Presented By:David Burkett

We'll cover some really basic stuff to a bit more advanced:

• How full packet capture is typically done
• What Netflow is and how it is typically used
• How Network IDS's typically work
• The anatomy of a Snort rule
• Basic Wireshark
• PCAP Analysis over PCAP Samples that contain actual malware traffic
• How to investigate NIDS alerts without Full PCAP

The only requirement to follow along (Highly recommended! It's the best way to learn!) is an Ubuntu 18.04 or newer Virtual Machine with a minimum of 2 Gig of memory. (More memory is better)