Concepts of TCP/IP
- Why is it necessary to understand packet headers and data?
- TCP/IP communications model
- Data encapsulation/de-encapsulation
- Discussion of bits, bytes, binary, and hex
Introduction to Wireshark
- Navigating around Wireshark
- Examination of Wireshark statistics
- Stream reassembly
- Finding content in packets
Network Access/Link Layer: Layer 2
- Introduction to 802.x link layer
- Address resolution protocol
- ARP spoofing
IP Layer: Layer 3
IPv4
- Examination of fields in theory and practice
- Checksums and their importance, especially for an IDS/IPS
- Fragmentation: IP header fields involved in fragmentation, composition of the fragments, fragmentation attacks
IPv6
- Comparison with IPv4
- IPv6 addresses
- Neighbor discovery protocol
- Extension headers
- IPv6 in transition