Build Your Own Security Lab

Similar documents
Certified Ethical Hacker Exam Version Comparison. Version Comparison

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CRYPTUS DIPLOMA IN IT SECURITY

Build Your Own Security Lab

Build Your Own Security Lab

Ethical Hacking Course Layout

Certified Ethical Hacker (CEH)

Professional Penetration Testing Techniques and Vulnerability Assessment ...

CEH Version8 Course Outline

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CYBERTRON NETWORK SOLUTIONS

Network Attacks and Defenses

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Description: Objective: Attending students will learn:

INFORMATION SECURITY TRAINING

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

SONDRA SCHNEIDER JOHN NUNES

Penetration Testing with Kali Linux

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Assessing Network Security

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

Ethical Hacking and Countermeasures 5.0 Course ECEH5.0 5 Days COURSE OVERVIEW AUDIENCE OBJECTIVES OUTLINE

ETHICAL HACKING. By REAL TIME FACULTY

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

SCP - Strategic Infrastructure Security

Certified Penetration Testing Engineer

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Open Source Security Tools

FSP-201: Ethical Hacking & IT Security

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

Section 12 MUST BE COMPLETED BY: 4/22

VMware: Advanced Security

Vulnerability Assessment and Penetration Testing

McAfee Certified Assessment Specialist Network

Detailed Description about course module wise:


Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

Certified Penetration Testing Specialist

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Course Title: Course Description: Course Key Objective: Fee & Duration:

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Virtual Learning Tools in Cyber Security Education

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Presented By: Holes in the Fence. Agenda. IPCCTV Attack. DDos Attack. Why Network Security is Important

Information Security. Training

FORBIDDEN - Ethical Hacking Workshop Duration

Course Content: Session 1. Ethics & Hacking

Networking: EC Council Network Security Administrator NSA

Kerem Kocaer 2010/04/14

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

BUY ONLINE FROM:

Linux Network Security

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC Council Certified Ethical Hacker V8

PKF Avant Edge. Penetration Testing. Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP

IDS and Penetration Testing Lab ISA656 (Attacker)

[CEH]: Ethical Hacking and Countermeasures

Certified Cyber Security Expert V Web Application Development

Loophole+ with Ethical Hacking and Penetration Testing

CIS 4204 Ethical Hacking Fall, 2014

INFORMATION SECURITY TRAINING CATALOG (2015)

A Systems Engineering Approach to Developing Cyber Security Professionals

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

June 2014 WMLUG Meeting Kali Linux

Jort Kollerie SonicWALL

Security Considerations White Paper for Cisco Smart Storage 1

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Principles of Information Assurance Syllabus

Some Tools for Computer Security Incident Response Team (CSIRT)

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014

Contents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix

Healthcare Information Security Governance and Public Safety II

Contents Introduction xxvi Chapter 1: Understanding the Threats: Viruses, Trojans, Mail Bombers, Worms, and Illicit Servers

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

ASK PC Certified Information Systems Security Expert - CISSE

GSEC GIAC Security. Essentials Certification ONE ALL IN EXAM GUIDE. Ric Messier. Singapore Sydney Toronto

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Course Title: Penetration Testing: Security Analysis

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Course Outline: Certified Ethical Hacker v8. Learning Method: Instructor-led Classroom Learning

Eleventh Hour Security+

Introduction Open Source Security Tools for Information Technology Professionals

EC-Council Ethical Hacking and Countermeasures

Transcription:

Build Your Own Security Lab A Field Guide for Network Testing Michael Gregg WILEY Wiley Publishing, Inc.

