ANSAW – Advanced Network/Security Analysis with

Description

The Course Name: ANSAW – Advanced Network/Security Analysis with WireShark

The Duration: 5 Days

The Overview:

The purpose of this course is to teach participants how to make advanced level Network & Security Analysis with using WireShark solutions.

What You Will Learn:

The Course Index:

1. Advanced Network Analysis methodologies

2. Open-Source Network Analysis Tools

3. Troubleshooting network issues

Troubleshooting slow Internet and network latencies
Troubleshooting bottleneck issues
Discovering broadcast and error storms
Analyzing spanning tree problems
Analyzing VLAN tagging issues
ICMP(v4/v6) troubleshooting
Analyzing IP fragmentation failures
Troubleshooting application-based issues
- Troubleshooting DNS performance
- Analyzing DNSSEC
- Analyzing problems in the NetBIOS/SMB protocols
- Analyzing POP, IMAP, and SMTP problems
- Analyzing FTP problems
- Analyzing HTTP problems
- Wireshark functions for analyzing HTTPS traffic
- Wireshark features for RTP stream analysis and filtering
- Wireshark feature for VoIP call replay.
Wireless radio issues, analysis, and troubleshooting
- Zero wireless connectivity
- Poor or intermittent wireless connectivity

Methodology of attack
Common network attacks
- Spoofing
- DoS and DDoS
- Botnet
Discovering unusual traffic patterns
Discovering MAC-based attacks
ARP attacks and mitigations
- ARP poisoning and man-in-the-middle attacks
- Gratuitous ARP
- ARP sweep-based DoS attacks
Analyzing half-open scan
ICMP attacks and mitigations
- Ping sweep attack
- Discovering ICMP scans
- ICMP flood attack
- ICMP smurf attack
IP TTL failures and attacks
Discovering DoS and DDoS attacks
Discovering smart TCP attacks
Analyzing brute force attacks
Case study 1. Remote access
Case Study 2. Image
Case Study 3. VoIP