LinuxCBT.com

Syllabus

Focus: Various Cross-Platform Security Technologies

Duration: 188-Hours

  • Basic Security - Module I

    • Boot Security
      • Explore Dell PowerEdge BIOS Security-related features
      • Discuss concepts & improve Dell PowerEdge BIOS security
      • Explain run-time boot loader vulnerabilities
      • Explore single-user mode (rootshell) and its inherent problems
      • Modify default GRUB startup options & examine results
      • Secure boot loader using MD5 hash
      • Identify key startup-related configuration files & define boot security measures
      • Identify key boot-related utilities
      • Confirm expected hardware configuration
      • Discuss INIT process, runlevel configuration & concepts
      • Explore & tighten the security of the INIT configuration
    •  
    • Shell Security
      • Confirm expected applications
      • Discuss Teletype Terminals (TTYs) and Pseudo Terminals (PTS)
      • Identify common TTYs and PTSs
      • Track current TTYs and PTSs - character devices
      • Discuss concepts related to privileged and non-privileged use
      • Restrict privileged login
      • Use SSH and discuss TTYs
      • Discuss the importance of consistent system-wide banners & messages
      • Define and configure system banners for pre and post-system-access
      • Identify user-logon history and correlate to TTYs
      • Identify current user-connections - console-based and network-based
      • Use lsof to identify open files and sockets
    •  
    • Syslog Security
      • Discuss Syslog concepts and applications
      • Explain Syslog semantics - facilities & levels - message handling & routing
      • Focus on security-related Syslog facilities
      • Examine security logs managed by Syslog
      • Configure Network Time Protocol (NTP) on interesting hosts
      • Secure NTP configuration
      • Ensure time consistency to preserve log-integrity
      • Configure Syslog replication to preserve log-integrity
      • Identify log discrepancies between Syslog hosts
    •  
    • Reconnaissance & Vulnerability Assessment Tools
      • Discuss Stage-1 host/network attack concepts
      • Upgrade NMAP reconnaissance tool to increase effectiveness
      • Identify NMAP files
      • Discuss TCP handshake procedure
      • Discuss half-open/SYN connections
      • Perform connect and SYN-based host/network reconnaissance
      • Identify potential vulnerabilities on interesting hosts derived from reconnaissance
      • Examine NMAP logging capabilities
      • Perform port sweeps to identify common vulnerabilities across exposed systems
      • Secure exposed daemons/services
      • Perform follow-up audit to ensure security policy compliance
      • Discuss vulnerability scanner capabilities and applications
      • Prepare system for Nessus vulnerability scanner installation - identify/install dependencies
      • Generate self-signed SSL/TLS certificates for secure client/server communications
      • Activate Nessus subscription, server and client components
      • Explore vulnerability scanner interface and features
      • Perform network-based reconnaissance attack to determine vulnerabilities
      • Examine results of the reconnaissance attack and archive results
      • Secure exposed vulnerabilities
    •  
    • XINETD - TCPWrappers - Chattr - Lsattr - TCPDump - Clear Text Daemons
      • Install Telnet Daemon
      • Install Very Secure FTP Daemon (VSFTPD)
      • Explore XINETD configuration and explain directives
      • Configure XINETD to restrict communications at layer-3 and layer-4
      • Restrict access to XINETD-protected daemons/services based on time range
      • Examine XINETD logging via Syslog
      • Discuss TCPWrappers security concepts & applications
      • Enhance Telnetd security with TCPWrappers
      • Confirm XINETD & TCPWrappers security
      • Discuss chattr applications & usage
      • Identify & flag key files as immutable to deter modifcation
      • Confirm extended attributes (XATTRs)
      • Discuss TCPDump applications & usage
      • Configure TCPDump to intercept Telnet & FTP - clear-text traffic
      • Use Ethereal to examine & reconstruct captured clear-text traffic
    •  
    • Secure Shell (SSH) & MD5SUM Applications
      • Use Ethereal to examine SSH streams
      • Generate RSA/DSA PKI usage keys
      • Configure Public Key Infrastructure (PKI) based authentication
      • Secure PKI authentication files
      • Use SCP to transfer files securely in non-interactive mode
      • Use SFTP to transfer files securely in interactive mode
      • Configure SSH to support a pseudo-VPN using SSH-Tunnelling
      • Discuss MD5SUM concepts and applications
      • Compare & contrast modified files using MD5SUM
      • Use MD5SUM to verify the integrity of downloaded files
    •  
    • GNU Privacy Guard (GPG) - Pretty Good Privacy (PGP) Compatible - PKI
      • Discuss GPG concepts & applications - symmetric/asymmetric encryption
      • Generate asymmetric RSA/DSA GPG/PGP usage keys - for multiple users
      • Create a local web of trust
      • Perform encrypts/decrypts and test data-exchanges
      • Sign encrypted content and verify signatures @ recipient
      • Import & export public keys for usage
      • Use GPG/PGP with Mutt Mail User Agent (MUA)
    •  
    • AIDE File Integrity Implementation
      • Discuss file-integrity checker concepts & applications
      • Identify online repository & download AIDE
      • Install AIDE on interesting hosts
      • Configure AIDE to protect key files & directories
      • Alter file system objects and confirm modifications using AIDE
      • Audit the file system using AIDE
    •  
    • Rootkits
      • Discuss rootkits concepts & applications
      • Describe privilege elevation techniques
      • Obtain & install T0rnkit - rootkit
      • Identify system changes due to the rootkit
      • Implement T0rnkit with AIDE to identify compromised system objects
      • Implement T0rnkit with chkrootkit to identify rootkits
      • T0rnkit - rootkit - cleanup
      • Implement N-DU rootkit
      • Evaluate system changes
    •  
    • Bastille Linux - OS-Hardening
      • Discuss Bastille Linux system hardening capabilities
      • Obtain Bastille Linux & perform a system assessment
      • Install Bastille Linux
      • Evaluate hardened system components
    •  
    • NPING - Flexible Packet Crafting
      • Discuss benefits
      • Download and install
      • Explore typical usage
    •  
    • Nikto - Web Server Vulnerability Scanner
      • Download and install
      • Discuss configuration options
      • Scan web servers
      • Evaluate results
    •  
    • top
    •  

    Proxy Security - Module II

    • Squid Proxy Initialization
      • Discuss Squid concepts & applications
      • Discuss DNS application
      • Configure DNS on primary SuSE Linux server for the Squid Proxy environment
      • Confirm DNS environment
      • Start Squid and evaluate default configuration
      • Install Squid Proxy server
    •  
    • General Proxy Usage
      • Configure web browser to utilize proxy services
      • Grant permissions to permit local hosts to utilize proxy services
      • Discuss ideal file system layout - partitioning
      • Explore key configuration files
      • Use client to test the performance of proxy services
      • Discuss HIT/MISS logic for serving content
      • Configure proxy support for text-based (lftp/wget/lynx) HTTP clients
    •  
    • Squid Proxy Logs
      • Discuss Squid Proxy logging mechanism
      • Identify key log files
      • Discuss & explore the Access log to identify HITS and/or MISSES
      • Discuss & explore the Store log to identify cached content
      • Convert Squid logs to the Common Log Format (CLF) for easy processing
      • Discuss key CLF fields
      • Configure Webalizer to process Squid-CLF logs
      • Revert to Squid Native logs
      • Discuss key Native log fields
      • Configure Webalizer to process Squid Native logs
    •  
    • Squid Network Configuration & System Stats
      • Discuss cachemgr.cgi Common Gateway Interface(CGI) script
      • Explore the available metrics provided by cachemgr.cgi
      • Change default Squid Proxy port
      • Modify text/graphical clients and test communications
      • Discuss Safe Ports - usage & applications
    •  
    • Squid Access Control Lists (ACLs)
      • Intro to Access Control Lists (ACLs) - syntax
      • Define & test multiple HTTP-based ACLs
      • Define & test ACL lists - to support multiple hosts/subnets
      • Define & test time-based ACLs
      • Nest ACLs to tighten security
      • Implement destination domain based ACLs
      • Exempt destination domains from being cached to ensure content freshness
      • Define & test Anded ACLs
      • Discuss the benefits of Regular Expressions (Regexes)
      • Implement Regular Expressions ACLs to match URL patterns
      • Exempt hosts/subnets from being cached or using the Squid cache
      • Force cache usage
      • Configure enterprise-class Cisco PIX firewall to deny outbound traffic
      • Configure DNS round-robin with multiple Squid Proxy caches for load-balancing
      • Discuss delay pool concepts & applications - bandwidth management
      • Configure delay pools - to support rate-limiting
      • Examine results of various delay pool classes
      • Enforce maximum connections to deter Denial of Service (DoS) attacks
      • Verify maximum connections comply with security policy
    •  
    • Squid Proxy Hierarchies
      • Discuss Squid cache hierarchy concepts & applications
      • Ensure communications through a primary cache server - double-auditing
      • Discuss and configure parent-child bypass based on ACLs
      • Configure Intranet ACLs for peer-cache bypass
      • Discuss & implement Squid cache hierarchy siblings
      • Configure transparent proxy services
    •  
    • Squid on Windows
      • Download & Install
      • Manipulate configuration
      • Test connectivity from multiple platforms
      • Evaluate results
    •  
    • Reverse Proxy
      • Install Squid3
      • Configure forward proxy access for local subnet
      • Test connectivity
      • Discuss reverse proxy features
      • Configure reverse proxy
      • Evaluate results
    •  
    • top
    •  

