CURRICULUM VITAE. Gianluca Papaleo MS Degree in Computer Science: 110/110 with distinction

Size: px
Start display at page:

Download "CURRICULUM VITAE. Gianluca Papaleo. 2005 MS Degree in Computer Science: 110/110 with distinction"

Transcription

1 CURRICULUM VITAE Gianluca Papaleo Date of Birth: 09/11/1980 Place of Birth: Sarno, Italy Nationality: Italian Address: Via Conservatori del Mare 13, Genova, Italy Phone: Education 2005 MS Degree in Computer Science: 110/110 with distinction Full-Time Positions 2013 Present: Technical Director and President at Cleis Security S.r.l Present: Research Fellow at National Research Council of Italy : Network & Security Engineer at Cleis Security S.r.l. Languages Italian: mothertongue English: Professional working proficiency IT Programs Developed LMA (Log Mail Analyzer): log analyzer of Sendmail and Postfix Mail Servers. (http://lma.sourceforge.net) WormPoacher: software able to detect worms spreading through s analyzing log mail SMTPsniffer: real-tima traffic analyzer with db archive

2 NETVAN (New Easy Tool for Virtual Access Networking): tool that allow access and secure control of remote computers useful for help-desk and network management SLOWDROID: Proof of Concept about Application Level DOS attacks. Mobile application available on Google Play Store. (https://play.google.com/store/apps/details?id=it.cnr.ieiit.slowdroid ) IT Skills Good knowledge of Windows and Unix family Operating Systems Basic knowlege of different program languages: C, Java, php, perl, bash script, python, javascript, html Strong experience in management and configuration of different Network Services: Apache2, OpenLDAP, OpenSSH, ProFtpd, Postfix, Squid, OpenCA, Snort, Freeradius, Ntop, OSSEC-HIDS, Courier, Dovecot, Zimbra, OCS, Bind, Iptables, Sendmail, IIS, Active Directory, IAS, NPS Strong experience in management and configuration of the following firewalls: Sonicwall, CheckPoint, Fortinet, Juniper, Cisco Strong experience in managament and configuration of the following switches: HP, Allied Telesys, 3COM, CISCO Good knowledge of IBM BladeCenter and Vmware ESX Great knowledge of Vulnerability Assessment and Penetration Testing tool: Nmap, OpenVas, Nexpose, Metasploit, Dnswalk, Netcat, Aircrack-ng, Hping, Nikto, Dsniff, John the Ripper, Wireshark, Ettercap, Sqlmap and other many tools available on Kali Linux Distribution Great knowledge of TCP/IP stack and security protocols in data-link, network, trasport and application layers Great knowledge on Wireless Security: attack and defense methods on different WIFI protocols (WEP, WPA, WPA2, Capitve Portals) Great knowledge on tunneling and firewall bypassing methods and related tools: Dns2tcp, Ozymandns, Ptunnel, Iodine, Nstx, Corkscrew, Stunnel, HttpTunnel, ProxyTunnel Good knowledge of Application Dos attacks and UDP amplification attacks IT Consultant Activities for Customers Network Design Network Assessment Vulnerability Assessment Penetration Testing

3 Security Plan Development Vulnerability Remediation Plan Nework and Security Training Course Security Appliances Management, Deployment and Configuration Software Development for Police Forces (e.g. Trojan Horse, Viruses) Security Analysis of Web Applications Security Mentoring for Software Development Teams Courses attended Sonicwall CSSA2: SonicOS Enhanced Security Checkpoint Security Administration NGX I ICT Infrastrutture and System Administrator Sonicwall One Day Training IPv6: theoretical and practical course for network administrators Security Course: FORENSIC ANALYSIS of WINDOWS SISTEMIS GRID Cluster Laboratory Mobile Forensiscs Certifications CISCO CCNA1 Certified Sonicwall Security Administrator (2007, renewed in 2011 and 2013) ZIMBRA ZCS Network Edition Advanced Administration Training Publications National Conferences: 1. Maurizio Aiello, David Avanzini, Davide Chiarella, Gianluca Papaleo. Worm Detection Using Data Mining. PRISE 2006, Primo Workshop Italiano su PRIvacy e Security. 2. Maurizio Aiello, David Avanzini, Davide Chiarella, Gianluca Papaleo. SMTP sniffing for intrusion detection purposes. PRISE 2007, Secondo Workshop Italiano su PRIvacy e Security, pp 53-58

