Design and Configuration of a Network Security and Forensics Lab
|
|
- Jesse Abraham Fields
- 8 years ago
- Views:
Transcription
1 Design and Configuration of a Network Security and Forensics Lab Billy Harris Billy-Harris@utc.edu Joseph Kizza Joseph-Kizza@utc.edu Mike Ward Mike-Ward@utc.edu ABSTRACT This paper describes the design and implementation of the security and forensic lab at UTC. The lab supports teaching and research in computer networks, network security, and information forensics. The lab uses a faculty-administered server to record Internet attacks as they occur, five student-administered network servers, and 20 client machines. Keywords Network forensics, graduate education 1. INTRODUCTION The at the University of Tennessee at Chattanooga has been offering a course in network security. The department is also adding a computer forensics course to its catalog and received funds to set up a security and forensics lab. While the lab as been tested and is running smoothly, it presents a security challenge of its own to the department. The lab must allow students to use a variety of methods to prevent, detect, and trace network attacks yet prevent the attacks from actually compromising any of the machines. Additionally, the lab was designed to expose students to a wide variety of operating systems. With these design goals, the resulting lab has 4 Macintosh machines, 6 Windows machines, 8 Linux machines, and 5 FreeBSD machines. It also has a Wireless Access Point, and 2 Windows laptop computers. To accurately detect and record attempted attacks, the lab lives outside of the campus firewall. This means that in addition to protecting the lab machines, student actions must be closely logged to prevent hostile actions originating from the lab. These goals, along with our desire to have as many network servers as possible to support hands-on training in network administration lead to the tree topology shown in Figure 1. Specifically, our lab provides for five machines to act as servers; each with assigned address space (we use various subnets in the range x.x), and the faculty server which correctly routes among the various subnets. This structure allows up to 5 machines to run network services such as DNS or DHCP. For example, Server1 can run its own Network Address Translation (NAT) system using the /16 subnet rather than use the assigned /8 subnet. Note that currently server5 does not have any client machines and thus is not using its assigned subnet.
2 2. MASTER SERVER The master server, or faculty server, acts as the firewall and main intranet router. It provides detailed logs of both intrusion attempts (hacks) and student/lab activity. It also acts as the main intra-lab router and serves as the DNS server (it can be configured to forward internal requests to the various student servers for named subdomains). Currently, the lab is configured into distinct subnets, allowing for student-administered networks. The master server (administered by computer science faculty) provides DHCP service for the 5 student servers as well as the printer, the wireless access point, and the wireless clients. It is also configured to use IP masquerading (NAT) to further protect the lab from attacks. Students do not have accounts on this machine. If a slightly different configuration is used, the master server would not delegate anything to the student servers, and the lab would then function as a generalpurpose lab with a slightly odd network topology. A PowerEdge 2600 machine was selected to act as the lab s main server. Currently, the machine runs the Debian version of Linux, using a customized version of the Linux kernel version Out to Internet T1 Line & router Printer x Server0 (faculty administered) Firewall, DNS, DHCP, NAT, logs, router Server1 (shown running its own DNS and NAT) net x Server x net3 Server3 WAP net4 Server4 Server5 Clients 5 to 8 Clients 13 to 16 Clients 9 to 12 net2 Wireless clients Clients 1 to 4 Figure 1: Network Topology for Network Forensics Lab
3 3. STUDENT SERVERS Server1 currently runs Microsoft Windows XP. The remaining student servers run the Debian distribution of Linux using kernel version Each server has an assigned subnet range and provides DHCP service to machines in the subnet. Server5 currently has no clients, but it can be used as a web server and/or a secondary DNS server. The Wireless Access Point (WAP) allows for the designated wireless clients to use the network. They use the DHCP service provided by the faculty server (server0). To satisfy UTC s security concerns and avoid interfering with the campus wireless network, the WAP has several security-related configuration options including: Using minimum possible power Communicating only with clients possessing the proper SSID. Routing only packets from designated MAC addresses; specifically it will only respond to wireless clients assigned to this lab. The faculty closely supervise any student access to the WAP configuration options. 4. CLIENT COMPUTERS The lab includes four Windows client computers, one for each subnet. These run Windows XP. The lab also includes two notebook computers running Windows XP; these act as wireless clients. There are also four Linux client computers, one for each subnet. These run the Debian distribution of Linux, under kernel There are 5 Unix client computers; two for the net2 subnet and one for each of the other subnets. These clients run FreeBSD version The clients have less software installed on them than do the Linux or Windows computers; they are running a text-mode interface. Finally, the lab includes 3 Macintosh clients running MacOS 10.3, and will soon have an IMac which will act as a wireless client. All clients have been kept up-to-date with the latest patches needed for the corresponding operating system. 5. PASSWORD POLICY The lab poses interesting problems in forming a password policy. In order for students to administer the network services discussed, they must have administrator (root) access to the server they are using. But this introduces the possibility of plagiarizing or sabotaging other student projects. Worse, a malicious student could pose as an innocent party while wreaking havoc. And there are not enough subnets to assign one per student.
