Professional Documents
Culture Documents
Educational Services
Educational Services
Secure Programmer
The Programmer's role is to define, develop, test, analyze, and maintain new software applications in .NET. This includes writing, coding, testing, and analyzing software programs and applications. Candidate will work with network administrators, systems analysts, and product vendors to assist in resolving problems with software products or company software systems. This role will also consist of assistance in proactive administration of the companies Database servers.
Elective Certifications
TM
TM
TM
Computer
C HFI
Hacking Forensic
INVESTIGATOR
Licensed
L PT E CSA
Penetration Tester
EC-Council
TM
EC-Council
TM
EC-Council
E CVP
Certified
TM
VOIP Professional
EC-Council
E C SP
TM
TM
EC-Council
Certified
C EH
Ethical Hacker
EC-Council
TM
A+
Network+
Security+
i tng
Kha hc b ch cho cc nhn vin c trch nhim kim sot v m bo an ninh mng, cc chuyn vin bo mt, cc nh qun tr, v bt k ai quan tm v s ton vn ca c s h tng mng.
Thi lng
40 gi
Chng ch
Kha hc ny cung cp cho hc vin nhng kin thc v k nng cn thit hc vin c th vt qua bi thi CEH 312-50. Sau kha hc, hc vin s nhn c chng ch hon thnh kha hc ca EC-Council . nhn c chng ch quc t CEH hc vin cn phi vt qua k thi trc tuyn CEH 312-50 ti cc trung tm kho th Prometric.
Module 1: Introduction to Ethical Hacking Problem Definition -Why Security? Essential Terminologies Elements of Security The Security, Functionality and Ease of Use Triangle Case Study What does a Malicious Hacker do? o Phase1-Reconnaissaance Reconnaissance Types o Phase2-Scanning o Phase3-Gaining Access o Phase4-Maintaining Access o Phase5-Covering Tracks Types of Hacker Attacks o Operating System attacks o Application-level attacks o Shrink Wrap code attacks o Misconfiguration attacks Hacktivism Hacker Classes Security News: Suicide Hacker Ethical Hacker Classes What do Ethical Hackers do Can Hacking be Ethical How to become an Ethical Hacker Skill Profile of an Ethical Hacker What is Vulnerability Research
o Why Hackers Need Vulnerability Research o Vulnerability Research Tools o Vulnerability Research Websites National Vulnerability Database (nvd.nist.gov) Securitytracker (www.securitytracker.com) Securiteam (www.securiteam.com) Secunia (www.secunia.com) Hackerstorm Vulnerability Database Tool (www.hackerstrom.com) HackerWatch (www.hackerwatch.org) MILWORM How to Conduct Ethical Hacking How Do They Go About It Approaches to Ethical Hacking Ethical Hacking Testing Ethical Hacking Deliverables Computer Crimes and Implications
Module 2: Hacking Laws U.S. Securely Protect Yourself Against Cyber Trespass Act (SPY ACT) Legal Perspective (U.S. Federal Law) o 18 U.S.C. 1029 Penalties o 18 U.S.C. 1030 Penalties o 18 U.S.C. 1362 Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o 18 U.S.C. 2318 o 18 U.S.C. 2320 o 18 U.S.C. 1831 o 47 U.S.C. 605, unauthorized publication or use of communications o Washington: RCW 9A.52.110 o Florida: 815.01 to 815.07 o Indiana: IC 35-43 Federal Managers Financial Integrity Act of 1982 The Freedom of Information Act 5 U.S.C. 552 Federal Information Security Management Act (FISMA) The Privacy Act Of 1974 5 U.S.C. 552a USA Patriot Act of 2001 United Kingdoms Cyber Laws United Kingdom: Police and Justice Act 2006 European Laws Japans Cyber Laws Australia : The Cybercrime Act 2001 Indian Law: THE INFORMTION TECHNOLOGY ACT Argentina Laws Germanys Cyber Laws Singapores Cyber Laws Belgium Law Brazilian Laws Canadian Laws ITPro Global 2009 www.itpro.net.vn
France Laws German Laws Italian Laws MALAYSIA: THE COMPUTER CRIMES ACT 1997 HONGKONG: TELECOMMUNICATIONS Korea: ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC. Greece Laws Denmark Laws Netherlands Laws Norway ORDINANCE Mexico SWITZERLAND Module 3: Footprinting Revisiting Reconnaissance Defining Footprinting Why is Footprinting Necessary Areas and Information which Attackers Seek Information Gathering Methodology o Unearthing Initial Information Finding Companys URL Internal URL Extracting Archive of a Website
Yahoo People Search Satellite Picture of a Residence Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Best PeopleSearch People-Search-America.com Switchboard Anacubis Google Finance Yahoo Finance Footprinting through Job Sites Passive Information Gathering Competitive Intelligence Gathering
o Alchemy Network Tool o Advanced Administrative Tool o My IP Suite o Wikto Footprinting Tool o Whois Lookup o Whois o SmartWhois o ActiveWhois o LanWhois o CountryWhois o WhereIsIP o Ip2country o CallerIP o Web Data Extractor Tool o Online Whois Tools o What is MyIP o DNS Enumerator o SpiderFoot o Nslookup o Extract DNS Information Types of DNS Records Necrosoft Advanced DIG o Expired Domains o DomainKing o Domain Name Analyzer o DomainInspect o MSR Strider URL Tracer o Mozzle Domain Name Pro o Domain Research Tool (DRT) o Domain Status Reporter Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Why Do You Need Competitive Intelligence? Competitive Intelligence Resource Companies Providing Competitive Intelligence Services Carratu International CI Center Competitive Intelligence - When Did This Company Begin? How Did It Develop? Competitive Intelligence - Who Leads This Company Competitive Intelligence - What Are This Company's Plans Competitive Intelligence - What Does Expert Opinion Say About The Company Competitive Intelligence - Who Are The Leading Competitors? Competitive Intelligence Tool: Trellian Competitive Intelligence Tool: Web Investigator Public and Private Websites
Faking Websites using Man-in-the-Middle Phishing Kit Benefits to Fraudster Steps to Perform Footprinting
3D Traceroute NeoTrace VisualRoute Trace Path Analyzer Pro Maltego Layer Four Traceroute Prefix WhoIs widget Touchgraph VisualRoute Mail Tracker eMailTrackerPro Read Notify E-Mail Spiders o 1 E-mail Address Spider o Power E-mail Collector Tool o GEOSpider o Geowhere Footprinting Tool o Google Earth o Kartoo Search Engine o Dogpile (Meta Search Engine) o Tool: WebFerret o robots.txt o WTR - Web The Ripper o Website Watcher Steps to Create Fake Login Pages How to Create Fake Login Pages
st
Module 4: Google Hacking What is Google hacking What a hacker can do with vulnerable site Anonymity with Caches Using Google as a Proxy Server Directory Listings o Locating Directory Listings o Finding Specific Directories o Finding Specific Files o Server Versioning Going Out on a Limb: Traversal Techniques o Directory Traversal o Incremental Substitution Extension Walking Site Operator intitle:index.of error | warning login | logon username | userid | employee.ID | your username is password | passcode | your password is admin | administrator o admin login ext:html ext:htm ext:shtml ext:asp ext:php inurl:temp | inurl:tmp | inurl:backup | inurl:bak
intranet | help.desk Locating Public Exploit Sites o Locating Exploits Via Common Code Strings
o Default Pages Query for Web Server o Outlook Web Access Default Portal Searching for Passwords o Windows Registry Entries Can Reveal Passwords o Usernames, Cleartext Passwords, and Hostnames! Google Hacking Database (GHDB) SiteDigger Tool Gooscan Goolink Scanner Goolag Scanner Tool: Google Hacks Google Hack Honeypot Google Protocol Google Cartography
Searching for Exploit Code with Nonstandard Extensions Locating Source Code with Common Strings Locating Vulnerable Targets o Locating Targets Via Demonstration Pages
Powered by Tags Are Common Query Fodder for Finding Web Applications o Locating Targets Via Source Code
A Single CGI Scan-Style Query Directory Listings o Finding IIS 5.0 Servers
Module 5: Scanning Scanning: Definition Types of Scanning Objectives of Scanning CEH Scanning Methodology o Checking for live systems - ICMP Scanning Angry IP HPing2 Ping Sweep Firewalk Tool Firewalk Commands Firewalk Output Nmap Nmap: Scan Methods NMAP Scan Options
Web Server Software Error Messages o IIS HTTP/1.1 Error Page Titles o Object Not Found Error Message Used to Find IIS 5.0 o Apache Web Server
Apache 2.0 Error Pages Application Software Error Messages o ASP Dumps Provide Dangerous Details o Many Errors Reveal Pathnames and Filenames o CGI Environment Listings Reveal Lots of Information
Default Pages o A Typical Apache Default Web Page o Locating Default Installations of IIS 4.0 on Windows NT 4.0/OP
o Atelier Web Ports Traffic Analyzer (AWPTA) o Atelier Web Security Port Scanner (AWSPS) o IPEye o ike-scan o Infiltrator Network Security Scanner o YAPS: Yet Another Port Scanner o Advanced Port Scanner o NetworkActiv Scanner o NetGadgets o P-Ping Tools o MegaPing o LanSpy o HoverIP o LANView o NetBruteScanner o SolarWinds Engineers Toolset o AUTAPF o OstroSoft Internet Tools o Advanced IP Scanner o Active Network Monitor o Advanced Serial Data Logger o Advanced Serial Port Monitor o WotWeb o Antiy Ports o Port Detective o Roadkils Detector o Portable Storage Explorer War Dialer Technique o Why War Dialing Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Syn Stealth/Half Open Scan o Stealth Scan o Xmas Scan o Fin Scan o Null Scan o Idle Scan o ICMP Echo Scanning/List Scan o TCP Connect/Full Open Scan o FTP Bounce Scan Ftp Bounce Attack
o SYN/FIN Scanning Using IP Fragments o UDP Scanning o Reverse Ident Scanning o RPC Scan o Window Scan o Blaster Scan o Portscan Plus, Strobe o IPSec Scan o Netscan Tools Pro o WUPS UDP Scanner o Superscan o IPScanner o Global Network Inventory Scanner o Net Tools Suite Pack o Floppy Scan o FloppyScan Steps o E-mail Results of FloppyScan ITPro Global 2009 www.itpro.net.vn
o Wardialing o Phonesweep War Dialing Tool o THC Scan o ToneLoc o ModemScan o War Dialing Countermeasures: Sandtrap Tool Banner Grabbing o OS Fingerprinting Active Stack Fingerprinting Passive Fingerprinting
o Nessus o GFI Languard o Security Administrators Tool for Analyzing Networks (SATAN) o Retina o Nagios o PacketTrap's pt360 Tool Suite o NIKTO SAFEsuite Internet Scanner, IdentTCPScan Draw Network Diagrams of Vulnerable Hosts o Cheops o Friendly Pinger o LANsurveyor o Ipsonar o LANState Insightix Visibility IPCheck Server Monitor PRTG Traffic Grapher Preparing Proxies o Proxy Servers o Free Proxy Servers o Use of Proxies for Attack o SocksChain o Proxy Workbench o Proxymanager Tool o Super Proxy Helper Tool o Happy Browser Tool (Proxy Based) o Multiproxy o Tor Proxy Chaining Software o Additional Proxy Tools Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Active Banner Grabbing Using Telnet o GET REQUESTS o P0f Banner Grabbing Tool o p0f for Windows o Httprint Banner Grabbing Tool o Tool: Miart HTTP Header o Tools for Active Stack Fingerprinting Xprobe2 Ringv2 Netcraft
o Disabling or Changing Banner o IIS Lockdown Tool o Tool: ServerMask o Hiding File Extensions o Tool: PageXchanger Vulnerability Scanning o Bidiblah Automated Scanner o Qualys Web Based Scanner o SAINT o ISS Security Scanner ITPro Global 2009 www.itpro.net.vn
o Anonymizers Surfing Anonymously Primedius Anonymizer StealthSurfer Anonymous Surfing: Browzar Torpark Browser GetAnonymous IP Privacy Anonymity 4 Proxy (A4Proxy) Psiphon Connectivity Using Psiphon AnalogX Proxy NetProxy Proxy+ ProxySwitcher Lite JAP Proxomitron
Despoof Tool
Module 6: Enumeration Overview of System Hacking Cycle What is Enumeration? Techniques for Enumeration NetBIOS Null Sessions o So What's the Big Deal o DumpSec Tool o NetBIOS Enumeration Using Netview Nbtstat Enumeration Tool SuperScan Enum Tool
o Null Session Countermeasure PS Tools o PsExec o PsFile o PsGetSid o PsKill o PsInfo o PsList o PsLogged On o PsLogList o PsPasswd o PsService o PsShutdown Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o SSL Proxy Tool o How to Run SSL Proxy o HTTP Tunneling Techniques Why Do I Need HTTP Tunneling Httptunnel for Windows How to Run Httptunnel HTTP-Tunnel HTTPort
o PsSuspend Simple Network Management Protocol (SNMP) Enumeration o Management Information Base (MIB) o SNMPutil Example o SolarWinds o SNScan o Getif SNMP MIB Browser o UNIX Enumeration o SNMP UNIX Enumeration o SNMP Enumeration Countermeasures o LDAP enumeration o JXplorer o LdapMiner o Softerra LDAP Browser o NTP enumeration o SMTP enumeration o Smtpscan o Web enumeration o Asnumber o Lynx Winfingerprint o Windows Active Directory Attack Tool o How To Enumerate Web Application Directories in IIS Using DirectoryServices IP Tools Scanner Enumerate Systems Using Default Password Tools: o NBTScan o NetViewX o FREENETENUMERATOR ITPro Global 2009 www.itpro.net.vn
o Terminal Service Agent o TXNDS o Unicornscan o Amap o Netenum Steps to Perform Enumeration
Module 7: System Hacking Part 1- Cracking Password o CEH hacking Cycle o Password Types o Types of Password Attack Passive Online Attack: Wire Sniffing
Passive Online Attack: Man-in-themiddle and replay attacks Active Online Attack: Password Guessing Offline Attacks Brute force Attack Pre-computed Hashes Syllable Attack/Rule-based Attack/ Hybrid attacks Distributed network Attack Rainbow Attack Non-Technical Attacks
o Default Password Database http://www.defaultpassword.com/ http://www.cirt.net/cgi-bin/passwd.pl http://www.virus.org/index.php? o PDF Password Cracker o Abcom PDF Password Cracker o Password Mitigation
o Permanent Account Lockout-Employee Privilege Abuse o Administrator Password Guessing Manual Password cracking Algorithm
o Tool: LCP o Tool: SID&User o Tool: Ophcrack 2 o Tool: Crack o Tool: Access PassView o Tool: Asterisk Logger o Tool: CHAOS Generator o Tool: Asterisk Key o Password Recovery Tool: MS Access Database Password Decoder o Password Cracking Countermeasures o Do Not Store LAN Manager Hash in SAM Database o LM Hash Backward Compatibility o How to Disable LM HASH o Password Brute-Force Estimate Tool o Syskey Utility o AccountAudit Part2-Escalating Privileges o CEH Hacking Cycle o Privilege Escalation o Cracking NT/2000 passwords o Active@ Password Changer Change Recovery Console Password - Method 1 Change Recovery Console Password Method 2
Automatic Password Cracking Algorithm o Performing Automated Password Guessing Tool: NAT
Smbbf (SMB Passive Brute Force Tool) SmbCrack Tool: Legion Hacking Tool: LOphtcrack
NTLM And LM Authentication On The Wire Kerberos Authentication What is LAN Manager Hash? LM Hash Generation LM Hash Salting PWdump2 and Pwdump3 Tool: Rainbowcrack Hacking Tool: KerbCrack Hacking Tool: NBTDeputy NetBIOS DoS Attack Hacking Tool: John the Ripper
o Privilege Escalation Tool: x.exe Part3-Executing applications o CEH Hacking Cycle o Tool: psexec o Tool: remoexec Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Password Sniffing o How to Sniff SMB Credentials? o SMB Replay Attacks o Replay Attack Tool: SMBProxy o SMB Signing ITPro Global 2009 www.itpro.net.vn
o Ras N Map o Tool: Alchemy Remote Executor o Emsa FlexInfo Pro o Keystroke Loggers o E-mail Keylogger o Revealer Keylogger Pro o Handy Keylogger o Ardamax Keylogger o Powered Keylogger o Quick Keylogger o Spy-Keylogger o Perfect Keylogger o Invisible Keylogger o Actual Spy o SpyToctor FTP Keylogger o IKS Software Keylogger o Ghost Keylogger o Hacking Tool: Hardware Key Logger o What is Spyware? o Spyware: Spector o Remote Spy o Spy Tech Spy Agent o 007 Spy Software o Spy Buddy o Ace Spy o Keystroke Spy o Activity Monitor o Hacking Tool: eBlaster o Stealth Voice Recorder o Stealth Keylogger ITPro Global 2009 www.itpro.net.vn
o Stealth Website Logger o Digi Watcher Video Surveillance o Desktop Spy Screen Capture Program o Telephone Spy o Print Monitor Spy Tool o Stealth E-Mail Redirector o Spy Software: Wiretap Professional o Spy Software: FlexiSpy o PC PhoneHome o Keylogger Countermeasures o Anti Keylogger o Advanced Anti Keylogger o Privacy Keyboard o Spy Hunter - Spyware Remover o Spy Sweeper o Spyware Terminator o WinCleaner AntiSpyware Part4-Hiding files o CEH Hacking Cycle o Hiding Files o RootKits Why rootkits Hacking Tool: NT/2000 Rootkit Planting the NT/2000 Rootkit Rootkits in Linux Detecting Rootkits Steps for Detecting Rootkits Rootkit Detection Tools Sony Rootkit Case Study Rootkit: Fu
AFX Rootkit Rootkit: Nuclear Rootkit: Vanquish Rootkit Countermeasures Patchfinder RootkitRevealer
Tool: Mp3Stego Tool: Snow.exe Steganography Tool: Fort Knox Steganography Tool: Blindside Steganography Tool: S- Tools Steganography Tool: Steghide Tool: Steganos
o Creating Alternate Data Streams o How to Create NTFS Streams? NTFS Stream Manipulation NTFS Streams Countermeasures
Steganography Tool: Pretty Good Envelop Tool: Gifshuffle Tool: JPHIDE and JPSEEK Tool: wbStego Tool: OutGuess Tool: Data Stash Tool: Hydan Tool: Cloak Tool: StegoNote Tool: Stegomagic Steganos Security Suite C Steganography Isosteg FoxHole Video Steganography
NTFS Stream Detectors (ADS Spy and ADS Tools) Hacking Tool: USB Dumper
Least Significant Bit Insertion in Image files Process of Hiding Information in Image Files Masking and Filtering in Image files Algorithms and transformation Tool: Merge Streams Invisible Folders Tool: Invisible Secrets Tool : Image Hide Tool: Stealth Files Tool: Steganography Masker Steganography Tool Hermetic Stego DCPP Hide an Operating System Tool: Camera/Shy www.spammimic.com
Case Study: Al-Qaida members Distributing Propaganda to Volunteers using Steganography Steganalysis
o What do Trojan Creators Look for? o Different Ways a Trojan can Get into a System Indications of a Trojan Attack Ports Used by Trojans o How to Determine which Ports are Listening Trojans o Trojan: iCmd o MoSucker Trojan o Proxy Server Trojan o SARS Trojan Notification o Wrappers o Wrapper Covert Program o Wrapping Tools o One Exe Maker / YAB / Pretator Wrappers o Packaging Tool: WordPad o RemoteByMail
Part5-Covering Tracks o CEH Hacking Cycle o Covering Tracks o Disabling Auditing o Clearing the Event Log o Tool: elsave.exe o Hacking Tool: Winzapper o Evidence Eliminator o Tool: Traceless o Tool: Tracks Eraser Pro o Armor Tools o Tool: ZeroTracks o PhatBooster
Module 8: Trojans and Backdoors Effect on Business What is a Trojan? o Overt and Covert Channels o Working of Trojans o Different Types of Trojans Remote Access Trojans Data-Sending Trojans Destructive Trojans Denial-of-Service (DoS) Attack Trojans Proxy Trojans FTP Trojans Security Software Disablers ITPro Global 2009 www.itpro.net.vn
o Tool: Icon Plus o Defacing Application: Restorator o Tetris o HTTP Trojans o Trojan Attack through Http o HTTP Trojan (HTTP RAT) o Shttpd Trojan - HTTP Server o Reverse Connecting Trojans o Nuclear RAT Trojan (Reverse Connecting) o Tool: BadLuck Destructive Trojan o ICMP Tunneling o ICMP Backdoor Trojan o Microsoft Network Hacked by QAZ Trojan Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Backdoor.Theef (AVP) o T2W (TrojanToWorm) o Biorante RAT o DownTroj o Turkojan o Trojan.Satellite-RAT o Yakoza o DarkLabel B4 o Trojan.Hav-Rat o Poison Ivy o Rapid Hacker o SharK o HackerzRat o TYO o 1337 Fun Trojan o Criminal Rat Beta o VicSpy o Optix PRO o ProAgent o OD Client o AceRat o Mhacker-PS o RubyRAT Public o SINner o ConsoleDevil o ZombieRat o FTP Trojan - TinyFTPD o VNC Trojan o Webcam Trojan o DJI RAT ITPro Global 2009 www.itpro.net.vn
o Skiddie Rat o Biohazard RAT o Troya o ProRat o Dark Girl o DaCryptic o Net-Devil Classic Trojans Found in the Wild o Trojan: Tini o Trojan: NetBus o Trojan: Netcat o Netcat Client/Server o Netcat Commands o Trojan: Beast o Trojan: Phatbot o Trojan: Amitis o Trojan: Senna Spy o Trojan: QAZ o Trojan: Back Orifice o Trojan: Back Oriffice 2000 o Back Oriffice Plug-ins o Trojan: SubSeven o Trojan: CyberSpy Telnet Trojan o Trojan: Subroot Telnet Trojan o Trojan: Let Me Rule! 2.0 BETA 9 o Trojan: Donald Dick o Trojan: RECUB Hacking Tool: Loki Loki Countermeasures Atelier Web Remote Commander
o Netstat o fPort o TCPView o CurrPorts Tool o Process Viewer o Delete Suspicious Device Drivers o Check for Running Processes: Whats on My Computer o Super System Helper Tool o Inzider-Tracks Processes and Ports o Tool: Whats Running o MS Configuration Utility o Registry- Whats Running o Autoruns o Hijack This (System Checker) o Startup List Anti-Trojan Software TrojanHunter Comodo BOClean Trojan Remover: XoftspySE Trojan Remover: Spyware Doctor SPYWAREfighter Evading Anti-Virus Techniques Sample Code for Trojan Client/Server Evading Anti-Trojan/Anti-Virus using Stealth Tools Backdoor Countermeasures Tripwire System File Verification
Module 9: Viruses and Worms Virus History Characteristics of Virus Working of Virus o Infection Phase o Attack Phase Why people create Computer Viruses Symptoms of a Virus-like Attack Virus Hoaxes Chain Letters How is a Worm Different from a Virus Indications of a Virus Attack Hardware Threats Software Threats Virus Damage Mode of Virus Infection Stages of Virus Life Virus Classification How Does a Virus Infect? Storage Patterns of Virus o System Sector virus o Stealth Virus o Bootable CD-Rom Virus Self -Modification Encryption with a Variable Key
o Polymorphic Code o Metamorphic Virus Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Cavity Virus o Sparse Infector Virus o Companion Virus o File Extension Virus Famous Virus/Worms I Love You Virus Famous Virus/Worms Melissa Famous Virus/Worms JS/Spth Klez Virus Analysis Latest Viruses Top 10 Viruses- 2008 o Virus: Win32.AutoRun.ah o Virus:W32/Virut o Virus:W32/Divvi o Worm.SymbOS.Lasco.a o Disk Killer o Bad Boy o HappyBox o Java.StrangeBrew o MonteCarlo Family o PHP.Neworld o W32/WBoy.a o ExeBug.d o W32/Voterai.worm.e o W32/Lecivio.worm o W32/Lurka.a o W32/Vora.worm!p2p Writing a Simple Virus Program Virus Construction Kits Virus Detection Methods Virus Incident Response
What is Sheep Dip? Virus Analysis IDA Pro Tool Prevention is better than Cure Anti-Virus Software o AVG Antivirus o Norton Antivirus o McAfee o Socketsheild o BitDefender o ESET Nod32 o CA Anti-Virus o F-Secure Anti-Virus o Kaspersky Anti-Virus o F-Prot Antivirus o Panda Antivirus Platinum o avast! Virus Cleaner o ClamWin o Norman Virus Control
Module 10: Sniffers Definition - Sniffing Protocols Vulnerable to Sniffing Tool: Network View Scans the Network for Devices The Dude Sniffer Wireshark Display Filters in Wireshark Following the TCP Stream in Wireshark Cain and Abel
o Linux Tool: Sshmitm o Linux Tool: Tcpkill o Linux Tool: Tcpnice o Linux Tool: Urlsnarf o Linux Tool: Webspy o Linux Tool: Webmitm DNS Poisoning Techniques o Intranet DNS Spoofing (Local Network) o Internet DNS Spoofing (Remote Network) o Proxy Server DNS Poisoning o DNS Cache Poisoning Interactive TCP Relay Interactive Replay Attacks Raw Sniffing Tools Features of Raw Sniffing Tools o HTTP Sniffer: EffeTech o Ace Password Sniffer o Win Sniffer o MSN Sniffer o SmartSniff o Session Capture Sniffer: NetWitness o Session Capture Sniffer: NWreader o Packet Crafter Craft Custom TCP/IP Packets o SMAC o NetSetMan Tool o Ntop o EtherApe o Network Probe o Maa Tec Network Analyzer o Tool: Snort
What is ARP o ARP Spoofing Attack o How does ARP Spoofing Work o ARP Poising o MAC Duplicating o MAC Duplicating Attack o Tools for ARP Spoofing Ettercap ArpSpyX
o MAC Flooding Tools for MAC Flooding Linux Tool: Macof Windows Tool: Etherflood o Threats of ARP Poisoning o Irs-Arp Attack Tool o ARPWorks Tool o Tool: Nemesis o IP-based sniffing Linux Sniffing Tools (dsniff package) o Linux tool: Arpspoof o Linux Tool: Dnssppoof o Linux Tool: Dsniff o Linux Tool: Filesnarf o Linux Tool: Mailsnarf o Linux Tool: Msgsnarf ITPro Global 2009 www.itpro.net.vn
o Tool: Windump o Tool: Etherpeek o NetIntercept o Colasoft EtherLook o AW Ports Traffic Analyzer o Colasoft Capsa Network Analyzer o CommView o Sniffem o NetResident o IP Sniffer o Sniphere o IE HTTP Analyzer o BillSniff o URL Snooper o EtherDetect Packet Sniffer o EffeTech HTTP Sniffer o AnalogX Packetmon o Colasoft MSN Monitor o IPgrab o EtherScan Analyzer How to Detect Sniffing Countermeasures o Antisniff Tool o Arpwatch Tool o PromiScan o proDETECT
Rebecca and Jessica Office Workers Types of Social Engineering o Human-Based Social Engineering Technical Support Example More Social Engineering Examples
Human-Based Social Engineering: Eavesdropping Human-Based Social Engineering: Shoulder Surfing Human-Based Social Engineering: Dumpster Diving Dumpster Diving Example Oracle Snoops Microsofts Trash Bins
Movies to Watch for Reverse Engineering o Computer Based Social Engineering o Insider Attack o Disgruntled Employee o Preventing Insider Threat o Common Targets of Social Engineering Social Engineering Threats o Online o Telephone o Personal approaches o Defenses Against Social Engineering Threats Factors that make Companies Vulnerable to Attacks Why is Social Engineering Effective
Warning Signs of an Attack Tool : Netcraft Anti-Phishing Toolbar Phases in a Social Engineering Attack Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Behaviors Vulnerable to Attacks Impact on the Organization Countermeasures Policies and Procedures Security Policies - Checklist Impersonating Orkut, Facebook, MySpace Orkut Impersonating on Orkut MW.Orc worm Facebook Impersonating on Facebook MySpace Impersonating on MySpace How to Steal Identity Comparison Original Identity Theft http://www.consumer.gov/idtheft/
o Client-side Vulnerabilities o Deceptive Phishing o Malware-Based Phishing o DNS-Based Phishing o Content-Injection Phishing o Search Engine Phishing Phishing Statistics: Feb 2008 Anti-Phishing Anti-Phishing Tools o PhishTank SiteChecker o NetCraft o GFI MailEssentials o SpoofGuard o Phishing Sweeper Enterprise o TrustWatch Toolbar o ThreatFire o GralicWrap o Spyware Doctor o Track Zapper Spyware-Adware Remover
Module 12: Phishing Phishing Introduction Reasons for Successful Phishing Phishing Methods Process of Phishing Types of Phishing Attacks o Man-in-the-Middle Attacks o URL Obfuscation Attacks o Cross-site Scripting Attacks o Hidden Attacks ITPro Global 2009 www.itpro.net.vn
o AdwareInspector o Email-Tag.com
Module 13: Hacking Email Accounts Ways for Getting Email Account Information Stealing Cookies Social Engineering Password Phishing Fraudulent e-mail Messages Vulnerabilities o Web Email
Reaper Exploit
DoS Attack Classification o Smurf Attack o Buffer Overflow Attack o Ping of Death Attack o Teardrop Attack o SYN Attack o SYN Flooding o DoS Attack Tools o DoS Tool: Jolt2 o DoS Tool: Bubonic.c o DoS Tool: Land and LaTierra o DoS Tool: Targa o DoS Tool: Blast o DoS Tool: Nemesy o DoS Tool: Panther2 o DoS Tool: Crazy Pinger o DoS Tool: SomeTrouble o DoS Tool: UDP Flood o DoS Tool: FSMax
Tool: Advanced Stealth Email Redirector Tool: Mail PassView Tool: Email Password Recovery Master Tool: Mail Password Email Finder Pro Email Spider Easy Kernel Hotmail MSN Password Recovery Retrieve Forgotten Yahoo Password MegaHackerZ Hack Passwords Creating Strong Passwords Creating Strong Passwords: Change Password Creating Strong Passwords: Trouble Signing In Sign-in Seal Alternate Email Address Keep Me Signed In/ Remember Me Tool: Email Protector Tool: Email Security Tool: EmailSanitizer Tool: Email Protector Tool: SuperSecret
Bot (Derived from the Word RoBOT) Botnets Uses of Botnets Types of Bots How Do They Infect? Analysis Of Agabot How Do They Infect Tool: Nuclear Bot What is DDoS Attack Characteristics of DDoS Attacks DDOS Unstoppable Agent Handler Model
Module 14: Denial-of-Service Real World Scenario of DoS Attacks What are Denial-of-Service Attacks Goal of DoS Impact and the Modes of Attack Types of Attacks
DDoS IRC based Model DDoS Attack Taxonomy Amplification Attack Reflective DNS Attacks Reflective DNS Attacks Tool: ihateperl.pl DDoS Tools o DDoS Tool: Trinoo o DDoS Tool: Tribal Flood Network o DDoS Tool: TFN2K o DDoS Tool: Stacheldraht o DDoS Tool: Shaft o DDoS Tool: Trinity o DDoS Tool: Knight and Kaiten o DDoS Tool: Mstream
Module 15: Session Hijacking What is Session Hijacking? Spoofing v Hijacking Steps in Session Hijacking Types of Session Hijacking Session Hijacking Levels Network Level Hijacking The 3-Way Handshake TCP Concepts 3-Way Handshake Sequence Numbers Sequence Number Prediction TCP/IP hijacking IP Spoofing: Source Routed Packets RST Hijacking o RST Hijacking Tool: hijack_rst.sh Blind Hijacking Man in the Middle: Packet Sniffer UDP Hijacking Application Level Hijacking Programs that Performs Session Hacking o Juggernaut o Hunt o TTY-Watcher o IP watcher o Session Hijacking Tool: T-Sight o Remote TCP Session Reset Utility (SOLARWINDS) Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Worms Slammer Worm Spread of Slammer Worm 30 min MyDoom.B SCO Against MyDoom Worm How to Conduct a DDoS Attack The Reflected DoS Attacks Reflection of the Exploit Countermeasures for Reflected DoS DDoS Countermeasures Taxonomy of DDoS Countermeasures Preventing Secondary Victims Detect and Neutralize Handlers Detect Potential Attacks DoSHTTP Tool Mitigate or Stop the Effects of DDoS Attacks
o Paros HTTP Session Hijacking Tool o Dnshijacker Tool o Hjksuite Tool Dangers that hijacking Pose Protecting against Session Hijacking Countermeasures: IPSec Module 16: Hacking Web Servers How Web Servers Work How are Web Servers Compromised Web Server Defacement o How are Servers Defaced Apache Vulnerability Attacks against IIS o IIS Components o IIS Directory Traversal (Unicode) Attack Unicode o Unicode Directory Traversal Vulnerability Hacking Tool o Hacking Tool: IISxploit.exe o Msw3prt IPP Vulnerability o RPC DCOM Vulnerability o ASP Trojan o IIS Logs o Network Tool: Log Analyzer o Hacking Tool: CleanIISLog o IIS Security Tool: Server Mask o ServerMask ip100 o Tool: CacheRight o Tool: CustomError ITPro Global 2009 www.itpro.net.vn
o Tool: HttpZip o Tool: LinkDeny o Tool: ServerDefender AI o Tool: ZipEnable o Tool: w3compiler o Yersinia Tool: Metasploit Framework Tool: Immunity CANVAS Professional Tool: Core Impact Tool: MPack Tool: Neosploit Hotfixes and Patches What is Patch Management Patch Management Checklist o Solution: UpdateExpert o Patch Management Tool: qfecheck o Patch Management Tool: HFNetChk o cacls.exe utility o Shavlik NetChk Protect o Kaseya Patch Management o IBM Tivoli Configuration Manager o LANDesk Patch Manager o BMC Patch Manager o ConfigureSoft Enterprise Configuration Manager (ECM) o BladeLogic Configuration Manager o Opsware Server Automation System (SAS) o Best Practices for Patch Management Vulnerability Scanners Online Vulnerability Search Engine
Network Tool: Whisker Network Tool: N-Stealth HTTP Vulnerability Scanner Hacking Tool: WebInspect Network Tool: Shadow Security Scanner Secure IIS o ServersCheck Monitoring o GFI Network Server Monitor o Servers Alive o Webserver Stress Tool o Monitoring Tool: Secunia PSI
o Countermeasures Directory Traversal/Forceful Browsing o Countermeasures Cryptographic Interception Cookie Snooping Authentication Hijacking o Countermeasures Log Tampering Error Message Interception Attack Obfuscation Platform Exploits DMZ Protocol Attacks o Countermeasures Security Management Exploits o Web Services Attacks
Module 17: Web Application Vulnerabilities Web Application Setup Web application Hacking Anatomy of an Attack Web Application Threats Cross-Site Scripting/XSS Flaws o An Example of XSS o Countermeasures SQL Injection Command Injection Flaws o Countermeasures Cookie/Session Poisoning o Countermeasures Parameter/Form Tampering Hidden Field at Buffer Overflow
o Zero-Day Attacks o Network Access Attacks TCP Fragmentation Hacking Tools o Instant Source o Wget o WebSleuth o BlackWidow o SiteScope Tool o WSDigger Tool Web Services Testing Tool o CookieDigger Tool o SSLDigger Tool o SiteDigger Tool o WindowBomb o Burp: Positioning Payloads Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Burp: Configuring Payloads and Content Enumeration o Burp: Password Guessing o Burp Proxy o Burpsuite o Hacking Tool: cURL o dotDefender o Acunetix Web Scanner o AppScan Web Application Scanner o AccessDiver o Tool: Falcove Web Vulnerability Scanner o Tool: NetBrute o Tool: Emsa Web Monitor o Tool: KeepNI o Tool: Parosproxy o Tool: WebScarab o Tool: Watchfire AppScan o Tool: WebWatchBot o Tool: Mapper Module 18: Web-Based Password Cracking Techniques Authentication - Definition Authentication Mechanisms o HTTP Authentication Basic Authentication Digest Authentication
o RSA SecurID Token o Biometrics Authentication Types of Biometrics Authentication Fingerprint-based Identification Hand Geometry- based Identification Retina Scanning Afghan Woman Recognized After 17 Years Face Recognition Face Code: WebCam Based Biometrics Authentication System Bill Gates at the RSA Conference 2006 How to Select a Good Password Things to Avoid in Passwords Changing Your Password Protecting Your Password Examples of Bad Passwords The Mary Had A Little Lamb Formula How Hackers Get Hold of Passwords Windows XP: Remove Saved Passwords What is a Password Cracker Modus Operandi of an Attacker Using a Password Cracker How Does a Password Cracker Work Attacks - Classification o Password Guessing o Query String o Cookies o Dictionary Maker Password Crackers Available o L0phtCrack (LC4) o John the Ripper Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Integrated Windows (NTLM) Authentication o Negotiate Authentication o Certificate-based Authentication o Forms-based Authentication ITPro Global 2009 www.itpro.net.vn
o Brutus o ObiWaN o Authforce o Hydra o Cain & Abel o RAR o Gammaprog o WebCracker o Munga Bunga o PassList o SnadBoy o MessenPass o Wireless WEP Key Password Spy o RockXP o Password Spectator Pro o Passwordstate o Atomic Mailbox Password Cracker o Advanced Mailbox Password Recovery (AMBPR) o Tool: Network Password Recovery o Tool: Mail PassView o Tool: Messenger Key o Tool: SniffPass o WebPassword o Password Administrator o Password Safe o Easy Web Password o PassReminder o My Password Manager Countermeasures
Module 19: SQL Injection What is SQL Injection Exploiting Web Applications Steps for performing SQL injection What You Should Look For What If It Doesnt Take Input OLE DB Errors Input Validation Attack SQL injection Techniques How to Test for SQL Injection Vulnerability How Does It Work BadLogin.aspx.cs BadProductList.aspx.cs Executing Operating System Commands Getting Output of SQL Query Getting Data from the Database Using ODBC Error Message How to Mine all Column Names of a Table How to Retrieve any Data How to Update/Insert Data into Database SQL Injection in Oracle SQL Injection in MySql Database Attacking Against SQL Servers SQL Server Resolution Service (SSRS) Osql -L Probing SQL Injection Automated Tools Automated SQL Injection Tool: AutoMagic SQL Absinthe Automated SQL Injection Tool o Hacking Tool: SQLDict o Hacking Tool: SQLExec
o SQL Server Password Auditing Tool: sqlbf o Hacking Tool: SQLSmack o Hacking Tool: SQL2.exe o sqlmap o sqlninja o SQLIer o Automagic SQL Injector o Absinthe Blind SQL Injection o Blind SQL Injection: Countermeasure o Blind SQL Injection Schema SQL Injection Countermeasures Preventing SQL Injection Attacks GoodLogin.aspx.cs SQL Injection Blocking Tool: SQL Block Acunetix Web Vulnerability Scanner
Wireless Concepts and Devices o Related Technology and Carrier Networks o Antennas o Cantenna www.cantenna.com o Wireless Access Points o SSID o Beacon Frames o Is the SSID a Secret o Setting up a WLAN o Authentication and Association o Authentication Modes o The 802.1X Authentication Process WEP and WPA
o Wired Equivalent Privacy (WEP) o WEP Issues o WEP - Authentication Phase o WEP - Shared Key Authentication
Module 20: Hacking Wireless Networks Introduction to Wireless o Introduction to Wireless Networking o Wired Network vs. Wireless Network o Effects of Wireless Attacks on Business o Types of Wireless Network o Advantages and Disadvantages of a Wireless Network Wireless Standards o Wireless Standard: 802.11a o Wireless Standard: 802.11b WiFi o Wireless Standard: 802.11g o Wireless Standard: 802.11i o Wireless Standard: 802.11n ITPro Global 2009 www.itpro.net.vn
o WEP - Association Phase o WEP Flaws o What is WPA o WPA Vulnerabilities o WEP, WPA, and WPA2 o WPA2 Wi-Fi Protected Access 2 Attacks and Hacking Tools o Terminologies o WarChalking o Authentication and (Dis) Association Attacks o WEP Attack o Cracking WEP o Weak Keys (a.k.a. Weak IVs) Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Problems with WEPs Key Stream and Reuse o Automated WEP Crackers o Pad-Collection Attacks o XOR Encryption o Stream Cipher o WEP Tool: Aircrack o Aircrack-ng o WEP Tool: AirSnort o WEP Tool: WEPCrack o WEP Tool: WepLab o Attacking WPA Encrypted Networks o Attacking WEP with WEPCrack on Windows using Cygwin o Attacking WEP with WEPCrack on Windows using PERL Interpreter o Tool: Wepdecrypt o WPA-PSK Cracking Tool: CowPatty o 802.11 Specific Vulnerabilities o Evil Twin: Attack o Rogue Access Points o Tools to Generate Rogue Access Points: Fake AP o Tools to Detect Rogue Access Points: Netstumbler o Tools to Detect Rogue Access Points: MiniStumbler o ClassicStumbler o AirFart o AP Radar o Hotspotter o Cloaked Access Point o WarDriving Tool: shtumble ITPro Global 2009 www.itpro.net.vn
o Temporal Key Integrity Protocol (TKIP) o LEAP: The Lightweight Extensible Authentication Protocol o LEAP Attacks o LEAP Attack Tool: ASLEAP o Working of ASLEAP o MAC Sniffing and AP Spoofing o Defeating MAC Address Filtering in Windows o Manually Changing the MAC Address in Windows XP and 2000 o Tool to Detect MAC Address Spoofing: Wellenreiter o Man-in-the-Middle Attack (MITM) o Denial-of-Service Attacks o DoS Attack Tool: Fatajack o Hijacking and Modifying a Wireless Network o Phone Jammers o Phone Jammer: Mobile Blocker o Pocket Cellular Style Cell Phone Jammer o 2.4Ghz Wi-Fi & Wireless Camera Jammer o 3 Watt Digital Cell Phone Jammer o 3 Watt Quad Band Digital Cellular Mobile Phone Jammer o 20W Quad Band Digital Cellular Mobile Phone Jammer o 40W Digital Cellular Mobile Phone Jammer o Detecting a Wireless Network Scanning Tools o Scanning Tool: Kismet o Scanning Tool: Prismstumbler o Scanning Tool: MacStumbler Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Scanning Tool: Mognet V1.16 o Scanning Tool: WaveStumbler o Scanning Tool: Netchaser V1.0 for Palm Tops o Scanning Tool: AP Scanner o Scanning Tool: Wavemon o Scanning Tool: Wireless Security Auditor (WSA) o Scanning Tool: AirTraf o Scanning Tool: WiFi Finder o Scanning Tool: WifiScanner o eEye Retina WiFI o Simple Wireless Scanner o wlanScanner Sniffing Tools o Sniffing Tool: AiroPeek o Sniffing Tool: NAI Wireless Sniffer o MAC Sniffing Tool: WireShark o Sniffing Tool: vxSniffer o Sniffing Tool: Etherpeg o Sniffing Tool: Drifnet o Sniffing Tool: AirMagnet o Sniffing Tool: WinDump o Sniffing Tool: Ssidsniff o Multiuse Tool: THC-RUT o Tool: WinPcap o Tool: AirPcap o AirPcap: Example Program from the Developer's Pack o Microsoft Network Monitor Hacking Wireless Networks o Steps for Hacking Wireless Networks ITPro Global 2009 www.itpro.net.vn
o Step 1: Find Networks to Attack o Step 2: Choose the Network to Attack o Step 3: Analyzing the Network o Step 4: Cracking the WEP Key o Step 5: Sniffing the Network Wireless Security o WIDZ: Wireless Intrusion Detection System o Radius: Used as Additional Layer in Security o Securing Wireless Networks o Wireless Network Security Checklist o WLAN Security: Passphrase o Donts in Wireless Security Wireless Security Tools o WLAN Diagnostic Tool: CommView for WiFi PPC o WLAN Diagnostic Tool: AirMagnet Handheld Analyzer o Auditing Tool: BSD-Airtools o AirDefense Guard (www.AirDefense.com) o Google Secure Access o Tool: RogueScanner
Module 21: Physical Security Security Facts Understanding Physical Security Physical Security What Is the Need for Physical Security Who Is Accountable for Physical Security Factors Affecting Physical Security Physical Security Checklist
o Physical Security Checklist -Company surroundings o Gates o Security Guards o Physical Security Checklist: Premises o CCTV Cameras o Reception o Server Room o Workstation Area o Wireless Access Point o Other Equipments o Access Control Biometric Devices Biometric Identification Techniques Authentication Mechanisms
Statistics for Stolen and Recovered Laptops Laptop Theft Laptop theft: Data Under Loss Laptop Security Tools Laptop Tracker - XTool Computer Tracker Tools to Locate Stolen Laptops Stop's Unique, Tamper-proof Patented Plate Tool: TrueCrypt Laptop Security Countermeasures Mantrap TEMPEST Challenges in Ensuring Physical Security Spyware Technologies Spying Devices Physical Security: Lock Down USB Ports Tool: DeviceLock Blocking the Use of USB Storage Devices Track Stick GPS Tracking Device
Authentication Mechanism Challenges: Biometrics Faking Fingerprints Smart cards Security Token Computer Equipment Maintenance Wiretapping Remote Access Lapse of Physical Security Locks Lock Picking Lock Picking Tools Information Security EPS (Electronic Physical Security) Wireless Security Laptop Theft Statistics for 2007
Module 22: Linux Hacking Why Linux Linux Distributions Linux Live CD-ROMs Basic Commands of Linux: Files & Directories Linux Basic o Linux File Structure o Linux Networking Commands Directories in Linux Installing, Configuring, and Compiling Linux Kernel
How to Install a Kernel Patch Compiling Programs in Linux GCC Commands Make Files Make Install Command Linux Vulnerabilities Chrooting Why is Linux Hacked How to Apply Patches to Vulnerable Programs Scanning Networks Nmap in Linux Scanning Tool: Nessus Port Scan Detection Tools Password Cracking in Linux: Xcrack Firewall in Linux: IPTables IPTables Command Basic Linux Operating System Defense SARA (Security Auditor's Research Assistant) Linux Tool: Netcat Linux Tool: tcpdump Linux Tool: Snort Linux Tool: SAINT Linux Tool: Wireshark Linux Tool: Abacus Port Sentry Linux Tool: DSniff Collection Linux Tool: Hping2 Linux Tool: Sniffit Linux Tool: Nemesis Linux Tool: LSOF
Linux Tool: IPTraf Linux Tool: LIDS Hacking Tool: Hunt Tool: TCP Wrappers Linux Loadable Kernel Modules Hacking Tool: Linux Rootkits Rootkits: Knark & Torn Rootkits: Tuxit, Adore, Ramen Rootkit: Beastkit Rootkit Countermeasures chkrootkit detects the following Rootkits Linux Tools: Application Security Advanced Intrusion Detection Environment (AIDE) Linux Tools: Security Testing Tools Linux Tools: Encryption Linux Tools: Log and Traffic Monitors Linux Security Auditing Tool (LSAT) Linux Security Countermeasures Steps for Hardening Linux
Module 23: Evading IDS, Firewalls and Detecting Honey Pots Introduction to Intrusion Detection System Terminologies Intrusion Detection System (IDS) o IDS Placement o Ways to Detect an Intrusion o Types of Instruction Detection Systems o System Integrity Verifiers (SIVS) o Tripwire Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Cisco Security Agent (CSA) o True/False, Positive/Negative o Signature Analysis o General Indication of Intrusion: System Indications o General Indication of Intrusion: File System Indications o General Indication of Intrusion: Network Indications o Intrusion Detection Tools Snort Running Snort on Windows 2003 Snort Console Testing Snort Configuring Snort (snort.conf) Snort Rules
o Firewall Operations o Hardware Firewall o Software Firewall o Types of Firewall Packet Filtering Firewall IP Packet Filtering Firewall Circuit-Level Gateway TCP Packet Filtering Firewall Application Level Firewall Application Packet Filtering Firewall Stateful Multilayer Inspection Firewall
o Packet Filtering Firewall o Firewall Identification o Firewalking o Banner Grabbing o Breaching Firewalls o Bypassing a Firewall using HTTPTunnel o Placing Backdoors through Firewalls o Hiding Behind a Covert Channel: LOKI o Tool: NCovert o ACK Tunneling o Tools to breach firewalls Common Tool for Testing Firewall and IDS o IDS testing tool: IDS Informer o IDS Testing Tool: Evasion Gateway o IDS Tool: Event Monitoring Enabling Responses to Anomalous Live Disturbances (Emerald) o IDS Tool: BlackICE o IDS Tool: Next-Generation Intrusion Detection Expert System (NIDES) o IDS Tool: SecureHost Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Set up Snort to Log to the Event Logs and to Run as a Service Using EventTriggers.exe for Eventlog Notifications SnortSam
o Steps to Perform after an IDS detects an attack o Evading IDS Systems Ways to Evade IDS Tools to Evade IDS
IDS Evading Tool: ADMutate Packet Generators What is a Firewall? o What Does a Firewall Do o Packet Filtering o What cant a firewall do o How does a Firewall work ITPro Global 2009 www.itpro.net.vn
o IDS Tool: Snare o IDS Testing Tool: Traffic IQ Professional o IDS Testing Tool: TCPOpera o IDS testing tool: Firewall Informer o Atelier Web Firewall Tester What is Honeypot? o The Honeynet Project o Types of Honeypots Low-interaction honeypot Medium-interaction honeypot High-interaction honeypot o Advantages and Disadvantages of a Honeypot o Where to place Honeypots o Honeypots Honeypot-SPECTER Honeypot - honeyd Honeypot KFSensor Sebek
o A Simple Uncontrolled Overflow of the Stack o Stack Based Buffer Overflows Types of Buffer Overflows: Heap-based Buffer Overflow o Heap Memory Buffer Overflow Bug o Heap-based Buffer Overflow Understanding Assembly Language o Shellcode How to Detect Buffer Overflows in a Program o Attacking a Real Program NOPs How to Mutate a Buffer Overflow Exploit Once the Stack is Smashed Defense Against Buffer Overflows o Tool to Defend Buffer Overflow: Return Address Defender (RAD) o Tool to Defend Buffer Overflow: StackGuard o Tool to Defend Buffer Overflow: Immunix System o Vulnerability Search: NIST o Valgrind o Insure++ Buffer Overflow Protection Solution: Libsafe o Comparing Functions of libc and Libsafe Simple Buffer Overflow in C o Code Analysis
o Physical and Virtual Honeypots Tools to Detect Honeypots What to do when hacked Module 24: Buffer Overflows Why are Programs/Applications Vulnerable Buffer Overflows Reasons for Buffer Overflow Attacks Knowledge Required to Program Buffer Overflow Exploits Understanding Stacks Understanding Heaps Types of Buffer Overflows: Stack-based Buffer Overflow
o Decryption Cryptographic Algorithms RSA (Rivest Shamir Adleman) o Example of RSA Algorithm o RSA Attacks o RSA Challenge Data Encryption Standard (DES) o DES Overview RC4, RC5, RC6, Blowfish o RC5 Message Digest Functions o One-way Bash Functions o MD5 SHA (Secure Hash Algorithm) SSL (Secure Sockets Layer) What is SSH? o SSH (Secure Shell) Algorithms and Security Disk Encryption Government Access to Keys (GAK) Digital Signature o Components of a Digital Signature o Method of Digital Signature Technology o Digital Signature Applications o Digital Signature Standard o Digital Signature Algorithm: Signature Generation/Verification o Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme o Challenges and Opportunities Digital Certificates ITPro Global 2009 www.itpro.net.vn
o Cleversafe Grid Builder http://www.cleversafe.com/ PGP (Pretty Good Privacy) CypherCalc Command Line Scriptor CryptoHeaven Hacking Tool: PGP Crack Magic Lantern Advanced File Encryptor Encryption Engine Encrypt Files Encrypt PDF Encrypt Easy Encrypt my Folder Advanced HTML Encrypt and Password Protect Encrypt HTML source Alive File Encryption Omziff ABC CHAOS EncryptOnClick CryptoForge SafeCryptor CrypTool Microsoft Cryptography Tools Polar Crypto Light CryptoSafe Crypt Edit CrypSecure Cryptlib Crypto++ Library
Code Breaking: Methodologies Cryptanalysis Cryptography Attacks Brute-Force Attack Cracking S/MIME Encryption Using Idle CPU Time distributed.net Use Of Cryptography
Denial-of-Service Emulation Pentest using Appscan HackerShield Pen-Test Using Cerberus Internet Scanner Pen-Test Using Cybercop Scanner Pen-Test Using FoundScan Hardware Appliances Pen-Test Using Nessus Pen-Test Using NetRecon
Module 26: Penetration Testing Introduction to Penetration Testing (PT) Categories of security assessments Vulnerability Assessment Limitations of Vulnerability Assessment Penetration Testing Types of Penetration Testing Risk Management Do-It-Yourself Testing Outsourcing Penetration Testing Services Terms of Engagement Project Scope Pentest Service Level Agreements Testing points Testing Locations Automated Testing Manual Testing Using DNS Domain Name and IP Address Information Enumerating Information about Hosts on Publicly Available Networks Testing Network-filtering Devices Enumerating Devices ITPro Global 2009 www.itpro.net.vn
Pen-Test Using SAINT Pen-Test Using SecureNet Pro Pen-Test Using SecureScan Pen-Test Using SATAN, SARA and Security Analyzer Pen-Test Using STAT Analyzer Pentest Using VigilENT Pentest Using WebInspect Pentest Using CredDigger Pentest Using Nsauditor Evaluating Different Types of Pen-Test Tools Asset Audit Fault Tree and Attack Trees GAP Analysis Threat Business Impact of Threat Internal Metrics Threat External Metrics Threat Calculating Relative Criticality Test Dependencies Defect Tracking Tools: Bug Tracker Server Disk Replication Tools Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
DNS Zone Transfer Testing Tools Network Auditing Tools Trace Route Tools and Services Network Sniffing Tools Denial of Service Emulation Tools Traditional Load Testing Tools System Software Assessment Tools Operating System Protection Tools Fingerprinting Tools Port Scanning Tools Directory and File Access Control Tools File Share Scanning Tools Password Directories Password Guessing Tools Link Checking Tools Web-Testing Based Scripting tools Buffer Overflow protection Tools File Encryption Tools Database Assessment Tools Keyboard Logging and Screen Reordering Tools System Event Logging and Reviewing Tools Tripwire and Checksum Tools Mobile-code Scanning Tools Centralized Security Monitoring Tools Web Log Analysis Tools Forensic Data and Collection Tools Security Assessment Tools Multiple OS Management Tools Phases of Penetration Testing ITPro Global 2009 www.itpro.net.vn
Pre-attack Phase Best Practices Results that can be Expected Passive Reconnaissance Active Reconnaissance Attack Phase o Activity: Perimeter Testing o Activity: Web Application Testing o Activity: Wireless Testing o Activity: Acquiring Target o Activity: Escalating Privileges o Activity: Execute, Implant and Retract Post Attack Phase and Activities Penetration Testing Deliverables Templates
Module 27: Covert Hacking Insider Attacks What is Covert Channel? Security Breach Why Do You Want to Use Covert Channel? Motivation of a Firewall Bypass Covert Channels Scope Covert Channel: Attack Techniques Simple Covert Attacks Advanced Covert Attacks Standard Direct Connection Reverse Shell (Reverse Telnet) Direct Attack Example In-Direct Attack Example Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Reverse Connecting Agents Covert Channel Attack Tools o Netcat o DNS Tunneling o Covert Channel Using DNS Tunneling o DNS Tunnel Client o DNS Tunneling Countermeasures o Covert Channel Using SSH o Covert Channel using SSH (Advanced) o HTTP/S Tunneling Attack Covert Channel Hacking Tool: Active Port Forwarder Covert Channel Hacking Tool: CCTT Covert Channel Hacking Tool: Firepass Covert Channel Hacking Tool: MsnShell Covert Channel Hacking Tool: Web Shell Covert Channel Hacking Tool: NCovert o Ncovert - How it works Covert Channel Hacking via Spam E-mail Messages Hydan
Example Directory Traversal Function dot dot Method Example Code for a dot dot Method
o Virus Infection: Step II o Virus Infection: Step III Marking a File for Infection
o Virus Infection: Step IV o Virus Infection: Step V Components of Viruses o Functioning of Replicator part o Writing Replicator o Writing Concealer o Dispatcher o Writing Bomb/Payload Trigger Mechanism Bombs/Payloads Brute Force Logic Bombs
Module 28: Writing Virus Codes Introduction of Virus Types of Viruses Symptoms of a Virus Attack Prerequisites for Writing Viruses Required Tools and Utilities Virus Infection Flow Chart o Virus Infection: Step I Directory Traversal Method
Module 29: Assembly Language Tutorial Base 10 System Base 2 System Decimal 0 to 15 in Binary Binary Addition (C stands for Canary) Hexadecimal Number Hex Example Hex Conversion nibble
Computer memory Characters Coding ASCII and UNICODE CPU Machine Language Compilers Clock Cycle Original Registers Instruction Pointer Pentium Processor Interrupts Interrupt handler External interrupts and Internal interrupts Handlers Machine Language Assembly Language Assembler Assembly Language Vs High-level Language Assembly Language Compilers Instruction operands MOV instruction ADD instruction SUB instruction INC and DEC instructions Directive preprocessor equ directive %define directive Data directives Labels
Input and output C Interface Call Creating a Program Why should anyone learn assembly at all? o First.asm
Assembling the code Compiling the C code Linking the object files Understanding an assembly listing file Big and Little Endian Representation Skeleton File Working with Integers Signed integers Signed Magnitude Twos Compliment If statements Do while loops Indirect addressing Subprogram The Stack The SS segment ESP The Stack Usage The CALL and RET Instructions General subprogram form Local variables on the stack General subprogram form with local variables Multi-module program Saving registers
Module 30: Exploit Writing Exploits Overview Prerequisites for Writing Exploits and Shellcodes Purpose of Exploit Writing Types of Exploits Stack Overflow Heap Corruption o Format String o Integer Bug Exploits o Race Condition o TCP/IP Attack The Proof-of-Concept and Commercial Grade Exploit Converting a Proof of Concept Exploit to Commercial Grade Exploit Attack Methodologies Socket Binding Exploits Tools for Exploit Writing
o ktrace o strace o readelf Steps for Writing a Shellcode Issues Involved With Shellcode Writing o Addressing problem o Null byte problem o System call implementation
Module 31: Smashing the Stack for Fun and Profit What is a Buffer? Static Vs Dynamic Variables Stack Buffers Data Region Memory Process Regions What Is A Stack? Why Do We Use A Stack? The Stack Region Stack frame Stack pointer Procedure Call (Procedure Prolog) Compiling the code to assembly Call Statement Return Address (RET) Word Size Stack Buffer Overflows
o LibExploit o Metasploit o CANVAS Steps for Writing an Exploit Differences Between Windows and Linux Exploits Shellcodes NULL Byte Types of Shellcodes Tools Used for Shellcode Development
Error Why do we get a segmentation violation? Segmentation Error Instruction Jump Guess Key Parameters Calculation Shell Code
Module 32: Windows Based Buffer Overflow Exploit Writing Buffer Overflow Stack overflow Writing Windows Based Exploits Exploiting stack based buffer overflow OpenDataSource Buffer Overflow Vulnerability Details Simple Proof of Concept Windbg.exe Analysis EIP Register
o The code to spawn a shell in C Lets try to understand what is going on here. We'll start by studying main: execve()
o List of steps with exit call The code in Assembly JMP Code using indexed addressing Offset calculation shellcodeasm.c testsc.c Compile the code NULL byte shellcodeasm2.c testsc2.c Writing an Exploit overflow1.c Compiling the code sp.c vulnerable.c NOPs
o Location of EIP o EIP Execution Flow But where can we jump to? Offset Address The Query Finding jmp esp Debug.exe listdlls.exe Msvcrt.dll Out.sql The payload ESP Limited Space Getting Windows API/function absolute address Memory Address Other Addresses
Module 33: Reverse Engineering Positive Applications of Reverse Engineering Ethical Reverse Engineering World War Case Study DMCA Act What is Disassembler? Why do you need to decompile? Professional Disassembler Tools Tool: IDA Pro Convert Machine Code to Assembly Code Decompilers Program Obfuscation Convert Assembly Code to C++ code Machine Decompilers Tool: dcc Machine Code of compute.exe Prorgam Assembly Code of compute.exe Program Code Produced by the dcc Decompiler in C Tool: Boomerang What Boomerang Can Do? Andromeda Decompiler Tool: REC Decompiler Tool: EXE To C Decompiler Delphi Decompilers Tools for Decompiling .NET Applications Salamander .NET Decompiler ITPro Global 2009 www.itpro.net.vn
Tool: Decompilers.NET .NET Obfuscator and .NET Obfuscation Java Bytecode Decompilers Tool: JODE Java Decompiler Tool: JREVERSEPRO Tool: SourceAgain Tool: ClassCracker Python Decompilers Reverse Engineering Tutorial OllyDbg Debugger How Does OllyDbg Work? Debugging a Simple Console Application
o Crafted URL Vulnerability o CoreText Uninitialized Pointer Vulnerability o ImageIO Integer overflow Vulnerability o DirectoryService Vulnerability o iChat UPnP buffer overflow Vulnerability o ImageIO Memory Corruption Vulnerability o Code Execution Vulnerability o UFS filesystem integer overflow Vulnerability o Kernel "fpathconf()" System call Vulnerability o UserNotificationCenter Privilege Escalation Vulnerability o Other Vulnerabilities in MAC Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
How a Malformed Installer Package Can Crack Mac OS X Worm and Viruses in MAC
Implications of a Router Attack Types of Router Attacks Router Attack Topology Denial of Service (DoS) Attacks Packet Mistreating Attacks Routing Table Poisoning Hit-and-run Attacks vs. Persistent Attacks Cisco Router
o VirusBarrier o McAfee Virex for Macintosh o Endpoint Security and Control o Norton Internet Security Mac Security Tools
o Finding a Cisco Router o How to Get into Cisco Router o Breaking the Password o Is Anyone Here o Covering Tracks o Looking Around Eigrp-tool Tool: Zebra Tool: Yersinia for HSRP, CDP, and other layer 2 attacks Tool: Cisco Torch Monitoring SMTP(port25) Using SLcheck Monitoring HTTP(port 80) Cable Modem Hacking
Module 35: Hacking Routers, cable Modems and Firewalls Network Devices Identifying a Router o SING: Tool for Identifying the Router
HTTP Configuration Arbitrary Administrative Access Vulnerability ADMsnmp Solarwinds MIB Browser Brute-Forcing Login Services Hydra Analyzing the Router Config Cracking the Enable Password Tool: Cain and Abel
Module 36: Hacking Mobile Phones, PDA and Handheld Devices Different OS in Mobile Phone Different OS Structure in Mobile Phone Evolution of Mobile Threat
Threats What Can A Hacker Do Vulnerabilities in Different Mobile Phones Malware Spyware
o Tool to Unlock iPhone: iPhoneSimFree o Tool to Unlock iPhone: anySIM o Steps for Unlocking your iPhone using AnySIM o Activate the Voicemail Button on your Unlocked iPhone o Podloso Virus o Security tool: Icon Lock-iT XP Mobile: Is It a Breach to Enterprise Security?
o Blackberry Attacks o Blackberry Attacks: Blackjacking o BlackBerry Wireless Security o BlackBerry Signing Authority Tool o Countermeasures PDA
o PDA Security Issues o ActiveSync attacks o HotSync Attack o PDA Virus: Brador o PDA Security Tools: TigerSuite PDA o Security Policies for PDAs iPod
o Kaspersky Antivirus Mobile o Airscanner o BitDefender Mobile Security o SMobile VirusGuard o Symantec AntiVirus o F-Secure Antivirus for Palm OS o BullGuard Mobile Antivirus Security Tools
o Misuse of iPod o Jailbreaking o Tools for jailbreaking: iFuntastic o Prerequisite for iPhone Hacking o Step by Step iPhone Hacking using iFuntastic o Step by step iPhone Hacking o AppSnapp Steps for AppSnapp ITPro Global 2009 www.itpro.net.vn
o Sprite Terminator o Mobile Security Tools: Virus Scan Mobile Defending Cell Phones and PDAs Against Attack Mobile Phone Security Tips
o BlueSweep o Bluekey o BlueFire Mobile Security Enterprise Edition o BlueAuditor o Bluetooth Network Scanner Countermeasures
o Bluejacking o Tools for Bluejacking o BlueSpam o Blue snarfing o BlueBug Attack o Short Pairing Code Attacks o Man-In-Middle Attacks o OnLine PIN Cracking Attack o BTKeylogging attack o BTVoiceBugging attack o Blueprinting o Bluesmacking - The Ping of Death o Denial-of-Service Attack o BlueDump Attack Bluetooth hacking tools
Module 38: VoIP Hacking What is VoIP VoIP Hacking Steps Footprinting
o Information Sources o Unearthing Information o Organizational Structure and Corporate Locations o Help Desk o Job Listings o Phone Numbers and Extensions o VoIP Vendors o Resumes o WHOIS and DNS Analysis o Steps to Perform Footprinting Scanning
o BTScanner o Bluesnarfer o Bluediving o Transient Bluetooth Environment Auditor o BTcrack o Blooover o Hidattack Bluetooth Viruses and Worms
o Host/Device Discovery o ICMP Ping Sweeps o ARP Pings o TCP Ping Scans o SNMP Sweeps o Port Scanning and Service Discovery o TCP SYN Scan o UDP Scan Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Flooding Attacks
o DNS Cache Poisoning o Sniffing TFTP Configuration File Transfers o Performing Number Harvesting and Call Pattern Tracking o Call Eavesdropping o Interception through VoIP Signaling Manipulation o Man-In-The-Middle (MITM) Attack o Application-Level Interception Techniques How to Insert Rogue Application SIP Rogue Application Listening to/Recording Calls Replacing/Mixing Audio Dropping Calls with a Rogue SIP Proxy Randomly Redirect Calls with a Rogue SIP Proxy Additional Attacks with a Rogue SIP Proxy
o Steps to Perform Enumeration o Banner Grabbing with Netcat o SIP User/Extension Enumeration REGISTER Username Enumeration INVITE Username Enumeration OPTIONS Username Enumeration Automated OPTIONS Scanning with sipsak Automated REGISTER, INVITE and OPTIONS Scanning with SIPSCAN against SIP server Automated OPTIONS Scanning Using SIPSCAN against SIP Phones
o Enumerating TFTP Servers o SNMP Enumeration o Enumerating VxWorks VoIP Devices Steps to Exploit the Network
o Internal Denial-of-Service Attack o DoS Attack Scenarios o Eavesdropping o Packet Spoofing and Masquerading o Replay Attack o Call Redirection and Hijacking o ARP Spoofing o ARP Spoofing Attack o Service Interception o H.323-Specific Attacks o SIP Security Vulnerabilities o SIP Attacks ITPro Global 2009 www.itpro.net.vn
o Signaling and Media Manipulation Registration Removal with erase_registrations Tool Registration Addition with add_registrations Tool
Module 39: RFID Hacking RFID- Definition Components of RFID Systems RFID Collisions Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
RFID Risks
o Business Process Risk o Business Intelligence Risk o Privacy Risk o Externality Risk Hazards of Electromagnetic Radiation Computer Network Attacks
Module 40: Spamming Introduction Techniques used by Spammers How Spamming is performed Spammer: Statistics Worsen ISP: Statistics Top Spam Effected Countries: Statistics Types of Spam Attacks Spamming Tools
RFID and Privacy Issues Countermeasures RFID Security and Privacy Threats o Sniffing o Tracking o Spoofing o Replay attacks o Denial-of-service Protection Against RFID Attacks RFID Guardian RFID Malware o How to Write an RFID Virus o How to Write an RFID Worm o Defending Against RFID Malware RFID Exploits Vulnerabilities in RFID-enabled Credit Cards o Skimming Attack o Replay Attack o Eavesdropping Attack RFID Hacking Tool: RFDump RFID Security Controls o Management Controls o Operational Controls ITPro Global 2009 www.itpro.net.vn
o Farelogic Worldcast o 123 Hidden Sender o YL Mail Man o Sendblaster o Direct Sender o Hotmailer o PackPal Bulk Email Server o IEmailer Anti-Spam Techniques Anti- Spamming Tools
o AEVITA Stop SPAM Email o SpamExperts Desktop o SpamEater Pro o SpamWeasel o Spytech SpamAgent o AntispamSniper o Spam Reader o Spam Assassin Proxy (SA) Proxy Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o USB CopyNotify o Remora USB File Guard o Advanced USB Pro Monitor o Folder Password Expert USB
Module 41: Hacking USB Devices Introduction to USB Devices Electrical Attack Software Attack USB Attack on Windows Viruses and Worms o W32/Madang-Fam o W32/Hasnot-A o W32/Fujacks-AK o W32/Fujacks-E o W32/Dzan-C o W32/SillyFD-AA o W32/SillyFDC-BK o W32/LiarVB-A o W32/Hairy-A o W32/QQRob-ADN o W32/VBAut-B o HTTP W32.Drom Hacking Tools o USB Dumper o USB Switchblade o USB Hacksaw USB Security Tools o MyUSBonly o USBDeview o USB-Blocker ITPro Global 2009 www.itpro.net.vn
Module 42: Hacking Database Servers Hacking Database server: Introduction Hacking Oracle Database Server
o Attacking Oracle o Security Issues in Oracle o Types of Database Attacks o How to Break into an Oracle Database and Gain DBA Privileges o Oracle Worm: Voyager Beta o Ten Hacker Tricks to Exploit SQL Server Systems Hacking SQL Server
o How SQL Server is Hacked o Query Analyzer o odbcping Utility o Tool: ASPRunner Professional o Tool: FlexTracer Security Tools SQL Server Security Best Practices: Administrator Checklist
Module 43: Cyber Warfare- Hacking, Al-Qaida and Terrorism Cyber Terrorism Over Internet
o o
Introduction to Internet Filter Key Features of Internet Filters Pros and Cons of Internet Filters Internet Content Filtering Tools iProtectYou Tool: Block Porn Tool: FilterGate Tool: Adblock Tool: AdSubtract Tool: GalaxySpy Tool: AdsGone Pop Up Killer Tool: AntiPopUp Tool: Pop Up Police Tool: Super Ad Blocker Tool: Anti-AD Guard Net Nanny CyberSieve BSafe Internet Filter Tool: Stop-the-Pop-Up Lite Tool: WebCleaner Tool: AdCleaner Tool: Adult Photo Blanker Tool: LiveMark Family Tool: KDT Site Blocker Internet Safety Guidelines for Children
Net Attack o Al-Qaeda o Why Terrorists Use Cyber Techniques o Cyber Support to Terrorist Operations o Planning o Recruitment o Research o Propaganda o Propaganda: Hizballah Website o Cyber Threat to the Military o Russia hired botnets for Estonia Cyber-War o NATO Threatens War with Russia o Bush on Cyber War: a subject I can learn a lot about E.U. Urged to Launch Coordinated Effort Against Cybercrime Budget: Eye on Cyber-Terrorism Attacks Cyber Terror Threat is Growing, Says Reid Terror Web 2.0 Table 1: How Websites Support Objectives of terrorist/Extremist Groups Electronic Jihad Electronic Jihad' App Offers Cyber Terrorism for the Masses Cyber Jihad Cyber Firesale http://internet-haganah.com/haganah/ o o o o o o o o
Module 45: Privacy on the Internet Internet privacy Proxy privacy Spyware privacy
Module 44: Internet Content Filtering Techniques ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Email privacy Cookies Examining Information in Cookies How Internet Cookies Work How Google Stores Personal Information Google Privacy Policy Web Browsers Web Bugs Downloading Freeware Internet Relay Chat Pros and Cons of Internet Relay Chat Electronic Commerce Internet Privacy Tools: Anonymizers o o o o o o o o o o o o o o o o o Anonymizer Anonymous Surfing Anonymizer Total Net Shield Anonymizer Nyms Anonymizer Anti-Spyware Anonymizer Digital Shredder Lite Steganos Internet Anonym Invisible IP Map NetConceal Anonymity Shield Anonymous Guest ViewShield IP Hider Mask Surf Standard VIP Anonymity SmartHide Anonymity Gateway Hide My IP Claros Anonymity
o o o o o o o o
Max Internet Optimizer Hotspot Shield Anonymous Browsing Toolbar Invisible Browsing Real Time Cleaner Anonymous Web Surfing Anonymous Friend Easy Hide IP
Internet Privacy Tools: Firewall Tools o o o o Agnitum firewall Firestarter Sunbelt Personal Firewall Netdefender
Internet Privacy Tools: Others o o o o o Privacy Eraser CookieCop Cookiepal Historykill Tracks eraser
Counter measures
Module 46: Securing Laptop Computers Statistics for Stolen and Recovered Laptops Statistics on Security Percentage of Organizations Following the Security Measures Laptop threats Laptop Theft
Fingerprint Reader Protecting Laptops Through Face Recognition Bluetooth in Laptops Tools Module 47: Spying Technologies Spying Motives of Spying Spying Devices o Spying Using Cams o Video Spy o Video Spy Devices o Tiny Spy Video Cams o Underwater Video Camera o Camera Spy Devices o Goggle Spy o Watch Spy o Pen Spy o Binoculars Spy o Toy Spy o Spy Helicopter o Wireless Spy Camera o Spy Kit o Spy Scope: Spy Telescope and Microscope o Spy Eye Side Telescope o Audio Spy Devices o Eavesdropper Listening Device o GPS Devices o Spy Detectors o Spy Detector Devices Vendors Hosting Spy Devices o Spy Gadgets o Spy Tools Directory o Amazon.com Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Laptop Security o Laptop Security Tools o Laptop Alarm o Flexysafe o Master Lock o eToken o STOP-Lock o True Crypt o PAL PC Tracker o Cryptex o Dekart Private Disk Multifactor o Laptop Anti-Theft o Inspice Trace o ZTRACE GOLD o SecureTrieve Pro o XTool Laptop Tracker o XTool Encrypted Disk o XTool Asset Auditor o XTool Remote Delete Securing from Physical Laptop Thefts Hardware Security for Laptops Protecting the Sensitive Data Preventing Laptop Communications from Wireless Threats Protecting the Stolen Laptops from Being Used Security Tips ITPro Global 2009 www.itpro.net.vn
o Spy Associates o Paramountzone o Surveillance Protection Spying Tools o Net Spy Pro-Computer Network Monitoring and Protection o SpyBoss Pro o CyberSpy o Spytech SpyAgent o ID Computer Spy o e-Surveiller o KGB Spy Software o O&K Work Spy o WebCam Spy o Golden Eye Anti-Spying Tools o Internet Spy Filter o Spybot - S&D o SpyCop o Spyware Terminator o XoftSpySE
Techniques Used for Corporate Espionage Process of Hacking Former Forbes Employee Pleads Guilty Former Employees Abet Stealing Trade Secrets California Man Sentenced For Hacking Federal Employee Sentenced for Hacking Facts Key Findings from U.S Secret Service and CERT Coordination Center/SEI study on Insider Threat Tools
o NetVizor o Privatefirewall w/Pest Patrol Countermeasures o Best Practices against Insider Threat o Countermeasures
Module 49: Creating Security Policies o o Security policies Key Elements of Security Policy Defining the Purpose and Goals of Security Policy Role of Security Policy Classification of Security Policy Design of Security Policy Contents of Security Policy Configurations of Security Policy Implementing Security Policies Types of Security Policies Promiscuous Policy Permissive Policy
Module 48: Corporate Espionage- Hacking Using Insiders Introduction To Corporate Espionage Information Corporate Spies Seek Insider Threat Different Categories of Insider Threat Privileged Access Driving Force behind Insider Attack Common Attacks carried out by Insiders
o o o o o o o o o o o o
Prudent Policy Paranoid Policy Acceptable-Use Policy User-Account Policy Remote-Access Policy Information-Protection Policy Firewall-Management Policy Special-Access Policy Network-Connection Policy Business-Partner Policy Other Important Policies Policy Statements Basic Document Set of Information Security Policies E-mail Security Policy o Best Practices for Creating E-mail Security Policies User Identification and Passwords Policy Software Security Policy Software License Policy Points to Remember While Writing a Security Policy Sample Policies o Remote Access Policy o Wireless Security Policy o E-mail Security Policy o E-mail and Internet Usage Policies Personal Computer Acceptable Use Policy Firewall Management policy Internet Acceptable Use Policy User Identification and Password Policy Software License Policy o o o o o Module 50: Software Piracy and Warez o o o o o o o o o Software Activation: Introduction Process of Software Activation Piracy Piracy Over Internet Abusive Copies Pirated Copies Cracked Copies Impacts of piracy Software Piracy Rate in 2006 Piracy Blocking Software Copy Protection Backgrounders CD Key Numbers Dongles Media Limited Installations Protected Media Hidden Serial Numbers Digital Right Management (DRM) Copy protection for DVD Warez Warez Types of Warez Warez Distribution Distribution Methods Tool: Crypkey Tool: EnTrial EnTrial Tool: Distribution File EnTrial Tool: Product & Package Initialization Dialog EnTrial Tool: Add Package GUI
o o o o o o o o o o
Tool: DF_ProtectionKit Tool: Crack Killer Tool: Logic Protect Tool: Software License Manager Tool: Quick License Manager Tool: WTM CD Protect
Example for Attacker to Attack the Feeds Tools o Perseptio FeedAgent o RssFeedEater o Thingamablog o RSS Builder o RSS Submit o FeedDemon o FeedForAll o FeedExpress o RSS and Atom Security
Module 51: Hacking and Cheating Online Games o Online Games: Introduction Basics of Game Hacking Threats in Online Gaming Cheating in Online Computer Games Types of Exploits Example of popular game exploits Stealing Online Game Passwords Stealing Online Game Passwords: Social Engineering and Phishing Online Gaming Malware from 1997-2007 Best Practices for Secure Online Gaming Tips for Secure Online Gaming
Module 53: Hacking Web Browsers (Firefox, IE) Introduction How Web Browsers Work How Web Browsers Access HTML Documents Protocols for an URL Hacking Firefox o Firefox Proof of Concept Information Leak Vulnerability o Firefox Spoofing Vulnerability o Password Vulnerability o Concerns With Saving Form Or Login Data o Cleaning Up Browsing History o Cookies o Internet History Viewer: Cookie Viewer Firefox Security o Blocking Cookies Options o Tools For Cleaning Unwanted Cookies o Tool: CookieCuller o Getting Started Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Module 52: Hacking RSS and Atom Introduction Areas Where RSS and Atom is Used Building a Feed Aggregator Routing Feeds to the Email Inbox Monitoring the Server with Feeds Tracking Changes in Open Source Projects Risks by Zone o Remote Zone risk o Local Zone Risk Reader Specific Risks Utilizing the Web Feeds Vulnerabilities ITPro Global 2009 www.itpro.net.vn
o Privacy Settings o Security Settings o Content Settings o Clear Private Data o Mozilla Firefox Security Features Hacking Internet Explorer o Redirection Information Disclosure Vulnerability o Window Injection Vulnerability Internet Explorer Security o Getting Started o Security Zones o Custom Level o Trusted Sites Zone o Privacy o Overwrite Automatic Cookie Handling o Per Site Privacy Actions o Specify Default Applications o Internet Explorer Security Features Hacking Opera o JavaScript Invalid Pointer Vulnerability o BitTorrent Header Parsing Vulnerability o Torrent File Handling Buffer Overflow Vulnerability Security Features of Opera o Security and Privacy Features Hacking Safari o Safari Browser Vulnerability o iPhone Safari Browser Memory Exhaustion Remote Dos Vulnerability Securing Safari o Getting started o Preferences ITPro Global 2009 www.itpro.net.vn
o AutoFill o Security Features Hacking Netscape o Netscape Navigator Improperly Validates SSL Sessions o Netscape Navigator Security Vulnerability Securing Netscape o Getting Started o Privacy Settings o Security Settings o Content Settings o Clear Private Data
Module 54: Proxy Server Technologies Introduction: Proxy Server Working of Proxy Server Types of Proxy Server Socks Proxy Free Proxy Servers Use of Proxies for Attack Tools o WinGate o UserGate Proxy Server o Advanced FTP Proxy Server o Trilent FTP Proxy o SafeSquid o AllegroSurf o ezProxy o Proxy Workbench o ProxyManager Tool o Super Proxy Helper Tool Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o MultiProxy How Does MultiProxy Work TOR Proxy Chaining Software TOR Proxy Chaining Software AnalogX Proxy NetProxy Proxy+ ProxySwitcher Lite Tool: JAP Proxomitron SSL Proxy Tool How to Run SSL Proxy
o Imperva: SecureSphere o MailMarshal o WebMarshal o Marshal EndPoint o Novell ZENworks Endpoint Security Management o Prism EventTracker o Proofpoint Messaging Security Gateway o Proofpoint Platform Architecture o Summary Dashboard o End-user Safe/Block List o Defiance Data Protection System o Sentrigo: Hedgehog o Symantec Database Security
Module 55: Data Loss Prevention Introduction: Data Loss Causes of Data Loss How to Prevent Data Loss Impact Assessment for Data Loss Prevention Tools o Security Platform o Check Point Software: Pointsec Data Security o Cisco (IronPort) o Content Inspection Appliance o CrossRoads Systems: DBProtector o Strongbox DBProtector Architecture o DeviceWall o Exeros Discovery o GFi Software: GFiEndPointSecurity o GuardianEdge Data Protection Platform o ProCurve Identity Driven Manager (IDM) ITPro Global 2009 www.itpro.net.vn
o Varonis: DataPrivilege o Verdasys: Digital Guardian o VolumeShield AntiCopy o Websense Content Protection Suite
Module 56: Hacking Global Positioning System (GPS) Geographical Positioning System (GPS) Terminologies GPS Devices Manufacturers Gpsd-GPS Service Daemon Sharing Waypoints Wardriving Areas of Concern Sources of GPS Signal Errors Methods to Mitigate Signal Loss GPS Secrets o GPS Hidden Secrets
o o
o Category of Incidents: Low Level o Category of Incidents: Mid Level o Category of Incidents: High Level o How to Identify an Incident o How to Prevent an Incident o Defining the Relationship between Incident Response, Incident Handling, and Incident Management o Incident Response Checklist o Handling Incidents o Procedure for Handling Incident Stage 1: Preparation Stage 2: Identification Stage 3: Containment Stage 4: Eradication Stage 5: Recovery Stage 6: Follow-up
Firmware Hacking o o Firmware Hacking GPS Firmware: Bypassing the Garmin eTrex Vista Startup Screen Hacking GPS Firmware: Bypassing the Garmin eTrex Legend Startup Screen Hacking GPS Firmware: Bypassing the Garmin eTrex Venture Startup Screen
GPS Tools o o o o o o o o Tool: GPS NMEA LOG Tool: GPS Diagnostic Tool: RECSIM III Tool: G7toWin Tool: G7toCE Tool: GPS Security Guard GPS Security Guard Functions UberTracker
Incident Management Why dont Organizations Report Computer Crimes Estimating Cost of an Incident
Module 57: Computer Forensics and Incident Handling Computer Forensics o What is Computer Forensics o Need for Computer Forensics o Objectives of Computer Forensics o Stages of Forensic Investigation in Tracking Cyber Criminals o Key Steps in Forensic Investigations o List of Computer Forensics Tools Incident Handling o Present Networking Scenario o What is an Incident ITPro Global 2009 www.itpro.net.vn
Whom to Report an Incident Incident Reporting Vulnerability Resources What is CSIRT o CSIRT: Goals and Strategy o Why an Organization needs an Incident Response Team o CSIRT Case Classification o Types of Incidents and Level of Support o Incident Specific Procedures-I (Virus and Worm Incidents) o Incident Specific Procedures-II (Hacker Incidents) Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Incident Specific Procedures-III (Social Incidents, Physical Incidents) o How CSIRT Handles Case: Steps o Example of CSIRT o Best Practices for Creating a CSIRT in Step 1: Obtain Management Support and Buy-
o Credit Card Fraud Detection Technique: Pattern Detection o Credit Card Fraud Detection Technique: Fraud Screening o XCART: Online fraud Screening Service o Card Watch o MaxMind Credit Card Fraud Detection o 3D Secure o Limitations of 3D Secure o FraudLabs o www.pago.de o Pago Fraud Screening Process o What to do if you are a Victim of a Fraud o Facts to be Noted by Consumers Best Practices: Ways to Protect Your Credit Cards
Step 2: Determine the CSIRT Development Strategic Plan Step 3: Gather Relevant Information Step 4: Design your CSIRT Vision Step 5: Communicate the CSIRT Vision Step 6: Begin CSIRT Implementation Step 7: Announce the CSIRT
Module 59: How to Steal Passwords Password Stealing How to Steal Passwords Password Stealing Techniques Password Stealing Trojans
Module 58: Credit Card Frauds E-Crime Statistics Credit Card o Credit Card Fraud o Credit Card Fraud o Credit Card Fraud Over Internet o Net Credit/Debit Card Fraud In The US After Gross Charge-Offs Credit Card Generators o Credit Card Generator o RockLegends !Credit Card Generator Credit Card Fraud Detection
o MSN Hotmail Password Stealer o AOL Password Stealer o Trojan-PSW.Win32.M2.14.a o CrazyBilets o Dripper o Fente o GWGhost o Kesk o MTM Recorded pwd Stealer o Password Devil Password Stealing Tools o Password Thief
o Remote Password Stealer o POP3 Email Password Finder o Instant Password Finder o MessenPass o PstPassword o Remote Desktop PassView o IE PassView o Yahoo Messenger Password Recommendations for Improving Password Security Best Practices
o Symantec Enterprise Firewall o Kerio WinRoute Firewall o Sunbelt Personal Firewall o Xeon Firewall o InJoy Firewall o PC Tools Firewall Plus o Comodo Personal Firewall o ZoneAlarm Linux Firewalls o KMyFirewall o Firestarter
Module 60: Firewall Technologies Firewalls: Introduction Hardware Firewalls o Hardware Firewall o Netgear Firewall o Personal Firewall Hardware: Linksys o Personal Firewall Hardware: Ciscos PIX o Cisco PIX 501 Firewall o Cisco PIX 506E Firewall o Cisco PIX 515E Firewall o CISCO PIX 525 Firewall o CISCO PIX 535 Firewall o Check Point Firewall o Nortel Switched Firewall Software Firewalls o Software Firewall Windows Firewalls o Norton Personal Firewall o McAfee Personal Firewall ITPro Global 2009 www.itpro.net.vn
o Guarddog o Firewall Builder Mac OS X Firewalls o Flying Buttress o DoorStop X Firewall o Intego NetBarrier X5 o Little Snitch
o Account Policies o Password Policy o Password Policy o Password Policy - Policies Enforce Password History
o Enforce Password History - Vulnerability o Enforce Password History - Countermeasure o Enforce Password History - Potential Impact Maximum Password Age
o Password Age - Vulnerability o Maximum Password Age - Countermeasure o Maximum Password Age - Potential Impact o Maximum Password Age o Minimum Password Age o Minimum Password Age - Vulnerability o Minimum Password Age - Countermeasure o Minimum Password Age - Potential Impact o Minimum Password Age Minimum Password Length
o Account Lockout Threshold - Vulnerability o Account Lockout Threshold - Countermeasure o Account Lockout Threshold - Potential Impact Reset Account Lockout Counter After Kerberos Policy
o Kerberos Policy - Policies Enforce User Logon Restrictions Maximum Lifetime for Service Ticket
o Maximum Lifetime for User Ticket o Maximum Lifetime for User Ticket Renewal Maximum Tolerance for Computer Clock Synchronization Audit Policy
o Minimum Password Length - Vulnerability o Minimum Password Length - Countermeasure o Minimum Password Length - Potential Impact o Minimum Password Length Passwords Must Meet Complexity Requirements
o Audit Settings o Audit Account Logon Events o Audit Account Management o Audit Directory Service Access o Audit Logon Events o Audit Object Access o Audit Policy Change o Audit Privilege Use o Audit Process Tracking o Audit System Events User Rights Access this Computer from the Network Act as Part of the Operating System Add Workstations to Domain Adjust Memory Quotas for a Process Allow Log On Locally Allow Log On through Terminal Services Back Up Files and Directories
o Passwords must Meet Complexity Requirements Vulnerability o Passwords must Meet Complexity Requirements Countermeasure o Passwords must Meet Complexity Requirements Potential Impact o Passwords must Meet Complexity Requirements Store Password using Reversible Encryption for all Users in the Domain Account Lockout Policy
o Account Lockout Duration - Vulnerability o Account Lockout Duration - Countermeasure o Account Lockout Duration - Potential Impact o Account Lockout Duration Account Lockout Threshold
Bypass Traverse Checking Change the System Time Create a Page File Create a Token Object Create Global Objects Create Permanent Shared Objects Debug Programs Deny Access to this Computer from the Network Deny Log On as a Batch Job Deny Log On as a Service Deny Log On Locally Deny Log On through Terminal Services Enable Computer and User Accounts to be Trusted for Delegation Force Shutdown from a Remote System Generate Security Audits Impersonate a Client after Authentication Increase Scheduling Priority Load and Unload Device Drivers Lock Pages in Memory Log On as a Batch Job Log On as a Service Manage Auditing and Security Log Modify Firmware Environment Values Perform Volume Maintenance Tasks Profile Single Process Profile System Performance Remove Computer from Docking Station Replace a Process Level Token Restore Files and Directories
Shut Down the System Synchronize Directory Service Data Take Ownership of Files or Other Objects Security Options Accounts: Administrator Account Status
o Accounts: Administrator Account Status Vulnerability o Accounts: Administrator Account Status o Accounts: Guest Account Status o Accounts: Limit Local Account Use of Blank Passwords to Console Logon Only o Accounts: Rename Administrator Account o Accounts: Rename Guest Account Audit: Audit the Access of Global System Objects
o Audit: Audit the Use of Backup and Restore Privilege o Audit: Shut Down System Immediately if Unable to Log Security Audits DCOM: Machine Access/Launch Restrictions in Security Descriptor Definition Language (SDDL) o DCOM: Machine Access/Launch Restrictions in Security Descriptor Definition Language (SDDL)
Devices: Allow Undock without having to Log On Devices: Allowed to Format and Eject Removable Media Devices: Prevent Users from Installing Printer Drivers Devices: Restrict CD-ROM/Floppy Access to Locally Logged-on User Only Devices: Restrict CD-ROM Access to Locally Logged-on User Only Devices: Unsigned Driver Installation Behavior
Domain Controller: Allow Server Operators to Schedule Tasks Domain Controller: LDAP Server Signing Requirements Domain Controller: Refuse Machine Account Password Changes Domain Member: Digitally Encrypt or Sign Secure Channel Data Domain Member: Disable Machine Account Password Changes Domain Member: Maximum Machine Account Password Age Domain Member: Require Strong (Windows 2000 or Later) Session Key Interactive Logon: Do Not Display Last User Name Interactive Logon: Do Not Require CTRL+ALT+DEL Interactive Logon: Message Text for Users Attempting to Log On Interactive Logon: Number of Previous Logons to Cache Interactive Logon: Prompt User to Change Password before Expiration Interactive Logon: Require Domain Controller Authentication to Unlock Workstation Interactive Logon: Require Smart Card Interactive Logon: Smart Card Removal Behavior Microsoft Network Client and Server: Digitally Sign Communications (Four Related Settings) Microsoft Network Client: Send Unencrypted Password to Third-party SMB Servers Microsoft Network Server: Amount of Idle Time Required before Suspending Session Microsoft Network Server: Disconnect Clients when Logon Hours Expire Network Access: Allow Anonymous SID/Name Translation
Network Access: Do Not Allow Anonymous Enumeration of SAM Accounts Network Access: Do Not Allow Storage of Credentials or .NET Passports for Network Authentication Network Access: Let Everyone Permissions Apply to Anonymous Users Network Access: Named Pipes that can be Accessed Anonymously Network Access: Remotely Accessible Registry Paths Network Access: Remotely Accessible Registry Paths and Sub-paths Network Access: Restrict Anonymous Access to Named Pipes and Shares Network Access: Shares that can be Accessed Anonymously Network Access: Sharing and Security Model for Local Accounts Network Security: Do Not Store LAN Manager Hash Value on Next Password Change Network Security: Force Logoff when Logon Hours Expire Network Security: LAN Manager Authentication Level Network Security: LDAP Client Signing Requirements Network Security: Minimum Session Security for NTLM SSP based (Including Secure RPC) Clients/Servers Network Security: Minimum Session Security for NTLM SSP based (Including Secure RPC) Clients Recovery Console: Allow Automatic Administrative Logon Recovery Console: Allow Floppy Copy and Access to all Drives and all Folders Shutdown: Allow System to be Shut Down Without Having to Log On Shutdown: Clear Virtual Memory Page File
System Cryptography: Force Strong Key Protection for User Keys Stored on the Computer System Cryptography: Use FIPS Compliant Algorithms for Encryption, Hashing, and Signing System Objects: Default Owner for Objects Created by Members of the Administrators Group System Objects: Require Case Insensitivity for Non-Windows Subsystems System Objects: Strengthen Default Permissions of Internal System Objects System Settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Event Log
Client Service for NetWare ClipBook Cluster Service COM+ Event System COM+ System Application Computer Browser Cryptographic Services DCOM Server Process Launcher DHCP Client DHCP Server Distributed File System Distributed Link Tracking Client Distributed Link Tracking Server Distributed Transaction Coordinator DNS Client DNS Server Error Reporting Service Event Log Fast User Switching Compatibility Fax Service File Replication File Server for Macintosh FTP Publishing Service Help and Support HTTP SSL Human Interface Device Access IAS Jet Database Access IIS Admin Service IMAPI CD-Burning COM Service Indexing Service
o Maximum Event Log Size o Prevent Local Guests Group from Accessing Event Logs o Retain Event Logs o Retention Method for Event Log o Delegating Access to the Event Logs System Services Services Overview Do Not Set Permissions on Service Objects Manually Editing Security Templates System Services - Alerter Application Experience Lookup Service Application Layer Gateway Service Application Management ASP .NET State Service Automatic Updates Background Intelligent Transfer Service (BITS) Certificate Services
Infrared Monitor Internet Authentication Service Intersite Messaging IP Version 6 Helper Service IPSec Policy Agent (IPSec Service) IPSec Services Kerberos Key Distribution Center License Logging Service Logical Disk Manager
Plug and Play Portable Media Serial Number Print Server for Macintosh Print Spooler Protected Storage QoS RSVP Service Remote Access Auto Connection Manager
o Remote Access Connection Manager Remote Administration Service Help Session Manager
o Logical Disk Manager Administrative Service Machine Debug Manager Message Queuing
o Message Queuing Down Level Clients o Message Queuing Triggers o Messenger Microsoft POP3 Service Microsoft Software Shadow Copy Provider MSSQL$UDDI MSSQLServerADHelper .NET Framework Support Service Net Logon NetMeeting Remote Desktop Sharing Network Connections Network DDE Network DDE DSDM Network Location Awareness (NLA) Network Provisioning Service Network News Transfer Protocol (NNTP) NTLM Security Support Provider Performance Logs and Alerts
o Remote Procedure Call (RPC) o Remote Procedure Call (RPC) Locator o Remote Registry Service o Remote Server Manager o Remote Server Monitor o Remote Storage Notification o Remote Storage Server Removable Storage Resultant Set of Policy Provider Routing and Remote Access SAP Agent Secondary Logon Security Accounts Manager Security Center Server Shell Hardware Detection Simple Mail Transport Protocol (SMTP) Simple TCP/IP Services
Smart Card Special Administration Console Helper System Event Notification System Restore Service Task Scheduler TCP/IP NetBIOS Helper Service TCP/IP Print Server Telnet Terminal Services
NetMeeting Disable Remote Desktop Sharing Internet Explorer Computer Settings Disable Automatic Install of Internet Explorer Components Disable Periodic Check for Internet Explorer Software Updates Disable Software Update Shell Notifications on Program Launch Make Proxy Settings Per-Machine (Rather than Per-User) Security Zones: Do Not Allow Users to Add/Delete Sites Turn off Crash Detection Do Not Allow Users to Enable or Disable Add-ons Internet Explorer\Internet Control Panel\Security Page Internet Explorer\Internet Control Panel\Advanced Page Allow Software to Run or Install Even if the Signature is Invalid Allow Active Content from CDs to Run on User Machines Allow Third-party Browser Extensions Check for Server Certificate Revocation Check for Signatures On Downloaded Programs Do Not Save Encrypted Pages to Disk Empty Temporary Internet Files Folder when Browser is Closed Internet Explorer\Security Features Binary Behavior Security Restriction MK Protocol Security Restriction Local Machine Zone Lockdown Security Consistent MIME Handling
o Terminal Services Licensing o Terminal Services Session Directory Trivial FTP Daemon Uninterruptible Power Supply Upload Manager Virtual Disk Service WebClient Web Element Manager Windows Firewall /Internet Connection Sharing
o Windows Installer o Windows System Resource Manager o Windows Time WinHTTP Web Proxy Auto-Discovery Service Wireless Configuration Workstation World Wide Web Publishing Service Software Restriction Policies The Threat of Malicious Software Windows XP and Windows Server 2003 Administrative Templates Computer Configuration Settings
MIME Sniffing Safety Features Scripted Window Security Restrictions Restrict ActiveX Install Restrict File Download Network Protocol Lockdown Internet Information Services Prevent IIS Installation Terminal Services Deny Log Off of an Administrator Logged in to the Console Session Do Not Allow Local Administrators to Customize Permissions Sets Rules for Remote Control of Terminal Services User Sessions Client/Server Data Redirection Allow Time Zone Redirection Do Not Allow COM Port Redirection Do Not Allow Client Printer Redirection Do Not Allow LPT Port Redirection Do Not Allow Drive Redirection Encryption and Security Set Client Connection Encryption Level Always Prompt Client For A Password On Connection RPC Security Policy Secure Server (Require Security) Sessions Set Time Limit For Disconnected Sessions Allow Reconnection From Original Client Only Windows Explorer Turn Off Shell Protocol Protected Mode Windows Messenger
Windows Update Configure Automatic Updates Reschedule Automatic Updates Scheduled Installations System Turn off Autoplay Do Not Process The Run Once List Logon Don't Display The Getting Started Welcome Screen At Logon Do Not Process The Legacy Run List Group Policy Internet Explorer Maintenance Policy Processing IP Security Policy Processing Registry Policy Processing Security Policy Processing Error Reporting Display Error Notification Report Errors Internet Communications Management Distributed COM Browser Menus Disable Save This Program To Disk Option Attachment Manager Inclusion List For High Risk File Types Inclusion List For Moderate Risk File Types Inclusion List For Low File Types Trust Logic For File Attachments Hide Mechanisms To Remove Zone Information Notify Antivirus Programs When Opening Attachments
Windows Explorer Remove Security Tab System\Power Management Additional Registry Entries How to Modify the Security Configuration Editor User Interface TCP/IP-Related Registry Entries Disableipsourcerouting: IP Source Routing Protection Level (Protects Against Packet Spoofing) Enabledeadgwdetect: Allow Automatic Detection Of Dead Network Gateways (Could Lead To Dos) Enableicmpredirect: Allow ICMP Redirects To Override OSPF Generated Routes Keepalivetime: How Often Keep-alive Packets Are Sent In Milliseconds (300,000 Is Recommended) Synattackprotect: Syn Attack Protection Level (Protects Against Dos) Tcpmaxconnectresponseretransmissions: SYN-ACK Retransmissions When A Connection Request Is Not Acknowledged Tcpmaxdataretransmissions: How Many Times Unacknowledged Data Is Retransmitted (3 Recommended, 5 Is Default) Miscellaneous Registry Entries Configure Automatic Reboot from System Crashes Enable Administrative Shares Disable Saving of Dial-Up Passwords Hide the Computer from Network Neighborhood Browse Lists: Hide Computer From the Browse List Configure Netbios Name Release Security: Allow the Computer to Ignore Netbios Name Release Requests Except from WINS Servers
Enable Safe DLL Search Order: Enable Safe DLL Search Mode (Recommended) Security Log Near Capacity Warning: Percentage Threshold for the Security Event Log at which the System will Generate a Warning Registry Entries Available In Windows XP With SP2 And Windows Server 2003 With SP1 RunInvalidSignatures Registry Entries Available in Windows XP with SP2 Security Center Registry Entries for XP StorageDevicePolicies\WriteProtect
Registry Entries Available in Windows Server 2003 with SP1 UseBasicAuth DisableBasicOverClearChannel Additional Countermeasures Securing the Accounts NTFS Data and Application Segmentation Configure SNMP Community Name Disable NetBIOS and SMB on Public Facing Interfaces Disable Dr. Watson: Disable Automatic Execution of Dr. Watson System Debugger Configure IPsec Policies Configuring Windows Firewall
Module 62: Case Studies Module 63: Botnets Module 64: Economic Espionage
Module 65: Patch Management Module 66: Security Convergence Module 67: Identifying the Terrorist
Yu cu
Hc vin nn tham gia kha hc CEH trc khi hc kha CHFI.
