• Online, Instructor-Led
  • Classroom
Course Description

Designed by operators for operators, this accelerated course is designed to help understand communications tunneling techniques and tradecraft related to cyber operations. We provide hands-on instruction on performing tunneling from SSH tunnels, proxy tunnels, TOR tunneling over SOCKS and other tunneling mechanisms through open-source projects and commercial systems. Participants of this course will be able to tunnel traffic using our cyber-range to become adept and familiarized with tunneling techniques by the first day. The second day of this course focuses on tradecraft associated with tunneling techniques learned. We provide the tools to visualize and understand how network defenders can identify tunneling techniques and how they can prevent such activity.

Learning Objectives

Learning objectives:

  1. Tunneling over SSH
  2. Tunneling over Proxies
  3. Tunneling over TOR with SOCKS
  4. Tunneling over open-source projects
  5. Tunneling over commercial systems
  6. Tunneling tradecraft
  7. Identification and mitigation of malicious tunneling activity

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Network Services
  • Cyber Defense Analysis
  • Collection Operations
  • Cyber Operations
  • Threat Analysis