4 3. Maurizio Aiello, Davide Chiarella, Alessio Merlo, Gianluca Papaleo. Improvements in physical intrusion detection on LAN. PRISE 2008, Terzo Workshop Italiano su PRIvacy e Security, pp International Conferences: 4. Maurizio Aiello, David Avanzini, Davide Chiarella, Gianluca Papaleo. A Tool for Complete Log Mail Analysis: LMA. TNC 2006, part of session Security on the Backbone: Detecting and Responding to Attacks. 5. Maurizio Aiello, Davide Chiarella, Gianluca Papaleo. Statistical anomaly detection on real traffic. CISIS 2008, International Workshop on Computational Intelligence in Security for Information Systems, Book Series: ADVANCES IN SOFT COMPUTING Volume: 53 pp ACS53 Springer Luca Caviglione, Maurizio Aiello, Gianluca Papaleo, A Scalable and Cost- Effective Framework for Traffic Monitoring in Virtual LANs, oral presentation at 21st International Tyrrhenian Workshop on DigitalCommunications (ITWDC): Trustworthy Internet, Luca Caviglione, Franco Davoli, Gianluca Papaleo, Roberto Marcialis, Maurizio Aiello, Security Analysis and Architectural Requirements for the Deployment of Remote Instrumentation Services, 6th Workshop on e-science and e-infrastructure, INGRID Alessio Merlo, Gianluca Papaleo, Stefano Veneziano, Maurizio Aiello A Comparative Performance Evaluation of DNS Tunneling Tools. CISIS 2011, 4 th International Conference on Computational Intelligence in Security for Information Systems, pp 84-91, LNCS 6694, Springer Livia Torterolo, Gianluca Papaleo, Silvia Scaglione, Francesco Ruffino, Maurizio Aiello 3D Cloud in Life Sciences: an innovative framework for remote 2D/3D Visualization and Collaboration, 25 th IEEE International Symposium on Computer-Based Medical Systems (CBMS 2012) 10. Enrico Cambiaso, Gianluca Papaleo, Maurizio Aiello Taxonomy of Slow DoS Attacks to Web Applications, SNDS 12, International Conference on Security in Computer Networks and Distributed Systems, pp , Volume 0335, Communications in Computer and Information Science series, Springer 2012

5 11. Maurizio Aiello, Enrico Cambiaso, Silvia Scaglione, Gianluca Papaleo A similarity based approach for application DoS attacks detection, 2013 IEEE Symposium on Computers and Communications, ISCC, Split, Croatia, 7-10 July, 2013, pp , ISCC proceedings, IEEE Maurizio Aiello, Maurizio Mongelli, Gianluca Papaleo Basic classifiers for DNS tunneling detection, 2013 IEEE Symposium on Computers and Communications, ISCC, Split, Croatia, 7-10 July, 2013, pp , ISCC proceedings, IEEE Maurizio Aiello, Gianluca Papaleo, Enrico Cambiaso SlowReq: A Weapon for Cyberwarfare Operations. Characteristics, Limits, Performance, Remediations, International Joint Conference SOCO'13-CISIS'13-ICEUTE'13- Salamanca, Spain, September 11th-13th, 2013, pp , Volume 239, Advances in Intelligent System and Computing, Springer 2014 Journal: 14. Maurizio Aiello, Davide Chiarella, Gianluca Papaleo. Statistical anomaly detection on real traffic. JIAS, Journal of Information Assurance and Security 2009 Vol 4 Issue 6, pag Maurizio Aiello, Alessio Merlo, Gianluca Papaleo. Performance assessment and analysis of DNS tunneling tools. Logic Journal of IGPL 2013, Vol 21, Number 4, pag Enrico Cambiaso, Gianluca Papaleo, Giovanni Chiola, Maurizio Aiello. Slow DoS attacks: definition and categorisation, International journal of security, privacy and trust management 2013, Vol. 1, Number 3-4, pag Book Chapters: 17. Gianluca Papaleo, Davide Chiarella, Maurizio Aiello, Luca Caviglione, Analysis, Development and Deployment of Statistical Anomaly Detection Techniques for real Traffic, Book Chapter in T.-S. Chou, Ed., Information Assurance and Security Technologies for Risk Assessment and Threat Management: Advances, IGI Global, 2011