Thi lng
60 gi
Chng ch
Bi kim tra CHFI 312-49 s c t chc vo ngy cui cng ca kha hc, sau kha hc hc vin s nhn c chng ch hon thnh kha hc ca EC-Council. nhn c chng ch quc t CHFI, hc vin cn phi vt qua k thi quc t ti cc trung tm kho th Prometric.
Enterprise Theory of Investigation (ETI) Where and when do you use Computer Forensics Legal Issues Reporting the Results
Health and Safety Issues Consent Planning the Search and Seizure Initial Search of the Scene Witness Signatures Conducting Preliminary Interviews Initial Interviews Documenting Electronic Crime Scene Photographing the Scene Sketching the Scene Collecting and Preserving Electronic Evidence Evidence Bag Contents List Order of Volatility Dealing with Powered OFF Computers at Seizure Time Dealing with a Powered ON PC Computers and Servers Collecting and Preserving Electronic Evidence Seizing Portable Computers Switched ON Portables Packaging Electronic Evidence Exhibit Numbering Transporting Electronic Evidence Handling and Transportation to the Forensic Laboratory Chain of Custody Findings of Forensic Examination by Crime Category
Staffing your Computer Security Incident Response Team: What are the Basic Skills Needed? Team Models CSIRT Services can be Grouped into Three Categories: CSIRT Case Classification Types of Incidents and Level of Support Service Description Attributes Incident Specific Procedures How CSIRT handles Case: Steps US-CERT Incident Reporting System CSIRT Incident Report Form CERT(R) Coordination Center: Incident Reporting Form Limits to Effectiveness in CSIRTs Working Smarter by Investing in Automated Response Capability World CERTs http://www.trustedintroducer.nl/teams/country.html http://www.first.org/about/organization/teams/ IRTs Around the World
Module 05 : CSIRT
How to Prevent an Incident? Defining the Relationship between Incident Response, Incident Handling, and Incident Management Incident Response Checklist Incident Management Why dont Organizations Report Computer Crimes? Estimating Cost of an Incident Vulnerability Resources Category of Incidents Category of Incidents: Low Level Category of Incidents: Mid Level Category of Incidents: High Level CSIRT: Goals and Strategy Motivation behind CSIRTs Why an Organization needs an Incident Response Team? Who works in a CSIRT?
Original Forensic Tower II Portable Forensic Systems and Towers: Portable Forensic Workhorse V Portable Forensic Workhorse V: Tableau 335 Forensic Drive Bay Controller Portable Forensic Systems and Towers: Forensic Air-Lite IV MK II Portable Forensic Systems and Towers: Forensic Tower II Forensic Write Protection Devices and Kits: Ultimate Forensic Write Protection Kit Tableau T3u Forensic SATA Bridge Write Protection Kit Tableau T8 Forensic USB Bridge Kit/Addonics Mini DigiDrive READ ONLY 12-in-1 Flash Media Reader Power Supplies and Switches DIBS Mobile Forensic Workstation DIBS Advanced Forensic Workstation DIBS RAID: Rapid Action Imaging Device Forensic Archive and Restore Robotic Devices: Forensic Archive and Restore (FAR Pro) Forensic Workstations Tools: LiveWire Investigator Features of the Laboratory Imaging System Technical Specification of the Laboratory-based Imaging System Computer Forensic Labs, Inc Procedures at Computer Forensic Labs (CFL), Inc Data Destruction Industry Standards
MacDrive6
Hardware Tool: RoadMASSter-2 Save-N-Sync Hardware Tool: ImageMASSter 6007SAS Hardware Tool: Disk Jockey IT SCSIPAK IBM DFSMSdss Tape Duplication System: QuickCopy
SIM Card Seizure Text Searcher Autoruns Autostart Viewer Belkasoft RemovEx HashDig Inforenz Forager KaZAlyser DiamondCS OpenPorts Pasco Patchit PE Explorer Port Explorer PowerGREP Process Explorer PyFLAG Registry Analyzing Tool: Regmon Reverse Engineering Compiler SafeBack TapeCat Vision List of Hardware Computer Forensic Tools Hard Disk Write Protection Tools: Nowrite & Firewire Drivedock LockDown Write Protect Card Reader Drive Lock IDE Serial-ATA DriveLock Kit Wipe MASSter ImageMASSter Solo-3 IT ImageMASSter 4002i ImageMasster 3002SCSI Image MASSter 3004SATA
Device Tab Viewing Files and Folders Bottom Pane Viewers in Bottom Pane Status Bar Status Bar Searching Keywords Adding Keywords Grouping Add multiple Keywords Starting the Search Search Hits Tab Search Hits Bookmarks Creating Bookmarks Adding Bookmarks Bookmarking Selected Data Recovering Deleted Files/folders in FAT Partition Viewing Recovered Files Recovering Folders in NTFS Master Boot Record NTFS Starting Point Viewing Disk Geometry Recovering Deleted Partitions Hash Values Creating Hash Sets MD5 Hash Creating Hash Viewers Signature Analysis Viewing the Results Copying Files Folders E-mail Recovery Reporting Encase Boot Disks IE Cache Images
Module 15: Recovering Deleted Files and Deleted partitions Part I: Recovering Deleted Files
Deleting Files What happens when a File is Deleted in Windows?
Storage Locations of Recycle Bin in FAT and NTFS System How The Recycle Bin Works Damaged or Deleted INFO File Damaged Files in Recycled Folder Damaged Recycle Folder Tools to Recover Deleted Files Tool: Search and Recover Tool: Zero Assumption Digital Image Recovery Tool: PC Inspector Smart Recovery Tool: Fundelete Tool: RecoverPlus Pro Tool: OfficeFIX Tool: Recover My Files Tool: Zero Assumption Recovery Tool: SuperFile Recover Tool: IsoBuster Tool: CDRoller Tool: DiskInternals Uneraser Tool: DiskInternal Flash Recovery Tool: DiskInternals NTFS Recovery Recover Lost/Deleted/Corrupted files on CDs and DVDs Tool: Undelete Tool: Active@ UNDELETE Data Recovery Tool: CD Data Rescue Tool: File Recover Tool: WinUndelete Tool: R-Undelete Tool: Image Recall Tool: eIMAGE Recovery Tool: File Scavenger Tool: Recover4all Professional Tool: eData Unerase Tool: Easy-Undelete Tool: InDisk Recovery Tool: Repair My Excel Tool: Repair Microsoft Word Files Tool: Zip Repair Tool: Canon RAW File Recovery Software Part II: Recovering Deleted Partitions Deletion of Partition Deletion of Partition using Windows Deletion of Partition using Command Line Recovery of Deleted Partition Deleted Partition Recovery Tools Tool: GetDataBack Tool: DiskInternals Partition Recovery Tool: Active@ Partition Recovery Tool: Handy Recovery ITPro Global 2009 www.itpro.net.vn
Tool: Acronis Recovery Expert Tool: Active Disk Image Tool: TestDisk Tool: Recover It All! Tool: Scaven Tool: Partition Table Doctor Tool: NTFS Deleted Partition Recovery
2Mosaic Watermark breaking Tool Steganalysis teganalysis Methods/Attacks on Steganography TEMPSET Van Eck phreaking Printer Forensics Is Your Printer Spying On You? DocuColor Tracking Dot Decoding Steganography Tools Tool: Steganos Steganography Tool: Pretty Good Envelop Tool: Gifshuffle Refugee Tool: JPHIDE and JPSEEK Tool: wbStego Tool: OutGuess Tool: Invisible Secrets 4 Tool: Masker Tool: Hydan Tool: Cloak Tool: StegaNote Tool: Stegomagic Hermetic Stego Application of Steganography How to Detect Steganography? Stego Suite Steg Detection Tool StegSpy
Tool: Crack Tool: Brutus Tool: Access PassView Tool: RockXP Tool: Magical Jelly Bean Keyfinder Tool: PstPassword Tool: Protected Storage PassView Tool: Network Password Recovery Tool: Mail PassView Tool: Asterisk Key Tool: Messenger Key Tool: MessenPass Tool: Password Spectator Pro Tool: SniffPass Tool: Asterisk Logger Tool: Dialupass Tool: Mail Password Recovery Tool: Database Password Sleuth Tool: CHAOS Generator Tool: PicoZip Recovery Tool: Netscapass Common Recommendations for Improving Password Security Standard Password Advice
IIS Centralized Binary Logging ODBC Logging IISLogger: Development tool Socklog: IDS Log Analysis Tool KiwiSysLog Tool Microsoft Log Parser: Forensic Analysis Tool Firewall Analyzer: Log Analysis Tool Adaptive Security Analyzer (ASA) Pro: Log Analysis Tool GFI EventsManager How does GFI EventsManager work? Activeworx Security Center EventLog Analyzer Why Synchronize Computer Times? What is NTP Protocol? NTP Stratum Levels NIST Time Servers Configuring the Windows Time Service
Methods to Access a Wireless Access Point Direct-connect To the Wireless Access Point Nmap Scanning Wireless Access Points using Nmap Rogue Access Point Sniffing Traffic Between the Access Point and Associated Devices Scanning using Airodump MAC Address Information Airodump: Points to Note Searching for Additional Devices Forcing Associated Devices to Reconnect Check for MAC Filtering Changing the MAC Address Passive Attack Active Attacks on Wireless Networks Investigating Wireless Attacks
Association of Wireless AP and Device Search Warrant for Wireless Networks Key Points to Remember Points You Should Not Overlook while Testing the Wireless Network
Routing Information Protocol Hacking Routers Router Attack Topology Recording your Session Router Logs NETGEAR Router Logs Link Logger Sawmill: Linksys Router Log Analyzer Real Time Forensics Router Audit Tool (RAT)
Tracing Back Spam Mails Switch URL Redirection Sample Javascript for Page-based Redirection Embedded JavaScript Recovering Information from Web Pages Downloading a Single Page or an Entire Web Site Tool: Grab-a-Site Tool: SurfOffline 1.4 Tool: My Offline Browser 1.0 www.newprosoft.com Tool: WayBack Machine HTTP Headers Viewing Header Information Examining Information in Cookies Viewing Cookies in Firefox Tracing Geographical Location of a URL: www.centralops.net DNS Lookup Result: centralops.net DNS Lookup Result: centralops.net NetScanTools Pro Tool: Privoxy http://www.privoxy.org
Report Format of Antichildporn.org Tools to Protect Children from Pornography: Reveal Tool: iProtectYou Child Exploitation Tracking System (CETS) http://www.projectsafechildhood.gov/ Innocent Images National Initiative Internet Crimes Against Children (ICAC) Reports on Child Pornography U.S. Laws against Child Pornography Australia Laws against Child Pornography Austria Laws against Child Pornography Belgium Laws against Child Pornography Cyprus Laws against Child Pornography Japan Laws against Child Pornography
Deleted Files Windows Version Registry Key Containing the iPods USB/Firewire Serial Number Tool: DiskInternals Music Recovery Recover My iPod: Tool
Collecting Physical and Demonstrative Evidence Collecting Testimonial Evidence Best Practices for Investigators
EC-Council Certified Security Analyst/Licensed Penetration Tester ECSA/LPT CERTIFICATION BOOTCAMP (v4)
Nh Phn tch an ninh /Kim tra s xm nhp ca EC-Council - ECSA/LPT Tng quan
ECSA/LPT l lp hc khng nh cc lp hc khc! Cung cp th gii thc hnh thc trn kinh nghim thc t. Lp hc ch tp trung su vo Kim tra s xm nhp v Hack nng cao. Bao gm vic kim tra tt c c s h tng, cc h iu hnh v cc mi trng ng dng hin i. Chng trnh Nh phn tch an ninh, kim tra s xm nhp ca EC-Council (EC-Councils Certified Security Analyst/LPT) l kha hc v an ninh 5 ngy c s tng tc cao c thit k ging dy cho cc chuyn vin an ninh vic s dng cc phng php, cc cng c v cng ngh cao cp kim tra s xm nhp cn thit thc hin cc kim tra an ninh thng tin tng th.
i tng
Cc nh Qun tr my ch mng, Qun tr bc tng la, Cc nh kim tra an ninh, Qun tr h thng v Cc chuyn vin nh gi ri ro.
Thi lng
5 ngy
Mc tiu
Cc hc vin s hc cch thit k, bo v v kim tra cc mng bo v t chc ca hc vin t cc e da ca cc kiu tin tc v ti phm my tnh. Bng cch ging dy cc cng c v cc k thut xm nhp c bn cho vic kim tra xm nhp v an ninh, lp hc ny s gip hc vin thc hin cc nh gi chuyn su cn thit xc nh v lm gim bt mt cch hiu qu cc ri ro cho an ninh c s h tng ca t chc.Do hc vin hc cch xc nh cc vn an ninh, hc vin cng hc cch lm th no trnh v loi tr cc vn , bng vic cung cp ng b .cho lp hc cc ti phn tch v kim tra an ninh mng.
Chng ch
Vic thi ly chng ch quc t mn ECSA s c thc hin vo ngy cui cng ca lp hc. Cc hc vin cn thi online t yu cu ti trung tm thi Prometric mn thi 412-79 nhn chng ch ECSA. Hc vin cng s c chun b ly chng ch LPT.
Confidentiality Integrity Availability Nonrepudiation We Must Be Diligento:p> Threat Agents Assessment Questions How Much Security is Enough? Risk Simplifying Risk Risk Analysis Risk Assessment Answers Seven Questions Steps of Risk Assessment Risk Assessment Values Information Security Awareness Security policies Types of Policies Promiscuous Policy Permissive Policy Prudent Policy Paranoid Policy Acceptable-Use Policy User-Account Policy Remote-Access Policy Information-Protection Policy Firewall-Management Policy Special-Access Policy
Network-Connection Policy Business-Partner Policy Other Important Policies Policy Statements Basic Document Set of Information Security Policies ISO 17799 Domains of ISO 17799 No Simple Solutions U.S. Legislation California SB 1386 Sarbanes-Oxley 2002 Gramm-Leach-Bliley Act (GLBA) Health Insurance Portability Accountability Act (HIPAA) USA Patriot Act 2001 U.K. Legislation How Does This Law Affect a Security Officer? The Data Protection Act 1998 The Human Rights Act 1998 Interception of Communications The Freedom of Information Act 2000 The Audit Investigation and Community Enterprise Act 2005 and
login | logon username | userid | employee.ID | your username is password | password is passcode | your
Software
Error
IIS HTTP/1.1 Error Page Titles Object Not Found Error Message Used to Find IIS 5.0 Apache Web Server Apache 2.0 Error Pages Application Software Error Messages ASP Dumps Details Provide Dangerous
inurl:temp | inurl:tmp | inurl:backup | inurl:bak intranet | help.desk Locating Public Exploit Sites Locating Exploits Via Common Code Strings Searching for Exploit Code with Nonstandard Extensions Locating Source Code with Common Strings Locating Vulnerable Targets Locating Targets Via Demonstration Pages Powered by Tags Are Common Query Fodder for Finding Web Applications Locating Targets Via Source Code Vulnerable Examples Web Application
Many Errors Reveal Pathnames and Filenames CGI Environment Listings Reveal Lots of Information Default Pages A Typical Apache Default Web Page Locating Default Installations of IIS 4.0 on Windows NT 4.0/OP Default Pages Query for Web Server Outlook Web Access Default Portal Searching for Passwords Windows Registry Reveal Passwords Entries Can
Module 3: TCP/IP Packet Analysis TCP/IP Model Application Layer Transport Layer Internet Layer Network Access Layer
Locating Targets Via CGI Scanning A Single CGI Scan-Style Query Directory Listings Finding IIS 5.0 Servers
Comparing OSI and TCP/IP Addressing IPv4 Addresses IP Classes of Addresses Reserved IP Addresses Private Addresses Subnetting IPv4 and IPv6 Transport Layer Flow Control Three-Way Handshake TCP/IP Protocols TCP Header IP Header IP Header: Protocol Field UDP TCP and UDP Port Numbers Port Numbers TCP Operation Synchronization Handshake or 3-way
Sequencing Numbers Positive Acknowledgment Retransmission (PAR) UDP Operation Port Numbers Positioning between Transport and Application Layer (TCP and UDP) Port Numbers http://www.iana.org/assignments/port -numbers What Makes Unique? Each Connection and
Internet Control Message Protocol (ICMP) Error Reporting and Error Correction ICMP Message Delivery Format of an ICMP Message Unreachable Networks Destination Unreachable Message ICMP Echo (Request) and Echo Reply Detecting Excessively Long Routes IP Parameter Problem ICMP Control Messages ICMP Redirects Clock Synchronization and Transit Time Estimation Information Requests Message Formats Address Masks Router Solicitation Advertisement and and Reply
Denial of Service (DoS) Attacks DoS Syn Flooding Attack Windowing Acknowledgement Windowing and Window Sizes Simple Windowing Sliding Windows
Module 4: Advanced Sniffing Techniques What is Wireshark? Wireshark: Filters IP Display Filters Example Wireshark: Tshark Wireshark: Editcap Wireshark: Mergecap Wireshark: Text2pcap Using Wireshark Troubleshooting Network Methodology Using Wireshark Administration ARP Problems ICMP Echo Request/Reply Header Layout TCP Flags TCP SYN Packet Flags Bit Field Capture Filter Examples Scenario 1: SYN no SYN+ACK Scenario 2: Response RST SYN Immediate for Network
Wireless Sniffing with Wireshark AirPcap Using Channel Hopping Interference and Collisions Recommendations Wireless for Sniffing
Analyzing Wireless Traffic IEEE 802.11 Header IEEE 802.11 Header Fields Filters Filtering on Source MAC Address and BSSID Filtering on BSSID Filter on SSID Wireless Frame Types Filters Unencrypted Data Traffic Identifying Hidden SSIDs Revealed SSID Identifying Failures EAP Authentication
Scenario 3: SYN SYN+ACK ACK Using Wireshark for Security Administration Detecting Activity Internet Relay Chat
EAP Identity Disclosure Identifying WEP Identifying TKIP and CCMP Identifying IPSec/VPN Decrypting Traffic Scanning TCP Connect Scan
SYN Scan XMAS Scan Null Scan Remote Access Trojans NetBus Analysis Trojan Analysis Example NetBus Analysis
Report Generation Reports: Result Identifying False Positives Suspicious Signs False Positives Examples of False Positives Writing Nessus Plugins Writing a Plugin Installing and Running the Plugin Nessus Report with output from our plugin Security Center http://www.tenablesecurity.com
Module 5: Vulnerability Analysis with Nessus Nessus Features of Nessus Nessus Assessment Process Nessus: Scanning Nessus: Enumeration Nessus: Vulnerability Detection Configuring Nessus Updating Nessus Plug-Ins Using the Nessus Client Starting a Nessus Scan Generating Reports Data Gathering Host Identification Port Scan SYN scan Timing Port Scanning Rules of Thumb Plug-in Selection Dangerous plugins Scanning Rules of Thumb
Module 6: Advanced Wireless Testing Wireless Concepts Wireless Concepts 802.11 Types Core Issues with 802.11 Whats the Difference? Other Types of Wireless Spread Spectrum Background Channels Access Point Service Set ID Default SSIDs Chipsets Wi-Fi Equipment Expedient Antennas
Vulnerabilities RADIUS
to
802.1x
and
Wireless Penetration Testing with Windows Attacks And Tools War Driving The Jargon WarChalking WarPumpkin Wireless: Tools of the Trade Mapping with Kismet WarDriving with NetStumbler How NetStumbler Works? Active versus Detection Passive WLAN
Wired Equivalent Privacy Security - WEP Wired Equivalent Privacy Exclusive OR Encryption Process Chipping Sequence WEP Issues WEP - Authentication Phase WEP - Shared Key Authentication WEP - Association Phase WEP Flaws WEP Attack WEP: Solutions WEP Solution 802.11i Wireless Security Technologies WPA Interim 802.11 Security WPA 802.1X Authentication and EAP EAP Types Cisco LEAP TKIP (Temporal Protocol) Key Integrity
Disabling the Beacon Running NetStumbler Captured Data Using NetStumbler Filtering by Channels Airsnort WEPCrack Monkey-Jack How Monkey-Jack Works Before Monkey-Jack After Monkey-Jack AirCrack-ng How Does It Work? FMS and Korek Attacks Crack WEP Available Options Usage Examples Cracking WPA/WPA2 Passphrases
Wireless Networks Testing Wireless Communications Testing Report Recommendations Wireless Attack Countermeasures
IP Forwarding Iptables
and
NAT
Using
Installing Iptables and IP Forwarding Establishing the NAT Rules Dnsmasq Configuring Dnsmasq Apache Web Servers Virtual Directories Clone the Target Access Point and Begin the Attack Start the Wireless Interface Deauthenticate Clients Connected to the Target Access Point Wait for the Client to Associate to Your Access Point Spoof the Application Modify the Page Example Page Login/php page Redirect Web Traffic Using Dnsmasq
WarDriving and Wireless Penetration Testing with OS X What is the Difference between Active" and Passive" Sniffing? Using a GPS Attacking KisMAC WEP Encryption with
Deauthenticating Clients Attacking WPA with KisMAC Brute-force Attacks Against 40-bit WEP Wordlist Attacks Mapping StumbVerter WarDrives with
