Network Defense
Subject Area
Learning Resources
Learn more by checking out these great sites.
Flow Analysis & Network Hunting
learning-resource
This course focuses on network analysis and hunting of malicious activity from a security operations center perspective. We will dive into the netflow strengths, operational limitations of netflow, recommended sensor placement, netflow tools, visualization of network data, analytic trade craft for network situational awareness and networking hunting scenarios.
Visit WebsiteFlow Analysis & Network Hunting - Video Playlist
learning-resource
A YouTube playlist of the opensecuritytraining.info Flow Analysis & Network Hunting course. This course focuses on network analysis and hunting of malicious activity from a security operations center perspective. We will dive into the netflow strengths, operational limitations of netflow, recommended sensor placement, netflow tools, visualization of network data, analytic trade craft for network situational awareness and networking hunting scenarios.
Visit WebsiteIntroduction To Network Forensics
learning-resource
This is a mainly lecture based class giving an introduction to common network monitoring and forensic techniques. This class is meant to be accompanied by lab exercises to demonstrate certain tools and technologies, but the lab exercises are not absolutely necessary to convey the operating concepts.
Visit WebsiteOffensive, Defensive, and Forensic Techniques for Determining Web User Identity
learning-resource
This course looks at web users from a few different perspectives. First, we look at identifying techniques to determine web user identities from a server perspective. Second, we will look at obfuscating techniques from a user whom seeks to be anonymous. Finally, we look at forensic techniques, which, when given a hard drive or similar media, we identify users who accessed that server.
Visit WebsitePcap Analysis & Network Hunting
learning-resource
Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, and why to capture network traffic and what to do with it. This class covers open-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises that reinforce the material. Some of the topics include capturing packets with tcpdump, mining DNS resolutions using only command-line tools, and busting obfuscated protocols. This class will prepare students to tackle common problems and help them begin developing the skills to handle more advanced networking challenges.
Visit WebsiteThe Cuckoo's Egg Decompiled Course
learning-resource
In the 1980’s, Cliff Stoll discovered a $0.75 accounting error on the computer systems he managed at Lawrence Berkeley Laboratory. This small discovery would eventually lead him on the year-long pursuit of a group of five KGB sponsored hackers who managed to access numerous US government and military networks. His story has inspired countless people to pursue the profession of information security. The Cuckoo’s Egg Decompiled is a free online course designed to provide an introduction to information security, as told through the lens of Cliff Stoll’s “The Cuckoo’s Egg” book.
Visit WebsiteVideo Playlist: Offensive, Defensive, and Forensic Techniques for Determining Web User Identity
learning-resource
A Youtube playlist of the OpenSecurityTraining.info 'Web User Identity' course being delivered. This course looks at web users from a few different perspectives. First, we look at identifying techniques to determine web user identities from a server perspective. Second, we will look at obfuscating techniques from a user whom seeks to be anonymous. Finally, we look at forensic techniques, which, when given a hard drive or similar media, we identify users who accessed that server.
Visit Website