6 Technical Reports 1. Alessio Merlo, Gianluca Papaleo, Maurizio Aiello, Claudio Martini, A taxonomy of WLAN attacks and coutermeasures, Rapporto Tecnico n. 1/2010 IEIIT-GE 2. Maurizio Aiello, Dario Miccoli, Luca Papi, Gianluca Papaleo, Captive Portal with Radius Authentication for Wireless Users, Rapporto Tecnico n. 1/2011 IEIIT-GE 3. Maurizio Aiello, Gianluca Papaleo, Zimbra Collaboration Suite: problematiche d integrazione e metodologie di utilizzo come strumento di produttività, Rapporto Tecnico n. 2/2011 IEIIT-GE 4. Maurizio Aiello, Paolo Sala, Gianluca Papaleo, Confronto di due Mail- Gateway Appliance: ESVA 2.0 e Sophos ES4000, Rapporto Tecnico n. 3/2011 IEIIT-GE 5. Maurizio Aiello, Stefano Balocco, Gianluca Papaleo, Tunneling HTTP, Rapporto Tecnico n. 4/2011 IEIIT-GE 6. Maurizio Aiello, Gianluca Papaleo, Wireless Intrusion Detection Systems: a preliminary study, Rapporto Tecnico n.5/2011 IEIIT-GE 7. Giacinto Marcellino, Gianluca Papaleo, Maurizio Aiello, Penetration Test: Analisi, Metodologie, Applicazioni, Rapporto Tecnico n. 1/2012 IEIIT-GE 8. Enrico Cambiaso, Maurizio Aiello, Silvia Scaglione, Gianluca Papaleo, Analisi delle problematiche di sicurezza in ambiente Cloud, Rapporto Tenico n. 2/2012 IEIIT-GE 9. Enrico Cambiaso, Gianluca Papaleo, Maurizio Aiello, Introducing the SlowNext Attack (Exploiting the Network Connection Structure), Rapporto Tecnico n 1/2013 IEIIT-GE 10. Maurizio Aiello, Paolo Farina, Gianluca Papaleo, Attacchi a Intfrastrutture di Rete Enterprise: Dinamica e Difese, Rapporto Tecnico n 2/2013 IEIIT-GE 11. Paolo Farina, Enrico Cambiaso, Gianluca Papaleo, Maurizio Aiello, DDoS Botnets: Operations and Toolkits, Rapporto Tecnico n 1/2014 IEIIT-GE Academic Activities Collaboration for BS Thesis "Virtualized trusted tools of remote network access " of Computer Science Course,

7 Assistant Teacher for Second Level Master Tecnologie Avanzate per Sistemi Intelligenti Integrati - Collaboration for BS Thesis " Studio ed implementazione di un IDS per la detection di intrusioni fisiche in LAN" of Computer Science Course, Assistant Teacher for Class IT Security of Computer Science Course, Collaboration for BS Thesis "Confronto funzionale e prestazionale tra due soluzioni di Mail-Gateway, una commerciale ed una open-source" of Computer Science Course, Assistant Teacher for Class IT Security of Computer Science Course, Supervisor for BS Thesis Autenticazione RADIUS per client wireless of Computer Science Course, - Collaboration for Tipologie di attacchi a reti wireless protette of Computer Science Course, - Collaboration for MS Thesis "Analisi di proposta riorganizzazione/ottimizzazione dell Infrastruttura ICT del Comando Provinciale dei VV.F. di Genova" of Computer Science Course, - Supervisor for BS Thesis Un confronto tra protocolli Voip e aspetti di sicurezza of Computer Science Course, - Supervisor for BS Thesis DNS Tunneling: Analisi prestazionale e confronto tra diversi tools of Computer Science Course, University of Genoa - Assistant Teacher for Class IT Security of Computer Science Course, - Assistant Teacher for Second Level Master ICT & S. ICT e Sicurezza, per l innovazione dei contesti produttivi e lo sviluppo di nuovi mercati,

8 Supervisor for BS Thesis Network Address Translation tassonomia moderna, sicurezza e metodi di attraversamento of Computer Science Course, - Assistant Teacher for Class IT Security of Computer Science Course, Supervisor for BS Thesis Penetration Test: Analisi, Metodologie, Applicazioni of Computer Science Course, - Supervisor for MS Thesis Analysis of Slow DoS Attacks of Computer Science Course, - Assistant Teacher for Class Security 1 of Computer Engineering Course, - Assistant Teacher for Class IT Security of Computer Science Course, Assistant Teacher for Class Computer Security of Computer Engineering Course, - Assistant Teacher for Class Network Security of Computer Science Course, - Assistant Teacher for Class Introductory IT and Network Forensic Investigations" at University College of Dublin for the project Redevelopment of the ECTEG Introductory IT Forensics & Network Investigations Course. Member of the Technical Program Committee 2014 International Workshop on Mobile Applications International Journal of Computing and Digital Systems Second International Conference on Security in Computer Networks and Distributed Systems (SNDS-2014)