MITM Attack basics MITM Attack Design MITM Attack Variables Hardware for the Attack Antennas, Amps, WiFi Cards Wireless Network Cards Choosing the Right Antenna Amplifying the Wireless Signal Identify and Compromise the Target Access Point Compromising the Target Crack the WEP key Aircrack-ng Cracked the WEP Key The MITM Configuration Attack Laptop
Module 7: Designing a DMZ Introduction DMZ Concepts Multitiered Firewall With a DMZ Flow DMZ Design Fundamentals Advanced Design Strategies Designing Windows DMZ Designing Windows DMZ Precautions for DMZ Setup Security Analysis for the DMZ
Designing Sun Solaris DMZ Placement of Servers Advanced Implementation Solaris DMZ Server of a
Output Plugins Rules Working of Snort Initializing Snort Signal Handlers Parsing the Configuration File Decoding Possible Decoders Preprocessing Detection Content Matching Content-Matching Functions The Stream4 Preprocessor Inline Functionality Writing Snort Rules Snort Rule Header Snort Rule Header: Actions Snort Rule Header: Other Fields IP Address Negation Rule IP Address Filters Port Numbers Direction Operator Rule Options Activate/Dynamic Rules Meta-Data Rule Options: msg Reference Keyword sid/rev Keyword Classtype Keyword
Solaris DMZ Servers in a Conceptual Highly Available Configuration Private and Public Network Firewall Ruleset DMA Server Firewall Ruleset Solaris DMZ System Design Disk Layout and Considerations Designing Wireless DMZ Placement of Wireless Equipment Access to DMZ and Authentication Considerations Wireless DMZ Components Wireless DMZ Using RADIUS to Authenticate Users WLAN DMZ Security Best-Practices DMZ Router Security Best-Practice DMZ Switch Security Best-Practice Six Ways to Stop Data Leaks Reconnex
Module 8: Snort Analysis Snort Overview Modes of Operation Features of Snort Configuring Snort Variables Preprocessors
Payload Detection Rule Options: content Modifier Keywords Offset/depth Keyword Uricontent keyword fragoffset keyword ttl keyword id keyword flags keyword itype keyword : icmp id Writing Good Snort Rules Sample Rule to Catch Metasploit Buffer Overflow Exploit Tool for writing Snort rules: IDS Policy Manager Subscribe to Snort Rules Honeynet Security Console Tool Key Features
Syslog: Enabling Message Logging Main Display Window Configuring Kiwi Syslog to Log to a MS SQL Database Configuring Ethereal Syslog Messages to Capture
Sending Log Files via email Configuring Cisco Router for Syslog Configuring DLink Router for Syslog Configuring Cisco PIX for Syslog Configuring an Intertex / Ingate/ PowerBit/ SurfinBird ADSL router Configuring a LinkSys wireless VPN Router Configuring a Netgear ADSL Firewall Router Analyzing Web Server Logs Apache Web Server Log AWStats Configuring AWStats for IIS Log Processing in AWStats Analyzing Router Logs Router Logs Analyzing Wireless Network Devices Logs Wireless Traffic Log Analyzing Windows Logs Configuring Firewall Logs in Local Windows System Viewing Local Windows Firewall Log Viewing Windows Event Log
Module 9: Log Analysis Introduction to Logs Types of Logs Events that Need to be Logged What to Look Out For in Logs W3C Extended Log File Format Automated Log Analysis Approaches Log Shipping Analyzing Syslog Syslog Setting up a Syslog
AAnalyzing Linux Logs iptables Log Prefixing with iptables Firewall Log Analysis with grep Analyzing SQL Server Logs SQL Database Log ApexSQL Log Configuring ApexSQL Log Analyzing VPN Server Logs VPN Client Log Analyzing Firewall Logs Why Firewall Logs are Important Firewall Log Sample ManageEngine Firewall Analyzer Installing Firewall Analyzer Viewing Firewall Analyzer Reports Firewall Analyzer Log Reports Analyzing IDS Logs SnortALog IDS Log Sample Analyzing DHCP Logs DHCP Log NTP Configuration Time Synchronization and Logging NTP Overview NTP Client Configuration Configuring an NTP client using the Client Manager
Configuring an NTP Server NTP: Setting Local Date and Time Log Analysis Tools All-Seeing Tracker Eye Tool: Event Log
Network Sniffer Interface Test Tool Syslog Manager 2.0.1 Sawmill WALLWATCHER Log Alert Tools Network Eagle Monitor Network Eagle Monitor: Features SQL Server Database Log Navigator What Log Navigator does? How Does Log Navigator Work? Snortsnarf Types of Snort Alarms ACID (Analysis Console for Intrusion Databases)
Module 10: Advanced Exploits and Tools Common Vulnerabilities Buffer Overflows Revisited Smashing the Stack for Fun and Profit Smashing the Heap for Fun and Profit Format Strings Mayhem for Chaos and
Shellcoding Shellcode Examples Delivery Code Delivery Code: Example Linux Exploits Versus Windows Windows Versus Linux Tools of the Trade: Debuggers Tools of the Trade: GDB Tools of the Trade: Metasploit Metasploit Frame work User-Interface Modes Metasploit: Environment Environment: Global Environment Environment: Environment Metasploit: Options Metasploit: Commands Metasploit: Launching the Exploit MetaSploit: Advanced Features Tools of the Trade: Canvas Tools of the Trade: CORE Impact IMPACT Industrializes Penetration Testing Ways to Use CORE IMPACT Other IMPACT Benefits ANATOMY OF A REAL-WORLD ATTACK CLIENT SIDE EXPLOITS Impact Demo Lab Temporary
Module 11: Penetration Testing Methodologies Module 12: Customers and Legal Agreements Module 13: Rules of Engagement Module 14: Penetration Testing Planning and Scheduling Module 15: Pre Penetration Testing Checklist Module 16: Information Gathering Module 17: Vulnerability Analysis Module 18: External Penetration Testing Module 19: Internal Network Penetration Testing Module 20: Routers and Switches Penetration Testing Module 21: Firewall Penetration Testing Module 22: IDS Penetration Testing Module 23: Wireless Network Penetration Testing Module 24: Denial of Service Penetration Testing Module 25: Password Cracking Penetration Testing Module 26: Social Engineering Penetration Testing Module 27: Stolen Laptop, PDAs and Cell phones Penetration Testing Module 28: Application Penetration Testing Module 29: Physical Security Penetration Testing Module 30: Database Penetration testing Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Module 31: VoIP Penetration Testing Module 32: VPN Penetration Testing Module 33: War Dialing Module 34: Virus and Trojan Detection Module 35: Log Management Penetration Testing Module 36: File Integrity Checking Module 37: Blue Tooth and Hand held Device Penetration Testing Module 38: Telecommunication and Broadband Communication Penetration Testing Module 39: Email Security Penetration Testing
Module 40: Security Patches Penetration Testing Module 41: Data Leakage Penetration Testing Module 42: Penetration Testing Deliverables and Conclusion Module 43: Penetration Testing Report and Documentation Writing Module 44: Penetration Testing Report Analysis Module 45: Post Testing Actions Module 46: Ethics of a Licensed Penetration Tester Module 47: Standards and Compliance
i tng
Chng ch hon thnh kha hc ECSP cp cho cc lp trnh vin, nhng ngi c trch nhim thit k v xy dng cc ng dng tron mi trng Windows/Web vi khung .NET/Java. Chng trnh ny c thit k cho cc nh thit k c cc k nng s dng C#, C++, Java, PHP, ASP, .NET v SQL.
Thi lng
Kha hc c thi lng l 5 ngy
iu kin
Hc vin phi c kin thc lp trnh c bn.
Mc tiu
im ni bt ca kha hc ECSP l cung cp nhng kin thc v an ninh h thng khng ph thuc vo mt lnh vc c th, Ni dung kha o to ECSP p ng yu cu ca cc ngn ng lp trnh khc nhau trn quan im an ninh. iu ny dn n s hiu bit su hn v cc lnh vc chuyn mn / kin trc / ngn ng cng nh v cc vn lin quan.
Chng ch
Sau kha hc, hc vin s t c chng ch hon thnh kha hc ca EC-Council. ly chng ch quc t ECSP bn phi thi mn thi ECSP 312-92 ti cc trung tm kho th Prometric
Building Blocks of Software Security Types of Security Vulnerabilities Vulnerability Cycle Types of Attacks Hackers and Crackers or Attackers Risk Assessment and Threat Modeling STRIDE Threat Model Common Criteria Security Architecture Security Principles Secure Development Checklists Use of Privilege o Data, Configuration, and Temporary Files o Network Port Use o Audit Logs User-Server Authentication
o o o o o
JAD (Joint Application Development) Fountain Model Spiral Model Build and Fix Synchronize-and-Stabilize
Agile Methodologies Extreme Programming (XP) o o XP Practices The Rules and Practices of Extreme Programming Primary Goals Diagram UML Tool Rational Rose Vulnerabilities and Other Security Issues in a Software Application o Security Through Obscurity o Buffer Overflows o Format String Vulnerabilities/ Race Conditions
Module II: Designing Secure Architecture Introduction Secure Architecture Application Security Factors Affecting Application Security Software Engineering and Development Life Cycle (SDLC) System
o Locking Problems o Exception Handling o Fundamentals of Control Granularity o Concepts Strategies Of Fail Safe Design
Different Phases of Software Development Life Cycle o System Requirements o Specifications o Design o Coding o Testing o Integration Testing o Maintenance
o Input and Parameter Validation o Encrypting Secrets in Memory and Storage Privilege Access Levels for Information
o Scrubbing Information o
o Loose Coupling o High Cohesion Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o Use of Digital Signature o Digital Signature Standard o Digital Signature Algorithm: Signature Generation/Verification o Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme o Challenges and Opportunities Digital Certificates o Creating and Verifying a Simple XML Digital Signature in C# o Cleversafe Grid http://www.cleversafe.com/ Builder
Module III: Cryptography Introduction to Cryptography o Encryption o Decryption Use of Cryptography Classical Cryptographic Techniques Modern Cryptographic Techniques Cipher RSA (Rivest Shamir Adleman) o Example of RSA Algorithm o RSA Attacks o RSA Challenge o Implementation of RSA in C++ Data Encryption Standard (DES) o DES Overview o Implementation of DES in Java RC4, RC5, RC6, Blowfish o RC5 Blowfish Algorithm in C Message Digest Functions o One-way Bash Functions o MD5 o Implementation of MD5 in Java SHA (Secure Hash Algorithm) o SHA Implementation in Java SSL (Secure Sockets Layer) What is SSH? o SSH (Secure Shell) Algorithms and Security Disk Encryption Government Access to Keys (GAK) Digital Signature ITPro Global 2009 www.itpro.net.vn
PGP (Pretty Good Privacy) CypherCalc Command Line Scriptor CryptoHeaven Cryptanalysis Cryptography Attacks Brute-Force Attack Use Of Cryptography Module IV: Buffer Overflows Buffer Overflows Reasons for Buffer Overflow Attacks Why are Programs/Applications Vulnerable? Understanding Stacks Understanding Heaps Types of Buffer Overflows: Stack-based Buffer Overflow o o A Simple Uncontrolled Overflow of the Stack Stack Based Buffer Overflows
Types of Buffer Overflows: Heap-based Buffer Overflow o o Heap Memory Buffer Overflow Bug Heap-based Buffer Overflow
Attacking a Real Program Tool to Defend Buffer Overflow: Return Address Defender (RAD) Tool to Defend Buffer Overflow: StackGuard Tool to Defend Buffer Overflow: Immunix System
o Heap-Based Buffer Overflow o Off By One/Five Errors o Double Free Vulnerability Secure Memory Allocation Tips Symmetric Encryption o Symmetric Encryption in C++ Blowfish Algorithm in C Public Key Cryptography o Public Key Cryptography in C++ Creating an SSL Client in C++ Creating an SSL Server Networking o o
o Vulnerability Search ICAT o Valgrind o Insure++ Buffer Overflow Protection Solution: Libsafe o Comparing Functions of libc and Libsafe Code Analysis
Random Number Generation Problem Anti-Tampering o Anti-Tampering Techniques Erasing Data from Memory Securely using C/C++ Preventing Memory From Being Paged to Disk Using Variable Arguments Properly Signal Handling Encapsulation in C++ Best Practices for Input Validation Code Profiling And Memory Debugging Tool: Val grind
Module V: Secure C and C++ Programming Introduction of C/C++ Vulnerable C/C++ Functions o Strcpy() o Strncat() o Strncpy() o Sprintf() o Gets() C/C++ Vulnerabilities o Buffer Overflow Strings Countermeasures Integer Vulnerabilities Truncation Sign Error Countermeasures
Module VI: Secure Java and JSP Programming Introduction to Java JVM Java Security Sandbox Model Security Issues with Java o SQL Injection Attack SQL Injection using UNION Preventive Measures for SQL Injection
o Pointer Subterfuge o Dynamic Memory Management o Stack Smashing o GCC Extension to Protect StackSmashing Attacks
Java GSS Security o Code for GSS Server o Code for GSS Client o Problem of Untrusted User Input Security From Untrusted User Input Cross Site Scripting o Overcoming Cross Site Scripting Problem How to create permissions? new types of
o .Class File Format o Byte Code Attack o Reverse Engineering/ Decompilation by Mocha o Obfuscation Tools: Jmangle o Cinnabar Canner Byte Code Verifier Class Loader o Building a SimpleClassLoader Security Manager jarsigner - JAR Signing and Verification Tool Signing an Certificates Applet Using RSA-Signed
Permissions in Java o
Security Policy o Specifying an additional Policy File at runtime o Policy Tool Policy Tool: Creating a new Policy File
o Signing Tools o Getting RSA Certificates o Bundling Java Applets as JAR Files o Signing Java Applets Using Jarsigner o Signing Java Applets Using Netscape Signing Tool Security Extensions o Java Authentication and Authorization Service (JAAS) o Java Cryptographic Extension (JCE) o Java Cryptography Architecture o JCE: Pseudo Code for Encryption o JCE: Pseudo Code for Decryption o o Sample Code for Encryption and Decryption Java(TM) Secure Socket Extension (JSSE) o Module VII: Secure Java Script and VB Script Programming Script: Introduction JavaScript Vulnerability o Cross-Site Scripting (XSS) How to Avoid XSS? JavaScript Hijacking Defending Against JavaScript Hijacking
Decline Malicious Requests Prevent Direct Execution of the JavaScript Response Malicious Script Embedded in Client Web Requests Tool: Thicket Obfuscator for JavaScript JavaScript Security in Mozilla JavaScript Security in Mozilla: Same Origin Policy
Creating Secure Client Sockets Creating Secure Server Sockets Choosing the Cipher Suites ITPro Global 2009 www.itpro.net.vn
o Same Origin Check Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
o JavaScript Security in Mozilla: Signed Script Policy Netscape's SignTool o Netscape's SignTool: Signing a File Privileges Tool for Encryption: TagsLock Pro JavaScript Shell (Jash): Command-Line Debugging Tool Tool: Script Encoder Tool: Scrambler VBScript: CryptoAPI Tools Signing A Script (Windows Script Host ) Verifying a Script Signature Verification Policy Software Restriction Policies for Windows XP Step-by-Step Guide for Designing a Software Restriction Policy Step-by-Step Guide for Creating Additional Rules Rule for Blocking Malicious Scripts Javascript
Detecting Exceptions with Scripting Language Error-Handling Mechanisms Using VBScript to Detect an Error Using Jscript to Detect an Error
o o
Notifying the Support Team When an Error Occurs Using CheckForError Attacks on ASP ASP DypsAntiSpam: A CAPTCHA for ASP o o How To Prevent Automatic Submission With DypsAntiSpam CAPTCHA: Examples
How to Use Database and ASP Sessions to Implement ASP Security o o o o Step 1: Create A User Database Table Step 2: Create And Configure The Virtual Directory Step 3: Create The Sample Pages Step 4: Add Validation Code To Pages Encoding ASP Code: Script Encoder Protecting Passwords of ASP Pages with a One-way Hash Function ASP Best Practices: Error Handling
Module VIII: Secure ASP Programming ASP- Introduction ASP Design Problems Improving ASP Design o Using Server-Side Includes Using Server-Side Includes: Example Using Server-Side Includes: Protecting the Contents of Include Files Advantage of VBScript ITPro Global 2009 www.itpro.net.vn
Module IX: Secure Microsoft.NET Programming Common Terminology Microsoft .NET: Introduction .NET Framework o .NET Framework Security Policy Model
Taking Classes
o Using Server.Execute o Using Server.Transfer #include Directive .BAK Files on the Server Programming Errors
Security Policy Levels Security Features in .NET Key Concepts in .NET Security Code Access Security (CAS) Evidence-Based Security Role-Based Security
o o
Security: Security:
Windows Generic
Administration Tool: Authorization Manager (AzMan) with ASP.Net ASP.NET Security Architecture Authentication and Authorization Strategies o o o o o o o URL Authorization File Authorization Windows Authentication Forms Authentication Passport Authentication Custom Authentication Implementing Custom Authentication Scheme
Declarative and Imperative Security Cryptography Generate Key for Encryption and Decryption o o o o Symmetric Encryption in .Net Asymmetric Encryption in .Net Symmetric Decryption in .Net Asymmetric Decryption in .Net
Protecting Client and Server Data Using Encryption Cryptographic Signatures o o Write a Signature in .Net Verify a Signature in .Net Hash Code Generation Verification of Hash Code Code Access Permissions Identity Permissions Role-Based Security Permissions
Configuring Security with Mscorcfg.msc Process Identity for ASP.NET Impersonation o Impersonation Sample Code Secure Communication Storing Secrets o Options for ASP.NET Storing Secrets in
Permissions o o o of Runtime
Securing Session and View State Web Form Considerations Securing Web Services Secure Remoting o Create a Remotable Object Secure Data Access .NET Security Tools Code Access Security Policy Tool o Caspol.exe o Caspol.exe Parameters
SkipVerification Stack Walk Writing Secure Class Libraries Runtime Security Policy Step-By-Step Configuration Security Policies Creating a Package Type Safety Canonicalization Access Control List Editor Securing User Information Obfuscation Dotfuscator: .NET Obfuscator Tool Credentials and Logon Security Policy
Deployment
Certificate Creation Tool: Makecert.exe o Options in Makecert.exe Certificate Manager Tool: Certmgr.exe Certificate Verification Tool: Chktrust.exe Permissions View Tool: Permview.exe PEVerify Tool: Peverify.exe Best Practices for .NET Security
Module X: Secure PHP Programming Introduction to PHP (Hypertext Preprocessor) o o o o o o o o PHP Security Blunders Unvalidated Input Errors Solution for Access Control Flaws Solution for Session ID Protection Error Reporting Data Handling Errors Security Sensitive PHP Functions: File Functions Security Sensitive PHP Functions: ezmlm_hash o o o o o o o o
Forgeries SQL Injection Defending SQL Injection Attacks PHP Configuration Attacks Preventing PHP Configuration Attacks File System Attacks Defending File System Attacks Information Gathering Attacks PHP Injection Attacks
Secure PHP Practices o Safe Mode o Disable Register Globals o Validating Input o PHP Input Filter Class Best Practices for PHP Security PHP Tools o o Acunetix Web Vulnerability Scanner Encryption Software: PHP Code Lock Zend Guard POBS stands for Obfuscator/Obscurer PHP
PHP Vulnerabilities o Informational Vulnerabilities o Common File Name Vulnerability o Revealed Source Code Vulnerability o Revealing Error Message Vulnerability o o Sensitive Data Vulnerability Session File Vulnerability in in Web Root Server
Shared
o o
o Sensitive Data in Globally Readable File Vulnerability o o Revealing Vulnerability HTML Comment Fingerprint
Module XI: Secure PERL Programming Common Terminology Introduction: Practical Extraction and Report Language (PERL) Security Issues in Perl Scripts Basic User Input Vulnerabilities Overcoming Basic User Input Vulnerabilities Insecure Environmental Variables Algorithmic Complexity Attacks Perl: Taint, Strict, and Warnings o o o Taint Mode How Does Taint Mode Work? Taint Checking
