Deep Packet Inspection

GOZCU

Any experts on that field ? What are the recommended materials to learn this technology ? What are your experiences through DPI and where it took you having a career on that ? Anything,small or big info will be appreciated...

Ahriakin

What area in particular are you looking to use it in? Security (IPS etc.), traffic management (PCEF / Policy Control Enforcement Function), forenzics etc.? As a foundation I would take anything that covered packet analysis techniques (the Wireshark course is pretty good for this). Learn the ins and outs of common packets types and protocols in extreme detail then move on to the particular tech area you are interested in (IPS is easy enough to cover since most major vendors have courses related to their solutions but the others are a bit tougher and will be more vendor specific).

the_hutch

Using Scapy (an open-source packet assembly tool) was very helpful for me in learning packet structure and use. Also a great tool for scripting at the packet level...integrates with Python very nicely.

chaser7783

Tcpdump and Tshark get my vote.
The SANS GCIA material is a great start, also the books Network intrusion detection and The Tao of Network Security Monitoring: Beyond Intrusion Detection will be good reads.

Forgot to mention, knowing tcp / ip header information is great.

lsud00d

There will always be jobs in oppressive Middle Eastern countries

GOZCU

hi guys, my area of interest is "traffic management (PCEF / Policy Control Enforcement Function)", right now i am getting an extreme training about protocols, very deep and detailed training. After the completion another training about DPI will start. I was curios about your experiences, comments and ideas. thank u for giving the information about "The SANS GCIA" I was not aware of that before.