Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, and why to capture network traffic and what to do with it. This class covers open-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises that reinforce the material. Some of the topics include capturing packets with tcpdump, mining DNS resolutions using only command-line tools, and busting obfuscated protocols. This class will prepare students to tackle common problems and help them begin developing the skills to handle more advanced networking challenges.
Introduction to TCP/IP, OSI Model,
o| Understanding how Network works
o| Using Pcap to retrieve data packet
o| Analysing Data Packet
A basic understanding of TCP/IP and OSI model, Python programming experience helps with exercises.
tcpdump, Wireshark, and ChopShop. A linux/BSD/Mac system with the previous tools is recommended (as it should come with tcpdump).