Welcome    Why?    Training    Games    ChangeBlog    External Resources    Submit Content

 

Pcap Analysis & Network Hunting

Creator:     Reid Gilman


License:    Creative Commons: Attribution, Share-Alike, Non-Commercial

(http://creativecommons.org/licenses/by-nc-sa/3.0/)


Class Prerequisites: A basic understanding of TCP/IP and OSI model, Python programming experience helps with exercises.


Lab Requirements: tcpdump, Wireshark, and ChopShop. A linux/BSD/Mac system with the previous tools is recommended (as it should come with tcpdump). The lab materials are having sensitive materials removed and will be released soon.


Class Textbook: None


Recommended Class Duration: 2 day


Creator Available to Teach In-Person Classes: Yes


Author Comments:


Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, and why to capture network traffic and what to do with it.  This class covers open-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises that reinforce the material.  Some of the topics include capturing packets with tcpdump, mining DNS resolutions using only command-line tools, and busting obfuscated protocols.  This class will prepare students to tackle common problems and help them begin developing the skills to handle more advanced networking challenges.



Class Materials


Slides (91 slides)


Sanitized lab materials coming soon




Revision History:


07-08-2013 - Initial class content upload


If you have used and modified this material, we would appreciate it if you submit your modified version for publishing here, so that all versions can benefit from your changes.