4 We decided to give all clients a common root password, which is also used for the printer configuration menu. Each server (and also the WAP) has a unique password, which allows each group to work on their subnet free of interference from others. And, as mentioned, the faculty server will have a separate root password not shared with any student. 6. INSTITUTIONAL INVOLVEMENT The Networking department of the University of Tennessee at Chattanooga (UTC) has been working with the Computer Science department in the design and implementation of the network security laboratory. As would be expected, there were a number of concerns with having a lab dedicated to information forensics and penetration testing available to students on campus. The major concern of the Networking department was to protect UTC s network. A decision was made to separate the networking security laboratory from the rest of the campus network, placing it beyond UTC s firewall and other protective measures. This effectively made UTC an Internet Service Provider (ISP) for the networking security laboratory. The Networking staff was able to provide a router and a range of real class C Internet numbers for use in the lab. Once the router was properly configured and the Internet numbers assigned, the networking security laboratory was no different than any other potentially hostile component of the Internet. Though the networking security laboratory is acting as a separate entity from UTC s network, the potential effects to other hosts on the Internet from actions performed within the laboratory can still be traced back to UTC. The responsibility of monitoring and preventing hostile actions towards other Internet hosts falls upon the students, Computer Science faculty, and Networking staff. Part of the curriculum for any class that uses the networking security laboratory will be student instruction in proper computer security ethics and the potential penalties from abusing the resources of the laboratory. One of the most important duties of the master server (described below) is to monitor network traffic flow into and out of the lab via a packet sniffer. The server maintains a log for each network transaction including a time stamp along with the source and destination hosts involved in the transaction. This system log is parsed daily using automated scripts and a summary is mailed to faculty overseers. The log is also archived at the end of each semester onto a CDROM. The logs will also include attacks directed from other hosts on the Internet into the lab. This provides an authentic data source and compelling examples to use in the network forensics class. As with any other host or subnet at UTC, the Networking staff is authorized to disconnect any host or subnet found to be abusing its network privileges. 7. CONCLUSIONS We have designed and configured a computer lab suitable for use in a networking or network forensics class. The lab has a faculty-administered machine to log network attacks (including possible
5 outgoing attacks), five student-run network servers with assigned subnets to use, a wireless access point, and numerous client computers running a variety of operating systems. The lab allows for students to gain hands-on experience configuring DNS, DHCP, and other network servers; it also captures attack packets for analysis by various forensic tools. Various configurations of the master server will selectively act as a full NAT or just a firewall; allow for studentrun subdomains or act like a general-purpose lab; log genuine attack packets as they come in while shielding possibly insecure machines from the actual attack. It will also log network activity to provide accountability for any mischievous students. 8. REFERENCES [1] Craig Hunt. TCP/IP Network Administration, 3 rd Edition. O'Reilly & Associates, Inc [2] William Cheswick, et al. Firewalls and Internet Security: Repelling the Wily Hacker, 2 nd Edition. Addison-Wesley [3] The Networking CD Bookshelf, version 2.0. O'Reilly & Associates
Chapter 4 Customizing Your Network Settings
. Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the Wireless-G Router Model WGR614v9, including LAN, WAN, and routing settings. It
More informationChapter 4 Customizing Your Network Settings
Chapter 4 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the RangeMax Dual Band Wireless-N Router WNDR3300, including LAN, WAN, and routing settings.
