LinuxCBT.com

Syllabus

Focus: Berkeley Packet Filters

Duration: 8-Hours

  • Berkeley Packet Filters (BPF) Security - Module XI

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore network topology
      • Identify key systems to be used
      • Discuss key BPF features
    •  
    • Type Qualifiers
      • Identify type qualifiers
      • Explore examples
      • Write filters for various scenarios
      • Test and debug filters
    •  
    • Directional Qualifiers
      • Discuss features and benefits
      • Identify directional qualifiers
      • Write filters for various scenarios
      • Test and debug filters
    •  
    • Protocol Qualifiers
      • Identify protocol qualifiers
      • Explore a number of protocols and options
      • Write filters for various scenarios
      • Test and debug filters
      • Combine type, directional and protocol qualifiers
      • Evaluate results
    •  
    • Rule (Filter) Negation | Alternation | Concatenation
      • Discuss features and benefits
      • Write alternated filters for various scenarios
      • Write concatenated filters for various scenarios
      • Write negated filters for various scenarios
      • Test and debug filters
      • Evaluate results
    •  
    • Rule (Filter) Segregation with Parenthetical Statements
      • Discuss features and benefits
      • Write parenthesized rules for various scenarios
      • Write alternative rules and contrast
      • Test and debug parenthesized and alternative rules
      • Evaluate results
    •  
    • TCPDump & Windump
      • Discuss features and benefits
      • Explore useful features of both utilities
      • Execute with key options
      • Apply additional BPFs
      • Evaluate results
    •  
    • BPFs with Snort® NIDS|NIPS
      • Discuss features and benefits
      • Install Snort®
      • Explore useful options
      • Apply predefined BPFs
      • Evaluate results
    •  
    • BPFs with WireShark Capture | Analysis Engine
      • Discuss features and benefits
      • Explore useful options
      • Invoke with useful options
      • Apply predefined BPFs
      • Extend and archive BPFs
      • Evaluate results
    •  
    • BPF Lists
      • Discuss features and benefits
      • Generate BPF lists for sample scenarios
      • Supply lists to utilities for processing
      • Archive lists for reuse
      • Evaluate results

LinuxCBT BPF Edition

  •  
DEMO