Intrusion Detection Training
This course delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as DNS and HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to master different open source tools like tcpdump, Wireshark, Snort, Bro, tshark, and SiLK.
In line with this, The Institute of Forensics and ICT Security cordially invites you and your team to attend the Intrusion Detection Training
Where: Institute of Forensics and ICT Security located on 4th floor Ntinda complex, Plot 33, Ntinda road (Opp. St. Luke Church).
Fee: US$ 350 per person
You will be required to also pay $20 and this fee will get you buffet, refreshments like water and sodas, fruits and tea if needed for all the 2 days you will be training with us. Note that you can choose not to pay this fee and you will not have the above or pay for specific days, each day is $10.
- Configure and run open source Snort and write Snort signatures
- Configure and run open source Bro to provide a hybrid traffic analysis framework
- Understand TCP/IP component layers to identify normal and abnormal traffic
- Use open source traffic analysis tools to identify signs of an intrusion
- Comprehend the need to employ network forensics to investigate traffic to identify a possible intrusion
- Use Wireshark to carve out suspicious file attachments
- Write tcpdump filters to selectively examine a particular traffic trait
- Craft packets with Scapy
- Use the open source network flow tool SiLK to find network behavior anomalies
- Use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire