IDS Training

IDS Training

IDS Training Introduction:

Intrusion detection system Training network security appliances that monitor network and system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it. GOT offers IDS Training online specialized training for professionals on virtual interactive modes. Perfect learning / extending qualification opportunity for on job professionals at most reasonable cost.

With Global Online Trainings the IDS Training is coordinated by best industry experts and the IDS Online Training tutorial is prepared with best industry updates for offering participants best professional insight over modules. The training is available for individual and corporate batches. To know more about this online training course contact reach at helpdesk of Global Online Trainings today.

Intrusion Detection System Online Training Course Content:

Concepts of TCP/IP
  • TCP/IP communications model
  • Data encapsulation/de-encapsulation
  • Discussion of bits, bytes, binary, and hex
Introduction to Wireshark
  • Navigating around Wireshark
  • Examination of Wireshark statistics
  • Stream reassembly
  • Finding content in packets
Network Access/Link Layer: Layer 2
  • Introduction to 802.x link layer
  • Address resolution protocol
  • ARP spoofing of IDS Training
Wireshark Display Filters
  • Examination of some of the many ways that Wireshark facilitates creating display filters
  • Composition of display filters
Writing tcpdump Filters
  • Format of tcpdump filters
  • Use of bit masking
  • Examination of fields in theory and practice
  • Packet dissection
  • Checksums
  • Normal and abnormal TCP stimulus and response
  • Importance of TCP reassembly for IDS/IPS


  • Examination of fields in theory and practice
  • UDP stimulus and response
  • Examination of fields in theory and practice
  • When ICMP messages should not be sent
  • Use in mapping and reconnaissance
  • Normal ICMP
  • Malicious ICMP

Who Should Attend for IDS Training:

Intrusion detection (all levels), system, and security analysts

Analysts will be introduced to or become more proficient in the use of traffic analysis tools for signs of intrusions.

Network engineers /administrators

Network engineers/administrators will understand the importance of optimal placement of IDS Training sensors and how the use of network forensics such as log data and network flow data can enhance the capability to identify intrusions.

Hands-on security managers

Hands-on security managers will understand the complexities of intrusion detection and assist analysts by providing them with the resources necessary for success.

Prerequisites :
  • Students must have at least a working knowledge of TCP/IP and hexadecimal. 
  • Familiarity and comfort with the use of Linux commands such as cd, sudo, pwd, ls, more, less
You Will Be Able To:
  • Configure and run open-source Snort and write Snort signatures
  • Configure and run open-source Bro to provide a hybrid traffic analysis framework
  • Understand TCP/IP component layers to identify normal and abnormal traffic
  • Use open-source IDS Training traffic analysis tools to identify signs of an intrusion
  • Comprehend the need to employ network forensics to investigate traffic to identify and investigate a possible intrusion
  • Use IDS Training Wireshark to carve out suspicious file attachments
  • Write tcpdump filters to selectively examine a particular traffic trait
  • Synthesize disparate log files to widen and augment analysis
  • Use the open-source network flow tool SiLK to find network behavior anomalies
  • Use your knowledge of network architecture and hardware to customize placement of IDS Training sensors and sniff traffic off the wire

Topics covered in IDS Training will include:

  • Capturing Traffic for Specific Applications
  • Capturing and Classifying Your Own Background Traffic
  • Capturing Traffic to a File Set
  • Capturing Traffic on Your Wireless Network
  • Customizing Wireshark for Different Tasks
  • Customizing Wireshark Views and Settings
  • Default Switch Forwarding
  • Exporting Packet Details
  • Extracting Files from Packet Captures
  • Filtering on Packet Fields
  • Following HTTP Packets through a Network
  • Frames, Packets, and Segments
  • Packet Loss, Recovery, and Faulty Trace Files
  • Security Analysis (Network Forensics) Tasks
  • The Capture Process of IDS Training
  • The Dumpcap Capture Engine
  • The Indications and Causes of Client Latency
  • The Indications and Causes of Path Latency
  • The Indications and Causes of Server Latency
  • The Wiretap Library
  • Using Command-Line Tools to Capture, Split, and Merge Traffic
  • Using Tshark to Extract HTTP Host Names and IP Addresses
  • Using a Ring Buffer to Conserve Drive Space
  • Using Dumpcap and Tshark
  • Using GeoIP to Map Targets Globally
  • Using Logical Operators and Regular Expressions
  • Wireshark Dissectors