9 2014 International Workshop on the Design and Performance of Networks on Chip (DPNoC 2014) Research Projects EU Projects: o Coordination and support Action FP7 program Grant agreement SiS-CT-2007, 4Seas: Synergies between science and society for a shared approach to european seas o ISEC Programme European Commission Directorate-General Justice, Freedom and Security. Cybercrime Training National Projects: o Regional Program of Innovative Actions European Fund, , Statistical methods applied to electronic mail messages for enhancing enterprise security o Technological ICT District of Liguria (SIIT), Sistema INTEgrato per la Sicurezza ad Intelligenza distribuita (Sintesis) o Regional Program Action 1.2.2, Plant Design As a Service (PDAaS) based on Cloud technology " o Regional Program High Technology integrated projects C-MES: Manufacturing Execution Systems (MES) based on Cloud technology o Regional Program POR - FESR, Action On Cloud security Analysis for Naval sector (OCEAN) o Regional Program POR - FESR Action I.1.3 Innovation and SME Vulnerability and Risk Assessment (VaRA) o MIE Urban Intelligence Mobility Connectivity

INFORMATION SECURITY TRAINING CATALOG (2015)

INFORMATION SECURITY TRAINING CATALOG (2015) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE Game changing Technology für Ihre Kunden Thomas Bürgis System Engineering Manager CEE Threats have evolved traditional firewalls & IPS have not Protection centered around ports & protocols Expensive to

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

June 2014 WMLUG Meeting Kali Linux

June 2014 WMLUG Meeting Kali Linux June 2014 WMLUG Meeting Kali Linux "the quieter you become, the more you are able to hear" Patrick TenHoopen Kali Linux Kali Linux is a free and open source penetration testing Linux distribution designed

More information

Mauro Andreolini University of Modena andreolini@unimore.it. Michele Colajanni. colajanni@unimore.it. bulgarelli.alessandro@ unimore.

Mauro Andreolini University of Modena andreolini@unimore.it. Michele Colajanni. colajanni@unimore.it. bulgarelli.alessandro@ unimore. HoneySpam: Honeypots fighting SPAM at the source Mauro Andreolini University of Modena andreolini@unimore.it Alessandro Bulgarelli University of Modena bulgarelli.alessandro@ unimore.it Michele Colajanni

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

kerry@crypt.gen.nz http://www.crypt.gen.nz Technology Consultant Security Specialist High Profile Organisations Overview and Core Competencies

kerry@crypt.gen.nz http://www.crypt.gen.nz Technology Consultant Security Specialist High Profile Organisations Overview and Core Competencies KERRY THOMPSON kerry@crypt.gen.nz http://www.crypt.gen.nz PROFESSIONAL PROFILE Technology Consultant Security Specialist High Profile Organisations Overview and Core Competencies Highly experienced CISSP

More information

Build Your Own Security Lab

Build Your Own Security Lab Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc. Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers

More information

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

A Comparative Performance Evaluation of DNS Tunneling Tools

A Comparative Performance Evaluation of DNS Tunneling Tools A Comparative Performance Evaluation of DNS Tunneling Tools Alessio Merlo 1,2, Gianluca Papaleo 2, Stefano Veneziano 2, and Maurizio Aiello 2 1 Dipartimento di Informatica, Sistemistica e Telematica (DIST),

More information

2016 TÜBİTAK BİLGEM Cyber Security Institute

2016 TÜBİTAK BİLGEM Cyber Security Institute 2016 Revision 5.0 2016 TÜBİTAK BİLGEM Cyber Security Institute 1 ... 3 1. Information Security Awareness for End Users... 4 2. Information Security Awareness for Managers... 5 3. Social Engineering: Attack

More information

INFORMATION SECURITY TRAINING CATALOG (2016)

INFORMATION SECURITY TRAINING CATALOG (2016) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2016) Revision 4.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

Information Assurance and Security Technologies for Risk Assessment and Threat Management:

Information Assurance and Security Technologies for Risk Assessment and Threat Management: Information Assurance and Security Technologies for Risk Assessment and Threat Management: Advances Te-Shun Chou East Carolina University, USA Information Science REFERENCE Detailed Table of Contents Foreword

More information

Open Source Security Tool Overview

Open Source Security Tool Overview Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Firewalls. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Firewalls. Characteristics.

