Overview:
Do you want to do something with Ethereal/Wireshark besides inspecting normal traffic? Do you want to learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen? Are you ready for technical, packet-centric training that really matters? If your answer to any of these questions is yes, join Richard Bejtlich for TCP/IP Weapons School, Black Hat Edition. We will walk up the layers of the OSI model, examining packet traces that detail the various ways attackers abuse core TCP/IP functionality. For example, have you seen an attack against a Windows service fragmented at the IP, TCP, SMB, and DCE-RPC levels? After this class you will not only know how this occurs and what it looks like, but you will have replicated and extended it.
Layer 2
Course Structure
This is a two-day course that augments hands-on inspection of packet traces with select labs. Students will receive a VMware virtual machine with select tools and traffic. This is an advanced packet analysis class for students who wish to detect and respond to security events.
Who Should Attend
This class is perfect for a security analyst or networking person who knows networking to some degree but wants to really know what is happening and how these attacks look on the wire.
Course Length: Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered. You must provide your own laptop.
Early:
Ends |
Regular: |
Late/Onsite: |
$ USD |
$ USD |
$ USD |