Contents Acknowledgments Introduction XXI xxiii Chapter 1 Hardware and Gear Why Build a Lab? Hackers Welcome Hacker Software Hacker Hardware The Essential Gear Obtaining Requisite Hardware /Software Stuff You Already Have New-Equipment Purchases Used-Equipment Purchases Online Auctions Thrift Stores Company Sales Assembling the Network Lab Starting Clean Configuring the Network Installing Operating Systems Windows XP Linux Connecting Everything Together Adding On Equipment Checklist Exploring Linux Options Exploring Other Operating System Options 1 2 4 4 5 8 10 10 10 11 12 13 14 14 16 17 21 21 23 23 25 26 27 28 28 29 30 XIII

xiv Contents Chapter 2 Building a Software Test Platform 31 Server OS Installations 31 Microsoft Windows 32 Linux 36 Navigating in Linux 39 Linux Basics 41 Other Operating Systems 44 Mac OS X 44 ReactOS 45 Windows PE 45 Virtualization 47 VMware Workstation 48 VMware Server 51 Virtual PC 52 Client-Side Tools 53 Learning Applications 55 56 57 58 Using VMware to Build a Windows Image 58 Using VMware to Build a ReactOS Image 59 Running BackTrack from VMware 60 Chapter 3 Passive Information Gathering 63 Starting at the Source 64 Scrutinizing Key Employees 68 Dumpster Diving (Electronic) 71 Analyzing Web Page Coding,. 74 Exploiting Web Site Authentication Methods 77 Mining Job Ads and Analyzing Financial Data 80 Using Google to Mine Sensitive Information 83 Exploring Domain Ownership 84 WHOIS 85 Regional Internet Registries 88 Domain Name Server 89 Identifying Web Server Software 93 Web Server Location 95 96 97 98 IP Address and Domain Identification 98 Information Gathering 99 Google Hacking 100 Banner Grabbing 101 Telnet 101 Netcat 102 VisualRoute 103

Contents xv Chapter 4 Chapter 5 Detecting Live Systems Detecting Active Systems Wardriving ICMP (Ping) Port Scanning TCP/IP Basics The Network Access Layer The Internet Layer The Host-to-Host Layer The Application Layer TCP and UDP Port Scanning Advanced Port-Scanning Techniques Idle Scan Port-Scanning Tools Nmap SuparScan Other Scanning Tools OS Fingerprinting Passive Fingerprinting Active Fingerprinting OS Fingerprinting Tools Scanning Countermeasures Port Scanning with Nmap Port Scanning with SuperScan Using Look@LAN Passive Fingerprinting Active Fingerprinting Enumerating Systems Enumeration SNMP Services SNMP Enumeration Tools SNMP Enumeration Countermeasures Routing Devices Routing Enumeration Tools Routing Enumeration Countermeasures Windows Devices Server Message Block and Interprocess Communication Enumeration and the IPC$ Share Windows Enumeration Tools Windows Enumeration Countermeasures Advanced Enumeration Password Cracking Protecting Passwords 105 105 106 107 111 111 112 113 116 117 120 123 123 126 126 129 129 131 131 134 135 136 139 140 141 141 142 143 144 146 149 149 150 152 153 154 156 158 161 163 164 165 168 170 170 174

xvi Contents Chapter 6 Chapter 7 Sniffing Password Hashes Exploiting a Vulnerability Buffer Overflows SNMP Enumeration Enumerating Routing Protocols Enumeration with DumpSec Rainbow Table Attacks Automated Attack and Penetration Tools Why Attack and Penetration Tools Are Important Vulnerability Assessment Tools Source Code Assessment Tools Application Assessment Tools System Assessment Tools Attributes of a Good System Assessment Tool Nessus Automated Exploit Tools Metasploit Metasploit Web Metasploit Console Metasploit Command-Line Interface Updating Metasploit ExploitTree Exploitation Framework Core Impact CANVAS Determining Which Tools to Use Picking the Right Platform Metasploit BackTrack Metasploit Windows Exploring N-Stalker, a Vulnerability Assessment Tool Exploring the SecurityForest.com Web Site Understanding Cryptographic Systems Encryption Secret Key Encryption Data Encryption Standard Triple DES Advanced Encryption Standard One-Way Functions (Hashes) MD Series 174 175 178 180 180 181 181 184 185 187 189 190 190 191 192 192 194 195 203 203 204 209 211 211 212 212 213 214 214 215 215 216 216 217 219 221 222 225 225 227 229 230 231 231 232

