Objective

• To develop strong conceptual understanding of protocols

• To develop strong conceptual understanding of security terms

• To develop hack proofing with Windows and Unix Systems

• To develop conceptual and practical firewall and intrusion detection skills

• To get familiarity with penetration testing skills

• To get familiarity with forensic skills

• To develop password cracking and management skills

• To provide strong familiarity with important security tools/techniques

Goal

• To develop strong fundamentals of security

• To teach all important functions of important tools/products.

Target Audience

This framework is designed for those who are just beginning their journey in information technology security. It�s a starting point from where one can build his base, which includes:

• Students Interested to learn information security

• Network / System and Web application administrator

• IT Staff responsible for information security

This framework, which focuses on security more from a technical perspective, addresses cutting edge most required topics.

Table of Contents

Introduction

• Target Audience

• What this Framework Covers

• Conventions used

• Lab Overview

• Step-by-step configuration of your systems

• Brief Introduction to Security

• Security Policy

• Introduction to Security Tools

How protocol works?

• HTTP, FTP, SMTP, DNS, SNMP

• TCP

• IP

• ARP/RARP, STP

IP Addressing and Subnetting

• Binary Translation

• Subnetting

Getting familiarity with sniffers

• tcpdump

• ethereal

Hack Proofing Windows System

• System Security

  • Hardening System

  • Secure Implementation

  • Patch Management

• Hfnetchk

• IISLockdown

• MPSA

• Backups

• Auditing System

Hack Proofing Linux System

• Understanding Unix file System

• Understanding Unix Permissions

• System Security

  • Hardening System

  • Secure Implementation

  • Patch Management

• Unix Network Commands

• Backup

• tar utility

• Auditing

Understanding Virus, Worm and Trojans

• Trust Relationships

• Fun with Sub7

• How Slammer, Blaster worm works?

Firewalls

• Understanding NAT, PAT and Proxing

• Understanding various architectures of Firewalls

• Statefull Firewall: CheckPoint NG

• Application Gateway: Microsoft ISA

• Statefull Firewall: Cisco Secure IOS Firewall

• Statefull Firewall: iptables

• Host Based Firewall: Zone Alarm

Intrusion Detection Systems

• Understanding various architectures of IDS

• Sniffing with tcpdump and ethereal

• Network based Intrusion Detection System � Snort

• Network based Intrusion Detection System � ISS Real Secure

• Host based Intrusion Detection System � xinetd

• Host based Intrusion Detection System � Swatch

• Host based Intrusion Detection and Prevention System � PortSentry

Vulnerability Scanning

• Understanding various types of scanning

• Scanning with hping2

• Scanning with Nmap

• Scanning with Nessus

• Scanning with Amap

Penetration Testing

• Overview

• Understanding Methodology

  • Information Gathering

  • Network Mapping

  • Vulnerability Identification

  • Penetration

  • Gaining Access & Privilege Escalation

  • Enumerate Further

  • Maintaining Access

  • Covering The Tracks

  • Reporting

  • Clean up and Destroy Artifacts

• Playing with Exploits

Password Cracking

• Understanding Password cracking

• John the Ripper

• Lepton Crack

• L0pht Crack (LC4)

Forensic Backups

• Using Ghost for disk imaging

• Using dd for forensic analysis

Denial of Service and Distributed Denial of Service Attacks

• Understanding type of Denial of Service Attacks

• Understanding type of Distributed Denial of Service Attacks

Web Application Security

• Understanding Web Attacks

• Experiment with Web Sleuth

• Finding bugs using Nikto

Communication Security

• PGP

• Steganography with JPHS

• Steganography with S-Tools