Event Details

Instructor-Led Courses (online, in-person)

Loading Events

« All Events

  • This event has passed.

Intrusion Analysis Workshop – Cincinnati, OH

May 11

To register for this event, click Buy Now,
if you are interested but still have questions, click Contact Us.

Who Should Attend?

IT Admins who are interested in cybersecurity, Ethical Hackers, Pen Testers

Workshop Overview

The foundation of all hacking and security work is TCP/IP traffic. In this workshop you will learn the foundation of TCP/IP, you will be introduced to what normal traffic looks like, then you will review traffic for signs of an attack. The process of protocol analysis will be covered to assist you in identifying the attacks and what the risk is to the network. The workshop will provide you practice with basic, advanced and web attack analysis techniques.

Course includes:

• eBook
• Certificate of Attendance
• Conference Pass to BSides Cincy

Session One

Session One: Introduction to Intrusion Analysis

    • Analyzing network traffic
    • Examining the data at the packet level
    • Control flags of TCP
    • Identifying the characteristics of network connections
      • LAB: Analyzing Packets
    • Using protocol analyzers
      • tcpdump
      • dsniff
      • Wireshark
      • Etherape
      • Ettercap
        • LAB: Protocol Analysis I
    • Wireshark Tricks
    • Leveraging the filter capabilities
    • Working within the GUI
    • Low level analysis
    • Following session communication
    • Customizing the interface
    • Using the statistics features within the tool
    • Text-based Wireshark
    • Packet decomposition
      • LAB: Protocol Analysis II

Session Two

Session Two: Capturing traffic on the “wire” and Implementing Network Forensics

    • Layer by layer forensics
    • Collecting data
        • Raw protocol analysis
          • Tcpdump
          • Windump
        • Full protocol analysis
          • Wireshark
            • Working with filters
            • Session re-assembly
          • LAB TCP/IP analysis – (CHFI Module 7 – Network Forensics
        • Colasoft
        • Hping
          • LAB: Crafting Packets

Session Three

Session Three: Intrusion Analysis of Network Traffic on Windows and Linux

          • Identifying normal vs abnormal traffic
          • Determining cause of abnormal traffic
            • Passive fingerprinting characteristics
          • Recognizing common patterns of network attacks
          • Identifying the OS from the network traffic

            •  Nuances of the TCP/IP stack
            • LAB : Analyzing basic attacks
          • Components of a sophisticated attack
          • Deception techniques
          • Protocol camouflage
          • Encryption and tunnels
      • Components of advanced attacks
        • Protocol encapsulation
        • More than one layer 7
      • Web attacks
        • Services
        • SQL
        • XSS
        • Access controls
        • LAB : Analysis of Web Attacks

BSides Cincinnati is a one day information security conference for the community, by the community.

Kevin Cardwell

Kevin Cardwell served as the leader of a 5 person DoD Red Team that achieved a 100% success rate at compromising systems and networks for six straight years. He has conducted over 500 security assessments across the globe. His expertise is in finding weaknesses and determining ways clients can mitigate or limit the impact of these weaknesses.

He spent 22 years in the U.S. Navy. He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations and Security Center (NOSC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean . He served as the Leading Chief of Information Security at the NOC for six years. While there he created a Strategy and Training plan for the development of an expert team that took personnel with little or no experience and built them into expert team members for manning of the NOSC.

Interested but still have questions?


May 11
Event Category:


Braxton Brewing Company
27 W 7th St
Covington, KY 41011 United States
+ Google Map