ANSAW – Advanced Network/Security Analysis with

Home » ANSAW – Advanced Network/Security Analysis with

Description

The Course Name: ANSAW – Advanced Network/Security Analysis with WireShark

The Duration: 5 Days

The Overview:

The purpose of this course is to teach participants how to make advanced level Network & Security Analysis with using WireShark solutions.

What You Will Learn:

  • How to use advanced Network Analysis methodologies
  • How to use open-Source Network Analysis Tools    
  • How to troubleshoot network issues               
  • Security threat recognition

The Course Index:

1. Advanced Network Analysis methodologies

  • The expert system window and how to use it for network troubleshooting                
  • Error events
  • Warning events
  • Note events

2. Open-Source Network Analysis Tools                              

  • Tcpdump
  • Windump
  • Tshark
  • Capinfos
  • Rawshark
  • Editcap                         
  • Mergecap              
  • Text2Pcap
  • Reordercap

3. Troubleshooting network issues

  • Troubleshooting slow Internet and network latencies
  • Troubleshooting bottleneck issues
  • Discovering broadcast and error storms
  • Analyzing spanning tree problems
  • Analyzing VLAN tagging issues
  • ICMP(v4/v6) troubleshooting
  • Analyzing IP fragmentation failures
  • Troubleshooting application-based issues
    •  Troubleshooting DNS performance
    • Analyzing DNSSEC
    • Analyzing problems in the NetBIOS/SMB protocols
    • Analyzing POP, IMAP, and SMTP problems
    • Analyzing FTP problems
    • Analyzing HTTP problems
    • Wireshark functions for analyzing HTTPS traffic
    • Wireshark features for RTP stream analysis and filtering
    • Wireshark feature for VoIP call replay.       
  • Wireless radio issues, analysis, and troubleshooting
    • Zero wireless connectivity
    • Poor or intermittent wireless connectivity
  1. Security threat recognition
  • Methodology of attack                                                           
  • Common network attacks
    • Spoofing
    • DoS and DDoS
    • Botnet
  • Discovering unusual traffic patterns                                
  • Discovering MAC-based attacks                        
  • ARP attacks and mitigations
    • ARP poisoning and man-in-the-middle attacks
    • Gratuitous ARP
    • ARP sweep-based DoS attacks
  • Analyzing half-open scan
  • ICMP attacks and mitigations
    • Ping sweep attack
    • Discovering ICMP scans
    • ICMP flood attack
    • ICMP smurf attack
  • IP TTL failures and attacks
  • Discovering DoS and DDoS attacks
  • Discovering smart TCP attacks
  • Analyzing brute force attacks
  • Case study 1. Remote access
  • Case Study 2. Image
  • Case Study 3. VoIP