More informationChapter 5 Customizing Your Network Settings
Chapter 5 Customizing Your Network Settings This chapter describes how to configure advanced networking features of the RangeMax NEXT Wireless Router WNR834B, including LAN, WAN, and routing settings.
More informationLab 8.4.2 Configuring Access Policies and DMZ Settings
Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set
More informationVPN Overview. The path for wireless VPN users
VPN Overview The path for wireless VPN users First, the user's computer (the blue computer) connects to an access point in the uiuc-wireless-net network and is assigned an IP address in that range (172.21.0.0
More informationChapter 3 Connecting the Router to the Internet
Chapter 3 Connecting the Router to the Internet This chapter describes how to set up the router on your Local Area Network (LAN) and connect to the Internet. It describes how to configure your DG834GT
More informationIT6203 Systems & Network Administration. (Optional)
Systems & Network Administration (Optional) INTRODUCTION This is one of the Optional courses designed for Semester 6 of the Bachelor of Information Technology Degree program. This course on Systems & Network
More informationMN-700 Base Station Configuration Guide
MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station
More informationCET442L Lab #2. IP Configuration and Network Traffic Analysis Lab
CET442L Lab #2 IP Configuration and Network Traffic Analysis Lab Goals: In this lab you will plan and implement the IP configuration for the Windows server computers on your group s network. You will use
More informationSTRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction
Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,
More informationPolicy on Connection to the University Network
Policy on Connection to the University Network Revision History Version Date Changes 0.1 01/12/04 David Conway 0.2 02/12/04 David Conway 0.3 19/01/05 David Conway 0.4 21/01/05 David Conway 1.0 07/03/05
More informationMicrosoft Technologies
NETWORK ENGINEERING TRACK Microsoft Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use
More informationChapter 15: Advanced Networks
Chapter 15: Advanced Networks IT Essentials: PC Hardware and Software v4.0 1 Determine a Network Topology A site survey is a physical inspection of the building that will help determine a basic logical
More information20410: Installing and Configuring Windows Server 2012
20410: Installing and Configuring Windows Server 2012 Microsoft - Servidores Nível: Intermédio Duração: 30h Sobre o curso After completing this course, students will be able to: Install and configure Windows
More informationNetwork Security Policy
Network Security Policy Policy Contents I. POLICY STATEMENT II. REASON FOR POLICY III. SCOPE IV. AUDIENCE V. POLICY TEXT VI. PROCEDURES VII. RELATED INFORMATION VIII. DEFINITIONS IX. FREQUENTLY ASKED QUESTIONS
More informationChapter 1 Connecting Your Router to the Internet
Chapter 1 Connecting Your Router to the Internet This chapter describes how to configure your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router Internet connection.when you perform the initial configuration
More informationChapter 9 Monitoring System Performance
Chapter 9 Monitoring System Performance This chapter describes the full set of system monitoring features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. You can be alerted to important
More informationMS 20410 Installing and Configuring Windows Server 2012
P a g e 1 of 10 MS 20410 Installing and Configuring Windows Server 2012 About this Course This course is part one of a three-part series that provides the skills and knowledge necessary to implement a
More informationAuburn Montgomery. Registration and Security Policy for AUM Servers
Auburn Montgomery Title: Responsible Office: Registration and Security Policy for AUM Servers Information Technology Services I. PURPOSE To outline the steps required to register and maintain departmental
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationPre-lab and In-class Laboratory Exercise 10 (L10)
ECE/CS 4984: Wireless Networks and Mobile Systems Pre-lab and In-class Laboratory Exercise 10 (L10) Part I Objectives and Lab Materials Objective The objectives of this lab are to: Familiarize students
More informationInstalling and Configuring Windows Server 2012 MOC 20410
Installing and Configuring Windows Server 2012 MOC 20410 Course Outline Module 1: Deploying and Managing Windows Server 2012 This module introduces the new Windows Server 2012 administrative interface.