Firewalls. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Firewalls. Characteristics. ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l08, Steve/Courses/2013/s2/its335/lectures/firewalls.tex,

More information

Firewalls. Contents. ITS335: IT Security. Firewall Characteristics. Types of Firewalls. Firewall Locations. Summary

Firewalls. Contents. ITS335: IT Security. Firewall Characteristics. Types of Firewalls. Firewall Locations. Summary 2 : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October 2013 its335y13s2l08, Steve/Courses/2013/s2/its335/lectures/firewalls.tex, r2958

More information

DoS: Attack and Defense

DoS: Attack and Defense DoS: Attack and Defense Vincent Tai Sayantan Sengupta COEN 233 Term Project Prof. M. Wang 1 Table of Contents 1. Introduction 4 1.1. Objective 1.2. Problem 1.3. Relation to the class 1.4. Other approaches

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

Introduction Open Source Security Tools for Information Technology Professionals

Introduction Open Source Security Tools for Information Technology Professionals Introduction Open Source Security Tools for Information Technology Professionals School of Professional Studies (SPS) The City University of New York (CUNY) Aron Trauring Adjunct Professor CEO, Zoteca

More information

Cisco Certified Security Professional (CCSP)

Cisco Certified Security Professional (CCSP) 529 Hahn Ave. Suite 101 Glendale CA 91203-1052 Tel 818.550.0770 Fax 818.550.8293 www.brandcollege.edu Cisco Certified Security Professional (CCSP) Program Summary This instructor- led program with a combination

More information

by Penetration Testing

by Penetration Testing BackTrack 4: Assuring Security by Penetration Testing Master the art of penetration testing with BackTrack Shakeel Ali Tedi Heriyanto rpafktl Pen I I llv. I\ 1 J community expe PUBLISHING- - BIRMINGHAM

More information

Cisco Network Specialist CCNA

Cisco Network Specialist CCNA Web Development I CIST 1510 3 Scripting Technologies CIST 1520 3 Web Graphics I CIST 1530 3 Information Security Fundamentals CIST 1601 3 PHP Programming I CIST 2351 4 Web Technologies CIST 2510 3 Web

More information

Network Security Demonstration - Snort based IDS Integration -

Network Security Demonstration - Snort based IDS Integration - Network Security Demonstration - Snort based IDS Integration - Hyuk Lim (hlim@gist.ac.kr) with TJ Ha, CW Jeong, J Narantuya, JW Kim Wireless Communications and Networking Lab School of Information and

More information

ANTI-HACKER TOOL KIT. ourth Edition

ANTI-HACKER TOOL KIT. ourth Edition ANTI-HACKER TOOL KIT i ' Mm. i m Fm ourth Edition m CONTENTS Acknowledgments Introduction xvii xix The Best of the Basics 1 Managing Source Code and Working with Programming Languages 3 SCM Concepts 4

More information

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts)

Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Duration: 80Hrs. Course Fee: INR 7000 + 1999 (Certification Lab Exam Cost 2 Attempts) Course Module: 1. Introduction to Ethical Hacking 2. Footprinting a. SAM Spade b. Nslookup c. Nmap d. Traceroute

More information

PART D NETWORK SERVICES

PART D NETWORK SERVICES CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC

More information

Analysis of Slow Read DoS Attack and Countermeasures

Analysis of Slow Read DoS Attack and Countermeasures Analysis of Slow Read DoS Attack and Countermeasures Junhan Park, Keisuke Iwai, Hidema Tanaka and Takakazu Kurokawa National Defense Academy of Japan 1-1-2 Hashirimizu, Yokosuka-Shi, Kanagawa-Ken, 239-8686,

More information

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000 Network Security Protective and Dependable With the growth of the Internet threats, network security becomes the fundamental concerns of family network and enterprise network. To enhance your business

More information

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Cconducted at the Cisco facility and Miercom lab. Specific areas examined Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security

More information

Curriculum Vitae. Eng. Yousri Farouk Muhammad. Senior Linux System Engineer

Curriculum Vitae. Eng. Yousri Farouk Muhammad. Senior Linux System Engineer Curriculum Vitae Eng. Yousri Farouk Muhammad Senior Linux System Engineer Name: Yousri Farouk Muhammad Mostafa. Gender: Male. Military Service: Fully Exempted. Address: 5, Nozhat El-Obour Buildings, El

More information

230617 - NS - Network Security

230617 - NS - Network Security Coordinating unit: Teaching unit: Academic year: Degree: ECTS credits: 2015 230 - ETSETB - Barcelona School of Telecommunications Engineering 744 - ENTEL - Department of Network Engineering DEGREE IN TELECOMMUNICATIONS

