Getting Started in Packet Decoding
June 8 @ 12:00 pm – 4:00 pm EDT
Instructor: Chris Brenton
Course Length: 16 Hours
Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
Note: This is a Pay-What-You-Can course. Your access to the Cyber Range will vary depending on how much you pay. (Details below.)
One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Much of this class is spent focusing on the IP, ICMP, UDP, and TCP headers. We will step through each of the fields within each header to ensure that the student understands how the data within that field plays a role in communications. This knowledge is deepened by observing the behavior in packet decodes, some of which are normal traffic while some are common attacks.
This class assumes that you are new to decoding network traffic. There are no prerequisites beyond being able to load and run a virtual machine (VM) on your system and some familiarity with working at the command line. The class is filled with hands-on exercises, many of which are walk-throughs of packet decoding tools that will guide you through the process. Full labs are then used to reinforce what you have learned.
The goal is to give the student a foundational knowledge of IP communications that they can immediately apply to their daily workflows.
Who Should Take This Course
Beginner, Junior Analysts and Network Engineers
Audience Skill Level
There are no prerequisites beyond being able to load and run a virtual machine (VM) on your system and some familiarity with working at the command line.
What Each Student Should Bring
A desire to learn and lots of questions!
About Antisyphon Training Options
Learn via live stream from instructors that are in the field utilizing the techniques they teach. Classes are split into four training days that are each four hours long. Live Online training includes six months access to dedicated class channels in the Antisyphon Discord server, six months access to live class recordings, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.
Learn at your own pace with access to course content, lectures, and demos in the Antisyphon On-demand learning platform. Most courses are offered with lifetime access to the course and content updates. All On-demand courses include content update alerts, access to dedicated support channels in the Antisyphon Discord server, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.
Pay-What-You-Can and Cyber Range Access
Cyber Range access varies depending on payment level.
|Tuition Paid||Cyber Range Access|
|Less than $295||No Cyber Range Access|
|$295+||Six Months Cyber Range Access|
|Full Price – $575||Twelve Months Cyber Range Access|
Trainer & Author
Chris Brenton, COO of Active Countermeasures, has been a leader in the IT and security industry for over 20 years. He’s a published author of multiple security books and the primary author of the Cloud Security Alliance’s online training material. As a Fellow Instructor, Chris developed and delivered multiple courses for the SANS Institute. As an alumni of Y-Combinator, Chris has assisted multiple startups, helping them to improve their product security through continuous development, and identifying their product-market fit.