|
Security Tool Time
2010
This year, CIScon 2010, is totally
focused on improving your skills with security tools.
You'll be better able to evaluate,
penetrate and improve your network security after this session.
Designed for IT professionals who need more
than talk about tools,
this hands-on experience
helps you fully grasp the tools and their uses.
By actually doing nefarious attacks,
you have a better understanding of how to protect yourself from those
attacks. After your offensive attacks during the class to our closed
virtual network, we discuss and apply remediation to those problems.
The session utilizes
Offensive Security’s BackTrack live DVD
so you learn and practice using the same tools and techniques that
hackers are using against your network.
You’ll learn an organized process to
analyze and attack your network including specific tools for each step,
with time to practice each tool.
From evaluating the network, to
penetrating it, to improving its security, that’s the take home from
this class. Real How to
for you to Do!
Attendees connect wirelessly to our
array of virtual computers containing a cornucopia of operating systems for real time
practice that helps you fully understand the software.
We'll provide:
-
BackTrack DVD (or bring your own Version 4 Final)
-
20 - 30 different OS targets for your enjoyment
-
A workbook so you can do the same exercises
later
-
Public IP address so you can continue to improve
your skills
You provide:
A DVD / USB
bootable notebook and a desire to learn.
Bring a USB bootable
machine with a DVD drive and you don't even need a hard drive.
Bootable external USB 2.5 hard drive and enclosure is perfect for this
class.
Attendees will be able to:
-
State 5 basic tasks needed to
get BackTrack functional
-
Demonstrate how to remove your
current hard drive and boot from DVD/CD/USB
-
Demonstrate how to install
BackTrack without destroying your hard drive
-
Demonstrate how to start
various services, such as WiFi, DHCP, Snort, MySQL and others as
needed
-
List steps in order needed to
properly evaluate network security
-
State 3 programs used for
gathering information about targets
-
Verbalize and demonstrate 5
programs used for network mapping and analysis
-
Demonstrate how to fully set up
and use OpenVAS vulnerability scanner
-
Discuss 2 other automated
vulnerability scanners and state how to secure demo copies
-
State and demonstrate methods
of SMB and SNMP analysis
-
Demonstrate 2 different methods
of SQL injection
-
List tools available for
network penetration and demonstrate 3 of them
-
Discuss password file format and
demonstrate how to crack them using 2 different programs
-
List the 5 basic Wireshark
commands used to monitor networks
-
Demonstrate how Cryptcat,
Netcat and Stunnel work
-
Verbalize and demonstrate
techniques for cracking WEP and WPA
-
Verbalize basic concepts and
tools available for computer forensics
-
State 3 places to locate the
most common hacker code
-
Other skills as requested by
attendees!
Goals:
-
Improve
your network diagnostic and
mitigation skills
-
Increase
your awareness of security tools available
-
Decrease
your time spent analyzing network
vulnerabilities
-
Help
you become comfortable in security by
increasing your hands on skills
|
