Contact Us Privacy Policy
SC_07: Exploiting and Defending Networks
Length of Class 4 days
Audience

Security Administrators, Security Auditors, Security Consultants, Helpdesk and Support Personnel
Objective

This class aims to teach students how to attack an organization's network, including the basic concepts of attack & penetration and the use of exploitation tools.
Summary

The course covers basic concepts of networking and security principles, building on that knowledge to gain unauthorized access to networks and operating systems. The course is tailored to provide participants detailed security techniques and knowledge as applied to UNIX, Windows, and Network security.
Description

In the information age, an organization's network has become its lifeblood - carrying critical data with major requirements on data confidentiality, integrity, and availability. Protecting that network is crucial to the continued operations of the business. This class is aimed to better equip students on how to protect that network by teaching them the tools, techniques and mindset of and attacker.

The course begins with a basic refresher on networking, Windows, and UNIX. This knowledge is referenced heavily throughout the course, including the next section on the basics of Attack & Penetration. Here instructors present a variety of tools used to attack and penetrate into a network, from foot-printing, to buffer overflow, to breaking passwords. Students also learn how to sniff data on the network and how break network protocols, including firewalls and wireless.

Most sophisticated attackers are careful to clean up their tracks by modifying audit trails. The class presents techniques on how to do this in both Windows and UNIX.

From here, students learn how to install root kits and backdoors so that they can continue to exploit the network on over an extended period of time.

Finally, due to the changing nature of the threat landscape, students are introduced to web application attacks and how they can be performed. This section focuses on how to attack identify and attack web servers.
Requisite Knowledge Basic Networking Required; Basic Windows, Unix, or Linux helpful
Curriculum Part 1: Understanding TCP/IP, Windows, and Unix
  • Overview of TCP/IP
  • Overview of Windows
  • Overview of UNIX
Part 2: Introduction to Attack & Penetration
  • A&P methodology
  • Foot-printing
  • Scanning
  • Enumeration
  • Source sifting web portals
  • Brute forcing authentication
  • Mis-configurations
  • Buffer overflow
  • Obtaining and cracking password files
Part 3: Exploiting Network & Wireless Vulnerabilities
  • Sniffing (Promiscuous mode)
  • Hijacking TCP connections
  • Firewalls
  • 802.11b/g
Part 4: Auditing
  • Windows cleanup
  • UNIX cleanup
Part 5: Installing Backdoors and Rootkits
  • Port redirection techniques
  • Windows backdoors and rootkits
  • Back-door on Unix
  • Linux rootkits
  • Covert channels
Part 6: Attacking the Web
  • Understanding web applications
  • Mapping web servers
  • Attacking web server
  • Overview of attacking web applications
Copyright © 2007-2008 Security Compass. All Rights Reserved.