More information

30 Independent Study. 60 (e.g. lectures, seminars and supervised group activity)

30 Independent Study. 60 (e.g. lectures, seminars and supervised group activity) 1. Programme Title BSc Digital & Technology Solutions 2. Unit Title Data and Security 3. HE Level UG1 FHEQ Level 4 4. Unit Code DTS16104 5. Credit Value of Unit 30 6. Unit Type Mandatory 7. Unit Tutor

More information

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -

More information

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you

More information

642 552 Securing Cisco Network Devices (SND)

642 552 Securing Cisco Network Devices (SND) 642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,

More information

MANAGED SECURITY SERVICES

MANAGED SECURITY SERVICES MANAGED SECURITY SERVICES Security first Safety first! Security is becoming increasingly important for companies, especially for the extension of networking to mission-critical environments, with new intranet

More information

Detailed Description about course module wise:

Detailed Description about course module wise: Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference

More information

Federated Network Security Administration Framework

Federated Network Security Administration Framework Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 2, Issue. 3, March 2013,

More information

PCISS-1. Job Description: Key Responsibilities: I. Perform troubleshooting& support:

PCISS-1. Job Description: Key Responsibilities: I. Perform troubleshooting& support: PCISS-1 Job Description: Perform hardware and software installation, configuration, and upgrades Monitoring systems to ensure system availability to all users and performing necessary maintenance to support

More information

EC-Council Certified Security Analyst (ECSA)

EC-Council Certified Security Analyst (ECSA) EC-Council Certified Security Analyst (ECSA) v8 Eğitim Tipi ve Süresi: 5 Days VILT 5 Day VILT EC-Council Certified Security Analyst (ECSA) v8 Learn penetration testing methodologies while preparing for

More information

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary

More information

An Open Source IPS. IIT Network Security Project Project Team: Mike Smith, Sean Durkin, Kaebin Tan

An Open Source IPS. IIT Network Security Project Project Team: Mike Smith, Sean Durkin, Kaebin Tan An Open Source IPS IIT Network Security Project Project Team: Mike Smith, Sean Durkin, Kaebin Tan Introduction IPS or Intrusion Prevention System Uses a NIDS or Network Intrusion Detection System Includes

More information

DTWMS Required Software Engineers. 1. Senior Java Programmer (3 Positions) Responsibilities:

DTWMS Required Software Engineers. 1. Senior Java Programmer (3 Positions) Responsibilities: DTWMS Required Software Engineers 1. Senior Java Programmer (3 Positions) Responsibilities: Responsible to deliver quality software solutions using standard end to end software development cycle Collaborate

More information

Cybersecurity Foundations

Cybersecurity Foundations Cybersecurity Foundations Course Number: 13198 Category: Technical Applications Duration: 5 Days Overview When you consider just a few of the consequences of a security breach - your proprietary information

More information

IPv6 Security Best Practices. Eric Vyncke evyncke@cisco.com Distinguished System Engineer

IPv6 Security Best Practices. Eric Vyncke evyncke@cisco.com Distinguished System Engineer IPv6 Best Practices Eric Vyncke evyncke@cisco.com Distinguished System Engineer security 2007 Cisco Systems, Inc. All rights reserved. Cisco CPub 1 Agenda Shared Issues by IPv4 and IPv6 Specific Issues

More information

Hack Proofing Your Organization

Hack Proofing Your Organization Hack Proofing Your Organization Who am I Gary Bates Director of Information Services for the City of Harker Heights Microsoft Certified System Engineer Microsoft Certified Information Technology Professional

More information

Network System Design Lesson Objectives

Network System Design Lesson Objectives Network System Design Lesson Unit 1: INTRODUCTION TO NETWORK DESIGN Assignment Customer Needs and Goals Identify the purpose and parts of a good customer needs report. Gather information to identify network

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity SSL-VPN Combined With Network Security Introducing A popular feature of the SonicWALL Aventail SSL VPN appliances is called End Point Control (EPC). This allows the administrator to define specific criteria

More information

Network Security and Firewall 1

Network Security and Firewall 1 Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

Sicurezza Data Center 22 giugno 2015. Fabio Paravani Regional Account Manager

Sicurezza Data Center 22 giugno 2015. Fabio Paravani Regional Account Manager Sicurezza Data Center 22 giugno 2015 Fabio Paravani Regional Account Manager A world safe for exchanging digital information CEO Founded Headquarters Employees Offices 2012 Sales Eva Chen 1988, United

More information

Course Title: Penetration Testing: Security Analysis

Course Title: Penetration Testing: Security Analysis Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced

