Creator: Reid Gilman
License: Creative Commons: Attribution, Share-Alike, Non-Commercial (http://creativecommons.org/licenses/by-nc-sa/3.0/)
Class Prerequisites: A basic understanding of TCP/IP and OSI model, Python programming experience helps with exercises.
Lab Requirements: tcpdump, Wireshark, and ChopShop. A linux/BSD/Mac system with the previous tools is recommended (as it should come with tcpdump). The lab materials are having sensitive materials removed and will be released soon.
Class Textbook: None
Recommended Class Duration: 2 day
Creator Available to Teach In-Person Classes: Yes
Author Comments:
Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, and why to capture network traffic and what to do with it. This class covers open-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises that reinforce the material. Some of the topics include capturing packets with tcpdump, mining DNS resolutions using only command-line tools, and busting obfuscated protocols. This class will prepare students to tackle common problems and help them begin developing the skills to handle more advanced networking challenges.