October 9th, 2003, 12:12 AM
I found these threads a couple days ago, and I thought they were very interesting.
Since I didn't understand anything at all, and these threads fell into my area of interest, I did some hunting around and found these links...
Does anybody have any other helpful links to help to learn to "decode" packet contents? These two are a good start, but Google isn't finding what I want.
October 9th, 2003, 12:18 AM
You want to look into intrusion detection. I'd recommend picking up snort, windump/tcpdump, etc and related tutorials and materials. I'd also recommend you go check out the http://www.sans.org reading room ... more specifically the intrusion detection materials. Finally a good book on tcp/ip such as tcp/ip illustrated would be a nice thing to pick up.
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
October 9th, 2003, 02:50 PM
Don't forget the honeynet project.. http://www.honeynet.org/
Not the best site, but it does have some good info.
\"Ignorance is bliss....
but only for your enemy\"