INTRODUCTION

The course provides technical knowledge and information necessary to detect security anomalies and to be able to defend your network from potential attacks.

OBJECTIVES

The most used application protocols and the most widespread open tools will be treated, the aim is to be able to understand and examine network traffic and highlight any signs of an intrusion.

PREREQUISITES

Network administration experience, protocols and application concepts

COURSE OUTLINE

Introduction

• Detection e prevention concept

TCP/IP Protocols

• TCP
• UDP
• ICMP
• ARP
• DNS

Concepts

• Layer 2
• Layer 3
• Packet Header

Analysis tool

• TCPDUMP/Windump
• Wireshark

Lab

• Prerequisites
• First part preparation
• Wireshark lab

IDS/IPS

• IDS e IPS
• Typologies
• Implementation strategies
• Commercial IDS and Free
• Snort in depth
• Snort Labs
• Questions