IDS and Penetration Testing Lab ISA 674



Similar documents
IDS and Penetration Testing Lab ISA656 (Attacker)

IDS and Penetration Testing Lab II

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Penetration Testing Workshop

Bossier Parish Community College

CRYPTUS DIPLOMA IN IT SECURITY

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Cybernetic Proving Ground

Vulnerability Assessment Lab

Vulnerability analysis

IDS / IPS. James E. Thiel S.W.A.T.

Virtual Learning Tools in Cyber Security Education

Penetration Testing Walkthrough

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

CTS2134 Introduction to Networking. Module Network Security

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Course Title: Penetration Testing: Security Analysis

Certified Ethical Hacker (CEH)

Hacking Book 1: Attack Phases. Chapter 1: Introduction to Ethical Hacking

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

EC-Council Certified Security Analyst (ECSA)

How to hack a website with Metasploit

Hackers: Detection and Prevention

Lab 9: Pen Testing (NESSUS)

STABLE & SECURE BANK lab writeup. Page 1 of 21

Hackers are here. Where are you?

Network Security In Linux: Scanning and Hacking

Radware s Behavioral Server Cracking Protection

Computer Networks & Computer Security

Post Exploitation. n00bpentesting.com

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. abechtsoudis (at) ieee.

Introduction of Intrusion Detection Systems

Security Advisory. Some IPS systems can be easily fingerprinted using simple techniques.

Penetration Testing LAB Setup Guide

A Decision Maker s Guide to Securing an IT Infrastructure

Banking Security using Honeypot

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

How To Protect Your Network From Attack From A Hacker On A University Server

AUTHOR CONTACT DETAILS

Team Members: Jared Romano, Rachael Dinger, Chris Jones, Miles Kelly Supervising Professor: Dr. George Collins Industry Advisor: Dr.

Passive Vulnerability Detection

SETTING UP AND USING A CYBER SECURITY LAB FOR EDUCATION PURPOSES *

The Essentials Series. PCI Compliance. sponsored by. by Rebecca Herold

A New Era. A New Edge. Phishing within your company

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

Network Penetration Testing and Ethical Hacking Scanning/Penetration Testing. SANS Security Sans Mentor: Daryl Fallin

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

Tk20 Network Infrastructure

Security Mgt. Tools and Subsystems

Ethical Hacking Agreement for External Network Security Unannounced Penetration Test

Author: Sumedt Jitpukdebodin. Organization: ACIS i-secure. ID: My Blog:

CYBERTRON NETWORK SOLUTIONS

CLOUD GUARD UNIFIED ENTERPRISE

Ethical Hacking as a Professional Penetration Testing Technique

Lab Objectives & Turn In

Security Event Management. February 7, 2007 (Revision 5)

Build Your Own Security Lab

Distributed Systems Security

Network Incident Report

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Avaya TM G700 Media Gateway Security. White Paper

Avaya G700 Media Gateway Security - Issue 1.0

Best Practices For Department Server and Enterprise System Checklist

<COMPANY> PR11 - Log Review Procedure. Document Reference Date 30th September 2014 Document Status. Final Version 3.

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s

Analyze. Secure. Defend. Do you hold ECSA credential?

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

The Nexpose Expert System

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE)

Footprinting and Reconnaissance Tools

Cisco IPS Tuning Overview

An Introduction to Network Vulnerability Testing

Vulnerability Detection

Lab 10: Security Testing Linux Server

OPC & Security Agenda

CIT 480: Securing Computer Systems. Vulnerability Scanning and Exploitation Frameworks

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

INTRUSION DETECTION SYSTEM (IDS) by Kilausuria Abdullah (GCIH) Cyberspace Security Lab, MIMOS Berhad

Lab 12: Mitigation and Deterrent Techniques - Anti-Forensic

NETWORK PENETRATION TESTING

Marlicia J. Pollard East Carolina University ICTN 4040 SECTION 602 Mrs. Boahn Dr. Lunsford

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

F-SECURE MESSAGING SECURITY GATEWAY

Windows Client/Server Local Area Network (LAN) System Security Lab 2 Time allocation 3 hours

4. Getting started: Performing an audit

A Proposed Architecture of Intrusion Detection Systems for Internet Banking


Securing the system using honeypot in cloud computing environment

Worms, Trojan Horses and Root Kits

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

11th AMC Conference on Securely Connecting Communities for Improved Health

Exam 1 - CSIS 3755 Information Assurance

1. LAB SNIFFING LAB ID: 10

Transcription:

