- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Orlando, FL - December 3 - 6, 2007
- Hotel & Travel Info
- Faculty
- Vendor Expo
- General Info
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
After 9 years of doing forensics work and 14 seminars/conferences on computer forensics, this is proving to be the best.
-Frank Grindstaff, Home Depot
Additional Summit Offered in Orlando: Additional Summit sessions are available in Orlando on December 3-4. Please visit the WhatWorks in Stopping Data Leakage and Insider Threat Summit 2007 page for more information.
Security 452
3 Hour Course
(Portal Account Required)
For GIAC STAR
If you register for the full course, you may register to seek your STAR .
Online exam issued with 4-month deadline 7-10 days following conference.
Additional information:
STAR Information
GIAC FAQ
Fee Information
About
SANS WhatWorks Summit Series
The SANS WhatWorks Summit Series brings together the thought leaders of the industry...
>> Read More
IP Packet Analysis
Thursday, December 6, 2007 : 9am - 12:15pmKevin Johnson, SANS Certified Instructor
3 CPE Credits
Knowing how to decode network traffic with tools is a necessary skill for any serious network or information security administrator. Being able to decode the bits and bytes that represent your mission-critical networks gives you the skills to identify malicious activity, troubleshoot network failures, and analyze other desirable or undesirable network events.
This Stay Sharp class will give you the basic skills to decode network traffic with open-source tools available for Unix and Windows systems. You'll be able to use a better understanding of your network traffic and these basic skills to analyze current or future network protocols. The tools covered in this class are: Windump/Tcpdump, Wireshark and Ngrep. The first module of this course covers a basic review of the IP and TCP headers and students are expected to be generally familiar with TCP/IP at the theoretical level. If you are not familiar with TCP/IP, we recommend you read the following documents before attending:
Who should attend this course?
- DS, firewall, and network administrators who want to learn packet decoding skills
- Analysts interested in learning new techniques in packet analysis
- Network administrators and operations professionals seeking a deeper understanding of network analysis techniques
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy