Select either "2 Days of TROOPERS Trainings" or "All inclusive" package to register for our two-day Network Forensics training.
Erik is the creator of NetworkMiner and an experienced incident handler who has specialized in the field of network forensics.
Our two-day Network Forensics class consists of a mix of theory and hands-on labs, where students will learn to analyze Full Packet Capture (FPC) files. The scenarios in the labs are primarily focused at network forensics for incident response, but are also relevant for law enforcement/internal security etc. where the network traffic of a suspect or insider is being monitored.
Day 1 - Theory and Practice using Open Source Tools
Day 2 - Advanced Network Forensics using Netresec Tools
The scenario used in the class involves a new progressive Bank, which provides exchange services for Bitcoin and Litecoin. We've set up clients and a server for this bank using REAL physical machines and a REAL internet connection. All traffic on the network is captured to PCAP files by a SecurityOnion sensor. In the scenario this bank gets into lots of trouble with hackers and malware, such as:
Class attendees will learn to analyze captured network traffic from these events in order to:
Q: Who should attend?
A: Anyone who want to improve their skills at finding evil stuff in full content packet captures.
Q: Who should NOT attend?
A: Those who are afraid of using Linux command line tools.
Attendees will need to bring a laptop that fits the following specs:
Please note that having a 64-bit CPU and a 64-bit OS is not always enough to support 64-bit virtualization. You might need to enable features such as ”AMD-V”, ”VT-x” or ”Hyper-V” in BIOS in order to run virtual machines in 64-bit mode. You might also need to turn off "Intel Trusted Execution" in BIOS. One way to verify that your laptop supports 64-bit virtualization is to download the SecurityOnion ISO and see if it boots up in VirtualBox.
Would you like to get notified about future training events? Simply send an email to email@example.com letting us know that you would to receive an email when we have scheduled a new training event.