    Firewall Security - Module III

    • Intro IPTables
      • Discuss key IPTables concepts
      • OSI Model discussion
      • Determine if IPTables support is available in the current kernel
      • Identify key IPTables modules and supporting files
      • Explore and examine the default tables
      • Learn IPTables Access Control List (ACL) syntax
      • Discuss ACL management
      • Learn to Save & Restore IPTables ACLs
    •  
    • IPTables - Chain Management
      • Explore the various chains in the default tables
      • Discuss the purpose of each chain
      • Examine packet counts & bytes traversing the various chains
      • Focus on appending and inserting new ACLs into pre-defined chains
      • Write rules to permit common traffic flows
      • Delete & Replace ACLs to alter security policy
      • Flush ACLs - reset the security policy to defaults
      • Zero packet counts & bytes - bandwidth usage monitoring
      • Create user-defined chains to perform additional packet handling
      • Rename chains to suit the security policy/nomenclature
      • Discuss & explore chain policy
    •  
    • IPTables - Packet Matching & Handling
      • Explain the the basics of packet matching
      • Identify key layer-3/4 match objects - (Source/Dest IPs, Source/Dest Ports, etc.)
      • Explore the multi-homed configuration
      • Block traffic based on untrusted (Internet-facing) interface
      • Perform packet matching/handling based on common TCP streams
      • Perform packet matching/handling based on common UDP datagrams
      • Perform packet matching/handling based on common ICMP traffic
      • Write fewer rules (ACLs) by specifying lists of interesting layer-4 ports
      • Discuss layer-3/4 IPTables default packet matching
      • Discuss default layer-2 behavior
      • Increase security by writing rules to match packets based on layer-2 addresses
    •  
    • IPTables - State Maintenance - Stateful Firewall
      • Discuss the capabilities of traditional packet-filtering firewalls
      • Explain the advantages of stateful firewalls
      • Examine the supported connection states
      • Identify key kernel modules to support the stateful firewall
      • Implement stateful ACLs & examine traffic flows
    •  
    • IPTables - Targets - Match Handling
      • Discuss the purpose of IPTables targets for packet handling
      • Write rules with the ACCEPT target
      • Write rules with the DROP target
      • Write rules with the REJECT target
      • Write rules with the REDIRECT target
      • Confirm expected behavior for all targets
    •  
    • IPTables - Logging
      • Explore Syslog kernel logging configuration
      • Define Access Control Entry (ACEs) to perform logging
      • Explain the key fields captured by IPTables
      • Log using user-defined chain for enhanced packet handling
      • Log traffic based on security policy
      • Define a catch-all ACE
      • Use ACE negation to control logged packets
      • Label log entries for enhanced parsing
    •  
    • IPTables - Packet Routing
      • Describe subnet layout
      • Enable IP routing in the kernel - committ changes to disk
      • Update routing tables on the other Linux Hosts on the network
      • Update the Cisco PIX Firewall's routing tables
      • Test routing through the Linux router, from a remote Windows 2003 Host
      • Focus on the forward chain
      • Write ACEs to permit routing
      • Test connectivity
    •  
    • IPTables - Network Address Translation (NAT)
      • Discuss NAT features & concepts
      • Discuss & implement IP masquerading
      • Define Source NAT (SNAT) ACEs & test translations
      • Create SNAT multiples
      • Implement Destination NAT (DNAT) ACEs & test translations
      • Define DNAT multiples
      • Create NETMAP subnet mappings - one-to-one NATs
    •  
    • IPTables - Demilitarized Zone (DMZ) Configuration
      • Describe DMZ configuration
      • Write Port Address Translation (PAT) rules to permit inbound traffic
      • Test connectivity from connected subnets
      • Configure DMZ forwarding (Routing)
      • Implement Dual-DMZs - ideal for n-tiered web applications
    •  
    • IPTables - IPv6
      • Explore IPv6 configuration
      • Peruse IPv6 IPTables management tools
      • Log and Filter ICMPv6 traffic
      • Log and Filter TCPv6 traffic
      • Log and Filter UDPv6 traffic
      • Use 'nping' to generate IPv6 traffic for analysis
      • Create IPv6 Sub-Chains to manage rules
      • Evaluate results
    •  
    • top
    •  

    SELinux Security - Module IV

    • Access Control Models
      • Describe Access Control Model (ACM) theories (DAC/MAC/nDAC)
      • Explain features & shortcomings of Discretionary Access Control (DAC) models
      • Identify key DAC-based utilities
      • Discuss the advantages & caveats of Mandatory Access Control (MAC)models
      • Explore DAC-based programs
    •  
    • SELinux - Basics
      • Discuss subjectsobjects
      • Explain how SELinux is implemented in 2.6.x-based kernels
      • Confirm SELinux support in the kernel
      • Identify key SELinux packages
      • Use sestatus to obtain the current SELinux mode
      • Discuss subject & object labeling
      • Describe the 3 SELinux operating modes
      • Identify key utilities & files, which dictate the current SELinux operating mode
      • Focus on the features of SELinux permissive mode
      • Explore the boot process as it relates to SELinux

    • SELinux - Object Labeling
      • Discuss subject & object labeling
      • Discuss the role of extended attributes (XATTRs)
      • Expose the labels of specific objects
      • Alter the lables of specific objects
      • Configure SELinux to automatically label objects per security policy
      • Reset the system and confirm labels on altered objects
      • Explain security tuples
      • Use fixfiles to restore object labels on running system per security policy
    •  
    • SELinux - Type Contexts - Security Labels Applied to Objects
      • Intro to object security tuples - security labels
      • Attempt to serve HTML content using Apache in SELinux enforcing mode
      • Identify problematic object security labels
      • Serve HTML content in SELinux permissive mode
      • Use chcon to alter object security labels
      • Switch to enforcing mode & confirm the ability to serve HTML content
      • Use restorecon to restore object security context (labels)
    •  
    • SELinux - Basic Commands - Type & Domain Exposition
      • ps - reveal subjects' security context (security label) - Domains
      • ls - reveal objects' security label - Types
      • cp - preserve/inherit security labels
      • mv - preserve security labels
      • id - expose subject security label
    •  
    • SELinux - Targeted Policy - Binary
      • Explain the Targeted Policy's features
      • Discuss policy transitions for domains
      • Compare & contrast confined & unconfined states
      • Exempt Apache daemon from the auspicies of the targeted policy's confined state
      • Evaluate results after exemption
      • Explain the security contexts applied to subjects & objects
      • Peruse key targeted binary policy files
      • Identify the daemons protected by the targeted policy
      • Discuss the unconfined_t domain - subject label
    •  
    • SELinux - Targeted Policy - Source
      • Install the targeted policy source files
      • Identify & discuss TE and FC files
      • Explore file_contexts - context definition for objects
      • Discuss the file context syntax
      • Explain the purpose of using run_init to initiate SELinux-protected daemons
      • Switch between permissive & enforcing modes and evaluate behavior
      • Peruse the key files in the targeted source policy
    •  
    • SELinux - Miscellaneous Utilities - Logging
      • Use tar to archive SELinux-protected objects
      • Confirm security labels on tar-archived objects
      • Use the tar substitute 'star' to archive extended attributes(XATTRs)
      • Confirm security labels on star-archived objects
      • Discuss the role of the AVC
      • Examine SELinux logs - /var/log/messages
      • Alter Syslog configuration to route SELinux messages to an ideal location
      • Use SETools, shell-based programs to output real-time statistics
      • Install & use SEAudit graphical SELinux log-management tool
    •  
    • SELinux - RedHat® Enterprise 5.x - Exploration
      • Explore configuration & key utilities
      • Transition from 'disabled' to 'permissive' mode
      • Focus on Apache web server behavior
      • Enable UserDir functionality & test content access
      • Transition to 'enforcing' mode
      • Examine Apache behvavior in restricted environment
      • Adjust SELinux directives
      • Evaluate results
    •  
    • SELinux - Network Ports - Service Restrictions
      • Explore standard behavior
      • Configure new application bindings
      • Examine SELinux intervention
      • Rectify SELinux configuration for multiple services
      • Evaluate results
    •  
    • top
    •  

