SE-300
VULNERABILITY AWARENESS AND COUNTERMEASURES
 

5 Days

Tuition: $2975

Security remains a problem and it's magnified by the emphasis on compliance. Published reports tell us that the number of security events is increasing and that malicious attacks continue to exploit weaknesses in application and operating system software. Analysts report that as a direct result of organizations not properly addressing software vulnerabilities, security incidents have risen more than 90 percent. The only effective way to prevent security incidents is to identify and remedy the vulnerabilities — fixing them before they are exploited, systems are compromised and business is negatively impacted.

What past students had to say about this class:

Instructor was very knowledgeable in the areas covered. Very professional. I was impressed and amazed of how well he knew almost everything. He was able to explain any of the materials to me in a not so complicated manner. Will definitely recommend other IT professionals on attending this course. ~ R.E. \ USMC

Good class. I will recommend to others. ~M.J/ \Mail Boxes Etc.

I'll be back for more. Class was very good and interesting! ~O.S. \USMC

Who Should Attend

·            System Administrators, Security Auditors, IT Managers

As a Result of Completing this Course, the Student will be able to:

·            Recognize system & network vulnerabilities

·            Learn the techniques and tools that the enemy uses

·            Learn defensive/preventative methods

·            Perform vulnerability assessments on their own systems

 

Student Materials

·            Student DVD containing hundreds of security tools

·            Linux ‘live’ CD with security tools (e.g. Knoppix STD, LAS)

·            Binder of printed overheads & labs

·            Reference Book: Penetration Tester’s Open Source Toolkit (Syngress)

 


 

Hacker Mentality

·         Motivation

·         Skill Set

·         Evolution of Attacks

·         Overview of Typical Attack Methodology

·         FBI Computer Crime Study


Reconnaissance-Footprinting

·         Search Engines

·         Public Internet Records

    • WHOIS, DNS

·         Archived Web Information

    • Archive.org/WayBackMachine

·         Packet Tracing

    • Traceroute

·         Countermeasures

 

Reconnaissance-Scanning

·         War Dialing

·         Port Scanning

·         Nmap tool

·         OS Detection

·         Advanced Scanning with scanrad

·         Firewalking

·         Countermeasures

 

 

Reconnaissance-Enumeration

·         NetBIOS names

·         Null Sessions

·         DNS Zone Transfers

·         SNMP

·         Active Directory

·         Countermeasures

 

Social Engineering

·         The Art of Deception and Manipulation

·         Reconnaissance and/or Attack?

·         Employee Awareness

·         Recognition and Prevention

 

Password Attacks

·         Password Storage in Windows and Unix

·         Getting the Hashed Credentials-Sniffing or Physical Access

·         Password Cracking-Reversing the Hash

·         Password Guessing

·         Keystroke Loggers

·         Rainbow Tables

·         Password Strength

·         Countermeasures

 

Sniffing

·         Cleartext Protocols

·         Sniffing in a Hub Environment

·         Sniffing in a switched Environment

·         Advanced Sniffing Techniques

·         Sniffing Limitations

·         Countermeasures

 

Session Hijacking

·         Weaknesses in TCP

·         Local vs. Remote Hijacking

·         T-Sight tool

·         Hunt tool

·         Countermeasures

 

Buffer Overflows

·         Stack Concepts

·         Poor Programming

·         Manual Detection with Decompilers

·         Automated Detection with Fuzzying Software

·         Countermeasures

 

Malware

·         Trojans

·         Spyware

·         Viruses/ Worms

·         Distribution Methods

·         EXE Wrappers

·         Detection and Removal

·         Prevention

·         Software Restriction Policies

·         Countermeasures

 

Hiding Files and Activities

·            Manipulating Audit Logs

·            Alternative Data Streams

·            Steganography

·            Rootkits

·            Detection and Removal

·            Countermeasures

 

Denial of Service

·            Types of DOS

·            DDoS

·            Botnets

·            Countermeasures

 

Advanced Attacks

·            Privilege Escalation

·            SMBRelay Tool

·            Evading FW & IDS via Fragmentation

·            ICMP, DNS, HTTP Tunneling

·            Exploitation Frameworks

·            Countermeasures

 

Staying Current

·            Vulnerability Database Sites

·            Security Info Sites


Summary List of Lab Exercises/Tools:

·            Intro to Linux

·            Open Source Information querying

·            Google querying

·            Port scanning with nmap, scanrand

·            OS fingerprinting with Xprobe2, p0f

·            Null session enumeration with DumpSec

·            Password Auditing with Brutus, TSGrinder, LC5, Cain and Abel, Rainbow Crack

·            Trojan Behavior with Subseven, Beasst

·            Avoiding Detection with EliteWrap, Stealthtools

·            Malware detection with HijackThis, fport

·            Protocol Analysis with Ethereal

·            Sniffing passwords via ARP cache poisoning

·            DNS poisoning, SSL sniffing, Remote Desktop sniffing with Cain and Abel

·            Promiscuous mode detection with proDetect, Cain and Abel

·            Session Hijacking with Hunt

·            DoS Demonstration via Smurf Attack, SYN Flood

·            Detecting Spoofed/Phishing Email

·            Windows RPC DCOM overflow

·            Fuzzying with Peach

·            Hiding files with NTFS ADS

·            Steganography with Jpeg_Hide-n_Seek

·            Windows XP Rootkit and detection with RK Detector

·            Manipulating audit logs with Winzapper, CleanIISLog

·            IIS buffer overflow/directory traversal with IIS5Koei, IISxploit

·            ICMP and HTTP Tunneling

·            Metasploit, Exploit Tree frameworks


 

Home
Solaris Programming Microsoft Desktop Linux Cisco Security
About SYSTEMS Computer Training
Contact Us


© 2003-2004  SYSTEMS Computer Training, A Testmasters Company

Solaris and Java are registered trademarks of Sun Microsystems.