|
08/06/2007, 9:00 AM - 12:00 PM
Speakers:
Laura Chappell, Founder, Sr. Protocol/Security Analyst, Wireshark University.
Gerald Combs, Director, Open Source Projects, CACE Technologies.
Presenter: Laura Chappell, Founder, Wireshark University
Introducing: Gerald Combs, Original Author of Wireshark (formerly Ethereal)
This session demonstrates forensic analysis of several compromised systems to determine the method of compromise and identify potential protection mechanisms to protect the corporate network. In this session, Laura first demonstrates using Wireshark to:
analyze backdoor communication paths
identify reconnaissance signatures (OS fingerprinting)
protocol force non-standard communications
reassemble transferred data
identify attack signatures
Hands-On Lab Portion:
Bring your charged up laptop loaded with Wireshark (formerly Ethereal) and join
us as we analyze trace files depicting security issues on the network including:
» a botnet infection
» a secret FTP connection
» questionable file downloads
» an active MitM tool (ARP poisoning)
» a network flood
» and other ugly communications
Attendees will be provided with details on acquiring the class trace files in advance of the course.
|
