While teaching SANS SEC503 (Intrusion Detection In-Depth) I routinely create extra exercises for students throughout the week. One of the things that trips students up when taking the GCIA is the ability to decode packets at the hex level. As one of my students quipped last week \"this isn't hard, it's just time consuming.\" Of course he's right. While the GCIA is an open book exam, it is time constrained and questions asking students to decode packets tend to steal precious time away from GCIA candidates. ?I've been asked repeatedly to share some of my extra practice exercises for students and I finally got around to making these a little more formal while teaching in Amsterdam this week.