Title: Chris Greer - Hands-On TCP/IP Deep Dive with Wireshark - How this stuff really works
Scheduled Date and Time (Pacific Standard): Saturday, August 12, 2023, at 1400 PDT
EventBrite Link: https://www.eventbrite.com/e/chris-g...=oddtdtcreator
Max Class Size: 80
Abstract:
Let's break out Wireshark and dig deep in to the TCP and IP protocols. This skill is critical for anyone interested in any area of cybersecurity, no matter the color of the hat. Almost all enumeration, scans, incident response, and traffic forensics require the analyst to dig into and interpret TCP conversations. When enumerating an environment, identifying key TCP/IP indicators in protocol headers can also help when passively fingerprinting systems.
In this workshop we will roll back our sleeves and learn how TCP/IP really works - the handshake, options, sequence/ack numbers, retransmissions, TTL, and much more. This workshop welcomes all cybersecurity and wireshark experience levels.
Skill Level: Beginner to Intermediate
Prerequisites for students: Just a laptop with a copy of Wireshark. I will provide the sample pcaps for analysis.
Materials or Equipment students will need to bring to participate: Laptop
Bio:
Chris Greer is a network analyst and Wireshark instructor for Packet Pioneer, a Wireshark University partner. He has focused much of his career at the transport layer, specifically TCP, specializing in how this core protocol works to deliver applications, services, and attacks between systems. Chris is a regular speaker at Sharkfest - the
Wireshark Developer and User Conference. He has presented at DEFCON and other industry conferences and regularly posts Wireshark analysis tips to his YouTube channel.
