.

Wireshark University

<<

knwminus

User avatar

Full Member
Full Member

Posts: 100

Joined: Thu Feb 25, 2010 11:26 pm

Post Sun Dec 18, 2011 3:03 pm

Wireshark University

Has anyone done any of the online courses? If they aren't too bad, 699 isn't a high price. Especially compared to something like SANS training.

https://lcuportal2.com/
A+ N+ CCNA CCNA:S CNSS 4011 Security+

Next Up: CCNP CCNP:S
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Sun Dec 18, 2011 3:14 pm

Re: Wireshark University

I've never taken any of their classes but I definitely looked into it because I wanted to get the wireshark cert. I've read that their videos are pretty good, and they will definitely help anyone gain more knowledge about wireshark and TCP/IP (experienced to rookies).

You really cant compare their pricing to SANS, SANS is in a whole different league. I would rather fork out 4500 for a SANS course rather than wireshark university, but it just depends on your budge, experience, and career path.

If you sign up, definitely let us know what they are like.
OSCP in progress
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Sun Dec 18, 2011 5:11 pm

Re: Wireshark University

I've taken the course and for me, it was worth every penny. My wireshark knowledge was pretty good before taking the course but after I took the course, I'd say it increased exponentially. In fact, the certification was probably why I got my new job. I'm doing a lot of troubleshooting log files and quite often, we'll have to look at an actual capture to see what exactly is wrong. As they say, packet's don't lie.

Laura is a good teacher and the course materials are extensive and clear. She repeats important topics several times so it really makes it easy to remember. It's not topic specific like a SANS course. It's apples and oranges. It covers all the major protocols and all the different ways wireshark can analyze a problem. For 700 it's not a bad deal. I can't remember exactly how many hours of videos it was but I seem to recall about 40. I don't think you will be disappointed but as always YMMV.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

millwalll

Post Mon Dec 19, 2011 5:05 am

Re: Wireshark University

Looks good maybe if i get some time and funds i will do this after OSCP
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Dec 19, 2011 9:07 am

Re: Wireshark University

WCNA wrote:I've taken the course and for me, it was worth every penny. My wireshark knowledge was pretty good before taking the course but after I took the course, I'd say it increased exponentially. In fact, the certification was probably why I got my new job. I'm doing a lot of troubleshooting log files and quite often, we'll have to look at an actual capture to see what exactly is wrong. As they say, packet's don't lie.

Laura is a good teacher and the course materials are extensive and clear. She repeats important topics several times so it really makes it easy to remember. It's not topic specific like a SANS course. It's apples and oranges. It covers all the major protocols and all the different ways wireshark can analyze a problem. For 700 it's not a bad deal. I can't remember exactly how many hours of videos it was but I seem to recall about 40. I don't think you will be disappointed but as always YMMV.


Have you read the official book? If so, how do you feel the course compared to it? I thought the book was quite comprehensive and didn't think I'd get much more out of the course.

I'm sure it depends on your learning style too though. I'm usually fine with a book, but I'm sure others prefer more structured instruction.
The day you stop learning is the day you start becoming obsolete.
<<

knwminus

User avatar

Full Member
Full Member

Posts: 100

Joined: Thu Feb 25, 2010 11:26 pm

Post Mon Dec 19, 2011 11:40 am

Re: Wireshark University

I've read it for the most part (still need to finish up the Tshark stuff). I was looking for something that would be a low cost version of the GCIA training. 4500 isn't happening anytime soon. OSCP looks cool but the WCNA material would be beneficial. I may just try to squeeze the OSCP in at some point late next year (probably after CCIE written if I do it at all).
A+ N+ CCNA CCNA:S CNSS 4011 Security+

Next Up: CCNP CCNP:S
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Dec 19, 2011 12:11 pm

Re: Wireshark University

knwminus wrote:I've read it for the most part (still need to finish up the Tshark stuff). I was looking for something that would be a low cost version of the GCIA training. 4500 isn't happening anytime soon. OSCP looks cool but the WCNA material would be beneficial. I may just try to squeeze the OSCP in at some point late next year (probably after CCIE written if I do it at all).


My GCIA self-study strategy is the following:
http://www.amazon.com/Wireshark-Network ... 553&sr=8-1

http://www.amazon.com/Snort-Toolkit-Bea ... 558&sr=8-1

http://www.amazon.com/TCP-Guide-Compreh ... 569&sr=8-6

http://www.amazon.com/Tao-Network-Secur ... 623&sr=1-1

Snort has changed quite a bit since that book was released, but it's still good for foundation concepts, etc. Just supplement with official docs.
The day you stop learning is the day you start becoming obsolete.
<<

knwminus

User avatar

Full Member
Full Member

Posts: 100

Joined: Thu Feb 25, 2010 11:26 pm

Post Mon Dec 19, 2011 1:28 pm

Re: Wireshark University

I'm a little shocked that you didn't include the other "TAO" book:
http://www.amazon.com/Extrusion-Detecti ... 286&sr=8-1
A+ N+ CCNA CCNA:S CNSS 4011 Security+

Next Up: CCNP CCNP:S
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Dec 19, 2011 2:01 pm

Re: Wireshark University

knwminus wrote:I'm a little shocked that you didn't include the other "TAO" book:
http://www.amazon.com/Extrusion-Detecti ... 286&sr=8-1