More informationComputer Network Engineering
226 Computer Network Engineering Computer Network Engineering Degrees, Certificates and Awards Associate in Science: Computer Network Engineering Certificate of Achievement: Computer Network Engineering
More informationTrack 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE
Anne Arundel Community College Tracks Anne Arundel Community College s computer technologies courses have been organized into 10 suggested tracks. The tracks are arranged to ensure that students have the
More informationChapter 2 Preparing Your Network
Chapter 2 Preparing Your Network This document describes how to prepare your network to connect to the Internet through a router and how to verify the readiness of your broadband Internet service from
More informationecopy ShareScan v4.3 Pre-Installation Checklist
ecopy ShareScan v4.3 Pre-Installation Checklist This document is used to gather data about your environment in order to ensure a smooth product implementation. The Network Communication section describes
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationFIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.
1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams
More informationDeveloping Network Security Strategies
NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network
More informationOSU INSTITUTE OF TECHNOLOGY POLICY & PROCEDURES
Network Security 6-005 INFORMATION TECHNOLOGIES July 2013 INTRODUCTION 1.01 OSU Institute of Technology (OSUIT) s network exists to facilitate the education, research, administration, communication, and
More informationInstalling and Configuring Windows Server 2012
Course 20410B: Installing and Configuring Windows Server 2012 Length: 5 Days Audience(s): IT Professionals Level: 200 Technology: Windows Server 2012 Overview About this Course This course is part one
More informationCIS 4204 Ethical Hacking Fall, 2014
CIS 4204 Ethical Hacking Fall, 2014 Course Abstract: The purpose of this course is to provide a basic understanding of computing, networking, programming concepts, and exploitation techniques, as they
More informationLAN TCP/IP and DHCP Setup
CHAPTER 2 LAN TCP/IP and DHCP Setup 2.1 Introduction In this chapter, we will explain in more detail the LAN TCP/IP and DHCP Setup. 2.2 LAN IP Network Configuration In the Vigor 2900 router, there are
More informationSavvius Insight Initial Configuration
The configuration utility on Savvius Insight lets you configure device, network, and time settings. Additionally, if you are forwarding your data from Savvius Insight to a Splunk server, You can configure
More informationLab 8.4.2 Configuring Access Policies and DMZ Settings
Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set
More informationChapter 1 Configuring Basic Connectivity
Chapter 1 Configuring Basic Connectivity This chapter describes the settings for your Internet connection and your wireless local area network (LAN) connection. When you perform the initial configuration
More informationCourse Outline: Course 20410- Installing and Configuring Windows Server 2012
Course Outline: Course 20410- Installing and Configuring Windows Server 2012 Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: The course is part one of a series
More informationNETWORK PENETRATION TESTING
Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes
More informationChapter 1 Configuring Internet Connectivity
Chapter 1 Configuring Internet Connectivity This chapter describes the settings for your Internet connection and your wireless local area network (LAN) connection. When you perform the initial configuration
More informationEssentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library
Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Why should you be concerned? There are over 1 million known computer viruses. An unprotected computer on the
More informationComputer Firewalls. The term firewall was originally used with forest fires, as a means to describe the
