- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
select a course
Redondo Beach, CA - August 27 - September 2, 2006
- Vendor Events
- Special Events
- SANS @Night
- Brochure (PDF)
The fire hose strikes again! My brain hurts!
-Dean Farrington, Wells Fargo
Security 452
3 Hour Course
(Portal Account Required)
For GIAC STAR
If you register for the full course, you may register to seek your STAR .
Online exam issued with 4-month deadline 7-10 days following conference.
Additional information:
STAR Information
GIAC FAQ
Fee Information
IP Packet Analysis
Saturday, September 2, 2006 : 1pm - 5pmJames Shewmaker, SANS Certified Instructor
3 CPE Credits
Knowing how to decode network traffic is a skill requirement for any serious network or information security administrator. Being able to decode the bits and bytes that represent our mission-critical networks will give you the skills to identify malicious activity, troubleshoot network failures, and analyze other desirable or undesirable network events. This Stay Sharp class will give you the skills necessary to decode network traffic with open-source tools available for Unix and Windows systems. You'll be able to adapt these skills to meet the demanding requirements of your network, giving you a fundamental skill in analyzing current or future network protocols. The tools covered in this class are: Windump/Tcpdump, Ethereal and Ngrep. Students are expected to be generally familiar with TCP/IP at the theoretical level. If you are not familiar with TCP/IP, we recommend you read the following documents before attending:
Who should attend this course?
- **IDS, firewall, and network administrators looking to learn packet decoding skills **Analysts looking to learn new techniques in packet analysis **Network administrators and operations professionals seeking a deeper understanding of network analysis techniques
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy