I’m really excited to announce that I will be teaching the SANS Stay Sharp: IP Packet Analysis training course here on the Mississippi State Campus, in cooperation with the Center for Computer Security Research. This will take place on Thursday, May 10th, from 6 to 9 PM. You can find out more information about the class and how to register here.
The class is an excellent introduction to getting your hands dirty with analyzing pcap dumps with various tools, and even how to do it manually. I feel that the latter is very important when you first learn about the various protocols involve, and comes in very handy when you eventually run across packets that are either malformed or part of a protocol you aren’t familiar with yet. It’s a useful skill that will come in handy not only in incident response, but also in writing custom rules for firewalls and intrusion detection systems.
If you sign up, be sure to tell them that Wesley McGrew referred you . I’m looking forward to meeting the attendees and making it an enjoyable and educational experience. I’d like for everyone to be able to walk away with techniques they can immediately apply.
As a final note, it is likely that my wife will be making some of the sweets available as refreshments. Those of you who have experienced Crystal’s baking can vouch that it’s worth the price of admission for this reason alone.