Introduction
Packet and protocol analysis are skills which fall squarely into the “use it or lose it” category, and can easily atrophy through lack of practice. As Stephen Northcutt – President of the SANS Technology Institute – says in the foreword to Brian Caswell, Jay Beale and Andrew Baker’s book Snort Intrusion Detection and Prevention Toolkit: “…understanding the network traffic entering, leaving and within your network…” is one of the “…basic skills a professional must have to avoid being impotent as a security practitioner“.
There are plenty of publicly available sources of sample packet captures on the internet, but Read more “Cloud Hosted Honeypots: Harvesting Attack Packet Captures”