More information

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems Course Name: Linux Server Administration Course Code: PGDNA121 To understand the basic principles underlying Server Software Planning and Deploying Linux Server Manage the Servers Efficiently Fundamentals

More information

Advanced Linux System Administration Knowledge GNU/LINUX Requirements

Advanced Linux System Administration Knowledge GNU/LINUX Requirements Advanced Linux System Administration Knowledge GNU/LINUX Requirements Duration: 112Hours / 28 Classes (4hrs each class Including Theory & Lab Session) (2 Classes/ Week) Class Topic Duration Class 1 History

More information

Developing Network Security Strategies

Developing Network Security Strategies NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

APNIC IPv6 Deployment

APNIC IPv6 Deployment APNIC IPv6 Deployment Ulaanbaatar, Mongolia 19 October 2015 Issue Date: Revision: Overview Deployment motivation Network deployment IPv6 Services deployment IPv6 Anycast service IPv6 Cloud service Summary

More information

Ethical Hacking Course Layout

Ethical Hacking Course Layout Ethical Hacking Course Layout Introduction to Ethical Hacking o What is Information Security? o Problems faced by the Corporate World o Why Corporate needs Information Security? Who is a Hacker? o Type

More information

Open Source Security Tools

Open Source Security Tools Open Source Security Tools Practical Applications for Security Tony Howlett Prentice Hall Professional Technical Reference PRENTICE Upper Saddle River, NJ 07458 www.phptr.com Preface xi Audience xii Contents

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required

CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required Current Catalog Description: Computer network architectures and their application to industry needs.

More information

Web Hosting & Maintenance

Web Hosting & Maintenance The Further Education and Training Awards Council (FETAC) was set up as a statutory body on 11 June 2001 by the Minister for Education and Science. Under the Qualifications (Education & Training) Act,

More information

13 Courses Quick Guide

13 Courses Quick Guide 13 Courses Quick Guide Microsoft Network Infrastructure 2008 Microsoft Certified Solution Associate (MCSA 2012) MCSE 2012 (Private Cloud) MCSE Server infrastructure 2012 Administering & Configuring Microsoft

More information

Audience. Pre-Requisites

Audience. Pre-Requisites T R A N C H U L A S W O R K S H O P S A N D T R A I N I N G S Hands-On Penetration Testing Training Course About Tranchulas Tranchulas is a multinational information security company having its offices

More information

Connecting PTE to Careers in Idaho

Connecting PTE to Careers in Idaho 1 Connecting PTE to Careers in Idaho Wendi Secrist Director, Business Outreach July 21, 2015 www.pte.idaho.gov 2 School Portals NextSteps Career Information Where do I start? SkillStack lmi.idaho.gov College/University

More information

Europass Curriculum Vitae

Europass Curriculum Vitae Europass Curriculum Vitae Personal information Surname(s) / First name(s) Address(es) Telephone(s) Email(s) Nationality(-ies) Date of birth Gender Email Homepage Spadaccini, Mariano Enrico Chieti - Italy

More information

Alessio Rolfini. +39-329-8144222 (mobile)

Alessio Rolfini. +39-329-8144222 (mobile) Alessio Rolfini Personal Details Address : Via Misa 20, 40139 Bologna, Italy Date of Birth: 25th September 1976 Nationality: Telephone number: Italian +39-329-8144222 (mobile) Telefax number: +39-051-3371286

More information

Secure Cloud-Ready Data Centers Juniper Networks

Secure Cloud-Ready Data Centers Juniper Networks Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security

More information

Towards End-to-End Security

Towards End-to-End Security Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu

More information

CISCO IOS NETWORK SECURITY (IINS)

CISCO IOS NETWORK SECURITY (IINS) CISCO IOS NETWORK SECURITY (IINS) SEVENMENTOR TRAINING PVT.LTD [Type text] Exam Description The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.

More information

Introduction. thm@informatik.uni-rostock.de http://wwwiuk.informatik.uni-rostock.de/

Introduction. thm@informatik.uni-rostock.de http://wwwiuk.informatik.uni-rostock.de/ Introduction thm@informatik.uni-rostock.de http://wwwiuk.informatik.uni-rostock.de/ Content Introduction Identifying Risks Taxonomy of Possible Attacks Security Fundamentals and Defense Components Attack

More information

Distributed Systems Security

Distributed Systems Security Distributed Systems Security Tutorial Dennis Pfisterer Institute of Telematics, University of Lübeck http://www.itm.uni-luebeck.de/users/pfisterer Non Sequitur by Wiley Security - 08 Firewalls Assessing

