> Understanding & Preventing Network and System Security Attacks

Understanding & Preventing Network and System Security Attacks

Hackers prepare for a serious attack the way Generals prepare for war. They spend months collecting intelligence about their target and use this knowledge to launch an attack. Their ultimate goal varies: inserting malicious code to damage systems, taking assets offline, or staging a return for the ongoing theft of intellectual property.

This course provides in-depth demonstrations and real-world examples of how hackers infiltrate systems and what can be done to stop them. It delivers a step-by-step approach showing the penetration techniques used by intruders to compromise your system. This knowledge will be reinforced with up to 17 live demonstrations of hacker attacks. Common security pitfalls and shortcomings are highlighted, including the advantage they provide to hackers. By understanding the methods used by hackers and familiarizing yourself with the tools of this trade, this course provides you with the knowledge required to develop your own self-defence plan against network attacks.

This course has SOLD OUT numerous times in Ottawa with 100% of attendees ranking it good to excellent!

Course Objective

This one-day course will focus on the hacker's mode of operation:

The tools commonly used by the hacker underground.
The methodologies used to penetrate and compromise an asset.
Common pitfalls and assumptions that organizations should avoid.
Countermeasures and best practices to provide layered defense.

Topics will include: attack stages by type, understanding scanning (both common and leading edge techniques), enumeration, perimeter attacks, IP infrastructure vulnerabilities and exploits, setting the stage for return visits, the types and techniques of man-in-the-middle attacks, traffic redirection attacks, anti-forensics techniques, and more. Counter-measures will be prescribed throughout the course.

Benefits

I.T. professionals will learn how to identify real hacker threats to their information assets and understand the most appropriate counter-measures. Business executives will gain knowledge on where to focus their security spending to effectively prevent hacker intrusions.

Continuing education credits can be applied to CISSP and CISA holders.

Who Should Attend

This course is intended for business and technology managers, security professionals, systems engineers and architects, web administrators, network administrators and developers. It will educate professionals who need to learn about the best practices and techniques needed to counter the attacks hackers employ.

Course Outline

General Security Principles

Introducing Security
2001 Report Card
Is Security Important?
What are the Threats?
Incidents Reported to CERT/YR
Vulnerabilities Per Year
Most Common Incidents
Attack Trends
Attacker Motives and Objectives

Footprinting, Scanning & Enumeration Techniques

Footprinting - Objectives
Footprinting - Tools
Footprinting - nslookup
Footprinting - Google
Google: Unexpected Search Rewards
Scanning: Scoping the Target
IP Fields: Time Enough? (TTL)
How Traceroute Works
Identifying Live Targets
System Scans
Host and Port Scanning TCP Header FLAGS
TCP 3-Way Handshake
ACK Sweeps
Stealth Scan
Provocative Scans
Redirection and Obfuscation
Idle Scans
Idle Scanning - Phase I
Idle Scanning - Phase II Case of Open Port
Idle Scanning - Phase II Case of Closed Port
Idle Scan - Conclusion
Digital Fingerprints: Identifying an OS
Vulnerability Scanning
Service and Application Profiling
Profiling IIS - A case-study in Service Profiling
IIS Profiling - Execute Permission
IIS Profiling - Write Permission
IIS Profiling - Authentication
IIS Profiling - Extension Mappings Web Printers
IIS Profiling - Extension Mappings Index Server
IIS Profiling - Your Private IP Please?
Service Profiling - IIS Logs Revisited
Countering Scans and Enumeration

Trojans & Backdoors

Control Consolidation
Trojans and Backdoors
Trojans - Features
Trojan Communications
Bring on the horse: Deploying Trojans
Trojans on Windows
Trojans on UNIX
RootKits - Stealthy Trojans
RootKit Features
NT RootKit
Countering Trojans

Attacking the Perimeter

Attacking the Perimeter - Objectives
Firewall Architectures
A Classical Firewall Architecture
Common Firewall Oversights
Firewall Vulnerabilities
Fingerprinting a Firewall: Techniques
Firewall Fingerprinting Using NMAP
Firewall ACLs: Profiling
Firewall Rules (ACLs) Identification - Rules of Thumb
A Snapshot of hping-based firewall profiling
Tunneling Attacks: Creeping Through the Holes
Elusive Attacks
Intrusion Detection Systems (IDS) Characteristics
IDS Signatures - An Example
IDS Evasion: Defeating the Signature
Evading IDS Using IP Fragmentation
Countering Attacks at the Perimeter

Conclusion

Entertaining a False Assumption?
Lessons Learned
Defense in Depth

The Attack Lifecycle

Attack Phases
What are the Methods?
Footprinting: Objectives
Footprinting: Tools
Scanning: Objectives
Scanning: Tools
Identifying Vulnerabilities: Objectives
Identifying Vulnerabilities: Tools
Penetration: Endgame?
Privilege Escalation
Evidence Elimination
Control Consolidation: Staging the Return

Authentication Exploits & Privilege Escalation

The Lifecycle of Authentication and Privilege Escalation
Risks of Exposure in Gaining Credentials
Gaining Credentials
Attempting Default Accounts
Social Engineering
Password Cracking
Some Common Authentication Methods
Windows Authentication
LAN Manager (LM) Challenge/Response
Lan Manager Vulnerabilities
NTLM V1
NTLM V.2
Kerberos
Exploiting NT Authentication
Dumping Windows Passwords
UNIX Authentications
Physical Access Methods
Sniffing Passwords
Other methods to gain passwords
Elevating Privileges
Countering Authentication and Privilege Escalation Exploits

Denial of Service (DoS) Attacks

Denial-of-Service Overview
DoS by Service Failure
DoS - Resource Exhaustion
Anatomy of a DoS: Smurf Attacks
A Classic DoS Exploit: "Land Attack"
Anatomy: SYN Flood DoS
Detecting the Flood
Distributed Denial of Service Explained
DDoS Architecture
DDoS Phase 1: Handler Network
DDoS Phase 2: Agent Network
Countering Denial of Service Attacks

Attacks on Integrity & Confidentiality

Module Objectives
Venues of Attack
Wire-Tapping
Man-in-the-Middle (MITM)
Buffer Overflow
Buffer Overflow - Vulnerabilities
Exploiting Buffer Overflows
Attacking User Workstations
Countering Attacks on Confidentiality and Integrity

Attacking TCP/IP

Module Objectives
How Vulnerable is TCP/IP
IP Routed Protocol Vulnerabilities
Customizing Attack Packets
Address Resolution Protocol Vulnerabilities
Traffic Redirection Using ARP Exploits
Switched Networks ARP Poisoning and the Man-in-the-Middle
ARP Poisoning and the Man-in-the-Middle in Switched Network
Session Hijacking - Hunt
Routing Protocol Vulnerabilities
Domain Name System (DNS) - Overview
DNS Vulnerabilities
Countering TCP/IP Vulnerabilities

Back to main training page

About Instructors

Cygnos IT Security employs seasoned consultants. Our educators are recognized as industry experts in their fields and provide students with the benefits of their field experience when instructing. Click here for details on our course instructors