Posted in Blog, Course Review, Resources

Course Review: Getting Started in Packet Decoding w/Chris Brenton (Antisyphon Training )

TL;DR – Solid content, a lot to take in for newer learners, well worth taking as an introduction or refresher

I’d been waiting to take this class and finally had a chance a few months ago. My goal was to refresh some fundamentals and fill in some holes that I felt when I took the intermediate threat hunting course. Plus check out the content to see if it would be a good course to recommend to people wanting to get into IT or infosec. It’s a pay what you can, so it’s very accessible pricewise. There’s a ton of content and labs that give you hands-on experience. A lot of the class was review given how much I’ve done with packet captures, but there were enough tips and tricks that it was well worth the 16 hours of class time. There was good coverage of tcpdump, tshark, and Wireshark. I think it’s important to have multiple options for packet captures since Wireshark really doesn’t do well with large captures.

The depth of material was quite good. I think if you were coming in with very little experience with packet captures and network traffic this would be drinking from the firehose. It’s a lot to take it. You do have access to the recordings for 6 months, the course VM, and course PowerPoints. I think if it was over your head, that set of resources would let you get a good grasp on things after the course concludes. Ideally you would take this before the threat hunting course linked above. If you are new to the content, be prepared to revisit the information to grasp it. It’s worth taking the time to go back through until you get it.

I took away a good refresher on tcpdump and tshark plus refreshing networking concepts. Plus some good reminders of deeper functionality in Wireshark. The labs were fun and related well to the material. No issues with the VM. The Discord channels for the class were helpful. I’d recommend the class to anyone wanting to review ICMP, TCP, and UDP.

For someone taking a DIY approach to learning infosec, this is gives a solid networking concepts foundation. It doesn’t cover setting up network sensors and such, but that’s not really something I think the target audience of this course would need to focus on. Even if you are looking at more cloud-based security, the content in this class is worth taking.

Author:

Lifelong paradox - cyber sec enthusiast - loves to learn

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.