I'd like to mention a few notes on training for open source software that appeared on my radar recently. The first is Wireshark University, the result of collaboration among Laura Chappell and her Protocol Analysis Institute, Gerald Combs (Wireshark author), and CACE Technologies, maintainers/developers of WinPcap and AirPcap. WiresharkU is offering a certification and four DVD-based courses, along with live training delivered through another vendor.
WiresharkU's content looks pretty simple, but I guess beginners need to start somewhere. If you want to understand more advanced security-related network traffic, I recommend one of my TCP/IP Weapons School classes, offered at Techno Security in Myrtle Beach, SC in June; USENIX 2007 in Santa Clara, CA in June; and Black Hat Training in Las Vegas, NV in July.
On a related Wireshark note, a client recently asked why Lua was required on a sensor he built. He had heard about Lua and Snort 3.0 but was running Snort 2.6.x. I just realized Wireshark uses Lua. Here is one example.
If you're attending BSDCan, consider taking the BSD Certification Exam Beta. It's free but won't convey certification if passed. Registration opened last week. I will again miss BSDCan due to conflicting engagements, namely AusCERT 2007. In addition to speaking at AusCERT, I'm teaching Network Security Monitoring and talking to the Sydney Snort Users Group on 25 May 2007.