Saturday, September 4, 2010

Newsletter

Enter your email address below to sign up for our mailing list.

 

Linux - LN510

Course: Network Security
Length: 5 days
Price: $2,395.00
  Currently, there are no scheduled dates for this course.
Course Description

This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols used in Linux, UNIX, and Windows 2000 are examined. After a detailed discussion of the TCP/IP suite component protocols and ethernet operation, the student practices using various tools to capture, analyze, and generate IP traffic. Students then explore the tools and techniques used to exploit protocol weaknesses and perform more advanced network attacks. After building a thorough understanding of network based attacks, course focus shifts to the defensive solutions available. Students install, configure, and test two of the most popular and powerful NIDS solutions available. Finally, students create a Linux based router / firewall solution, including advanced functionality such as NAT, policy routing, and traffic shaping.

Pre-requisite skills

Since the tools used in class are compiled and run on a Linux system, Linux or UNIX system experience is helpful, but not necessary. A solid background in networking concepts will greatly aid in comprehension. This is an intense class that covers many topics. If you are unsure if you meet the prerequisites, please speak with a Guru Labs' representative.

Course Outline

DAY 1

  • Ethernet and IP Operation
  • TCP/IP Protocol vulnerability analysis (Layer 2/3)
  • Tools for frame capture, analysis, and creation
  • Tools for packet capture, analysis, and creation
  • IP and ARP Vulnerability Analysis
  • ARP spoofing, IP address spoofing, ICMP abuse
  • Protecting against IP abuse
  • ARP cache poisoning defense

DAY 2

  • UDP/TCP Vulnerability Analysis
  • TCP format, state, and operations
  • SYN attack, sequence guessing, hijacking
  • TELNET Protocol Vulnerability Analysis
  • FTP Vulnerability Analysis
  • Bounce attack, port stealing, brute-force
  • HTTP Vulnerability Analysis
  • Attacks on file and pathnames
  • Header spoofing
  • Auth credentials and cookies
  • DNS Protocol Vulnerability Analysis

DAY 3

  • SSH Protocol Vulnerability Analysis
  • Insertion attack, brute force, CRC attack
  • Host authentication bypass
  • HTTPS Vulnerability Analysis
  • SSL protocol structure
  • Intercepted key exchange
  • Version rollback attack
  • Remote O/S detection
  • TCP/IP stack fingerprinting
  • Attacks and Basic Attack Detection
  • Sources of attack
  • Denial of service attacks
  • Remote intrustion expoits
  • Attack detection tools

DAY 4

  • Intrusion Detection Technologies
  • Host, network, hybrid IDS
  • Honeypots
  • Focused Monitors
  • Using snort
  • Advanced snort Configuration
  • snort addons
  • Writing snort Rules
  • CID and SnortCenter

DAY 5

  • Linux as a router
  • Types of firewalls
  • Proxies: squid
  • Packet filters: stateless and stateful
  • Firewall limitations
  • Configuring iptables
  • NAT and PAT on Linux
  • Advanced policy routing