Join me each Tuesday as I dissect a network packet. Each packet will be examined byte by byte (sometimes bit by bit) to demonstrate interesting network protocol features, an attack, or some curiosity I came across as I traveled the packet world of modern networks.
It will be a fun, family-safe, and hopefully educational journey into the world of packets. These videos are very much inspired by SEC 503, Intrusion Detection in Depth, a class I am teaching for SANS.
The videos assume a reasonable understanding of network protocols like TCP, IPv4/6, DNS, and HTTP. Each video will include a packet capture for you to follow along. I assume that you will sometimes pause the video to follow along. Have Wireshark and tcpdump ready and some of the relevant protocol headers (see, for example, the SANS TCP/IP cheatsheet).
How can you help make this better?
You may contact me at jullrich-at-sans.edu.
Johannes B. Ullrich, Ph.D.
Dean of Research
SANS Technology Institute