    Network Intrusion Detection System (NIDS) Security - Module V

    • Snort NIDS - Installation
      • Peruse the LinuxCBT Security Edition classroom network topology
      • Download Snort
      • Import G/PGP public key and verify package integrity
      • Identify & download key Snort dependencies
      • Install current libpcap - Packet Capture Library
      • Establish security configuration baseline
    •  
    • Snort NIDS - Sniffer Mode
      • Discuss sniffer mode concepts & applications
      • Sniff IP packet headers - layer-3/4
      • Sniff data-link headers - layer-2
      • Sniff application payload - layer-7
      • Sniff application/ip packet headers/data-link headers - all layers except physical
      • Examine packets & packet loss
      • Sniff traffic traversing interesting interfaces
      • Sniff clear-text traffic
      • Sniff encrypted streams
    •  
    • Snort NIDS - Logging Mode
      • Discuss logging mode concepts & applications
      • Log traffic using default PCAP/TCPDump format
      • Log traffic using ASCII mode & examine output
      • Discuss directory structure created by ASCII logging mode
      • Control verbosity of ASCII logging mode & examine output
      • Enhance packet logging analysis by defaulting to binary logging
      • Discuss default nomenclature for binary/TCPDump files
      • Alter binary output options
      • Use Snort NIDS to read binary/TCPDump files
    •  
    • Snort NIDS - Berkeley Packet Filters (BPFs)
      • Explain the advantages to utilizing BPFs
      • Discuss BPF directional, type, and protocol qualifiers
      • Identify clear-text based network applications and define appropriate BPFs
      • Execute Snort NIDS in sniffer mode with BPFs enabled to match interesting traffic
      • Log to the active pseudo-terminal console and examine the packet flows
      • Combine BPF qualifiers to increase packet-matching capabilities
      • Use logical operators to define more flexible BPFs
      • Read binary TCPDump files using Snort & BPFs
      • Execute Snort NIDS in logging/daemon mode
    •  
    • Snort NIDS - Cisco Switch Configuration
      • Examine the current network configuration
      • Identify Snort NIDS sensors and centralized DBMS Server
      • Create multiple VLANs on the Cisco Switch
      • Secure the Cisco Switch configuration
      • Isolate internal and external hosts, sensors and DBMS systems
      • Configure SPAN - Port Mirroring for internal and external Snort NIDS Sensors
      • Examine internal and external packet flows
    •  
    • Snort NIDS - Network Intrusion Detection System (NIDS) Mode
      • Discuss NIDS concepts & applications
      • Prepare /etc/snort - configuration directory for NIDS operation
      • Explore the snort.conf NIDS configuration file
      • Discuss all snort.conf sections
      • Download & install community rules
      • Execute Snort in NIDS mode with TCPDump compliant output plugin
      • Download & install Snort Vulnerability Research Team (VRT) rules
      • Compare & contrast community rules to VRT rules
    •  
    • Snort NIDS - Output Plugin - Barnyard Configuration
      • Discuss features & benefits
      • Configure Syslog based logging and examine results
      • Configure Snort to log sequentially to multiple output locations
      • Implement unified binary output logging to enhance performance
      • Discuss concepts & features associated with post-processing Snort logs
      • Download and install current barnyard post-processor
      • Use barnyard to post-process logs to multiple output destinations
    •  
    • Snort NIDS - BASE - MySQL® Implementation
      • Discuss benefits of centralized console reporting for 1 or more Snort sensors
      • Re-compile Snort on both sensors to support MySQL logging
      • Configure MySQL on Database Management System (DBMS) Host
      • Implement Snort database schema on DBMS Host
      • Configure Snort to log output to MySQL DBMS Host
      • Confirm output logging to the MySQL DBMS Host
      • Prepare DBMS Host for BASE console installation
      • Install BASE and complete schema extension
      • Peruse BASE interface
    •  
    • Snort® NIDS - Rules Configuration & Updates
      • Discuss the concept of rules as related to Snort NIDS
      • Examine Snort rule syntax
      • Peruse pre-defined Snort rules
      • Download & configure oinkmaster to automatically update Snort rules
      • Confirm oinkmaster operation
    •  
    • Snort® NIDS - Ubuntu Installation
      • Identify components
      • Install requisite libraries and helper applicaitons
      • Compile and debug as needed
      • Examine footprint
      • Discuss results
    •  
    • top
    •  

