LinuxCBT Packet | Capture | Analysis Edition is unparalleled in content, depth and expertise. It entails 8-hours, or 1-day of classroom training. LinuxCBT Packet | Capture | Analysis Edition prepares you or your organization for successfully securing GNU/Linux & Open Source-based solutions. As a by-product, many of the covered concepts, utilities and tricks are applicable to heterogeneous computing environments, ensuring your coverage of the fundamentals of securing corporate infrastructures.

Let LinuxCBT Packet | Capture | Analysis Edition cost-effectively sharpen your Packet Capture and Analysis Security skills!

Recommended Prerequisites for:

Any LinuxCBT Operating System Course (Classic/EL-4/SUSE/Debian Editions)
Open mind & determination to master Linux and related open-source applications
Basic understanding of networking concepts
Access to a PC to follow the exercises

Packet Capture Analysis Security – Module 1

Introduction – Topology – Features
Discuss course outline
Explore system configuration
Identify key network interfaces to be used for captures
Identify connected interfaces on Cisco Switch
Explore network topology – IPv4 & IPv6
Identify Ethereal installation
Enumerate and discuss key Ethereal features
Ethereal Graphical User Interface (GUI)
Identify installation footprint
Differentiate between promiscuous and non-promiscuous modes
Configure X.org to permit non-privileged user to write output to screen
Launch Ethereal GUI
Identify the primary GUI components /Packet List | Packet Details | Packet Bytes/
Discuss defaults
Explore key menu items
TCPDump | WinDump – Packet Capturing for /Linux|Unix|Windows/
Discuss defaults, features and applications
Use TCPDump on Linux to capture packets
Log traffic using default PCAP/TCPDump format
Discuss Berkeley Packet Filters (BPFs)
Capture and log specific packets using BPFs for analysis with Ethereal
Connect to Windows 2003 Server using Remote Desktop (RDesktop) utility
Install WinDump and WinPCAP on Windows 2003 Server
Identify available network interfaces using WinDump
Capture and log packets using WinDump
Capture and log specific packets using BPFs with WinDump for analysis with Ethereal
Upload captures to Linux system for analysis in Ethereal
Snort NIDS Packet Capturing & Logging
Discuss Snort NIDS’s features
Confirm prerequisites – /PCRE|LibPCAP|GCC|Make/
Download and Import Snort G/PGP key and MD5SUM for Snort NIDS
Download, verify, compile and install Snort NIDS
Discuss BPF directional, type, and protocol qualifiers
Identify clear-text based network applications and define appropriate BPFs
Execute Snort NIDS in sniffer mode with BPFs enabled to match interesting traffic
Log to the active pseudo-terminal console and examine the packet flows
Combine BPF qualifiers to increase packet-matching capabilities
Use logical operators to define more flexible BPFs
Create captures for further analysis with Ethereal
Sun Snoop Packet Capturing & Logging
Connect to Solaris 10 system and prepare to use Snoop
Draw parallels to TCPDump
Enumerate key features
Sniff and log generic traffic
Sniff and log specific traffic using filters
Sniff using Snoop, HTTP and FTP traffic
Save filters for analysis by Ethereal
Snoop various Solaris interfaces for interesting traffic
Layer-2 & Internet Control Messaging Protocol (ICMP) Captures
Launch Ethereal
Identify sniffing interfaces
Capture Address Resolution Protocol (ARP) Packets using Capture Filters
Discuss and Identify Protocol Data Units (PDUs)
Identify default Ethereal capture file
Peruse packet capture statistics
Identify Cisco VOIP router generating ARP requests
Peruse time precision features – deci – nano-seconds
Discuss time manipulations – relative to first packet – actual time
Reveal protocol information from layer-1 through 7
Identify network broadcasts in the packet stream
Generate Layer-2 ARP traffic using PING and capture and analyze results
Sniff traffic based on MAC addresses using Ethereal and Capture FIlters
User Datagram Protocol (UDP) Captures & Analyses
Discuss UDP Characteristics
Focus on Network Time Protocol (NTP)
Setup NTP strata for testing between multiple systems
Analyze NTP – UDP traffic using Ethereal
Focus on Domain Name Service (DNS)
Install a BIND DNS Caching-Only Server
Analyze DIG queries
Analyze ‘nslookup’ queries
Transmission Control Protocol (TCP) Captures & Analyses
Discuss TCP Characteristics – Connection-Oriented Services
Explain TCP connection rules – Socket creation
Sniff TCP traffic using Capture Filters in Ethereal
Use Display Filters to parse TCP traffic
Sniff FTP traffic
Reconstruct FTP flows using TCP Stream Reassembly
Differentiate between client and server flows
Quantify client and server flows
Discuss embedded Protocol Data Units (PDUs)
Sniff Internet Protocol Version 6 (IPv6) traffic
Peruse and discuss the IPv6:TCP:FTP traffic dump
Analyze TCP Sockets
Ethereal Display Filters – Post Processing Filters
o Identify previously captured – TCPDump – Ethereal – Snort – Snoop – Dumps
o Discuss features
o Explain Display Filter syntax
o Post-process previously captured traffic dumps
o Identify the various methods to exact display filters
o Filter data using the expression builder
o Filter traffic based on interesting properties
o Filter traffic using logical operators
*
* Ethereal Statistics
o Discuss features
o Explore the summary (metadata) of captured packets
o Peruse the protocol hierarchy – Layer’s 1 – 7 of OSI
o Examine network conversations of captured packets
o Identify Destinations in packet dumps
o Examine ICMP statistics
*
* Text-based Captures with Tethereal
o Discuss features and applications
o Identify ‘tethereal’ and invoke
o Enumerate network interfaces
o Sniff generic network traffic
o Suppress capture output
o Apply Capture Filters
o Capture UDP Traffic
o Capture TCP Traffic
*
* Intranet-based Captures & Analysis
o Discuss Intranet monitoring objectives
o Analyze the network topology drawing
o Discuss Unicast, Broadcast and Multicast traffic
o Discuss Switch Port Mirroring – SPAN
o Configure Port Mirroring – SPAN on Cisco Switch for interesting ports
o Dedicate a network interface for sniffing traffic
o Configure Snort NIDS to sniff traffic on dedicated network interface
o Analyze Snort NIDS captures in Ethereal
o Sniff traffic between various Intranet hosts
*
* Internet-based Captures & Analysis
o Discuss Internet monitoring objectives
o Identify key external interfaces to monitor
o Update the Port Mirroring configuration to capture Internet traffic
o Capture external traffic
o Analyze using Ethereal
*
* Wireless-based Captures & Analysis
o Discuss Wireless monitoring objectives
o Connect to remote system with wireless interface
o Enable wireless interface
o Sniff traffic on wireless network
o Analyze using Ethereal
*
* Windows-based Captures & Analysis on Windows
o Download and Install Ethereal for Windows
o Explore interface
o Load previously captured data
o Analyze data
o Compare and contrast with Ethereal for Linux|Unix systems

