Linux Network Security

(443) 692-6600 | info@umbctrainingcenters.com

ABOUT US Locations Management Mission Partnerships PROGRAMS Agile Biotechnology Certified Financial Planner Cybersecurity Engineering Human Resources Information Technology Leadership Development Online Programs Project Management Sonography Systems Engineering Test Preparation CLASS SCHEDULE GROUP TRAINING Customers Discounts Locations Programs Mobile Lab REGISTRATION How to Register Discounts Financial Assistance CONTACT INFO Locations Employment Opportunities Facebook Twitter EVENTS

Course Description | Outline | Linux Training | IT Training

1. Ethernet and IP Operation

1. OSI Network Model
2. Application Layers
3. Network Services Layers
4. Moving Data Through The Stack
5. Data Link Layer Format
6. Ethernet Operation
7. Hub and Switch Operation
8. Ethernet Security Issues
9. Detecting Promiscuous NICs
10. Network Packet Capture
11. tcpdump
12. Ethereal
13. IPv4
14. IP Addressing
15. Differentiated Services
16. IP Fragmentation
17. Path MTU Discovery
18. ARP
19. ICMP
20. ICMP Redirects
21. Important ICMP Messages
22. ICMP Security Issues
23. Protecting Against ICMP Abuse

Lab Tasks
1. Basic Traffic Generation, Capture, and Analysis
2. Capturing and analyzing ARP traffic
3. Capturing and analyzing ICMP echo, unreachable, and redirect messages
4. Exploring traffic capture utilities

2. IP And ARP Vulnerability Analysis

1. IP Security Issues
2. IP Routing
3. Routing Protocol Security
4. Protecting Against IP Abuse
5. ARP Security Issues
6. Cache Poisoning with ARP Replies
7. Cache Poisoning with ARP Requests
8. ARP Cache Poisoning Defense

Lab Tasks
1. Advanced Traffic Generation, and Capture
2. Learning to forge headers
3. Using ARP cache 'poisoning'
4. Discovering promiscuous mode

3. UDP/TCP Protocol and TELNET Vulnerability Analysis

1. User Datagram Protocol
2. UDP Segment Format
3. Transmission Control Protocol
4. TCP Segment Format
5. TCP Port Numbers
6. TCP Sequence / Acknowledgment #'s
7. TCP Three-way Handshake
8. TCP Window Size
9. The TCP State Machine
10. The TCP State Transitions
11. TCP Connection Termination
12. TCP SYN Attack
13. TCP Sequence Guessing
14. TCP Connection Hijacking
15. Telnet
16. Telnet Concepts - Options, Commands,
17. Security Concerns

Lab Tasks
1. Attacks on TCP
2. Using forged packets to slow and kill TCP sessions
3. Monitoring and hijacking a telnet session

4. FTP And HTTP Vulnerability Analysis

1. FTP Modes
2. Transfer Methods
3. Security Concerns
4. The Bounce Attack
5. Minimizing Risk
6. FTP - Port Stealing
7. Brute-force Attacks
8. Access Restriction
9. HTTPv1.1
10. HTTP Protocol Parameters
11. HTTP Message
12. HTTP Request/Method Definitions
13. Response/Status Codes
14. Proxies
15. Authentication
16. Security Concerns
17. Personal Information
18. Attacks On File and Path Names
19. Header Spoofing
20. Auth Credentials and Idle Clients
21. Proxy Servers

Lab Tasks
1. Attacks on FTP and HTTP
2. Using dsniff
3. Using urlsnarf and webspy

5. DNS Protocol Vulnerability

1. Analysis
2. DNS
3. DNS Basic Concepts and Terms
4. DNS Resolution
5. DNS Zone Transfers
6. DNS Spoofing
7. DNS Cache Poisoning
8. DNS Security Improvements

Lab Tasks
1. Attacks on DNS
2. Using dnsspoof
3. Using forged DNS responses

6. SSH and HTTPS Protocol Vulnerability Analysis

1. SSH Concepts
2. Initial Connection
3. Protocols
4. SSH1
5. SSH2
6. Encryption Vulnerabilities
7. SSH Vulnerabilities
8. SSH1 Insertion Attack
9. SSH Brute Force Attack
10. SSH1 CRC Compensation Attack
11. Bleichenbacher Oracle
12. SSH1 Session Key Recovery
13. Client Authentication Forwarding
14. Host Authentication Bypass
15. X Session Forwarding
16. HTTPS Protocol Analysis
17. SSL Enabled Protocols
18. SSL protocol
19. SSL Layers
20. The SSL Handshake
21. SSL Vulnerabilities
22. Intercepted Change Cipher Spec
23. Intercepted Key Exchange
24. Version Rollback Attack