    Packet Capture Analysis Security feat. Ethereal® - Module VI

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Identify key network interfaces to be used for captures
      • Identify connected interfaces on Cisco Switch
      • Explore network topology - IPv4 & IPv6
      • Identify Ethereal installation
      • Enumerate and discuss key Ethereal features
    •  
    • Ethereal® Graphical User Interface (GUI)
      • Identify installation footprint
      • Differentiate between promiscuous and non-promiscuous modes
      • Configure X.org to permit non-privileged user to write output to screen
      • Launch Ethereal GUI
      • Identify the primary GUI components /Packet List | Packet Details | Packet Bytes/
      • Discuss defaults
      • Explore key menu items
    •  
    • TCPDump | WinDump - Packet Capturing for /Linux|Unix|Windows/
      • Discuss defaults, features and applications
      • Use TCPDump on Linux to capture packets
      • Log traffic using default PCAP/TCPDump format
      • Discuss Berkeley Packet Filters (BPFs)
      • Capture and log specific packets using BPFs for analysis with Ethereal
      • Connect to Windows 2003 Server using Remote Desktop (RDesktop) utility
      • Install WinDump and WinPCAP on Windows 2003 Server
      • Identify available network interfaces using WinDump
      • Capture and log packets using WinDump
      • Capture and log specific packets using BPFs with WinDump for analysis with Ethereal
      • Upload captures to Linux system for analysis in Ethereal
    •  
    • Snort® NIDS Packet Capturing & Logging
      • Discuss Snort NIDS's features
      • Confirm prerequisites - /PCRE|LibPCAP|GCC|Make/
      • Download and Import Snort G/PGP key and MD5SUM for Snort NIDS
      • Download, verify, compile and install Snort NIDS
      • Discuss BPF directional, type, and protocol qualifiers
      • Identify clear-text based network applications and define appropriate BPFs
      • Execute Snort NIDS in sniffer mode with BPFs enabled to match interesting traffic
      • Log to the active pseudo-terminal console and examine the packet flows
      • Combine BPF qualifiers to increase packet-matching capabilities
      • Use logical operators to define more flexible BPFs
      • Create captures for further analysis with Ethereal
    •  
    • Sun Snoop Packet Capturing & Logging
      • Connect to Solaris 10 system and prepare to use Snoop
      • Draw parallels to TCPDump
      • Enumerate key features
      • Sniff and log generic traffic
      • Sniff and log specific traffic using filters
      • Sniff using Snoop, HTTP and FTP traffic
      • Save filters for analysis by Ethereal
      • Snoop various Solaris interfaces for interesting traffic
    •  
    • Layer-2 & Internet Control Messaging Protocol (ICMP) Captures
      • Launch Ethereal
      • Identify sniffing interfaces
      • Capture Address Resolution Protocol (ARP) Packets using Capture Filters
      • Discuss and Identify Protocol Data Units (PDUs)
      • Identify default Ethereal capture file
      • Peruse packet capture statistics
      • Identify Cisco VOIP router generating ARP requests
      • Peruse time precision features - deci - nano-seconds
      • Discuss time manipulations - relative to first packet - actual time
      • Reveal protocol information from layer-1 through 7
      • Identify network broadcasts in the packet stream
      • Generate Layer-2 ARP traffic using PING and capture and analyze results
      • Sniff traffic based on MAC addresses using Ethereal and Capture FIlters
    •  
    • User Datagram Protocol (UDP) Captures & Analyses
      • Discuss UDP Characteristics
      • Focus on Network Time Protocol (NTP)
      • Setup NTP strata for testing between multiple systems
      • Analyze NTP - UDP traffic using Ethereal
      • Focus on Domain Name Service (DNS)
      • Install a BIND DNS Caching-Only Server
      • Analyze DIG queries
      • Analyze 'nslookup' queries
    •  
    • Transmission Control Protocol (TCP) Captures & Analyses
      • Discuss TCP Characteristics - Connection-Oriented Services
      • Explain TCP connection rules - Socket creation
      • Sniff TCP traffic using Capture Filters in Ethereal
      • Use Display Filters to parse TCP traffic
      • Sniff FTP traffic
      • Reconstruct FTP flows using TCP Stream Reassembly
      • Differentiate between client and server flows
      • Quantify client and server flows
      • Discuss embedded Protocol Data Units (PDUs)
      • Sniff Internet Protocol Version 6 (IPv6) traffic
      • Peruse and discuss the IPv6:TCP:FTP traffic dump
      • Analyze TCP Sockets
    •  
    • Ethereal Display Filters - Post Processing Filters
      • Identify previously captured - TCPDump - Ethereal - Snort - Snoop - Dumps
      • Discuss features
      • Explain Display Filter syntax
      • Post-process previously captured traffic dumps
      • Identify the various methods to exact display filters
      • Filter data using the expression builder
      • Filter traffic based on interesting properties
      • Filter traffic using logical operators
    •  
    • Ethereal Statistics
      • Discuss features
      • Explore the summary (metadata) of captured packets
      • Peruse the protocol hierarchy - Layer's 1 - 7 of OSI
      • Examine network conversations of captured packets
      • Identify Destinations in packet dumps
      • Examine ICMP statistics
    •  
    • Text-based Captures with Tethereal
      • Discuss features and applications
      • Identify 'tethereal' and invoke
      • Enumerate network interfaces
      • Sniff generic network traffic
      • Suppress capture output
      • Apply Capture Filters
      • Capture UDP Traffic
      • Capture TCP Traffic
    •  
    • Intranet-based Captures & Analysis
      • Discuss Intranet monitoring objectives
      • Analyze the network topology drawing
      • Discuss Unicast, Broadcast and Multicast traffic
      • Discuss Switch Port Mirroring - SPAN
      • Configure Port Mirroring - SPAN on Cisco Switch for interesting ports
      • Dedicate a network interface for sniffing traffic
      • Configure Snort NIDS to sniff traffic on dedicated network interface
      • Analyze Snort NIDS captures in Ethereal
      • Sniff traffic between various Intranet hosts
    •  
    • Internet-based Captures & Analysis
      • Discuss Internet monitoring objectives
      • Identify key external interfaces to monitor
      • Update the Port Mirroring configuration to capture Internet traffic
      • Capture external traffic
      • Analyze using Ethereal
    •  
    • Wireless-based Captures & Analysis
      • Discuss Wireless monitoring objectives
      • Connect to remote system with wireless interface
      • Enable wireless interface
      • Sniff traffic on wireless network
      • Analyze using Ethereal
    •  
    • Windows-based Captures & Analysis on Windows
      • Download and Install Ethereal for Windows
      • Explore interface
      • Load previously captured data
      • Analyze data
      • Compare and contrast with Ethereal for Linux|Unix systems
    •  
    • WireShark® on MacOSX®
      • Download and Install
      • Explore interface
      • Load previously captured data
      • Analyze data
      • Capture new data
      • Evaluate results
    •  
    • top
    •  

    PAM Security - Module VII

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Explore network topology
      • Identify primary PAM systems
      • Enumerate and discuss key PAM features
    •  
    • PAM Rules Files & Syntax
      • Identify key PAM configuration files
      • Explain the purpose of the /etc/pam.d/other PAM rules file
      • Discuss PAM's 4 management tasks
      • Identify the 4 tokens supported within PAM rules files
      • Explain possible values for the 4 supported rules file tokens
      • Discuss PAM's stacking of rules for the 4 management tasks
      • Examine the /etc/pam.d/sshd PAM rules file for the SSHD service/daemon
      • Explore the contents of included PAM rules files
    •  
    • Common PAMs - Identify & Discuss Commonly Implemented PAMs
      • Explain the purpose and implementation of pam_echo
      • Test pam_echo using SSH
      • Explain the purpose and implementation of pam_warn
      • Explain the purpose and implementation of pam_deny
      • Identify instances of pam_warn and pam_deny modules
      • Explain the purpose and implementation of pam_unix2
      • Identify instances of pam_unix2 module
      • Explain the purpose and implementation of pam_env
      • Explain the purpose and implementation of pam_ftp
      • Peruse /etc/pam.d/vsftpd and discuss the implemenation of pam_ftp
      • Explain the purpose and implementation of pam_lastlog
      • Explain the purpose and implementation of pam_limits
      • Explain the purpose and implementation of pam_listfile
      • Explain the purpose and implementation of pam_nologin
    •  
    • Account Policies with PAM
      • Explain authentication flow when using PAM
      • Discuss account policies features
      • Identify and peruse the default account policies file: /etc/login.defs
      • Discus PAM's usage of /etc/login.defs as it pertains to system security
      • Discuss pam_pwcheck is maintaining system policy
      • Configure pam_pwcheck to support minimum password length
      • Correlate pam_pwcheck system policy to user accounts database
      • Configure pam_pwcheck to support password history
      • Use chage to enumerate and change user accounts' attributes associated with system policy
    •  
    • PAM Tally
      • Explain applications of pam_tally
      • Identify failed logins log file: /var/log/faillog
      • Identify PAM authentication messages in /var/log/messages
      • Compare and contrast pam_tally with faillog
      • Use pam_tally to display user's tally
      • Enable pam_tally system-wide with desired policy
      • Fail to login multiple times, exceeding the system policy and evaluate results
      • Reset user's login count using pam_tally and faillog
      • Redirect PAM log messages using Syslog-NG
    •  
    • PAM Password Quality Check (pam_passwdqc)
      • Identify pam_passwdqc using RPM
      • Discuss features
      • Enumerate the supported password character classes - Complex passwords
      • Replace pam_pwcheck with pam_passwdqc using at least 2 character classes
      • Test password policy in non-enforcing mode
      • Evaluate the effects
      • Enable password policy in enforcing mode and evaluate
      • Alter character class and length (complexity) requirements and evaluate
    •  
    • PAM Time - Time-based Access Control
      • Discuss features
      • Explain configuration file syntax
      • Impose restrictions on common services
      • Evaluate results
    •  
    • PAM Nologin
      • Discuss features
      • Explain configuration file syntax
      • Implement nologin module via /etc/nologin
      • Evaluate results
    •  
    • PAM Limits - System Resource Limits Controlled by PAM
      • Discuss features
      • Explain configuration file syntax
      • Impose restrictions on system resources
      • Evaluate results
    •  
    • PAM Authentication with Apache
      • Discuss features and desired result
      • Install Apache and development modules providing apxs support
      • Download PAM Apache module
      • Compile and install PAM Apache module
      • Configure Apache web site to support PAM
      • Evaluate results
    •  
    • PAM Make $HOME Dir
      • Explore features
      • Implement pam_mkhomedir
      • Create new accounts without $HOME
      • Evaluate module results
    •  
    • PAM Execute Processes
      • Discuss applicability
      • Implement pam_exec with various types
      • Evaluate module results
    •  
    • PAM Password History | Policy Enforcement
      • Discuss benefits
      • Implement pam_pwhistory
      • Tweak defaults
      • Evaluate module results
      • Implement pam_pwcheck
      • Contrast with pam_pwhistory
      • Apply policy to all users
      • Evaluate resuls
    •  
    • PAM Wheel
      • Consider applications
      • Implement pam_wheel
      • Evaluate resuls
    •  
    • top
    •  

