Network Forensics Training


Teel Tech’s Network Forensics Training Course enables our students to monitor and analyze computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.

Students will learn how networking works, its different components & differences, and a introduction to the three main encapsulations which they will find while analyzing. You will learn how to create a network, the impact of using VLANs vs. Netmasks, Switches, w/ port mirroring vs. tap interfaces and the main components and usages of Wireshark and tcpdump.

With this course you will be able to perform your first capture with both methods and, by using Wireshark, check the performance & benefits of each. Analyze your capture, utilize filters and identify your classmates’ device & network activity. See the main differences and fields of the most common protocols and how to identify them by using Wireshark.

Learn how to get valuable information which may identify the device and even the user from these protocols. Get exposure to the most used tools to automate the process of getting information from network traffic, knowing their limitations and how to use them to expand their Wireshark abilities.

Students will receive take home equipment with training.


Course Details

$3,950

Duration: 5 Days

Laptop Required: Yes

This class is for sworn law enforcement only.

 

View Upcoming Classes

Day One

ISO Layers
Protocols
• Eth, RAW IP
• IEEE802.11


Hands-On
• Connectors
• Wiring
• Devices

Day Two

Hands-On
• Networking
• Netmasking
• Setup a network


How Capture Works
Software Introduction
• TCPDump
• Wireshark

Day Three

Day 1 & 2 Review
Data Capture
• MITM
• Port Mirroring/TAP


Hands-On Wireshark
• Filters
• Identifying Devices
• Finding Protocols

Day Four

IP v4 & v6
TCP
UDP
ARP, ICMP


Hands-On Wireshark
• TCP & UDP Streams
• DNS
• HTTP, SSL

Day Five

Wireshark + SIP
Additional Tools
• Network Miner
• xPlico
• tcpReplay
• ntop-ng
• Airodump-ng




 
About the Instructor
 
Manuel Borrego has 25 years in the IT space leading teams to find technical solutions. As founder of the “Sistemas Especiales” in Spain’s National Police, he developed numerous tools, devices, and patents being used by technical and tactical units. Manuel is currently training the next generation of computer and network forensic examiners.
 


Laptop Requirements:

  • Windows OS
  • macOS with Bootcamp Windows
  • macOS alone will not work (No Virtual Machines)
  • 8GB RAM (minimum)
  • 100GB storage (minimum)
  • You must have admin rights or have the admin password for software installation.
  • NOTE: ALL Windows updates should be done prior to class


Mobile Forensics Group

 

Course Offerings