Related Courses:

• Foundstone Ultimate Hacking
• Foundstone Ultimate Hacking: Expert
• Foundstone Ultimate Hacking: Web
• Foundstone Ultimate Hacking: Windows Security
• Foundstone Ultimate Hacking: Wireless
• Foundstone Writing Secure Code - ASP.NET (C#)
• Foundstone Writing Secure Code - Java (J2EE)

What You'll Learn

• How to effectively monitor the network for inappropriate behavior
• Intrusion detection techniques and how to implement an Intrusion Detection System (IDS)
• Network reconnaissance techniques
• Windows and UNIX attacks and defense methodologies
• Techniques to bypass firewalls
• SQL injection techniques and buffer overflows
• Security scripting techniques and programming for security engineers
• Tunneling traffic and sniffing switched environments

Course Outline:

Day 1 - The Network
Day one sets the foundation for penetration tests by establishing a strong basis in network monitoring, scanning, and attacks. Emphasis is placed on the tools and techniques used to monitor for potentially malicious activity, as well as the processes required to methodically perform network and host reconnaissance.

• Network Monitoring
• The case for monitoring and detection
• Advanced usage of full-content monitoring tools
• Analyzing full-content and session data
• Implementing an Intrusion Detection System (IDS)
• Illicit Monitoring
• Sniffing in a switched environment
• Passive host discovery
• Session hijacking
• Man-in-the-Middle attacks
• Network Reconnaissance
• Source port scans
• Advanced OS identification
• Service enumeration against non-standard ports
• Advanced port scanning techniques
• Analyzing tool signatures

Throughout the day, students participate in labs that build proficiency and reinforce the topics presented. These labs include setting up a Snort IDS, sniffing in a switched environment, hijacking encrypted login sessions, and injecting binary nudge strings to identify remote services.

Day 2 - Attacking and Defending UNIX
The UNIX day presents numerous issues particular to the UNIX environment, including attacks against common misconfigurations and security mechanisms. Students compile and test malicious rootkits, and then participate in an interactive session on using covert channels over many different protocols.

• Attack and Defense Methodology applied to the UNIX Model
• Enumerate system information
• Penetrate remote services
• Penetrate accounts
• Local attacks and countermeasures
• Expand influence
• Lock down the system
• Loadable Kernel Modules (LKM) and Rootkits
• Install and use a malicious LKM
• Detect an LKM
• Beyond LKM rootkits
• Covert Channels
• Using ICMP, UDP, and TCP to hide traffic
• Techniques to bypass firewalls
• Use network monitoring to identify and analyze covert activity

Each section contains several labs that lead the student through the techniques presented in class. These include using a variety of local and remote exploits, setting up and breaking out of traditional security mechanisms, and modifying proof-of-concept covert channel code.

Day 3 - Attacking and Defending Windows
Focus on Windows-based technologies and their vulnerabilities. The day walks through complete application of an attack and defense methodology as specifically applied to Windows platforms. Preeminence is given to recent Windows security features, and ways to defeat them. Students use Windows-based sniffers to capture and crack passwords, even when Kerberos is implemented. The day ends with a review of the latest database attacks and how to protect this commonly vulnerable service from exploits.

• Attack and Defense Methodology applied to the Windows model
• Footprint systems, domains, and trust
• Scan for enabled services
• Enumerate comprehensive system data
• Penetrate accounts
• Escalate privileges
• Pillage accessible data
• Get interactive privileges
• Expand influence
• Clean up evidence
• Apply techniques to Windows Server 2003, .NET, and other current security considerations
• SQL Server Security
• Enumerate database service information
• Default accounts
• Buffer overflows
• SQL attack methods

Windows Attack Lab
An advanced windows attack exercise closes out the final hours of the day
Students are given the opportunity to perform labs during each of the sections. These labs allow students to test out the latest exploits and techniques against a variety of Windows platforms and services.

Day 4 - Other Advanced Topics
Analyze code-based security vulnerabilities and learn how to audit a program for potential vulnerabilities. Practice techniques by writing several buffer overflow exploits. Probe wireless security issues, focusing on 802.11 networks. The day closes out with a cumulative expert ultimate lab exercise.

• Code-Based Vulnerabilities
• Foundational study of memory, including the stack and the heap
• Use compilers and debuggers to discover potential vulnerabilities
• Write a series of buffer overflow exploits
• Understand other types of code-based vulnerabilities, including format string attacks, integer overflows, and signed overflows
• Wireless Networks
• Survey of wireless data networks and correlated lack of security
• Review 802.11 protocols
• Examine client and access point authentication and encryption
• Bypass protection mechanisms
• Attack the Access Point
• Spoof attacks against wireless clients

Expert Ultimate Lab
A cumulative exercise designed to crystallize the techniques presented throughout the week
The buffer overflow section culminates with students going through the steps of identifying vulnerabilities and crafting a valid attack. The wireless network module has several labs which give the students a chance to use the latest tools, crack WEP packets, and spoof MAC addresses to bypass authorization controls.

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form.