    Open Secure Shell version 2 (OpenSSHv2) Security - Module VIII

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Identify key systems to be used
      • Explore network topology
      • Enumerate and discuss key OpenSSHv2 features
    •  
    • Identify Key OpenSSHv2 Components
      • Identify installed OpenSSHv2 related packages
      • Peruse related startup and run-control script files
      • Locate 'sshd' on the file system
      • Discuss related client | server configuration files
    •  
    • OpenSSHv2 Client - /ssh/
      • Discuss features and benefits
      • Obtain shell access on a remote system
      • Configure /etc/hosts to provide local name resolution for OpenSSHv2
      • Identify and discuss pseudo-terminals - pty
      • Redirect X11/X.org traffic to localhost via SSH
      • Bind 'ssh' to specific source IP address and test connectivity
      • Execute commands on remote system without allocating a pseudo-terminal
      • Debug 'ssh' connectivity
      • Explore the system-wide client configuration file
      • Explore user configuration file
    •  
    • Secure Copy Program (SCP) - /scp/
      • Discuss features and benefits
      • Locate 'scp' on the file system
      • Discuss usage
      • Copy, non-interactively, previously generated data to remote systems
      • Test 'scp' with global and user configuration directives
      • Debug 'scp' connectivity
      • Limit transfer rate to conserve bandwidth
    •  
    • Secure File Transfer Program (SFTP) - /sftp/
      • Discuss features and benefits
      • Locate 'sftp' on the file system
      • Discuss usage
      • Connect to remote system using 'sftp' interactive shell
      • Issue puts and gets and evaluate results
      • Identify the sftp-server subsystem
      • Peruse process list while connected to OpenSSHv2 server
      • Illustrate batch file usage
    •  
    • SSH Key Scan Utility - /ssh-keyscan/
      • Discuss features and benefits
      • Locate 'ssh-keyscan' on the file system
      • Discuss usage
      • Scan the network from STDIN for OpenSSHv2 public keys - RSA (SSHv1 & SSHv2) | DSA
      • Scan the network based on a file with a list of hosts for OpenSSHv2 public keys
      • Populate ~/.ssh/known_hosts file using 'ssh-keyscan' with BASH for loop
      • Compare and contrast STDOUT with the output file
    •  
    • SSH Key Generation Utility - /ssh-keygen/
      • Discuss features and benefits
      • Locate 'ssh-keygen' on the file system
      • Discuss usage
      • Generate RSA-2 usage keys
      • Identify RSA-2 public and private key pair
      • Generate DSA usage keys
      • Identify DSA public and private key pair
      • Expose usage keys' fingerprint using 'ssh-keygen'
      • Generate RSA-2 | DSA usage keys for all hosts
    •  
    • Public Key Infrastructure (PKI) - Password-less Logins
      • Discuss features and benefits
      • Identify key files for client and server implemenation of password-less (PKI-based) logins
      • Copy manually, RSA-2 | DSA public keys to remote system's ~/.ssh/authorized_keys file
      • Test password-less logins
      • Use 'ssh-copy-id' to seamlessly populate remote system with RSA-2 | DSA usage keys
      • Test password-less connectivity after using 'ssh-copy-id'
      • Confirm password-less connectivity using SSH clients /ssh|scp|sftp/ in debug mode
      • Connect to privileged account from non-privileged account using PKI
      • Configure RSA-1 connectivity using PKI
    •  
    • System-wide OpenSSHv2 Configuration Directives
      • Identify key directory and files associated with client | server configuration
      • Explore primary server configuration file
      • Discuss applicability of directives
      • Alter and test several SSHD directives
      • Explore OpenSSHv2 configuration on RedHat Linux
      • Explore OpenSSHv2 configuration on Solaris 10
    •  
    • Port Forwarding - Pseudo-VPN Support - /Local|Remote|Gateway/
      • Discuss features and benefits
      • Implement local port forwarding using 'ssh'
      • Configure remote port forwarding using 'ssh'
      • Test circumvention of local firewall using remote port forwarding
      • Implement gateway ports to share forwarded /local|remote/ with connected users
      • Test connectivity
    •  
    • Windows Integration - /PuTTY|WinSCP/
      • Discuss features and applications
      • Download and install PuTTY
      • Explore PuTTY's features
      • Configure PKI logins
      • Download and install WinSCP
      • Explore WinSCP's features
      • Move data between Windows, Linux and Solaris
    •  
    • Syslog | Syslog-NG Configuration
      • Discuss features and benefits
      • Identify default configuration
      • Redirect OpenSSHv2 data using Syslog and Syslog-NG
      • Examine results
      • Enable debugging
    •  
    • Host-based Authentication
      • Discuss applicability and caveats
      • Identify key configuration files and directives
      • Implement host-based authentication
      • Test results
    •  
    • OpenSSHv2 Source Installation
      • Discuss features and benefits
      • Download current OpenSSHv2 source code
      • Compile and install
      • Restart services|daemons
      • Test new version of OpenSSHv2
    •  
    • Secure OpenSSHv2 Implementation
      • Discuss features and benefits
      • Identify key configuration file
      • Enumerate and implement key directives
      • Test configuration
    •  
    • Upgrade OpenSSHv2
      • Identify target systems
      • Download latest OpenSSH source code
      • Compile with compatible options
      • Test installation
    •  
    • CHROOT - SFTP Connections
      • Discuss features and benefits
      • Implement CHROOT SFTP sessions for specific users
      • Evaluate results
    •  
    • top
    •  

