Wireshark University

Viewing 14 reply threads
  • Author
    Posts
    • #7167
      knwminus
      Participant

      Has anyone done any of the online courses? If they aren’t too bad, 699 isn’t a high price. Especially compared to something like SANS training.

      https://lcuportal2.com/

    • #44754
      YuckTheFankees
      Participant

      I’ve never taken any of their classes but I definitely looked into it because I wanted to get the wireshark cert. I’ve read that their videos are pretty good, and they will definitely help anyone gain more knowledge about wireshark and TCP/IP (experienced to rookies).

      You really cant compare their pricing to SANS, SANS is in a whole different league. I would rather fork out 4500 for a SANS course rather than wireshark university, but it just depends on your budge, experience, and career path.

      If you sign up, definitely let us know what they are like.

    • #44755
      WCNA
      Participant

      I’ve taken the course and for me, it was worth every penny. My wireshark knowledge was pretty good before taking the course but after I took the course, I’d say it increased exponentially. In fact, the certification was probably why I got my new job. I’m doing a lot of troubleshooting log files and quite often, we’ll have to look at an actual capture to see what exactly is wrong. As they say, packet’s don’t lie.

      Laura is a good teacher and the course materials are extensive and clear. She repeats important topics several times so it really makes it easy to remember. It’s not topic specific like a SANS course. It’s apples and oranges. It covers all the major protocols and all the different ways wireshark can analyze a problem. For 700 it’s not a bad deal. I can’t remember exactly how many hours of videos it was but I seem to recall about 40. I don’t think you will be disappointed but as always YMMV.

    • #44756
      Anonymous
      Participant

      Looks good maybe if i get some time and funds i will do this after OSCP

    • #44757
      dynamik
      Participant

      @WCNA wrote:

      I’ve taken the course and for me, it was worth every penny. My wireshark knowledge was pretty good before taking the course but after I took the course, I’d say it increased exponentially. In fact, the certification was probably why I got my new job. I’m doing a lot of troubleshooting log files and quite often, we’ll have to look at an actual capture to see what exactly is wrong. As they say, packet’s don’t lie.

      Laura is a good teacher and the course materials are extensive and clear. She repeats important topics several times so it really makes it easy to remember. It’s not topic specific like a SANS course. It’s apples and oranges. It covers all the major protocols and all the different ways wireshark can analyze a problem. For 700 it’s not a bad deal. I can’t remember exactly how many hours of videos it was but I seem to recall about 40. I don’t think you will be disappointed but as always YMMV.

      Have you read the official book? If so, how do you feel the course compared to it? I thought the book was quite comprehensive and didn’t think I’d get much more out of the course.

      I’m sure it depends on your learning style too though. I’m usually fine with a book, but I’m sure others prefer more structured instruction.

    • #44758
      knwminus
      Participant

      I’ve read it for the most part (still need to finish up the Tshark stuff). I was looking for something that would be a low cost version of the GCIA training. 4500 isn’t happening anytime soon. OSCP looks cool but the WCNA material would be beneficial. I may just try to squeeze the OSCP in at some point late next year (probably after CCIE written if I do it at all).

    • #44759
      dynamik
      Participant

      @knwminus wrote:

      I’ve read it for the most part (still need to finish up the Tshark stuff). I was looking for something that would be a low cost version of the GCIA training. 4500 isn’t happening anytime soon. OSCP looks cool but the WCNA material would be beneficial. I may just try to squeeze the OSCP in at some point late next year (probably after CCIE written if I do it at all).

      My GCIA self-study strategy is the following:
      http://www.amazon.com/Wireshark-Network-Analysis-Official-Certified/dp/1893939995/ref=sr_1_1?ie=UTF8&qid=1324314553&sr=8-1

      http://www.amazon.com/Snort-Toolkit-Beales-Source-Security/dp/1597490997/ref=sr_1_1?ie=UTF8&qid=1324314558&sr=8-1

      http://www.amazon.com/TCP-Guide-Comprehensive-Illustrated-Protocols/dp/159327047X/ref=sr_1_6?ie=UTF8&qid=1324314569&sr=8-6

      http://www.amazon.com/Tao-Network-Security-Monitoring-Intrusion/dp/0321246772/ref=sr_1_1?s=books&ie=UTF8&qid=1324314623&sr=1-1

      Snort has changed quite a bit since that book was released, but it’s still good for foundation concepts, etc. Just supplement with official docs.

