Deep Packet Inspection

GOZCUGOZCU Member Posts: 234
Any experts on that field ? What are the recommended materials to learn this technology ? What are your experiences through DPI and where it took you having a career on that ? Anything,small or big info will be appreciated...

Comments

  • AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    What area in particular are you looking to use it in? Security (IPS etc.), traffic management (PCEF / Policy Control Enforcement Function), forenzics etc.? As a foundation I would take anything that covered packet analysis techniques (the Wireshark course is pretty good for this). Learn the ins and outs of common packets types and protocols in extreme detail then move on to the particular tech area you are interested in (IPS is easy enough to cover since most major vendors have courses related to their solutions but the others are a bit tougher and will be more vendor specific).
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • the_hutchthe_hutch Banned Posts: 827
    Using Scapy (an open-source packet assembly tool) was very helpful for me in learning packet structure and use. Also a great tool for scripting at the packet level...integrates with Python very nicely.
  • chaser7783chaser7783 Member Posts: 154
    Tcpdump and Tshark get my vote.
    The SANS GCIA material is a great start, also the books Network intrusion detection and The Tao of Network Security Monitoring: Beyond Intrusion Detection will be good reads.

    Forgot to mention, knowing tcp / ip header information is great.
  • lsud00dlsud00d Member Posts: 1,571
    There will always be jobs in oppressive Middle Eastern countries icon_thumright.gif
  • GOZCUGOZCU Member Posts: 234
    hi guys, my area of interest is "traffic management (PCEF / Policy Control Enforcement Function)", right now i am getting an extreme training about protocols, very deep and detailed training. After the completion another training about DPI will start. I was curios about your experiences, comments and ideas. thank u for giving the information about "The SANS GCIA" I was not aware of that before.
Sign In or Register to comment.