    OpenPGP Security - Module IX

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Identify key systems to be used
      • Explore network topology
      • Enumerate and discuss key OpenPGP features
    •  
    • Explore GPG Configuration
      • Identify installed GPG packages in various Linux distros
      • Discuss the key contents of those packages
      • Explore configuration hierarchy
      • Discuss security as it pertains to private key management
      • Explain the purpose of public and private keys
      • Discuss symmetric and asymmetric encryption provided by OpenPGP-compliant Apps
    •  
    • Generate | Import | Export OpenPGP Usage Keys
      • Discuss features and benefits
      • Obtain shell access on remote systems
      • Generate usage (private|public) keys
      • Identify the generated keys
      • Discuss how usage keys are used
      • Generate usage keys on remote systems
      • Export OpenPGP public key chain on various systems
      • Import OpenPGP public keys on various systems
      • Evaluate the results of exchanging public keys
    •  
    • Digital Signatures
      • Discuss features and benefits as they pertain to data integrity
      • Identify default digital signatures on multiple hosts
      • Explain the differences between signing and encrypting correspondence
      • Sign and export data to remote systems - Inline
      • Create detached OpenPGP signatures for data
      • Confirm the signed data on the remote systems
      • Recap non-repudiation benefits provided by digitally signing correspondence
    •  
    • Encryption | Decryption | Sign & Encrypt Content
      • Discuss features and benefits
      • Generate files for usage
      • Encrypt content using symmetric (shared-key) algorithm
      • Decrypt content using the shared-key, based on the symmetric algorithm
      • Evaluate results on multiple machines
      • Explain caveats associated with symmetric encryption
      • Encrypt content to a given recipient, using their public key - asymmetric encryption
      • Decrypt content on various hosts
      • Attempt to decrypt content without the corresponding private key
      • Evaluate results
      • Encrypt using ASCII-armoured and binary (OpenPGP-compliant) formats
      • Decrypt both ASCII-armoured and binary formats
      • Recap encryption decryption processes
      • Discuss the requirements of signing and encrypting content
      • Sign and encrypt content to various recipients
      • Confirm signed and encrypted content
      • Attempt to confirm and decrypt content as the unintended recipient
      • Evaluate results
    •  
    • OpenPGP Key Management | Web of Trust | Internet Key Distribution
      • Discuss features and benefits
      • Explore GPG key management facility
      • Update properties of public/private key pairs
      • Add sub-keys to public/private key pairs
      • Sign remote users' public keys
      • Evaluate results
      • Discuss the web of trust functionality
      • Create a web of trust with various hosts
      • Evaluate trust confirmation
      • Discuss the features of OpenPGP Internet key distribution servers
      • Generate and upload public keys to an Internet key server
      • Download the uploaded public keys to the public keyrings of various hosts
      • Evaluate results
    •  
    • Perl Scripting with GPG
      • Discuss features and benefits
      • Create a Perl script to backup key directories and files
      • Ensure that the script GPG-protects the content post-backup
      • Include error-handling to ensure that each step of the script is routed appropriately
      • Configure the script to transfer the encrypted content to a remote host ust 'scp'
      • Evaluate results
    •  
    • OpenPGP (GPG | PGP Desktop) on Win32
      • Discuss features and benefits
      • Download and install GPG for Win32
      • Generate usage keys
      • Exchange public keys with a user on a Linux system
      • Sign and encrypt content to and from the Win32 user
      • Confirm results
      • Download and install GPG4WIN (GUI-based GPG for Win32)
      • Explore features
      • Sign and encrypt content to and from the Win32 user
      • Confirm results
      • Integrate GPG4WIN with MS Outlook
      • Sign and encrypt e-mail messages
      • Confirm and decrypt e-mail messages
      • Install PGP Desktop for Win32
      • Explore features and interface
      • Generate usage keys
      • Exchange public keys with Linux user
      • Sign and encrypt content to and from the Win32 user using PGP Desktop
      • Evaluate results
      • Draw parallels between Win32 based OpenPGP tools and GPG for Linux | Unix
      • Recap OpenPGP functionality included in /GPG|GPG4WIN|PGP Desktop/
    •  
    • top
    •  

    Secure File Transfer Protocol (SFTP) Security - Module X

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore network topology
      • Identify key systems to be used
      • Discuss key SFTP features
    •  
    • FTP Analyses - Caveats & Ramifications
      • Identify FTP caveats
      • Intercept FTP Client | Server traffic using TCPDump
      • Analyze traffic streams using WireShark
      • Install PuTTY SFTP | SSH clients on Windows
      • Generate SFTP traffic using PuTTY
      • Analyze SFTP traffic using WireShark
      • Compare and contrast FTP | SFTP traffic streams
      • Disable | Remove FTPD services
    •  
    • Secure Copy Program (SCP)
      • Discuss features and benefits
      • Generate test data for transmissions via SCP
      • Transfer test data to various systems using SCP
      • Confirm applied permissions
      • Use 'pscp' on Windows to transfer test data to various systems
      • Reverse transfers with SCP
      • Implement rate limiting of transfers with SCP
      • Examine SCP behavior with respect to existing | nonexisting data
      • Evaluate results
    •  
    • SFTP on SUSE® Enterprise Linux
      • Connect to remote SUSE Enterprise system
      • Identify key binaries
      • Discuss common command-line options
      • Initiate SFTP sessions
      • Debug corrupt public key upon connection
      • Explore SFTP interactive mode
      • Examine SFTP instances in the process table
      • Transfer data using SFTP
    •  
    • SFTP on RedHat® Enterprise Linux
      • Discuss features and benefits
      • Identify key binaries
      • Initiate connections
      • Perform puts and gets
      • Enable debugging on multiple levels and evaluate key output
      • Explore remote and local identity files for SSHv1 & SSHv2
      • Evaluate results
    •  
    • SFTP on Solaris®
      • Discuss features and benefits
      • Obtain pseudo-terminal on Solaris system
      • Identify key binaries
      • Compare and contrast Linux | Solaris 'sftp' options
      • Transfer test data
      • Examine transfer status in progress
      • Enable debugging
      • Discuss the function of the 'known_hosts' file
      • Explain SFTP key management
      • Explore identify files
      • Examine escape character sequences in SFTP and SSH
    •  
    • SFTP on MacOSX®
      • Discuss features and benefits
      • Initiate SSH session with debugging on MacOSX
      • Explore debug output
      • Identify key binaries and associated permissions
      • Peruse 'sftp' command-line options
      • Connect to Solaris system into non-standard location
      • Discuss first-time SFTP|SSH connectivity ramifications
      • Transfer test data and evaluate
      • Identify global configuration files - contrast with Linux|Solaris
      • Use 'sftp' non-interactively
    •  
    • SFTP on Windows® Server
      • Discuss features and benefits
      • Initiate 'rdesktop' session to Windows Server
      • Configure and use PuTTY
      • Explore 'psftp' interactive commands - contrast with Linux|Solaris|MacOSX
      • Initiate connectivity with 'psftp' interactively
      • Use 'psftp' to transfer test data
      • Enable debugging
    •  
    • SFTP with FileZilla
      • Discuss features and benefits
      • Download FileZilla
      • Configure to use SFTP
      • Initiate connections to remote systems
      • Transfer test data
      • Use PuTTY to examine SFTP PID on remote system for FileZilla
    •  
    • Public Key Authentication with SFTP
      • Discuss features and benefits
      • Generate PKI usage keys on various platforms
      • Identify key files
      • Share usage keys with communicating partners
      • Initiate passwordless connections
      • Move test data seamlessly
      • Integrate FileZilla with PuTTY public key authentication
      • Evaluate results
    •  
    • SFTP on FreeBSD
      • Discuss features and benefits
      • Identify key binaries
      • Initiate oubound SFTP connections from FreeBSD to various hosts
      • Enable debugging
      • Dictate identity file selection via the command-line
      • Use wildcards and metacharacters with 'sftp'
      • Enable debugging
      • Enable SSH server on non-standard port
      • Evaluate connectivity via command-line override
      • Use the shell within interactive SFTP sessions
    •  
    • SFTP - Batch Processing Mode
      • Discuss features and benefits
      • Define and execute a simple batch
      • Evaluate results
      • Explore error handling of the batch processor
      • Supply input from STDIN
      • Expand the batch process to include more useful steps
      • Create and execute a simple backup process for SFTP
      • Integrate SFTP batch process with Cron
    •  
    • SFTP Configuration Control
      • Discuss features and benefits
      • Explore: command-line, user, and system-wide logic and options
      • Implement directives at each tier and evaluate
    •  
    • LFTP with SFTP
      • Discuss features and benefits
      • Initiate manual connections
      • Define connection string for automation
      • Connect to remote systems via SFTP
      • Enable debugging
      • Explore how LFTP uses SSH to function similar to SFTP
      • Transfer test data
      • Configure LFTP to use public key auth
      • Define batch steps to move test data
      • Evaluate results
    •  
    • Restrict SSH Sessions to SFTP Only
      • Discuss features and benefits
      • Explore key configuration files
      • Apply changes to various hosts
      • Evaluate results
    •  
    • IPv6 Integration
      • Explore IPv6 environment
      • Configure name resolution for IPv6
      • Test IPv6 connectivity with SFTP
      • Evaluate results
    •  
    • top
    •  

