An intensive 3-day hands-on technical training session
April 17th, 2007
Date: 25th, 26th & 27th June 2007 (3-days)
Time: 0900 - 1800
Venue: THE ANDAMAN, Langkawi, Malaysia
Trainers: Meling Mudin (spoonfork) & Lee Chin Sheng (geek00l)
Cost:
USD1499/MYR5099 (early bird - register before 17th May 2007)
USD1899/MYR6399 (normal price)
Note: The cost DOES NOT INCLUDE HOTEL ACCOMMODATION AT THE ANDAMAN! This course is HRDF CLAIMABLE and all lunch and coffee breaks will be provided. A certificate of attendance is provided and attendees are expected to bring their own laptops.
Overview
Keeping track of network activities can be considered as one of the most complex and time-consuming job. Anything can just happen in a milisecond without notice.
We can’t look at every single network activity, and because of this, malicious activities go unnoticed. The internet is never a utopia as many malicious attackers are targeting different networks with different kind of intentions. Network scanning, worms spreading, email spamming and other kind of malicious activities happen every now and then. Hence that raise a question: How can we monitor network security by collecting the necessary network data and identify network threats that are happening in our network?
To battle against all the network threats, we will deliver Network Security Monitoring concept, we will show you how to build, deploy and manage NSM (Network Security Monitoring) architecture. Besides that, we will also simulate the real environment for attendees by providing tons of the network data (packet capture files) and we will walk you through the ways of performing network traffic analysis (protocol wide), packets examination (content payloads), looking for sign of attacks (network attacks identification) and incident reponse (reactive decision).
Network intrusions or extrusions cause monetary loss and other unexpected losses. And there is no such thing as an unbreakable network. Thus monitoring plays important role when malicious attackers are able to break through or bypass your network prevention perimeter. However, monitoring is not enough, we need to go more in depth: While we are able to identify malicious activites with our NSM framework, how can we extract the useful information or evidence from the network data? Here we brought you Network Forensic!
This hands-on class will fully utilize open source tools as they are freely available and very applicable when it comes to performing structural network traffics analysis.