CanSecWest: Security Masters Dojo Vancouver
Course: TCP/IP In-Depth Training
Instructor:
Andrea Barisani <andrea@inversepath.com> (Inverse Path)
Register for this course.
Description
Fully understanding how TCP/IP works is a must-have skill for anyone involved in IT security, this course will teach you everything about the TCP/IP protocol suite and its security concerns and implications.
You will learn all the gory details about the packets that are exchanged whether you browse, send emails, DDoS your friends, ARP spoof or hijack connections. You will learn how to sniff, decode and understand packet traces and attack patterns, how to craft packets for good and evil using specific tools, how to defend the networks you manage by deploying firewalls and Intrusion Detection Systems.
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
Topics
You'll learn:
- TCP/IP protocol suite and related protocols
- sniffing with tcpdump, Wireshark and other specialized tools
- network scanning and system fingerprinting
- common attack patterns
- packet crafting tools
- purpose-specific tools for session hijacking, DoS'ing and much more
- advanced firewalling and Network Intrusion Detection System deployment
Prerequisites
- basic command line proficiency on *NIX systems
Prerequisite material
- Each student must bring his own laptop running a modern and up to date Linux distribution, capable of compiling without problems.
- Needless to say a working network adapter (along with a IPv4 TCP/IP) stack is required.