IDS and Penetration Testing Lab ISA 674 Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible Use of Computing http://www.gmu.edu/facstaff/policy/newpolicy/1301gen.html I understand that GMU takes its ethical obligations very seriously and violations will not be tolerated. I fully understand that GMU and its students must conduct the Program s activities in accordance with the highest possible ethical and legal standards. I know that I am responsible for ensuring that my personal conduct is above reproach. As a condition of studying in the ISA Program at GMU, I agree that violations of the standards described in the Code of Conduct shall be made known immediately to my appropriate faculty member(s) and that violations will result in dismissal from the Program and failure to receive the degree. I understand that this is a zero tolerance policy and that no second chances are given. I agree to take all reasonable precautions to assure that sensitive University or faculty information, or information that has been entrusted to my fellow students or me by third parties (such as the students employers), will not be disclosed to unauthorized persons. I understand that I am not authorized to use sensitive information for my own purposes, nor am I at liberty to provide this information to third parties without the express written consent of the faculty or the person who is the designated information owner or custodian. I also understand specifically that GMU provides computer systems and networks for my use in academic studies and that I am not permitted to use those computer systems and networks for personal business or for any activities not related to my academic studies. I understand that GMU audits and monitors the use of those computer systems and networks and that I have no right to privacy or expectation of privacy when I use computer systems and networks provided to me by GMU.

Signature Printed Name Purpose: This lab will expose you to various techniques and tools including protocol analyzers, network scanners, Intrusion Detection Systems, and Penetration tools. Attackers, whether hackers or penetration testers (or ethical hackers), follow certain techniques and steps when trying to hack into their target systems. We will explore these techniques and perform hands on exercises to illustrate these techniques and give you a better understanding of attacking as well as defending methodologies. Techniques: When trying to attack their target systems, attackers usually go through the first phase of reconnaissance. In this phase, attackers try to map out the network they are trying to attack and understand the architecture of the network. The next step usually involves scanning targets for vulnerabilities. These scans could be noisy and could trigger alerts on a target network especially when it has monitoring devices like an Intrusion Detection System. Another type of scanning is passive scanning, a silent scan based on traffic it detects and sees from the network, without having to send any packets to the target. Once some vulnerability is discovered, attackers usually use existing exploits or if more advanced, write exploit codes for certain vulnerabilities. The next step would be to launch an attack to exploit the vulnerability and try to gain access. Finally, attackers would do some cleaning of their traces and try to maintaining access to the system by installing root kits and backdoors.

Software Requirements: 1. A secure shell (SSH) client. For windows you can download a free version from here: http://the.earth.li/~sgtatham/putty/latest/x86/putty-0.62- installer.exe Mac/Linux distributions come with ssh, you just have to open a console to invoke the program. 2. The BackTrack Linux Penetration Testing Distribution http://www.backtrack-linux.org/downloads/ (PROVIDED, no need to download unless you want to run in locally) 3. Metasploitable 2 vulnerable platform (http://sourceforge.net/projects/metasploitable/files/metasploitable2/) (PROVIDED, no need to download unless you want to run in locally) Lab Exercise Steps: 1. Connect to BackTrack Linux on DSLSRV.GMU.EDU and port 10022 as root using ssh and password isa674. (with the dot): - For Mac/Linux, type: ssh root@dslsrv.gmu.edu -p 11022 (or 10022 another machine) You should get: root@dslsrv.gmu.edu's password: Linux bt 3.2.6 #1 SMP Fri Feb 17 10:34:20 EST 2012 x86_64 GNU/Linux [ ] root@bt:~# For Windows

Enter dslsrv.gmu.edu for Host name and 10022 for Port and click Open login as: root password: isa674. (with the dot).

Now we are all logged in in an ssh terminal and we can continue with the Lab. 2. How did we send the fake email last class? Letʼs repeat that. nslookup to find out who is the mail server set type=mx to set the type to mail exchange server gmu.edu to find out that the email server is mx-h.gmu.edu 3. Connecting to the mail server telnet mx-h.gmu.edu 25

Remember that you need to follow the protocol without mistakes and backspaces because you are imitating a protocol and it does not allow for errors (well not in all fields at least). We will continue in class by going to: https://community.rapid7.com/docs/doc-1875 Your metasploitable machines are directly connected to your backtrack on IP addresses: 10.1.1.2 and 10.1.1.3 More in class!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information