Pascal Muetschard John Nagle COEN 150, Spring 03 Prof. JoAnne Holliday Computer Firewalls Introduction The term firewall was originally used with forest fires, as a means to describe the barriers implemented
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationCDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus
CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus Modality of Examination: The examination comprises of two papers, each carrying 100 marks. The first paper is General Overview
More informationEvaluation guide. Vyatta Quick Evaluation Guide
VYATTA, INC. Evaluation guide Vyatta Quick Evaluation Guide A simple step-by-step guide to configuring network services with Vyatta Open Source Networking http://www.vyatta.com Overview...1 Booting Up
More informationPension Benefit Guaranty Corporation. Office of Inspector General. Evaluation Report. Penetration Testing 2001 - An Update
Pension Benefit Guaranty Corporation Office of Inspector General Evaluation Report Penetration Testing 2001 - An Update August 28, 2001 2001-18/23148-2 Penetration Testing 2001 An Update Evaluation Report
More informationHow To Configure A Vyatta 4.2.0 As A Ds Internet Connection Router/Gateway With A Web Server On A Dspv.Net 4.0.1 (Dspv) On A Network With A D
Open Informatics a An Information Technology Company Visit us on the web at www.openinformatics.net Tutorial Author: Zlatan Klebic Send Feedback: zklebic@openinformatics.net Configuring a Vyatta 4.0 release
More information8 NETWORK SERVERS AND SERVICES FUNDAMENTALS
8 NETWORK SERVERS AND SERVICES FUNDAMENTALS PROJECTS Project 8.1 Project 8.2 Project 8.3 Project 8.4 Project 8.5 Understanding Key Concepts Comparing Network Operating Systems Understanding Basic Services
More informationSpecial Issues for Penetration testing of Firewall
보안공학연구논문지 (Journal of Security Engineering), 제 5권 제 4 호, 2008년 8월 Special Issues for Penetration testing of Firewall Hoon Ko 1) Abstract A firewall is a device or software that controls the traffic of
More informationNETWORK SECURITY (W/LAB) Course Syllabus
6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information
More informationETRX2 and ETRX357 Wireless Mesh Networking Modules. Application Note Accessing Modules over the Internet
Telegesis ETRX2, ETRX35x TG-APP-Internet-100 Application Note ETRX2 and ETRX357 Wireless Mesh Networking Modules Application Note Accessing Modules over the Internet (Rev 1.00) Table of Contents 1 INTRODUCTION...
More information1:1 NAT in ZeroShell. Requirements. Overview. Network Setup
1:1 NAT in ZeroShell Requirements The version of ZeroShell used for writing this document is Release 1.0.beta11. This document does not describe installing ZeroShell, it is assumed that the user already
More informationGetting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.
Preface p. ix Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p. 6 Common Linux Features p. 8 Primary Advantages
More informationInformation Services. Accessing the University Network using a Virtual Private Network Connection (VPN), with Windows XP Professional
Information Services Accessing the University Network using a Virtual Private Network Connection (VPN), with Windows XP Professional Amendment & Authorisation History Ver Date Changes Name Author A 29/3/05
More informationIS TEST 3 - TIPS FOUR (4) levels of detective controls offered by intrusion detection system (IDS) methodologies. First layer is typically responsible for monitoring the network and network devices. NIDS
More informationLOCKING DOWN LOG FILES: ENHANCING NETWORK SECURITY BY PROTECTING LOG FILES
LOCKING DOWN LOG FILES: ENHANCING NETWORK SECURITY BY PROTECTING LOG FILES Bernie Lantz, Utah State University, bernie.lantz@usu.edu Rob Hall, Utah State University, rob.hall@usu.edu Jason Couraud, Utah
More informationI've applied for a goipv6 account and received my password via email but I cannot log into my account. What should I do?