    Berkeley Packet Filters (BPF) Security - Module XI

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore network topology
      • Identify key systems to be used
      • Discuss key BPF features
    •  
    • Type Qualifiers
      • Identify type qualifiers
      • Explore examples
      • Write filters for various scenarios
      • Test and debug filters
    •  
    • Directional Qualifiers
      • Discuss features and benefits
      • Identify directional qualifiers
      • Write filters for various scenarios
      • Test and debug filters
    •  
    • Protocol Qualifiers
      • Identify protocol qualifiers
      • Explore a number of protocols and options
      • Write filters for various scenarios
      • Test and debug filters
      • Combine type, directional and protocol qualifiers
      • Evaluate results
    •  
    • Rule (Filter) Negation | Alternation | Concatenation
      • Discuss features and benefits
      • Write alternated filters for various scenarios
      • Write concatenated filters for various scenarios
      • Write negated filters for various scenarios
      • Test and debug filters
      • Evaluate results
    •  
    • Rule (Filter) Segregation with Parenthetical Statements
      • Discuss features and benefits
      • Write parenthesized rules for various scenarios
      • Write alternative rules and contrast
      • Test and debug parenthesized and alternative rules
      • Evaluate results
    •  
    • TCPDump & Windump
      • Discuss features and benefits
      • Explore useful features of both utilities
      • Execute with key options
      • Apply additional BPFs
      • Evaluate results
    •  
    • BPFs with Snort® NIDS|NIPS
      • Discuss features and benefits
      • Install Snort®
      • Explore useful options
      • Apply predefined BPFs
      • Evaluate results
    •  
    • BPFs with WireShark Capture | Analysis Engine
      • Discuss features and benefits
      • Explore useful options
      • Invoke with useful options
      • Apply predefined BPFs
      • Extend and archive BPFs
      • Evaluate results
    •  
    • BPF Lists
      • Discuss features and benefits
      • Generate BPF lists for sample scenarios
      • Supply lists to utilities for processing
      • Archive lists for reuse
      • Evaluate results
    •  
    • top

    Reconnaissance Security with Nmap - Module XII

    • Introduction - Topology - Features
      • Enumerate important Nmap features
      • Explore network topology
      • Identify key systems to be used
    •  
    • Nmap Installation
      • Identify target platforms
      • Import P/GPG signatures
      • Obtain sources and checksums
      • Confirm P/GPG signatures and checksums
      • Install Nmap on multiple platforms
    •  
    • Host Discovery
      • Discuss features and benefits
      • Evaluate various discovery methods
      • Survey topology
      • Identify targets
      • Compare & contrast findings
    •  
    • TCP | UDP Scans
      • Explore common scan techniques
      • Identify available services
      • Confirm Nmap findings
      • Tweak scans accordingly
      • Evaluate results
    •  
    • Operating System | Service Detection | Versioning
      • Discuss features and benefits
      • Identify available operating systems
      • Pinpoint interesting services
      • Define baseline scans
      • Evaluate results
    •  
    • ZenMap
      • Explore interface
      • Perform common scans
      • Compare & contrast findings
      • Evaluate on multiple platforms
    •  
    • Reporting | Compliance | ndiff
      • Highlight rationale
      • Generate usage reports
      • Detect toplogical changes
      • Compare results with 'ndiff'
      • Evaluate results
    •  
    • Nmap Scripting Engine (NSE)
      • Explore Nmap extensions
      • Discuss usage
      • Ascertain NSE-provided data from targets
      • Evaluate various NSE scripts
    •  
    • Timing | Performance
      • Explore timing | performance options
      • Tweak Nmap's responsiveness
      • Evaluate efficacy
    •  
    • Useful | Interactive Options
      • Evaluate miscellaneous Nmap options
      • Interact with Nmap scans accordingly
      • Evaluate results
    •  
    • NMap Version 6x
      • Obtain and Install from Sources
      • Upgrade on various systems
      • Identify key improvements
      • Perform scans and evaluate
      • Peruse ZenMap version 6x GUI
      • Contrast accordingly
      • Evaluate results
    •  
    • top

    Key-Files Security - Module XIII

    • Introduction - Topology - Features
      • Discuss areas of concern
      • Expose available systems
      • Prepare to study important files
    •  
    • Boot Partition
      • Identify /boot setup on various systems
      • Enumerate key files regarding boot sequence
      • Peruse various configuration files
      • Present hypothetical areas of failure
      • Contrast with Windows boot implementation
    •  
    • INIT Environment
      • Discuss traditional INIT implementation
      • Identify important files across distributions
      • Examine INIT.D and RC hierarchies
      • Propose methods of ensuring integrity of environment
    •  
    • Kernel Modules Environment
      • Identify key directory hierarchy
      • Discuss applicability
      • Explore various modules related configuration files
      • Enumerate loaded modules and correlate to FS taxonomy
      • Correlate detected modules to loaded and available modules
    •  
    • PROC File System
      • Discuss usage and applicability
      • Descend PROC hierarchy accordingly
      • Identify PID tree and related descriptors
      • Recover Kernel invocation method
      • Expose supported Paritions, File Systems & Devices
      • Dump CPU & Memory configuration
      • Peruse other applicable PROC entries
    •  
    • SBIN Executables
      • Identify available SBIN containers
      • Expose SETGID and SETUID SBIN entries
      • Enumerate relevant client system binaries
      • Locate important SBIN daemons | services
      • Discuss storage management SBIN entries
      • Find interface and network related SBIN entries
    •  
    • System Control Configuration
      • Explain applicability
      • Identify user space process
      • Enumerate default configuration directives
      • Define common variables influencing system behavior
      • Committ variables for persistence
      • Discuss potential areas of concern with system configuration
      • Evaluate results
    •  
    • INETD | XINETD Configuration
      • Explain super server usage
      • Identify both INETD and XINETD on relevant systems
      • Expose controlled services
      • Disable superfluous super-server controlled services
    •  
    • User Accounts Environment
      • Discuss relevance of securing related files
      • Explain default files
      • Suggest areas of concern regarding compromised entries
      • Tighten default security policy related to user accounts
    •  
    • Pluggable Authentication Modules (PAM)
      • Identify key files related to PAM AUTH
      • Expose baseline configuration based on current definition
      • Locate baseline PAM libraries and discuss strategies
      • Compare and contrast environmental differences across accounts
    •  
    • Hosts | Protocols | Services
      • Explain relevance of these key files
      • Discuss typical name resolution process
      • Identify baseline confguration
      • Affect changes to relevant files and evaluate
      • Discuss typical malware impact on key files
    •  
    • NSSWITCH Configuraton
      • Explain importance and relevance
      • Identify various implementations
      • Make changes to name resolver configuration
      • Evaluate results
    •  
    • DNS Client Resolution Configuration
      • Identify key files governing client resolution
      • Perform queries with incorrect resolution
      • Correct resolution accordingly
      • Vary configuration and evaluate results
    •  
    • User Profiles Environment
      • Discuss applicable entries related to profiles
      • Delineate between system-wide and user-wide configurations
      • Examine relevant profile files for $SHELL and GUI environments
      • Posit suggestions to tighten baseline
      • Evaluate accordingly
    •  
    • System Scheduler Environment
      • Discuss importance of CRON
      • Identify system and user-wide configuration files
      • Propose methods of tightening configuration
      • Evaluate resuls
    •  
    • DNS Server Configuration
      • Discuss importance of traffic direction services
      • Identify key files across distributions
      • Suggest areas to enhance security posture
      • Intersperse corrupt DNS values and evaluate influence
    •  
    • SYSLOG Configuration
      • Discuss applicability
      • Review baseline configuration
      • Hypothesize possible data-leakage opportunities
      • Propose methods of configuration augmentation
    •  
    • SSH | Client | Server | Files
      • Discuss importance of file correlation
      • Identify key client files
      • Change client file data and evaluate behavior
      • Identify outdated key file information
      • Generate usage keys and propagate
      • Test communications
      • Identify key server files
      • Discuss implications of SSH configuration
    •  
    • top

