Introduction to Network Packet Analysis

A guided introduction to Network Packet Analysis using TCPDump, Wireshark and Network Miner (Lab Included)

Could not make it to the KY ISSA 2016 Network Packet Analysis Workshop? No problem!. We recorded the workshop and are making it available.

This workshop is a guided introduction to using TCPDump, Wireshark and Network Miner to perform Network Packet Analysis. Those new to packet analysis will find this introduction welcoming and well-paced. Those with intermediate skills can enjoy tips on improving the process and exposure to multiple tools.

We review the basics of TCP, IP, UDP and other common networking protocols to familiarize the reader. Then we discuss several tools that are freely available, easy to use and provide excellent features. We provide an in-depth discussion of using Wireshark, Network Miner and TCPDump. For each tool, instruction is given followed by practical, real world examples using the tools.

The workshop concludes with 25 questions about 3 PCAP files included with the workshop. This exercise will check for understanding and reinforce the topics and tools.


Your Instructor


Jeremy Druin
Jeremy Druin

GISF, GSEC, GPEN, GXPN, GWAPT, GMOB, Sec+

Jeremy works as a security penetration tester, application security consultant, and defect-remediation expert for a multi-national transportation logistics company. Jeremy is also the owner of Ellipsis Information Security LLC assisting the community with security services. Additionally Jeremy develops the open-source Mutillidae 2.x training environment (https://sourceforge.net/projects/mutillidae/) and teaches on security topics.

As Director of Education for the Kentucky ISSA chapter, Jeremy presents on web application pen-testing and remediation along with operating the "webpwnized" YouTube video channel (https://www.youtube.com/user/webpwnized). Jeremy has a Bachelor in Computer Science and is a GIAC-certified Web Application, Mobile and Network Pen-Tester.


Course Curriculum


  Installing Wireshark and Network Miner
Available in days
days after you enroll
  Networking Concepts
Available in days
days after you enroll
  Using Network Packet Analysis Tools
Available in days
days after you enroll
  Lab: Review of Questions and Answers
Available in days
days after you enroll

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
If I am a beginner, will I understand the material?
We believe in you! The course has been prepared with beginners in mind, but still works up to intermediate topics and helpful tips on how to approach packet analysis. Most students will do well if they give the course a try.

Get started now!