goipv6 FAQ goipv6 Account I've applied for a goipv6 account and received my password via email but I cannot log into my account. What should I do? I would like to change my current password. What should
More informationWHITE PAPER. An Introduction to Network- Vulnerability Testing
An Introduction to Network- Vulnerability Testing C ONTENTS + Introduction 3 + Penetration-Testing Overview 3 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and
More informationInternet Firewalls Policy Development and Technology Choices
Internet Firewalls Policy Development and Technology Choices Leonard J. D Alotto GTE Laboratories, Incorporated Abstract Since the development of the World Wide Web (WWW), more and more organizations are
More informationREPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB
REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of
More information3 Days Course on Linux Firewall & Security Administration
PROFESSIONAL TRAINING COURSE 3 Days Course on Linux Firewall & Security Administration About the Course The course will teach students how to use local and network security. This is a course for those
More informationConnecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements
Connecting to the Internet LAN Hardware Requirements Computer Requirements LAN Configuration Requirements Installation Performed by Time Warner Cable Technician Connecting via Ethernet Connecting via USB
More informationMinnesota State Community and Technical College Detroit Lakes Campus
Computer Network Security Minnesota State Community and Technical College Detroit Lakes Campus Overview Philosophy Note on 2 year Colleges Certifications Program Courses CCDC Program Numbers Faculty Future
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationNEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus
NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus CSCI - 440 Network Security and Perimeter Protection 3-0-3 CATALOG DESCRIPTION This
More informationNational Cyber League Certified Ethical Hacker (CEH) TM Syllabus
National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)
More informationFor extra services running behind your router. What to do after IP change
For extra services running behind your router. What to do after IP change This guide is for customers who meet the following conditions: - Customers who have moved from a TPG Layer 3 plan to a TPG Layer
More informationCCNA Exploration: Accessing the WAN Chapter 7 Case Study
Objectives: Mitigate attacks based on DHCP rogue servers. Intro: ChurchBells Inc. is having connectivity issues and needs your help. The Scenario: According to the reports, some user PCs within the company
More informationNetwork Security ITP 457 (4 Units)
Network Security ITP 457 (4 Units) Description Objectives Prerequisites/ Recommended Preparation Instructor Contacting the Instructor Lecture Required Textbooks Web Site Due to the emergence of the internet
More informationComputer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1
Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls CS426 Fall 2010/Lecture 36 1 Announcements There will be a quiz on Wed There will be a guest lecture on Friday, by Prof. Chris Clifton
More informationPCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents
PCI DSS Best Practices with Snare Enterprise InterSect Alliance International Pty Ltd Page 1 of 9 About this document The PCI/DSS documentation provides guidance on a set of baseline security measures
More informationICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration
ICS 351: Today's plan IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration IP address exhaustion IPv4 addresses are 32 bits long so there
More informationOverview. Firewall Security. Perimeter Security Devices. Routers
Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security
More informationINFORMATION SECURITY TRAINING CATALOG (2015)
INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision 3.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,
More informationBasic IPv6 WAN and LAN Configuration
Basic IPv6 WAN and LAN Configuration This quick start guide provides basic IPv6 WAN and LAN configuration information for the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N. For complete IPv6 configuration
More informationHow To Pass The Information And Network Security Certificate
Information Technology Information and Network Security Certificate Program Information and Network Security Certificate Program The Information and Network Security Certificate Program helps industry
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationFirewall VPN Router. Quick Installation Guide M73-APO09-380
Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,
More informationIn today s world the Internet has become a valuable resource for many people.
In today s world the Internet has become a valuable resource for many people. However with the benefits of being connected to the Internet there are certain risks that a user must take. In many cases people
More informationWhat is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?
What is a Firewall? Computer Security Firewalls fire wall 1 : a wall constructed to prevent the spread of fire 2 usually firewall : a computer or computer software that prevents unauthorized access to
More informationAn Introduction to Network Vulnerability Testing
CONTENTS Introduction 3 Penetration Testing Overview 4 Step 1: Defining the Scope 4 Step 2: Performing the Penetration Test 5 Step 3: Reporting and Delivering Results 6 VeriSign SecureTEST 7 Common Vulnerability
More informationRemote Connection to Your Computers
Remote Connection to Your Computers Page 1 Accessing files while you re on the go When you are at home or in the office, your ipad or iphone connects to your network wirelessly. And because it is part
More informationMulti-Homing Dual WAN Firewall Router
Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet
More informationVUBNET, the network of the Vrije Universiteit Brussel. Rules with reference to the use of the university IT infrastructure in studenthomes
, the network of the Vrije Universiteit Brussel 1 Rules with reference to the use of the university IT infrastructure in studenthomes 2 General setup information A Configuration of the TCP/IP protocol
More informationAcellus Lab Cart. User s Manual. Version 4B. Acellus Corporation www.acellus.com. Copyright 2010 Acellus Corporation. All Rights Reserved.
