wide range of technologies!
Reach out for Project | Staff Enhancement | System Audit Consulting