Network Security Analysis Using Wireshark, Snort, and SO

Learn real technical skills from a real cybersecurity professional with 100% hands-on labs.

   Watch Promo

What am I going to get from this course?

  • How to install and configure Virtualbox
  • How to install and configure Security Onion on Virtualbox
  • How to install and configure Kali Linux on Virtualbox
  • How to install and configure Metasploitable on Virtualbox
  • How to install and configure Wireshark
  • How to interpret Snort rules and analyze underlying packet captures
  • How to use Wireshark and Tcpdump to analyze malicious network traffic
  • How to use penetration testing / ethical hacking tools (Metasploit, Armitage, Burpsuite, Hydra, Nmap, etc.)

What are the requirements?

  • Basic TCP/IP Knowledge
  • Basic information security knowledge
  • Basic knowledge about packet captures
  • Basic operating system knowledge (Windows, Linux)
  • Basics IDS knowledge
  • PC or Laptop
  • Virtualbox, Security Onion, Kali Linux, Metasploitable (Free and Open Source Operating Systems)


The labs in this course are 100% hands-on and highly technical. Please be prepared to install and configure the necessary software to follow along. This will help you receive the maximum benefit of taking this course. The tools we will be using during this course are Wireshark, Tcpdump, Snort, Burpsuite, Nmap, Tcpreplay, Virtualbox and more. Operating Systems used will be Security Onion, Kali Linux, and Metasploitable. The operating systems and software utilized are all completely free, and can be run on one system using Virtualbox.

We're also going to cover network security analysis with Wireshark and Tcpdump, intrusion detection system analysis with Snort and Squert, and ethical hacking and penetration testing with various tools on Kali Linux. The industry standard tools and methodology utilized in this course will expose you to hands-on skills that are necessary as a network security analyst, and cybersecurity professional in general. The quizzes include written questions, and a mock incident response report based upon findings.

Here's an overview of the labs. Please note that labs 3 and 4 are broken down into two parts due to their length:

Lab 1: Installation/Configuration of Virtualbox and Security Onion

Lab 2: Analyzing Network Traffic - Malware Infection

Lab 3: Analyzing Network Traffic - Brute Force Attacks

Lab 4: Analyzing Network Traffic - Exploitation with Metasploit

Lab 5: Analyzing Network Traffic - Policy Violations

The written quizzes for this class are as follows (attached to Lab 2 and 3 as text documents):

Quiz 1: Lab 2 Questions

Quiz 2: Lab 3 Questions

What is the target audience?

  • Network Security Analysts
  • Security Analysts
  • Cybersecurity Students
  • Information Systems Security Students
  • IT Professionals
  • Cybersecurity Professionals

Your Instructor

Jesse Kurrus
Jesse Kurrus

Jesse Kurrus is a cybersecurity professional with strong network security analysis and intrusion detection experience. Jesse is skilled in utilizing commercial and proprietary Security Information and Event Management (SIEM) technology to create rules, filters, generate reports, and analyze correlations and events. Other professional strengths include cybersecurity, ethical hacking, penetration testing, training, and technical writing. Jesse has a true passion for cybersecurity and information technology, and an insatiable ambition to further his knowledge and professional skill set.

Specialties: Intrusion Detection / Network Security Monitoring (Security Onion, Snort, Bro, and Suricata); SIEM Technology (Elasticsearch, Logstash, Kibana (ELK), ArcSight, and Splunk); PCAP analysis (Tcpdump, Wireshark, NetworkMiner, NetWitness/Security Analytics); Penetration Testing (Kali Linux, BurpSuite, Nikto, Nmap, Metasploit, etc.)

Current Degrees/Certifications: M.S. in Information Technology with Information Assurance Specialization / B.S. in Computer Networks and Security / Network+, A+, Security+, Linux+, Certified Ethical Hacker v8 (CEH), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP)

Frequently Asked Questions

When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund.

This course is not open for enrollment.