[tcpdump-workers] Intro Lesson Plan/Tutorial

Plotnick, Neil nplotnick at everett.k12.ma.us
Sat Apr 25 10:53:07 EDT 2020

This lesson is part of a much larger curriculum on cybersecurity. I have
written multiple lessons on using the CLI including ipconfig, ping, cat and
other generic and network specific tools. Many of the utilities and
concepts taught are mapped to the CompTIA Security+ certification exam.

My school uses Project Lead the Way (PLTW) for many of our STEM courses.
PLTW for cybersecurity relies primarily on virtual environments for Windows
and Linux that are hosted by AWS. Having spent 15 years in IT (mostly with
Novell Netware, Windows NT, OS/2, Macintosh), I really felt that the VMs
can be valuable but are never as authentic as a real network would be. To
that end, I have my students SSH into an Ubuntu Server from their Windows
desktops using PuTTY or Chrome extensions. Some of my lessons focus on
navigating the Linux directory structure, using Nano for simple file
editing, BASH scripting and Python programming. As a one year survey
course, there are a lot of topics that we cover.

The impetus for writing this particular lesson was the PLTW unit on
WireShark. TCPDUMP was a small part of the overall unit. When my students
go through the PLTW lesson and report that they really don't understand
what they were doing, I tend to write my own materials to flesh out their
knowledge. Having worked in IT, I do have a strong appreciation for what
skills they should be learning. PLTW has a lot of focus on WireShark and
does not really do as good a job with CLI programs.

In regards to broader topics with Linux, in the May issue of Linux Format
(available now!) there is a secondary feature article on how I use Linux to
teach computer science.

Unfortunately, my students are all in sequestering mode with the Covid 19
virus. I had hoped to teach them about nmap, TCP/IP ports and other things.

I do appreciate your feedback and look forward to hearing how I can
incorporate your experience and comments into my lessons.

Neil Plotnick
Everett HS
PAEMST 2015 in Secondary Mathematics

On Sat, Apr 25, 2020 at 5:42 AM Brenda J. Butler <bjb at sourcerer.ca> wrote:

> Those are a few simple things you can do with tcpdump, but it doesn't
> really illuminate the network traffic much.
> Why are the students looking at the tcpdump output?
> There is no explanation of the network traffic - like what a packet is
> made of (the headers, the payload), the different protocols, the types
> of packets that implement the different protocols - etc.
> Then again, maybe you aren't going into that much depth.  But to me,
> that is the point of tcpdump - to look at the traffic and to
> understand it.  Sometimes with the ultimate goal of finding out what's
> going wrong with the network.
> What do you want the students to get out of it?
> What do the students already know about Linux/Unix?  From the plan you
> gave, they know "cat" (and now they know tcpdump) and have to be
> taught how to stop a running process (ctl-c) and how to redirect
> output to a file.
> I think it is good to use a program like tcpdump to introduce some
> basics - but maybe a bit more emphasis on teaching shell things like
> redirection and linux/unix concepts like processes will be a good
> foundation for them to learn other things.
> And, you have put the synopsis on the page - but here is a chance to
> introduce the man pages instead.
> Well those are my impressions - I hope this is useful for you.  I
> think it's great that you want to teach the kids some command-line
> tools : -)
> bjb
> On Thu, Mar 26, 2020 at 01:25:58PM -0400, Plotnick, Neil via
> tcpdump-workers wrote:
> > Date: Thu, 26 Mar 2020 13:26:55 -0400
> > From: "Plotnick, Neil" <nplotnick at everett.k12.ma.us>
> > Subject: Intro Lesson Plan/Tutorial
> > To: tcpdump-workers at lists.tcpdump.org
> >
> > I have posted a tutorial designed for my introductory cybersecurity class
> > at my high school. Any observations and suggestions are welcome.
> >
> > https://github.com/nplotnick/cyber/blob/master/TCPDump%20Tutorial.pdf
> >
> > --
> > Neil Plotnick
> > Everett High School
> > 100 Elm Street
> > Everett MA 02149
> >
> >  [image: paesmt_logo.JPG (367×259)]
> > _______________________________________________
> > tcpdump-workers mailing list
> > tcpdump-workers at lists.tcpdump.org
> > https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
> ---end quoted text---

Neil Plotnick
Everett High School
100 Elm Street
Everett MA 02149

 [image: paesmt_logo.JPG (367×259)]

More information about the tcpdump-workers mailing list