Network Security Analysis Using Wireshark, Snort, and SO

Learn real technical skills from a real cybersecurity professional with 100% hands-on labs.

4.52 (1418 reviews)
Udemy
platform
English
language
Network & Security
category
Network Security Analysis Using Wireshark, Snort, and SO
9,112
students
2.5 hours
content
Apr 2020
last update
$59.99
regular price

What you will learn

How to install and configure Virtualbox

How to install and configure Security Onion on Virtualbox

How to install and configure Kali Linux on Virtualbox

How to install and configure Metasploitable on Virtualbox

How to install and configure Wireshark

How to interpret Snort rules and analyze underlying packet captures

How to use Wireshark and Tcpdump to analyze malicious network traffic

How to use penetration testing / ethical hacking tools (Metasploit, Armitage, Burpsuite, Hydra, Nmap, etc.)

Description

The labs in this course are 100% hands-on and highly technical. Please be prepared to install and configure the necessary software to follow along. This will help you receive the maximum benefit of taking this course. The tools we will be using during this course are Wireshark, Tcpdump, Snort, Burpsuite, Nmap, Tcpreplay, Virtualbox and more. Operating Systems used will be Security Onion, Kali Linux, and Metasploitable. The operating systems and software utilized are all completely free, and can be run on one system using Virtualbox.

We're also going to cover network security analysis with Wireshark and Tcpdump, intrusion detection system analysis with Snort and Squert, and ethical hacking and penetration testing with various tools on Kali Linux. The industry standard tools and methodology utilized in this course will expose you to hands-on skills that are necessary as a network security analyst, and cybersecurity professional in general. The quizzes include written questions, and a mock incident response report based upon findings.

Here's an overview of the labs. Please note that labs 3 and 4 are broken down into two parts due to their length:

Lab 1: Installation/Configuration of Virtualbox and Security Onion

Lab 2: Analyzing Network Traffic - Malware Infection

Lab 3: Analyzing Network Traffic - Brute Force Attacks

Lab 4: Analyzing Network Traffic - Exploitation with Metasploit

Lab 5: Analyzing Network Traffic - Policy Violations

The written quizzes for this class are as follows (attached to Lab 2 and 3 as text documents):

Quiz 1: Lab 2 Questions

Quiz 2: Lab 3 Questions

Content

Getting started

Introduction to Class
Lab 1: Setting up Security Onion with VirtualBox
Lab 2: Analyzing Network Traffic - Malware Infection
Lab 3 pt. 1: Analyzing Network Traffic - Brute Force Attacks
Lab 3 pt. 2: Analyzing Network Traffic - Brute Force Attacks
Lab 4 pt. 1: Analyzing Network Traffic - Exploitation with Metasploit
Lab 4 pt. 2: Analyzing Network Traffic - Exploitation with Metasploit
Lab 5: Analyzing Network Traffic - Policy Violations
Bonus Lab 1: Windows 7 Eternalblue Vulnerable VM VirtualBox Setup
Bonus Lab 2: Windows 7 Eternalblue Exploitation and Snort/PCAP Analysis
Bonus Lab 3: Ubuntu Server 12.04 Vulnerable VM VirtualBox Setup
Bonus Lab 4: Ubuntu Server 12.04 Heartbleed Exploitation and Snort/PCAP Analysis

Reviews

Kim
October 14, 2023
Labs are great, clear and easy to follow with file.text of code included. Looking forward to the next courses!
Charlie
September 10, 2023
The Security Onion version used is 16.04. The guide is older I know, but finding the same ISO was hard since the devs moved on to Security Onion 2. Possible to provide it as a downloadable for this course?
Dana
July 26, 2023
The new image is redhat so installation and usage aren't the same, I couldn't follow along because things were so different
Ernest
November 30, 2022
The content of the course is outdated and often too poorly explained. I mean it is not that bad - I would still recommend it to anybody.
Christopher
November 2, 2022
This class is FAR FAR FAR out of date... yet he said he updates this class if SO ever updates its interface. Well, SO is on version 2.3.180.
Samuel
February 12, 2022
Everything is explained clearly, watching it on double speed is great. I would give five stars but I'm having an issue with VirtualBox getting the vm to install the SecurityOnion image. I am just following the videos for now but I am sure having the vm available would be more beneficial.
Joshua
December 17, 2021
The outdated information regarding the software installation made it to where i could not follow along with the manual completion of the lab steps. I could only watch the instruction and take it in via video format.
Orlando
March 16, 2021
This was a well developed course that had a lot of examples with corresponding resources to reference.
Luis
March 11, 2021
I missed some details while explanations. If you don't have a previous knowledge of tools you will be lost.
Richard
March 19, 2018
I learned how to setup Security Onion and use custom policies and what to look for in Security Onion when a breach occurs. I learned about the different applications inside of Security Onion and what they do. Also learned about TCPDump and how to run it. I found the course very helpful and gave me a much better understanding of how all the pieces fit together when using Security Onion.
John
February 6, 2018
I like Jessie's attention to detail. Installations can be quite cumbersome. The walk through was solid.
Diameter
January 30, 2018
Great job! Practical and relevant. This practice helped me a LOT for my Junior Security Analyst job interview. Got a follow-up interview after a successful PCAP challenge. Thanks for this.
Ray
November 3, 2017
Could do with updating the course, but on the whole I really enjoyed it, the instructor was very quick at times, and I found myself viewing lessons a number of times, but I have learned a great deal from this course. Some of the explanations on what we were looking for in the packet data, were lacking at times and also slightly confusing, but this is a course I will revisit again. The intructors knowledge is extensive, just felt it was a little rushed at times.
C
September 4, 2017
This course definitely helps with being able to analyze different types of attacks. Its also good if your'e a Security Analyst. Great Job and well worth the purchase!
Christian
August 3, 2017
Teacher sometimes seems to not understand completely what he is doing. Also he doesn't explain why he does all that he does or why he uses the utilities that he uses. The only advantage on this course in my opinion is to get an idea of what programs and utilities are generally used but you have to look for better information about them anywhere else.

Coupons

DateDiscountStatus
5/26/202060% OFF
expired

Charts

Price

Network Security Analysis Using Wireshark, Snort, and SO - Price chart

Rating

Network Security Analysis Using Wireshark, Snort, and SO - Ratings chart

Enrollment distribution

Network Security Analysis Using Wireshark, Snort, and SO - Distribution chart
1205570
udemy ID
5/5/2017
course created date
3/22/2020
course indexed date
Bot
course submited by