Acellus Lab Cart User s Manual Version 4B Acellus Corporation www.acellus.com 1 Table of Contents Using Acellus... 3 Acellus Lab Cart and Server... 3 Acellus Laptops... 3 Acellus Updates... 4 Accessing
More informationMCSE. 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080. Victoria Commons, 613 Hope Rd Building #5, Eatontown, NJ 07724
COURSE SYLLABUS MCSE Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam 70-293) Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure
More informationDefinition of firewall
Internet Firewalls Definitions: firewall, policy, router, gateway, proxy NAT: Network Address Translation Source NAT, Destination NAT, Port forwarding NAT firewall compromise via UPnP/IGD Packet filtering
More informationJK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA
JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA To purchase Full version of Practice exam click below; http://www.certshome.com/jk0-022-practice-test.html FOR CompTIA JK0-022 Exam Candidates
More informationAppendix C Network Planning for Dual WAN Ports
Appendix C Network Planning for Dual WAN Ports This appendix describes the factors to consider when planning a network using a firewall that has dual WAN ports. This appendix contains the following sections:
More informationACADEMIC PROGRAM REVIEW PC AGE 145 TALMADGE ROAD EDISON, NJ 08817 REVIEW DATE. Report Amended October 2011
ACADEMIC PROGRAM REVIEW of PC AGE 145 TALMADGE ROAD EDISON, NJ 08817 REVIEW DATE May 12-13, 2011 Report Amended October 2011 Table of Contents PC AGE Organizational Profile... 3 Academic Program Review
More informationSFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab 9940313 March 04, 2004
SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab 9940313 March 04, 2004 Introduction: A computer firewall protects computer networks from unwanted intrusions which could compromise confidentiality
More informationFortKnox Personal Firewall
FortKnox Personal Firewall User Manual Document version 1.4 EN ( 15. 9. 2009 ) Copyright (c) 2007-2009 NETGATE Technologies s.r.o. All rights reserved. This product uses compression library zlib Copyright
More informationLEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS
1 LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS Te-Shun Chou and Tijjani Mohammed Department of Technology Systems East Carolina University chout@ecu.edu Abstract
More informationHow To Set Up A Computer With A Network Connection On A Cdrom 2.5 (For A Pc) Or Ipad (For Mac) On A Pc Or Mac Or Ipa (For Pc) On An Ipad Or Ipro (
Connect the supplied power-adapter to the power inlet port and connect it to a wall outlet. Then, the router automatically enters the self-test phase. During self-test phase, RNX-EasyN400 s Power LED will
More informationHONEYD (OPEN SOURCE HONEYPOT SOFTWARE)
HONEYD (OPEN SOURCE HONEYPOT SOFTWARE) Author: Avinash Singh Avinash Singh is a Technical Evangelist currently worksing at Appin Technology Lab, Noida. Educational Qualification: B.Tech from Punjab Technical
More informationCreating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements
Creating the Conceptual Design by Gathering and Analyzing Business and Technical Requirements Analyze the impact of Active Directory on the existing technical environment. Analyze hardware and software
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationUsing VDOMs to host two FortiOS instances on a single FortiGate unit
Using VDOMs to host two FortiOS instances on a single FortiGate unit Virtual Domains (VDOMs) can be used to divide a single FortiGate unit into two or more virtual instances of FortiOS that function as
More informationFootprinting and Reconnaissance Tools
Footprinting and Reconnaissance Tools Topic 1: Common Port Scanning Techniques Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting
More informationConfiguring Routers and Their Settings
Configuring Routers and Their Settings When installing a router on your home network the routers settings are usually defaulted to automatically protect your home, and simplify setup. This is done because
More informationFundamentals of Windows Server 2008 Network and Applications Infrastructure
Fundamentals of Windows Server 2008 Network and Applications Infrastructure MOC6420 About this Course This five-day instructor-led course introduces students to network and applications infrastructure
More information