Accelerated Hacking - A Hands-On Adventure for the Technical Security Practitioner
Overview
To effectively secure your network, you need to understand the tools and techniques used by those who would attack it. Accelerated Hacking goes beyond the traditional network vulnerability assessment and teaches you the methodology and the tools used by network attackers to gain access to secured systems. This course is designed to help you learn about the holes in your own network and security systems, to increase your ability to prevent breaches. The skills, techniques, and tools taught in this class should never be used against any other system without permission. In this class you will get hand-on experience, working on a machine loaded with the latest tools to attack example hosts and get real-world experience breaking into networks. This course is designed for security professionals who are involved with the technical aspects of computer security. It is recommended for students who wish to attain the Certified Ethical Hacker (CEH) designation.
Prerequisites
Students in this class should possess the following knowledge:
- Working knowledge of basic network security plus a solid grasp of TCP/IP and fundamental networking concepts
- Familiarity with Unix, Linux and Windows Operating Systems
- Basic knowledge of networking devices.
- An understanding of network vulnerability assessment is a plus!
Topics Covered
The class will begin with a discussion on targeting Internet systems, and techniques to select the target host for attack. The discussion will then turn to scanning the target hosts for vulnerabilities and appropriate steps to take to minimize lost time during the vulnerability scanning. The focus of this class will be on Unix, NT, and Linux systems. The format will be alternating labs and lecture throughout the two days. In this course you will learn a six-step model for security penetration:
- Phase 1: We will begin by performing network reconnaissance. At this phase we will look for background information about our target network that may be useful in later phases. During this phase we will look to public information sources such as the Internet, DNS servers, News servers, and IRC channels.
- Phase 2: We will begin performing the target network scanning. In this phase we will begin scanning the network range, looking for available hosts to compromise. We will continue by scanning to determine the operating system and applications on the available hosts, and we will finish the scanning by probing the applications for vulnerabilities. We will discuss what can be done to minimize the likelihood that an intrusion detection or intrusion prevention system will stop our scanning.
- Phase 3: We will begin gaining access to systems through application vulnerabilities. During this phase we will dissect and perform several popular attacks, including: buffer overflows, weak password compromises, and web server attacks.
- Phase 4: We will attempt to gain access through vulnerabilities in the network. We will look in-depth at network sniffers, we will perform session hi-jacking, and we will look at source routing and spoofing as other means of fooling network devices.
- Phase 5: We will not attempt to gain access, but rather to deny access to systems. We will look at performing Denial-Of-Service attacks against our target network. We will use attacks such as: syn floods, Smurf, Land, ping of death, land, and bonk. We will also look at distributed Denial-Of-Service attacks, such as: TFN2k, Trinoo, and Stacheldraght.
- Phase 6: We will work on maintaining access to the systems that we have compromised. We will explore popular Trojans, how to leave backdoors, and installing rootkits.
You Will Learn To:
Profile Internet Systems
Maximize time spent scanning for vulnerabilities
Exploit any vulnerabilities discovered
Keep your access to the compromised system
Hide your access
You Will Leave With:
An understanding of the network security penetration process
A list of websites to help you stay up-to-date on developments in tools and techniques
A list of tools to use in the process
A CD with a complete attack environment
This class is taught by Peltier Associates.