I have it, and it's a great book. I just don't know if it adds much to GCIA studies after all those others. It certainly wouldn't hurt though.
The day you stop learning is the day you start becoming obsolete.
<<

l33t5h@rk

User avatar

Jr. Member
Jr. Member

Posts: 79

Joined: Tue Nov 22, 2011 12:06 am

Post Mon Dec 19, 2011 2:03 pm

Re: Wireshark University

Isn't this a much, much cheaper alternative?

http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/ref=wl_it_dp_o_npd?ie=UTF8&coliid=I2C55HVZC0QAX3&colid=13CPC8DZ1Z4LY

With WireShark being free and all I'd think downloading the tool and reading up on this material would be pretty good for those on a budget. I have heard the Laura Chappel courses are amazing, but again, for the price.
<<

hurtl0cker

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 10:09 am

Location: WWW

Post Mon Dec 19, 2011 9:02 pm

Re: Wireshark University

I had that book "Practical Packet Analysis, Second Edition". it is a nice book, especially for beginners but it could have been even better. you can find official EHNet  review here: http://www.ethicalhacker.net/content/view/380/2/ . but for the price of 30 bucks it is still quite a good introduction to the topic.
“Knowing is not enough; we must apply. Willing is not enough: we must do.”
- Bruce Lee
<<

knwminus

User avatar

Full Member
Full Member

Posts: 100

Joined: Thu Feb 25, 2010 11:26 pm

Post Tue Dec 20, 2011 9:59 am

Re: Wireshark University

l33t5h@rk wrote:Isn't this a much, much cheaper alternative?

http://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593272669/ref=wl_it_dp_o_npd?ie=UTF8&coliid=I2C55HVZC0QAX3&colid=13CPC8DZ1Z4LY

With WireShark being free and all I'd think downloading the tool and reading up on this material would be pretty good for those on a budget. I have heard the Laura Chappel courses are amazing, but again, for the price.



I might pick it up but I was looking for something a little higher level.
A+ N+ CCNA CCNA:S CNSS 4011 Security+

Next Up: CCNP CCNP:S
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Wed Dec 21, 2011 10:03 pm

Re: Wireshark University

Laura's course is NOT a security course. It covers the same material as in the book she wrote. It just makes it easier because you are following along in the traces she demonstrates. It is not a substitute for a GCIA or OSCP or any other security course. As I said that's comparing apples and oranges. What you will learn is how to dissect packets so later on, you'll understand how an attack does what it does at a packet level. It covers a few attacks but mainly it's about all the other stuff you can use Wireshark for like troubleshooting http, ftp, dhcp, etc. 
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

docrice

User avatar

Newbie
Newbie

Posts: 31

Joined: Sun Nov 20, 2011 3:19 am

Post Thu Dec 22, 2011 1:42 am

Re: Wireshark University

I've never taken Wireshark University courses, but I've seen Laura Chappell teach at the first Sharkfest a few years ago.  She also has free videos online on different sites.  You can always learn this stuff on your own, but I think it's really helpful when someone is walking you through the fundamentals and stepping through different analysis scenarios, explaining the approach for each one.  She's very good at this and her instruction style keeps you engaged.

I've read her Wireshark Network Analysis book.  I also have the WCNA and GCIA certification.  The WCNA is partially about Wireshark as a tool, but it's also very much about doing protocol analysis and understanding how networks function from a packet's point of view.  It's an extremely valuable skill in this day and age as it'll help you find the smoking gun at work.  If you get the WCNA cert, you'll be required to upkeep it with CPEs if you want to maintain the cert, but you can do that through the WCNA Portal where they have all kinds of additional instructional videos.  Good stuff.

As for the GCIA, there's not a whole lot of Wireshark mentioned, but much of the concepts still apply.  It's more tcpdump-focused and you'll be expected to know how to interpret packet headers by looking at the raw binary values.  WCNA covers traffic analysis, but doesn't necessarily get into "how attackers craft malicious packets and how to identify them" like the GCIA covers.  I'd say the WCNA and GCIA material complement each other very well.  I also think TCP/IP Weapons School is a nice additional complement, but that's another subject altogether.  You can always read Richard Bejtlich's books and get a good idea of what his class is like.
GSEC, GCFW, GCIA, GCIH, GWAPT, GAWN, GPEN, OSWP, WCNA, CCNA, CCNA Security, SFCP, SnortCP, and more useless acronyms.

Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
<<

Solinus

Newbie
Newbie

Posts: 31

Joined: Mon Sep 03, 2007 6:33 pm

Location: Cape Cod

Post Tue Dec 27, 2011 10:55 am

Re: Wireshark University

I have not taken the official course, but have read her books as well as have viewed several training sessions with Laura. She is a great teacher and I think that the course must be worthwhile. I also would say that her three books would more than get you through the exam as well as make you an excellent troubleshooter of packet flowing through a network.

This is a great skill to learn and can really seperate you from the others. I highly recommend any of her material.
Last edited by Solinus on Tue Dec 27, 2011 10:57 am, edited 1 time in total.
Kerry
MCITP:EA | MCTS(x5) | MCSA+ | MCSE+ | Security + | CCNA | WCSP |
DSCE | PCT |CIW Security Analyst | CSSA

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software