|
NETWORK SECURITY MONITORING AND BOTNET DETECTION TRAINING
Botnets are a serious threat.But how
do we identify them, and how do we
know if our systems are compromised?
Are our IDS/IPS, web proxy, firewall, etc,
detecting and blocking these threats?
Are the latest web drive-by attacks
penetrating the infrastructure security?
This course will help network and system
administrators to implement mechanisms that will help to ensure
that malicious İnternet activity, especially botnets, are detected
through effective network monitoring and analysis.
To understand these threats and learn techniques to track botnets,
students will conduct hands-on exercises using our proprietary
VMware lab consisting of 11 VMware images to create and
investigate botnets from both a host and network perspective.
Students will set-up and analyze network flow analysis systems using
the popular tools nfsen, nfdump, and Scrutinizer. Students will also
learn how to make effective use of IDS technologies using the snort
and Bro IDS platforms for botnet identification. Students will also
learn critical host-based monitoring techniques on Windows and
Linux systems and learn why host-based monitoring alone is not
necessarily sufficient. Basic client and server-side honeypot malware
collection and basic malware analysis techniques for botnet
identification will also be covered.
Network Security Monitoring and Botnet Delection Training Brochure |
