|What to bring:
Nothing to bring. All necessary equipment will be provided including preconfigured workstations, tools and utilities.
This class explores some of the most current and advanced Security and Hacking topics in the security field today. This is an in depth and detailed Hands On course designed for the advanced security professional interested in discovering the inner workings of serious security vulnerabilities and techniques to counter them.
Day 1 sets the foundation for establishing a strong basis in network monitoring, scanning, and attacks. Emphasis is placed on the tools and techniques used to monitor for malicious activity and understand how to methodically test security at a network level. Then, we move on to discuss Web-related vulnerabilities that affect any platform.
Throughout the day, students participate in labs that reinforce the topics presented. These labs include setting up an IDS, sniffing in a switched environment, remote service identification using binary nudge strings, and creating cross-site scripting payloads.
Day 2 presents advanced UNIX configuration techniques, including chroot environments. Students compile and test malicious Linux Kernel Modules, then implement a security-hardened kernel. Finally, the day ends with an interactive session on using covert channels over ICMP, UDP, TCP, and HTTP.
Each section contains several labs that lead the student through re-compiling a hardened kernel, modifying kernel modules to bypass detection software, and establishing and monitoring covert channels.
Who Should Take the Course?
System and network administrators, security personnel, auditors, and consultants with advanced Windows and UNIX skills.
Some of the Topics to be Covered
- Advanced scanning techniques
- IDS and sniffing
- Advanced network attacks
- Cross site scripting (XSS)
- Hacking and Securing Unix
- Loadable kernel modules
- Unix kernel hardening
- Covert channels
- Full content packet captures
- Using Snort IDS
- Capture traffic in a switched environment
- Crafting Cross Site Scripting payloads
- Advanced UNIX lockdown techniques
- Loadable Kernel Modules
- Covert Channels, their use and detection
Course Length: 2 days
Cost: US $2000 before 25 April 2003 or US $2200 after 25 April 2003
NOTE: this is a two day course. A Foundstone Certificate of Completion will be offered.
ISC2 CISSP/SCCP Certification
Students are eligible to receive 16 Continuing Professional Education (CPE) credits upon completion of class. Foundstone will automatically forward your information to ISC2. If you would like to take part in this service, please bring your ID number to class.
Foundstone's management team and selected staff are uniquely qualified to present this material, having performed hundreds of security assessments for Fortune 500 companies. Instructors have managed or directed the security-assessment teams at three of the Big 5 accounting firms, as well as amassed real-world experience ranging from the United States Air Force to Wall Street. Members of the instructor team authored the best-selling Hacking Exposed: Network Security Secrets & Solutions and write a weekly column for InfoWorld magazine. They are also frequent speakers at industry conferences such as NetWorld+Interop, Usenix, and the Black Hat Briefings.