Download Here

Rapidshare:

http://rapidshare.com/files/328935355/LinuxCBT.part1.rar

http://rapidshare.com/files/328935072/LinuxCBT.part2.rar

http://rapidshare.com/files/328935266/LinuxCBT.part3.rar

http://rapidshare.com/files/328935415/LinuxCBT.part4.rar

OR
HotFile:

http://hotfile.com/dl/22612150/addd662/LinuxCBT.part1.rar.html

http://hotfile.com/dl/22612151/41b8d28/LinuxCBT.part2.rar.html

http://hotfile.com/dl/22612187/6899258/LinuxCBT.part3.rar.html

http://hotfile.com/dl/22612211/25ae061/LinuxCBT.part4.rar.html

OR
megaupload

http://www.megaupload.com/?d=1SI76FZG

OR
Netload:

OR

http://www.storage.to/get/QdAtjWYt/LinuxCBT.part1.rar

http://www.storage.to/get/tW5tlCqI/LinuxCBT.part2.rar

http://www.storage.to/get/98Xa0VNY/LinuxCBT.part2.rar

http://www.storage.to/get/Ac7AD92L/LinuxCBT.part3.rar

http://www.storage.to/get/sGRcN9Ys/LinuxCBT.part4.rar

OR

http://vip-file.com/download/3409.335acae2ad2ceb5edd39dca9fa/LinuxCBT.rar.html

OR

http://bitroad.net/download/07b0ea61295f2b61a6b5d964fcc7f5383/LinuxCBT.rar.html

[This hidden content is only available for our VIP member]. Become VIP Member NOW
Default Password = tactools.org
Please type it Don’t Copy & Paste
Report Dead Link Please leave a comment to report dead links, so that someone else may update new links.

Similar Posts:

None Found