Cyber Defence Operations
Semester 1 2022 has snuck up on me again. This semester as part of the UNSW and ADFA run Master of Cyber Security degree, I’m taking the blue team core unit ZEIT8026 Cyber Defence - Network Security Operations (SecOps) lectured by Dr Waqas Haider and Dr Nour Moustafa. Unlike its sister red team unit ZEIT8020 Cyber Offense - Cyber Network Operations (CNO) which I took in 2018, ZEIT8026 aims to lay the foundational knowledge of cyber defence operations:
Packet Analysis Basics
An evolving list of resources around packet analysis tips and tricks. Terminology Cheat sheets Anatomy of a Packet OSI Model Layers Link Layer Ether Type Fields Network layer Transport layer Tools Wireshark (and tshark) tcpdump Useful switches Examples Real world use-cases netsniff-ng Analysis Terminology SOC, or Security Operations Center, is a central location composed of leading edge tools, technology and peeps (intel gatherers, analysts) that deals with security issues at an organisational and technical level.