I’ve been browsing the Laura Chappell site https://chappellu.com/home.jsp - also
seems intriguing and cost effective.
Anyone in this forum actually subscribe to that service and, if
so, is the material & cost worthwhile?
Thanks,
-Samson
From:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Samson
Martinez
Sent: Wednesday, July 15, 2009 10:11 AM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Network Analysis Training
Just reviewed the data on the SANS site – looks very intriguing.
Thanks…
-Samson
From:
wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx]
On Behalf Of shartman@xxxxxxxxxxxxxxxxxxxxx
Sent: Tuesday, July 14, 2009 8:08 PM
To: Community support list for Wireshark
Subject: Re: [Wireshark-users] Network Analysis Training
If you are really set on taking a course, I would recommed the
SANS 503 - Intrusion Detection in Depth. Basically this whole course is packet
analysis looking for malicious activity. I took the course a couple years ago
have used it many times to troubleshoot network problems. I will warn you
though it is not for the faint of heart, it is very technical and very intense.
-------- Original Message --------
Subject: Re: [Wireshark-users] Network Analysis Training
From: Hansang Bae <for_list_hbae@xxxxxxxxxx>
Date: Tue, July 14, 2009 1:27 pm
To: Community support list for Wireshark
<wireshark-users@xxxxxxxxxxxxx>
Samson Martinez wrote:
> Hello folks,
> I’m thinking about taking some network analysis training sometime during
> this year and was wondering if anyone that participates in this forum
> had taken similar formal training and, if so, if they were satisfied
> with the results. Or is this more of a “better off learning through
> school of hard knocks” type of knowledge?
I think it depends on your level of comfort with Ethernet/TCP/IP. I'm
assuming here that's what you're interested in. The problem with
protocol analysis classes that I've seen or saw online, were that they
were very basic. Even the classes defined as "expert" weren't so
expert
level. Herein lies the problem. How do you classify "expert"
"medium"
"beginner"?
My recommendation would be to read as much as you possibly can to absorb
the academic parts of the protocol. Comer and Stevens are both great
books to start with. Then you can move on to general networking topic
from the likes of Computer Networks by Tanenbaum or
Interconnections...by Perlman.
Once you have the fundamentals, you can tackle troubleshooting and
learning to read trace files. There's still a lot of "art" than
"science" in doing protocol analysis.
Finally, check out the sharkfest presentations as you can pick up a lot
of good tips/tricks of the trade.
--
Thanks,
Hansang
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
|