Teel Tech’s Network Forensics Training Course enables our students to monitor and analyze computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.
Students will learn how networking works, its different components & differences, and a introduction to the three main encapsulations which they will find while analyzing. You will learn how to create a network, the impact of using VLANs vs. Netmasks, Switches, w/ port mirroring vs. tap interfaces and the main components and usages of Wireshark and tcpdump.
With this course you will be able to perform your first capture with both methods and, by using Wireshark, check the performance & benefits of each. Analyze your capture, utilize filters and identify your classmates’ device & network activity. See the main differences and fields of the most common protocols and how to identify them by using Wireshark.
Learn how to get valuable information which may identify the device and even the user from these protocols. Get exposure to the most used tools to automate the process of getting information from network traffic, knowing their limitations and how to use them to expand their Wireshark abilities.
• Eth, RAW IP
• Setup a network
How Capture Works
Day 1 & 2 Review
• Port Mirroring/TAP