What to bring:
Your laptop with a 10BaseT Network card, web browser and telnet client.
You must provide your own laptop. No loaner laptops will be available.
Attacktecs Attack Techniques used to exploit network infrastructure, servers, databases and other services with the intent of stealing or destroying intellectual property and/or to deny users and clients legitimate access.
Defentecs Defense Techniques and implementation methods used to defend against the latest Attacktecs.
This class will cover a wide variety of the publicly-available exploit tools and how they can be used specifically against a Cisco infrastructure. A majority of the class time will be spent in practical labs. Therefore, a certain level of Cisco expertise will be expected. The training will also cover the possible defenses against these attacks.
Students will be using 2651 routers, and 1900 switches for their labs. The lab core will consist of 3600s, 2900s, 2500s and servers of various flavors. Students will be required to bring their own laptops to attach to the labs (with appropriate caution). This class will focus on Cisco router and switch vulnerabilities and will not be covering PIX firewalls, VPN concentrators, or IDS tools.
Here is a list of some of the topics that will be covered:
- Ways of password nabbing
- Sniffing traffic on a switch
- VLAN hopping and 802.1Q issues
- Root bridge takeovers
- Local and remote HSRP attacks
- Routing manipulation/injection with RIP, IGRP, EIGRP, OSPF
- BGP attacks
- SNMP exploits
- Tunneling attacks
- DoS and DDoS issues and preventive methods
Stephen Dugan is currently an independent contract instructor and network engineer. He has been teaching Cisco networking for the last several years focusing on router and switch configuration, voice/data integration, and Network Security. His students come mostly from Fortune 500 companies, government/military and service providers. He also teaches private internal classes to Cisco Employees. As a Network Engineer he has worked on the design and implementation of large enterprise, government, and service provider networks. He is also working on a unique security book covering the aspects of hacking VoIP networks. Although the book has been delayed, it should be out in 2006.