    Intro to Configuration Management Security feat. Puppet - Module XIV

    • Introduction - Puppet - Features
      • Identify key systems in topology
      • Discuss Puppet Features
      • Relate Configuration Management to Common Security Principles
      • Discuss relevant Internet Sockets
    •  
    • Puppet Installation
      • Identify available downloads
      • Download platform-dependent packages
      • Install Puppet Master
      • Install Puppet Agents (Nodes | Clients)
      • Enable Agents for Puppet Management
      • Evaluate accordingly
    •  
    • Console Management
      • Access Puppet Console (Dashboard)
      • Explore interface and discuss capabilities
      • Provision and Test Users
      • Peruse Agents' Configuration Details
    •  
    • Live Management
      • Discuss MCollective
      • Identify on-the-wire resources in Real-Time
      • Compare relevant system components
      • Contrast cross-platform resources
      • Identify same-platform common properties
      • Clone resources on-demand
      • Evaluate accordingly
    •  
    • Modules | Classes
      • Discuss Class | Module Model
      • Identify default Classes | Modules
      • Explain Puppet inheritance options
      • Explore default inheritance
      • Identify Nodes and Groups
    •  
    • Node | Agent Provisioning
      • Discuss applicabilitiy
      • Explore templates for inheritance
      • Add Nodes (Agents) across platforms
      • Peruse applicable inheritance
      • Evaluate results
    •  
    • Standardize Resources
      • Use Live Management to identify discrepancies
      • Rectify discrepancies according to platform similarities
      • Confirm provisioned resources across Nodes (Agents)
      • Achieve a consistent configuration of resources across Nodes
      • Identify remaining discrepancies
      • Evaluate results
    •  
    • LogRotate Module
      • Discuss features and benefits
      • Identify currently install modules
      • Peruse Puppet Forge and relevant modules
      • Install LogRotate Module
      • Standardize configuration across systems
      • Confirm configurations
    •  
    • HOSTS Module
      • Discuss features and benefits
      • Identify cross-host discrepancies
      • Normalize HOSTS configuration accordingly
      • Confirm applied entries on disparate instances
    •  
    • Secure FTP Server Module
      • Discuss features and beneftis
      • Group Nodes (Agents) for application
      • Identify and Install FTP Server Module
      • Explore default configuration
      • Tweak default configuration accordingly
      • Apply changes to a single Test Node
      • Confirm results
      • Apply changes to group of Nodes
      • Re-confrm ramifications
    •  
    • Secure $SHELL Module
      • Discuss features and benefits
      • Identify desirable module on the Forge
      • Install module and explore configuration
      • Discuss Client | Server Configuration options
      • Default to widespread Client | Server Configuration changes
      • Apply to Test Node
      • Confirm results
      • Apply to applicable Nodes
      • Confirm normalized application of configuration across Agents
    •  
    • DenyHosts Module
      • Discuss features and benefits
      • Identify available modules on the Forge
      • Install accordingy
      • Explore default options
      • Apply to Test scenario
      • Confirm results match organizational policy
      • Apply to desired Agents and re-confirm applicability
    •  
    • DNS Client Resolution Configuration
      • Identify key files governing client resolution
      • Perform queries with incorrect resolution
      • Correct resolution accordingly
      • Vary configuration and evaluate results
    •  
    • User Profiles Environment
      • Discuss applicable entries related to profiles
      • Delineate between system-wide and user-wide configurations
      • Examine relevant profile files for $SHELL and GUI environments
      • Posit suggestions to tighten baseline
      • Evaluate accordingly
    •  
    • top

    Intro to Web Server Scanning with Nikto - Module XV

    • Introduction - Nikto - Features
      • Discuss Nikto Features
      • Pinpoint useful online resources
      • Identify key systems in topology
      • Explore possible scan targets
    •  
    • Nikto Installation
      • Download Nikto Web Scanner
      • Perform Installation
      • Explore run-time environment
      • Discuss Plugins - Signatures - DBs
      • Peruse configuration entries
      • Mention key CLI options
    •  
    • Staging Scan
      • Identify Staging targets
      • Scan Staging to ascertain server metadata
      • Perform comprehensive scans of targets
      • Watch web logs while scans are ongoing
      • Alter display of Web Scan Requests and Responses
      • Rule-out false-positives
      • Adjust security posture where applicable
      • Re-scan and compare and contrast
    •  
    • Production Scan
      • Identify PROD web instance
      • Discern useful metadata with reconnaissance
      • Drill deeper to determine more relevant attributes
      • Attempt to identify vulnerabilities on target
      • Peruse findings accordingly
      • Suggest methods of filtering false-positives
    •  
    • Reporting | Logging
      • Compare STDOUT to Report Data
      • Discuss Logging | Reporting options and formats
      • Enable Reports on various scans
      • Vary target reports for Cron mode
      • Tweak scans and redirect output accordingly
    •  
    • SSL Scans
      • Discuss applicabilitiy
      • Identify key options
      • Enable SSL scanning on targets
      • Compare Staging and Production output
      • Examine supported ciphers on targets
      • Search for cipher weaknesses
      • Evaluate results
    •  
    • Proxy Server Relay Scans
      • Discus pros and cons of Proxy Usage
      • Identify Squid Proxy Facility
      • Update Nikto configuration to support Proxy Usage
      • Perform Proxy Scans from multiple Web Scanners
      • Evaluate Proxy Requests | Responses in Real-Time
      • Compar and Contrast performance differentials
      • Evaluate results
    •  
    • Nikto Scan Tuning
      • Discuss features and benefits
      • Identify key Tuning Options
      • Filter scans to focus on targeted Plugins
      • Initiate multiple Tuned Scans
      • Evaluate Results
    •  
    • Web Application Attack Audit Framework (w3af)
      • Discuss features and benefits
      • Obtain sources
      • Fulfill dependencies
      • Launch and peruse interface
      • Execute common scans
      • Evaluate and discuss ongoing
    •  
    • top

    Parallel Secure Shell | Features | Usage | Implementatio - Module XVI

    • Introduction - Parallel-SSH - Features
      • Explore features and benefits
      • Provide use-case examples
      • Contrast standard SSH with Parallel-SSH
      • Identify Target Hosts
      • Explore topography
      • Explore environment
    •  
    • Standard Secure Shell | Features | Usage | Implementation
      • Contrast both toolkits
      • Explore 'ssh' use-cases
      • Use 'scp' for non-interactive secure copies
      • Use 'sftp' to interactively move data
      • Identify existing usage keys
      • Generate requisite usage keys
      • Populate usage keys on target nodes
      • Confirm node accessibility
      • Run simple commands on distributed nodes
      • Confirm PROD environment
    •  
    • Parallel-SSH | Features | Usage
      • Enumerate important features
      • Prep list of distributed | cluster nodes
      • Evaluate Password-AUTH
      • Enable PKI Password-less AUTH
      • Specify hosts manually and automatically
      • Perform tasks on multiple nodes simultaneously
      • Confirm tasks have been executed
      • Troubleshoot as needed
    •  
    • Parallel-SCP | Features | Usage
      • Discuss use cases
      • Discuss caveats
      • Contrast with traditional 'scp'
      • Propagate content to distributed nodes in parallel
      • Restrict parallelism to improve performance
      • Confirm content availability
      • Address issues that arise
    •  
    • Parallel-RSYNC | Features | Usage
      • Discuss key opportunities
      • Contrast with traditional 'rsync'
      • Highlight 'rsync' benefits
      • Explore general usage
      • Mirror content via recursion
      • Troubleshoot missing 'rsync'
      • Move data as conjured
      • Evaluate overall usage
    •  
    • Parallel-SLURP | Use-Cases
      • Discuss features
      • Contrast with common Parallel-SSH tools
      • Contrast with traditional Linux | Unix equivalents
      • Explore general usage
      • Test with wildcard
      • Archive system configuration files ad-hoc
      • Contrast with defaults
      • Enable temporary synchronization configuration
      • Consider non-existing files on targets
      • Evaluate footprint of slurps
      • Highlight caveats
      • Evaluate results
    •  
    • Parallel-NUKE | Use-Cases
      • Highlight features
      • Contrast with $SHELL access
      • Launch processes for execution
      • Execute various processes
      • Execute arbitrary service
      • Contrast service with regular process
      • Trace service execution results
      • Evaluate results
    •  
    • top

LinuxCBT Security Edition

  •  
DEMO