What to bring:
Nothing to bring. All necessary equipment will be provided including preconfigured workstations, tools and utilities.
Designed as the natural follow on course to Ultimate Hacking and other Hacking classes, Ultimate Hacking: Expert brings your expertise up-to-date with the latest techniques, exploits and threats. This is an in-depth and detailed Hands On course designed for the advanced security professional interested in discovering the inner workings of serious security vulnerabilities and techniques to counter them.
Day 1 starts with advanced network reconnaissance including techniques for stealth scans and identification of services running on non-standard ports. This is followed with an overview of monitoring switched networks using Arp spoofing and other techniques. The dangers and detection of covert channels are explored using ICMP, UDP, TCP and HTTP protocols. The day finishes with the introduction of a SQL hacking methodology that will take you through SQL enumeration to remote command execution.
Throughout the day, students participate in labs that reinforce the topics presented. These labs include sniffing in a switched environment, remote service identification using binary nudge strings, and creating covert channels to hide interactive network access.
Day 2 presents advanced UNIX configuration techniques, including chroot environments. Students compile and test malicious Linux Kernel Modules, the ultimate example of a Unix rootkit. Finish the day testing your skills against a hardened network with the Ultimate Lab.
Linux Kernel Module labs step through the process of installing the malicious modules, then modification of the modules to avoid detection by current Unix rootkit detection tools.
Who Should Take the Course?
System and network administrators, security personnel, auditors, and consultants with advanced Windows and UNIX skills.
Course Length: 2 days
Cost: US $2000 before 1 December 2003 or US $2200 after 1 December 2003
NOTE: this is a two day course. A Foundstone Certificate of Completion will be offered.
ISC2 CISSP/SCCP CPE Credits
Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Foundstone will automatically forward your information to ISC2. If you would like to take part in this service, please bring your ID number to class.
Method Based - Foundstone courses teach you the Hacker Methodology so that you thoroughly understand the threats that you face. Utilizing this methodology, unwanted intruders are adept at finding weaknesses across their targeted networks. By combining these weaknesses, they methodically escalate their privileges as they burrow through defenses to their ultimate goal getting root.
Understanding the Hacker Methodology and the thought process that intruders employ is critical to protecting your network and will allow you to build effective defenses and limit your risk.
Hands On Foundstone courses always use Hands On exercises and labs to reinforce key concepts. Our courses are never slide shows. Youre challenged with multiple exercises that require you to apply your new knowledge on our target networks so that youre ready to apply your new skills immediately.
Time Tested Foundstone has taught thousands of security professionals how best to defend their networks. Ranging from the principles of good security practices and advanced techniques to web security, secure coding and incident response, Foundstone is the proven expert in security education.
Experts Foundstone courses are taught by practicing security consultants who are hired by leading Fortune 100 companies, the military and government agencies to secure their networks. Foundstone brings real world experience from these engagements to the class room. Many of our instructors are authors of internationally best selling security titles. Learn from the ones who wrote the book on security not the ones who read it.
Foundstone's management team and selected staff are uniquely qualified to present this material, having performed hundreds of security assessments for Fortune 500 companies. Instructors have managed or directed the security-assessment teams at three of the Big 5 accounting firms, as well as amassed real-world experience ranging from the United States Air Force to Wall Street. Members of the instructor team authored the best-selling Hacking Exposed: Network Security Secrets & Solutions and write a weekly column for InfoWorld magazine. They are also frequent speakers at industry conferences such as NetWorld+Interop, Usenix, and the Black Hat Briefings.