Course Notes - Day 1 1. Chat message if you did NOT receive your Student Manual. Hightailmail.com --- upload AWS chilp link (from laura@chappellu.com) Amy: Does this course prepare you for the WCNA Certification? Yes... sort of... 33 areas of study HITEC - 29th RFC update 1323 IDS Suricata Snort Security Onion (Suite of Tools) Bro - Zeek [BRIMsecurity.com] Host Forensics Autopsy My Profile Name troubleshooting - SWC_LC - cfilters (capture filters) - dfilters (display filters) - preferences (gen settings) - recent Naming Prefix - Base - Detail Where - What - Why Lenovo1-baseline-demo.pcapng Lenovo1-DPRKconnect-slow.pcapng SysInternals - great toolset!!! Plug into a Switch 1. to/from my hardware address 2. broadcast 3. multicasts 4. to an "unknown" hardware address (switch does not recognize the hardware address) [macof] ... spoofed source/dest address sec-macof.pcapng (LCU) WiFi Capture Promiscuous Mode (all MAC adds) Monitor Mode (all Wifi nets) Native Adapter WiFi headers stripped off Ethernet headers placed on No Management, Control MetaGeek.com TO DO - Take the courses on home wifi optimization - share those with students!!! Ryan Woodings (Founder) Capture Filters Google Berkeley Packet Filtering (Filter) HOMEWORK: IPv4 Preferences Should we turn on the "Interpret Reserved flag as a Security flag (RFC 3514)" setting? What is this?