More information

Network Security Foundations

Network Security Foundations Network Security Foundations Matthew Strebe O San SrBBC Francisco London Introduction xv Chapter 1 Security Principles 1 Why Computers Aren't Secure 2 The History of Computer Security 4-1945 5 1945-1955

More information

Log Mail Analyzer: Architecture and Practical Utilizations

Log Mail Analyzer: Architecture and Practical Utilizations 1 Log Mail Analyzer: Architecture and Practical Utilizations Maurizio Aiello David Avanzini Davide Chiarella Gianluca Papaleo maurizio.aiello@ieiit.cnr.it david.avanzini@ieiit.cnr.it davide.chiarella@ieiit.cnr.it

More information

Security Considerations White Paper for Cisco Smart Storage 1

Security Considerations White Paper for Cisco Smart Storage 1 Security Considerations White Paper for Cisco Smart Storage An open network is like a bank s vault with windows Bill Thomson Network-Attached Storage (NAS) is a relatively simple and inexpensive way to

More information

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,

More information

Learning Tree Training Pre-approved Training for Continuing Education Units (CEUs)

Learning Tree Training Pre-approved Training for Continuing Education Units (CEUs) Learning Tree Training Pre-approved Training for Continuing Education Units (CEUs) Note: Approved training courses in this document are subject to change without prior notification. Training submitted

More information

Lucent VPN Firewall Security in 802.11x Wireless Networks

Lucent VPN Firewall Security in 802.11x Wireless Networks Lucent VPN Firewall Security in 802.11x Wireless Networks Corporate Wireless Deployment is Increasing, But Security is a Major Concern The Lucent Security Products can Secure Your Networks This white paper

More information

Principles of Information Assurance Syllabus

Principles of Information Assurance Syllabus Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information

More information

CIT 380: Securing Computer Systems

CIT 380: Securing Computer Systems CIT 380: Securing Computer Systems Scanning CIT 380: Securing Computer Systems Slide #1 Topics 1. Port Scanning 2. Stealth Scanning 3. Version Identification 4. OS Fingerprinting 5. Vulnerability Scanning

More information

Firewalls. Pehr Söderman KTH-CSC Pehrs@kth.se

Firewalls. Pehr Söderman KTH-CSC Pehrs@kth.se Firewalls Pehr Söderman KTH-CSC Pehrs@kth.se 1 Definition A firewall is a network device that separates two parts of a network, enforcing a policy for all traversing traffic. 2 Fundamental requirements

More information

Network Monitoring and Forensics

Network Monitoring and Forensics Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IJCSMC, Vol. 2, Issue.

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

capabilities statement

capabilities statement capabilities statement GSA Schedule 70 Contract Holder: Contract #: GS-35F-0649Y Duns#: 824940121 Cage Code#: 6B5K3 SIN Codes: 132-34 Maintenance of Software 132-51 Information Technology Professional

More information

Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System

Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce 18/02/15 Networks: DNS attacks 1 Domain Name System The domain name system (DNS) is an applica>on- layer protocol

More information

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8

Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 SR140531D 19 August 2014 Miercom www.miercom.com Overview Unify Inc. (formerly Siemens Enterprise Communications)

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

Deciphering The Prominent Security Tools Ofkali Linux

Deciphering The Prominent Security Tools Ofkali Linux www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 4 Issue 1 January 2015, Page No. 9907-9911 Deciphering The Prominent Security Tools Ofkali Linux Talatam.Durga

More information

8. Firewall Design & Implementation

8. Firewall Design & Implementation DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or

More information

Measurably reducing risk through collaboration, consensus & practical security management. 2013 CIS Security Benchmarks 1

Measurably reducing risk through collaboration, consensus & practical security management. 2013 CIS Security Benchmarks 1 Measurably reducing risk through collaboration, consensus & practical security management 2013 CIS Security Benchmarks 1 Background City University of New York s Rights and Benefits as a CIS Security Benchmarks

More information

The Open Cyber Challenge Platform *

The Open Cyber Challenge Platform * The Open Cyber Challenge Platform * Jacob Fonseca, Kevin Bryan, Lisa DiPippo, Victor Fay-Wolfe * Supported By The U.S. National Science Foundation grants: Federal Cyber Service Scholarship For Service

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

Understanding Security Testing

Understanding Security Testing Understanding Security Testing Choosing between vulnerability assessments and penetration testing need not be confusing or onerous. Arian Eigen Heald, M.A., Ms.IA., CNE, CISA, CISSP I. Introduction Many

More information