Who should attend
Administrators and It security specialists who want to see security risks from the attacker’s perspective and use this insight to set up a solution scenario
Prerequisites
- Basic Windows/Linux system user and administrator skills and a fundamental understanding of the individual communication protocols (TCP/IP)
- SQL programming skills are beneficial
Course Objectives
This security training shows you hackers operate. With the experience gained in many hands-on exercises, you will be able to recognise and repel attacks, redress security vulnerabilities, and reduce security risks. The particulars of the given productive environment are taken into account.
Course Content
- Who are these attackers? Their motivation and know-how
- Design flaws in the TCP/IP protocol family
- Sourcing information from publicly accessible databases
- What are the known vulnerabilities of the software we use?
- Scanning techniques under Windows
- Active & passive fingerprinting
- Assessing scan results and service-specific information
- Buffers overflows (causes & functionality)
- Tracing network intrusions step by step
- Attacks against web applications & databases (SQL injection, cross-site scripting)
- Using Linux Exploits (to obtain root rights)
- Root kits and Trojans
- Brute-force methods (cracking passwords)
- Man-in-the-middle attacks
- Analyzing one’s own system
- Using intrusion detection systems
- Protecting workstations, servers, and routers
- Drafting security guidelines
- Encoding