Getting Started in Packet Decoding

---

Course Description

One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.

Much of this class is spent focusing on the IP, ICMP, UDP, and TCP headers. We will step through each of the fields within each header to ensure that the student understands how the data within that field plays a role in communications. This knowledge is deepened by observing the behavior in packet decodes, some of which are normal traffic while some are common attacks.

This class assumes that you are new to decoding network traffic. There are no prerequisites beyond being able to load and run a virtual machine (VM) on your system and some familiarity with working at the command line. The class is filled with hands-on exercises, many of which are walk-throughs of packet decoding tools that will guide you through the process. Full labs are then used to reinforce what you have learned.

Key Takeaways

The goal is to give the student a foundational knowledge of IP communications that they can immediately apply to their daily workflows.

Who Should Take This Course

Beginner, Junior Analysts and Network Engineers

Audience Skill Level

Everyone!

Student Requirements

There are no prerequisites beyond being able to load and run a virtual machine (VM) on your system and some familiarity with working at the command line.

What Each Student Should Bring

A desire to learn and lots of questions!

---

Pay-What-You-Can and Cyber Range Access

Cyber Range access varies depending on payment level.

Tuition Paid	Cyber Range Access
Less than $295	No Cyber Range Access
$295+	Six Months Cyber Range Access
Full Price – $575	Twelve Months Cyber Range Access

---

Trainer & Author

---