    • #44760
      knwminus
      Participant
    • #44761
      dynamik
      Participant

      @knwminus wrote:

      I’m a little shocked that you didn’t include the other “TAO” book:
      http://www.amazon.com/Extrusion-Detection-Security-Monitoring-Intrusions/dp/0321349962/ref=sr_1_1?ie=UTF8&qid=1324319286&sr=8-1

      I have it, and it’s a great book. I just don’t know if it adds much to GCIA studies after all those others. It certainly wouldn’t hurt though.

    • #44762
      l33t5h@rk
      Participant

      Isn’t this a much, much cheaper alternative?

      http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/ref=wl_it_dp_o_npd?ie=UTF8&coliid=I2C55HVZC0QAX3&colid=13CPC8DZ1Z4LY

      With WireShark being free and all I’d think downloading the tool and reading up on this material would be pretty good for those on a budget. I have heard the Laura Chappel courses are amazing, but again, for the price.

    • #44763
      hurtl0cker
      Participant

      I had that book “Practical Packet Analysis, Second Edition”. it is a nice book, especially for beginners but it could have been even better. you can find official EHNet  review here: http://www.ethicalhacker.net/content/view/380/2/ . but for the price of 30 bucks it is still quite a good introduction to the topic.

    • #44764
      knwminus
      Participant

      @l33t5h@rk wrote:

      Isn’t this a much, much cheaper alternative?

      http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/ref=wl_it_dp_o_npd?ie=UTF8&coliid=I2C55HVZC0QAX3&colid=13CPC8DZ1Z4LY

      With WireShark being free and all I’d think downloading the tool and reading up on this material would be pretty good for those on a budget. I have heard the Laura Chappel courses are amazing, but again, for the price.

      I might pick it up but I was looking for something a little higher level.

    • #44765
      WCNA
      Participant

      Laura’s course is NOT a security course. It covers the same material as in the book she wrote. It just makes it easier because you are following along in the traces she demonstrates. It is not a substitute for a GCIA or OSCP or any other security course. As I said that’s comparing apples and oranges. What you will learn is how to dissect packets so later on, you’ll understand how an attack does what it does at a packet level. It covers a few attacks but mainly it’s about all the other stuff you can use Wireshark for like troubleshooting http, ftp, dhcp, etc. 

    • #44766
      docrice
      Participant

      I’ve never taken Wireshark University courses, but I’ve seen Laura Chappell teach at the first Sharkfest a few years ago.  She also has free videos online on different sites.  You can always learn this stuff on your own, but I think it’s really helpful when someone is walking you through the fundamentals and stepping through different analysis scenarios, explaining the approach for each one.  She’s very good at this and her instruction style keeps you engaged.

      I’ve read her Wireshark Network Analysis book.  I also have the WCNA and GCIA certification.  The WCNA is partially about Wireshark as a tool, but it’s also very much about doing protocol analysis and understanding how networks function from a packet’s point of view.  It’s an extremely valuable skill in this day and age as it’ll help you find the smoking gun at work.  If you get the WCNA cert, you’ll be required to upkeep it with CPEs if you want to maintain the cert, but you can do that through the WCNA Portal where they have all kinds of additional instructional videos.  Good stuff.

      As for the GCIA, there’s not a whole lot of Wireshark mentioned, but much of the concepts still apply.  It’s more tcpdump-focused and you’ll be expected to know how to interpret packet headers by looking at the raw binary values.  WCNA covers traffic analysis, but doesn’t necessarily get into “how attackers craft malicious packets and how to identify them” like the GCIA covers.  I’d say the WCNA and GCIA material complement each other very well.  I also think TCP/IP Weapons School is a nice additional complement, but that’s another subject altogether.  You can always read Richard Bejtlich’s books and get a good idea of what his class is like.

    • #44767
      Solinus
      Participant

      I have not taken the official course, but have read her books as well as have viewed several training sessions with Laura. She is a great teacher and I think that the course must be worthwhile. I also would say that her three books would more than get you through the exam as well as make you an excellent troubleshooter of packet flowing through a network.

      This is a great skill to learn and can really seperate you from the others. I highly recommend any of her material.

Viewing 14 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?