Contents xvii SHA 232 Public Key Encryption 232 RSA 233 Diffie-Hellman 234 El Gamal 235 Elliptic Curve Cryptosystem 235 Hybrid Cryptosystems 235 Authentication 236 Password Authentication 237 Password Hashing 237 Challenge-Response 240 Session Authentication 241 Public Key Authentication 242 Public Key Infrastructure 242 Certificate Authority 242 Registration Authority 243 Certificate Revocation List 243 Certificate-Based Authentication 243 Biometrics 245 Encryption and Authentication Attacks 247 Extracting Passwords 248 Password Cracking 249 Dictionary Attack ^ 249 Brute-Force Attack 250 Rainbow Table 250 Other Cryptographic Attacks 251 252 253 254 RainbowCrack 254 CrypTool 255 John the Ripper 257 Chapter 8 Defeating Malware 259 The Evolving Threat 259 Viruses and Worms 261 Viruses 261 Worms 264 Timeline 265 Detecting and Preventing 269 Antivirus 269 Trojans 271 Infection Methods 272 Symptoms 273 Weil-Known Trojans 273 Modern Trojans 274 Distributing Trojans 274

xviii Contents Rootkits Spyware Botnets Phishing Virus Signatures Building Trojans Rootkits Finding Malware Securing Wireless Systems Wi-Fi Basics Wireless Clients and NICs Wireless Access Points Wireless Communication Standards Bluetooth Basics Wi-Fi Security Wired Equivalent Privacy Wi-Fi Protected Access 802.1x Authentication Wireless LAN Threats Wardriving NetStumbler Kismet Eavesdropping Rogue and Unauthorized Access Points Denial of Service Exploiting Wireless Networks Finding and Assessing the Network Setting Up Aerodump Configuring Aireplay Deauthentication and ARP Injection Capturing IVs and Cracking the WEP KEY Other Wireless Attack Tools Exploiting Bluetooth Securing Wireless Networks Defense in Depth Misuse Detection Using NetStumbler Using Wireshark to Capture Wireless Traffic 276 278 281 282 282 283 284 284 285 285 289 291 292 293 294 294 296 297 297 299 301 302 302 304 307 307 311 312 313 314 314 315 315 316 317 318 318 318 319 320 321 322 322 323

Contents xix Chapter 10 Chapter 11 Intrusion Detection Overview of Intrusion Detection and Prevention IDS Types and Components IDS Engines An Overview of Snort Platform Compatibility Assessing Hardware Requirements Installing Snort on a Windows System MySQL Limiting Access Installing the Base Components Basic Configuration Verification of Configuration Building Snort Rules The Rule Header Logging with Snort Rule Options Creating and Testing a Simple Rule Set The Snort User Interface IDScenter Installing IDScenter Configuring IDScenter Basic Analysis and Security Engine Advanced Snort: Detecting Buffer Overflows Responding to Attacks /Intrusions Building a Snort Windows System Making a One-Way Data Cable Forensic Detection Computer Forensics Acquisition Drive Removal and Fingerprint Drive-Wiping Logical and Physical Copies Logical Copies Physical Copies Imaging the Drive Authentication Trace-Evidence Analysis Browser Cache Email Evidence Deleted/Overwritten Files and Evidence Other Trace Evidence 325 325 326 328 330 331 331 333 333 333 334 337 339 342 343 345 345 347 349 349 349 350 355 356 357 360 360 361 361 363 365 366 367 369 371 372 373 374 374 376 379 382 383 385 386

xx Contents Hiding Techniques Common File-Hiding Techniques Advanced File-Hiding Techniques Steganography Antiforensics Detecting Hidden Files Basic File-Hiding Advanced File-Hiding Reading Email Headers Use S-Tools to Embed and Encrypt a Message About the DVD System Requirements Using the DVD What's on the DVD Troubleshooting Customer Care 387 387 389 391 395 396 396 397 397 397 398 399 400 405 405 406 406 408 408 Index 409

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information