Lab Tasks
1. HTTPS and SSH
2. Performing a man-in-the-middle attack
3. Performing a timing and packet length attack

7. Remote Operating System

1. Detection
2. OS Detection
3. Banners
4. Commands
5. Less-direct Approaches
6. TCP/IP Stack Fingerprinting
7. Remote Fingerprinting Apps
8. nmap

Lab Tasks
1. Using the Nmap utility network sweep scans
2. Using Nmap for scans on a host
3. Using Nmap for TCP/IP fingerprinting

8. Attacks and Basic Attack Detection

1. Sources of Attack
2. Denial-of-Service Attacks
3. Methods of Intrusion
4. Exploit Software Bugs
5. Exploit System Configuration
6. Exploit Design Flaws
7. Password cracking
8. Typical Intrusion Scenario
9. Intrusion Detection
10. IDS Considerations
11. Attack Detection Tools
12. Klaxon
13. PortSentry
14. PortSentry Design
15. Snort

Lab Tasks
1. Basic Scan Detection
2. Examining standard system logs and statistics
3. Configuring PortSentry for logging port scans from nmap
4. Configuring PortSentry for active response to port scans

9. Intrusion Detection Technologies

1. Intrusion Detection Systems
2. Host Based IDS
3. Network Based IDS
4. Network Node IDS
5. File Integrity Checkers
6. Hybrid IDS
7. Honeypots
8. Focused Monitors
9. Snort Architecture
10. Snort Detection Rules
11. Snort Logs and Alerts
12. Snort Rules

Lab Tasks
1. Exploring Snort
2. Installing snort
3. Testing Snort for Nmap scans
4. Examining network traffic in decoded text format
5. Capturing all network packets
6. Using ethereal
7. Logging to SYSLOG

10. Advanced Snort Configuration

1. Advanced Snort Features
2. Snort Add-ons
3. ACID Web Console
4. The ACID Interface
5. SnortCenter Management

Lab Tasks
1. Snort Tools
2. Setting up a new database for snort
3. Configuring snort with database
4. Configuring ACID analysis tool
5. Configuring SnortCenter
6. Configuring the Linux SnortCenter Sensor Agent

11. Snort Rules

1. Snort Rules Format
2. Snort Rules Options
3. Writing Snort Rules
4. Example Rules

Lab Tasks
1. Custom Snort Rules
2. Capturing packets from exploit
3. Writing a custom rules for snort
4. Verifying exploit detection

12. Linux and Static Routing

1. Linux As a Router
2. Linux Router Minimum Requirements
3. Router Focused Distributions
4. Router Specific Settings

Lab Tasks
1. Static Routing
2. Configuring a host router
3. Configuring anti-spoofing protection

13. Linux Firewalls

1. Types of Firewalls
2. Application Firewalls:TCP Wrappers
3. Application Firewalls: Squid
4. Packet Filter: ipchains
5. Stateful Packet Filter: iptables
6. Firewall Topology
7. Recommended Firewall Rules
8. Firewall Limitations
9. iptables Concepts
10. Using iptables
11. Advanced iptables Actions
12. iptables: A More Secure Approach

Lab Tasks
1. Iptables
2. Filtering traffic
3. Logging traffic

14. Network and Port Address

1. Translation
2. Address Translation
3. Configuring NAT and PAT
4. NAT Limitations
5. Security Using NAT and PAT
6. Detecting NAT

Lab Tasks
1. NAT
2. Performing SNAT
3. Configuring DNAT
4. Configure a 1 to 1 IP mapping

15. IP Policy Routing

1. Advanced Routing
2. Replacing ifconfig with ip
3. Replacing route and arp
4. Policy Routing
5. Linux Policy Routing
6. Linux Policy Routing Rules

Lab Tasks
1. Marking packets based on protocol
2. Routing telnet and ssh packets
3. Routing using tcpdump