Geek Trak
Geek Trak Fall 2020
Sunday, October 25-Wednesday, October 28 10/25/2020 1:00 PM to 4:00 PM
Wireshark (Fall Geek Trak 2020)
Wireshark is one of the most popular and powerful tools used for network analysis today. Whether it be for network troubleshooting or security analysis, Wireshark provides meaningful and actionable insight to what is going on within your network environment. This workshop focuses on the skills and knowledge required to analyze network traffic using Wireshark by immersing participants in techniques for sniffer deployment, capturing and analyzing normal network traffic and producing and analyzing malicious network traffic. Each section includes real world exercises to apply concepts learned. The following is the outline overview and schedule for the workshop:
Day One
Sunday, October 25, 2020
1:00 PM to 5:00 PM
Section 1: Workshop Overview and Orientation
This section introduces participants to the workshop by ensuring everyone has access to the workshop material and lab environment. This section also starts the overall discussion on Wireshark.
Section Outline:
- Verifying Material Access
- Lab Environment Orientation
- Wireshark Overview
Day Two
Monday, October 26, 2020
9:00 AM to 12:00 PM
Lunch Break 1:00 PM to 4:00 PM
Section 2: Sniffer Deployment
This section explores techniques on using Wireshark to capture network segment traffic.
Section Outline:
Wireshark Installation and Usage
TAPs\SPAN Ports
Filters
Day Three
Tuesday, October 27, 2020
9:00 AM to 12:00 PM
Lunch Break 1:00 PM to 4:00 PM
Section 3: Capturing and analyzing TCP/IP traffic
This section explores techniques on how to use Wireshark to analyze both live and pre-made captures of core network protocols.
Section Outline:
Breakdown of TCP/IP Model using Wireshark
Analyzing Network Protocols
Day Four
Wednesday, October 28, 2020
9:00 AM to 12:00 PM
Lunch Break 1:00 PM to 4:00 PM
Section 4: Investigating malicious activity
This section explores techniques on how to use Wireshark to analyze both live and pre-made captures of malicious network traffic.
Section Outline:
Producing Attack Traffic
Analyzing Attack Traffic
Participants’ systems should have at least 16GB of memory, preferably more. Although it is not required, participants can improve overall workshop experience with a two-screen setup.