o Packet Sniffing Vulnerability o Attack Vulnerabilities o Global Variable Vulnerability o Default Password Vulnerability o Online Backup Vulnerability Common PHP Attacks o o o o o Remote Code Execution Cross-Site Scripting Attack (CSS) Cross Site Scripting Attack: Example Cross-Site Request Forgeries (CSRF, Sea-Surf or XSRF) Workaround for Cross-Site Request
o o o Setuid
Using Tainted Data Securing the Program Using Taint Strict Pragma
Security of URI in XML Security of Opaque Data in XML Growth of XML as Percentage of Network Traffic XML Web Services Security Best Practices XML Security Tools o o Perl V-Sentry Vordel SOAPbox
o Setuid Sample Code o Setuid: Authenticating the user o Security bug with Setuid The Perl crypt() Function Logging Into a Secure Web Site with Script Secure Log-in Checklist Program for Secure Log-in Securing open() Function Unicodes Displaying Unicode As Text
AJAX: Security Issues How to Prevent AJAX Exploits Tool: HTML Guardian Tool: Sprajax- AJAX Security Scanner Tool: DevInspect
Module XII: Secure XML, Web Services and AJAX Programming Web Application and Web Services Web Application Vulnerabilities o Coding Errors o Design Flaws XML- Introduction XSLT and XPath XML Signature o Applying XML Signatures to Security An Enveloped, Enveloping and Detached XML Signature Simultaneously XML Encryption o The abstract Element <Encrypted-Type>
Module XIII: Secure RPC, ActiveX and DCOM Programming RPC Introduction o RPC Authentication o RPC Authentication Protocol o NULL Authentication o UNIX Authentication o Data Encryption Standard (DES) Authentication Data Encryption Standard (DES) Authentication on Server Side
Security Considerations for the XML Encryption Syntax Canonicalization Validation Process in XML XML Web Services Security o XML-aware Network Devices Expand Network Layer Security
o Security Support Providers (SSPs) Writing an Authenticated SSPI Client Writing an Authenticated SSPI Server
o Secure RPC Protocol Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Module XIV Secure Linux Programming Introduction Is Open Source Good for Security? Linux Basics Linux File Structure Basic Linux Commands Linux Networking Commands Linux Processes POSIX Capabilities o UTF-8 Security Issues o UTF-8 Legal Values Advantages of Security Functionality o Security Audit o Communication o Encryption o Identification and Authentication o Security Management Requirements for Security Measure Assurance o Enabling Source Address Verification o iptables and ipchains o Code to save the ipv6tables state o Controlling Access by MAC Address o Permitting SSH Access Only Network Access Control o Layers of Security for Incoming Network Connections
o RPC Programming Best Practices o Make RPC Function Calls Making RPC Function Calls: Using Binding Handles Making RPC Function Calls: Choose the Type of Binding Handles and Choose a Protocol Sequence Use Context Handles
o Deal of RPC With Network o Write a Secure RPC Client or Server ActiveX Programming: Introduction o o o o o Preventing Repurposing SiteLock Template IObjectSafety Interface Code Signing How to Create Your Own Code Signing Certificate and Sign an ActiveX Component in Windows Protecting ActiveX Controls Security in DCOM Application-Level Security Security by Configuration Programmatic Security Run As a Launching user Run As a Interactive User Run As a Specific User Security Problem on the Internet Security on the Internet Heap Overflow Vulnerability Workarounds for Heap Overflow Vulnerability Tool: DCOMbobulator DCOM Security Best Practices
DCOM: Introduction o o o o o o o o o o o o o
o Prohibiting Root Logins on Terminal Devices o Authentication Techniques o Authorization Controls o Running a Root Login Shell o Protecting Connections Outgoing Network
o Logging in to a Remote Host o Invoking Remote Programs o Copying Remote Files Public-key Authentication between OpenSSH Client and Server
o Authenticating in Cron Jobs o Protecting Files o File Permissions o Shared Directory o Encrypting Files o Listing Keyring o Signing Files o Encrypting Directories POP/IMAP Mail Server Testing an SSL Mail Connection Securing POP/IMAP with SSL and Pine SMTP Server Testing and Monitoring o Testing Login Passwords (John the Ripper) o Testing Login Passwords (CrackLib) o Testing Search Path o Searching Filesystems Effectively o Finding Setuid (or Setgid) Programs o Securing Device Special Files o Looking for Rootkits o Tracing Processes o Observing Network Traffic o Detecting Insecure Network Protocols o Detecting Intrusions with Snort o Log Files (syslog) o Testing a Syslog Configuration o Logwatch Filter Linux Security Best Practices Structure Program Internals and Approach Minimize Privileges Sample Code Filter Cross-Site Malicious Content on Input Filter HTML/URIs that may be Re-Presented Avoid Buffer Overflow LanguageSpecific Issues o C/C++ o C/C++ (contd) ITPro Global 2009 www.itpro.net.vn
o Dangers in C/C++ o Sample Codes o Perl o Perl (contd) o Ada o Java o Java (contd) o Tcl o Tcl Sample Code o PHP o PHP (contd) Linux Security Tools o Linux Application grsecurity Auditing Tool:
o grsecurity Configuration
Module XV: Secure Linux Kernel Programming Introduction What to do after Building Kernel? Linux Kernel Configuration Menu Steps to compile a Linux Kernel o Compiling the Kernel Module XVI: Secure Xcode Programming Introduction to Xcode Mac OS X applications o o o o o o Cocoa Carbon AppleScript Script Editor Script Window CDSA
Secure Transport API Set and Cryptographic Service Provider (CSP) Creating SSL Certificate on Mac OS X Server o Using SSL with the Web Server
Labels Step 4: Apply Policy to Tables and Schemas Step 5: Authorize Users Step 6: Create and Authorize Trusted Program Units (Optional) Step 7: Configure Auditing (Optional)
Authentication Methods Encrypted disk images Networking Security Standards Personal firewall Checklist of recommended steps required to secure Mac OS X Module XVII: Secure Oracle PL/SQL Programming Introduction: PL/SQL PL/SQL in Oracle Server Security Issues in Oracle o o o o o o o o SQL Injection Defending SQL Injection Attacks SQL Manipulation Code Injection Attack Function Call Injection Attack Buffer Overflow Vulnerabilities DBMS_SQL in PL/SQL Prevent DBMS_SQL in PL/SQL and Other o
Using Oracle Label Security with a Distributed Database Oracle Identity Management Security Tools Secure Backups: Tool Encryption and Its Types: Obfuscation Obfuscation Sample Code Encryption Using DBMS_CRYPTO Advanced Security Option Row Level Security Oracle Database Vaults: Tool Auditing o o o o o Auditing Methods Audit Options View Audit Trail Oracle Auditing Tools Fine-Grained Auditing (FGA)
Types of Database Attacks Establishing Security Policies Password Management Policy o Password Management Password History policy:
Testing PL/SQL Programs SQL Unit Testing Tools: SPUnit SQL Unit Testing Tools: TSQLUnit SQL Unit Testing Tools: utPLSQL Steps to Use utPLSQL Module XVIII: Secure SQL Server Programming Introduction SQL Server Security Model o SQL Server Security Model: Login Steps to Create a SQL Server Login Database User Guest User Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Auditing Policy Oracle Policy Manager Oracle Label Security (OLS) Create an Oracle Label Security Policy o o o Step 1: Define the Policy Step 2: Define the Components of the Labels Step 3: Identify the Set of Valid Data
Permissions Database Engine Permissions Hierarchy Roles o Public Role o Predefined Roles Fixed Server Roles Fixed Database Roles User-Defined Roles Application roles Security Features of MS-SQL Server 2005 SQL Server Security Vulnerabilities: o Buffer Overflow in pwdencrypt() o Extended Stored Procedures Contain Buffer Overflows SQL Injection Prevent SQL Injection Sqlninja: o SQL Server Injection & Takeover Tool o Finding Target Data Encryption Built-in Encryption Capabilities Encryption Keys Encryption Hierarchy Transact-SQL Create Symmetric Key in T-SQL Create Asymmetric Key in T-SQL Certificates Create Certificate in T-SQL SQL Server Security: Administrator Checklist Database Programming Best Practices SQL Server Installation o Authentication o Authorization Best Practices for Database Authorization Auditing and Intrusion Detection How to Enable Auditing Database Security Auditing Tools: ITPro Global 2009 www.itpro.net.vn Ports
o AppDetective o NGSSquirrel o AuditPro Module XIX: Secure Network Programming Basic Network Concepts: o Network o Protocols o Client Server Model Basic Web Concepts Network Programming Benefits of Secure Network Programming Network Interface How to Secure Sockets: o Server Program o Client Program UDP Datagram and Sockets Internet Address How to connect to secure websites URL Decoder Reading Directly from a URL Content Handler Cookie Policy RMI Connector .Net : Internet Authentication Network Scanning www.securecentral.com Tool: ScanFi
Network Programming Best Practices Module XX: Windows Socket Programming Introduction Windows NT and Windows 2000 Sockets Architecture Socket Programming Client-Side Socket Programming o The Socket Address Structure Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
The Socket Address Structure: Code Analysis Initializing a Socket and Connecting Server-Side Socket Programming Creating a Server Winsock 2.0 Winsock Linking Methods Starting a Winsock 2 API Accepting Connections: o AcceptEx WinSock: TransmitFile and TransmitPackets Grabbing a Web Page Using Winsock Generic File Grabbing Application Writing Client Applications TCP Client Application Sample Code Writing Server Applications TCP Server Application Sample Code Winsock Secure Socket Extensions o WSADeleteSocketPeerTargetName o WSAImpersonateSocketPeer o WSAQuerySocketSecurity o WSARevertImpersonation o WSASetSocketPeerTargetName o WSASetSocketSecurity Function SOCKET_SECURITY_SETTINGS Case Study: Using WinSock to Execute a Web Attack Case Study: Using Winsock to Execute a Remote Buffer Overflow MDACDos Application Module XXI: Writing Shellcodes Introduction Shellcode Development Tools Remote Shellcode Port Binding Shellcode FreeBSD Port Binding Shellcode Clean Port Binding Shellcode ITPro Global 2009 www.itpro.net.vn
Binding
Shellcode:
Socket Descriptor Reuse Shellcode o Socket Descriptor Reuse Shellcode in C o Socket Descriptor Reuse Shellcode: Sample Code Local Shellcode execve Executing /bin/sh Byte Code setuid Shellcode chroot Shellcode o o Breaking of chroot jails in Traditional Way Breaking Out of Chroot Jails on Linux Kernels
Windows Shellcode Shellcode Examples Steps to Execute Shell Code Assembly The Write System Call o o Linux Shellcode for Hello, world! The Write System Call in FreeBSD FreeBSD execve jmp/call Style FreeBSD execve Push Style FreeBSD execve Push Several Arguments Style,
execve Shellcode in C o o o
Implementation of execve on Linux Linux Push execve Shellcode System Calls o The Socket System Call o The Bind System Call o The Listen System Call o The Accept System Call o The dup2 System Calls o The execve System Call Linux Port Binding Shellcode Compile, Print, and Test Shellcode Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Reverse Connection Shellcode Socket Reusing Shellcode Linux Implementation of Socket Reusing Shellcode Reusing File Descriptors setuid Root o setuid Root: Executing the Program o setuid Root: System calls used by the program Using ltrace utility Using GDB Assembly Implementation SysCall Trace RW Shellcode Encoding Shellcode Decoder Implementation and Analysis Decoder Implementation Program Results of Implementation Program OS-Spanning Shellcode Assembly Creation Module XXII: Writing Exploits Introduction Targeting Vulnerabilities o o Remote and Local Exploits A Two-Stage Exploit
Writing Exploits and Vulnerability Checking Programs o Writing Exploits and Vulnerability Checking Programs Sample Code Memory Organization Stack Overflows Finding Exploitable Stack Overflows in Open-Source Software Finding Exploitable Stack Overflows in Closed-Source Software Doug Lea Malloc Freed Dlmalloc Chunk Vulnerable Program Example Figures: Fake Chunk, Overwritten Chunk
Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability CAN-2002-0656 Exploitation Exploitation Sample Code The Complication Improving the Exploit Integer Bug Exploits Integer Wrapping Program: Addition-Based Integer Wrapping Multiplication-Based Integer Wrapping Bypassing Size Checks o Signed Size Check Without Integer Wrapping Using the Metasploit Framework Determining Attack Vector Finding the Offset: Overwriting the Return Address The First Attack String Overwriting EIP with a Known Pattern Selecting a Control Vector Finding a Return Address Selecting the Search Method in the Metasploit Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Format String Attacks o Example of a Vulnerable Program Using %n Character Fixing Format String Bugs o Case Study: xlockmore UserSupplied Format String Vulnerability CVE-2000-0763
TCP/IP Vulnerabilities Race Conditions o o File Race Conditions Signal Race Conditions
Case Study: man Input Validation Error ITPro Global 2009 www.itpro.net.vn
Opcode Database Search Method in Metasploit Opcode Database Using the Return Address o Inserting the Return Address o Verifying Return Address Reliability Nop Sleds: Increasing Reliability with a Nop Sled Choosing a Payload and Encoder o Listing Available Payloads o Determining Payload Variables o Generating the Payload o msfencode Options List of Available Encoders Choosing a Payload and Encoder: msfencode Results msfweb Payload Generation Setting msfweb Payload Options msfweb Generated and Encoded Payload Integrating Exploits into Framework Module XXIII: Programming Port Scanners and Hacking Tools Port Scanner o Working of a Simple Port Scanner o Prerequisites for Writing a Port Scanner
o Packet Capturing Example o Saving Captured Packets to a File o The wiretap Library o Adding a new file format to the wiretap library o wtap Struct o Setting up a New Dissector o Programming the Dissector o Adding a tap Module Coding for Nessus o Nessus Attack Scripting Language (NASL) Programming Framework in the Nessus
Extending Metasploit o Metasploit Framework (MSF) o msfweb Interface o Selecting the Exploit Module o msfconsole Interface o Using msfconsole Interface o Steps Involved in Executing an Exploit under msfconsole o msfcli Interface o Using msfcli Interface o Updating the MSF Writing Snort rules o Writing Basic Rules o The Rule Header o Rule Options o Writing Advanced Rules: PerlCompatible Regular Expressions (PCRE)
o Port Scanner in C++ o Port Scanner in C# o Building a Simple Port Scanner in VC++
o Port Scanner in Java o Example JavaScript Port Scanner o Port Scanner in ASP.Net o Port Scanner in Perl o Port Scanner in PHP o UDP Port Scanning in PHP o Port Scanner in XML Coding for Ethereal ITPro Global 2009 www.itpro.net.vn
o Byte_test and Byte_jump o Optimizing Rules o Testing Rules o Writing Detection Plugins Netcat Source Code
Certificate Enrollment in SATSA o Generating a Private Key and Certificate Signing Request in SATSA Requesting the Signed Certificate (Verifying the CSR) Storing a Certificate Certificate Local Store into the
o o
Module XXIV: Secure Mobile phone and PDA Programming Mobile Phone Programming Different OS Structure in Mobile Phone o Symbian Operating System o Guidelines Symbian OS for Securing
Data Integrity with Message Digests o o Generating a Message Digest Verifying a Message Digest Signing a byte Array Authentication Purposes for
PalmOS PalmOS Vulnerabilities HotSync Vulnerability Creator ID Switching Windows Mobile Calling Services Secure Web
Data Confidentiality - Using Ciphers for Data Encryption o o Using Cipher to Encrypt Data using a Symmetric Encryption Using Cipher to Decrypt Data using a Symmetric Encryption Security Devices Attacks in Bluetooth
Comparison of Common Programming Tasks PDA Programming o o o o PDA Security Issues Security Policies for PDAs PDA Security Products PDA Security Vendors
Bluetooth security o o o o o o o Bluetooth Security Management Tool: Bluekey Tool: BlueWatch Tool: BlueSweep Tool: Bluediving Tool: Smartphone Security Client Tool: BlueFire Mobile Enterprise Edition Security : Key
Java 2 Micro Edition(J2ME) J2ME Architecture J2ME Security Issues o CLDC Security MIDP Security Mobile Information Device Profile (MIDP) o Programming the BlackBerry With J2ME Security and Trust Services API (SATSA) for J2ME: The Security APIs
Mobile Phone Security Tips o Defending Cell Phones and PDAs Against Attack F-Secure Antivirus for Palm OS
Module XXV: Secure Game Designing ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Game Designing Introduction Type of Games o Console Games o Mobile Games o Online Games o Off-line Games o Wii Games
Scheme HACKER SAFE Certification o HACKER SAFE Technology Secure EGuidelines for Developing Commerce Applications
Module XXVII: Software Activation, Piracy Blocking and Automatic Updates Software Activation: Introduction o o o o o o Piracy o o o o o Impacts of piracy Piracy Blocking Digital Right Management (DRM) Software Strategies Piracy Protection Process of Software Activation Software Activation: Advantages Activation Explained Online License Management Server Activation Policies Policy Control Parameters
Threats to Online Gaming Game Authoring Tools o The 2D Shooter Game Creator o Multimedia Fusion o Adventure Game Studio o Game Maker o FPS Creator o Stagecast Creator o RPG Maker XP o The Scrolling Game Development Kit o Visual3D.NET
Copy protection for DVD Application Framework DVD Copy Protection System Content Protection During Digital Transmission Watermark System Design Issues Economic Costs False Positives Rate Interaction with MPEG compression Detector Placement Copy Generation Management Tool: Crypkey EnTrial Key Generation EnTrial Distribution File EnTrial Product Initialization Dialog & Package
Module XXVI: Securing E-Commerce Applications Purpose of Secure E-Commerce Application E-Business Concepts: Secure Electronic Transaction (SET) o Working of SET SSL Certificates VeriSign SSL Certificates Entrust SSL Certificates Secure Socket Layer (SSL) o o o
o o o o o o o o o o o o
Digital Certificates Digital Signature o Digital Signature Technology o Digital Signature Algorithm Signature Generation/Verification ECDSA, ElGamal Signature
o o o o
Options for Setting up Windows Automatic Updates on XP Automatic Updates Option on AVG Antivirus Automatic Explorer Automatic Firefox Updates Updates for for Internet Mozilla
Module XXIX: Writing Secure Documentation and Error Messages Error Message
Module XX VIII: Secure Application Testing Software Development Life Cycle (SDLC) Introduction to Testing Types of Testing o White Box Testing Types of White Box Testing Dynamic White-Box Testing Integration Test Regression Testing System Testing o o Black Box Testing Load Testing Strategies For Load Testing o Functional Testing Creating Test Strategy Creating Test Plan Creating Test Cases and Test Data Executing, Bug Fixing and Retesting Testing Steps o o o o
Classic Testing Mistakes User Interface Errors What Makes a Good User Interfaces Use Automatic Testing and Tools Generic Code Review Checklist Software Testing Best Practices Testing Tools o QEngine o WinRunner o LoadRunner
i tng
Cc nh qun tr h thng, Qun tr mng v bt c ai quan tm n cc cng ngh v an ninh mng.
Thi lng
5 ngy
iu kin
Kha hc ny l iu kin cn hc chng trnh CEH.
Chng ch
Sau kha hc, hc vin s c nhn chng ch hon thnh kha hc ca EC-Council. t chng ch quc t ENSA bn cn thi mn thi 312-38 ti cc trung tm kho th Prometric
Domain Name System Domain Names Creating a new Domain Name Components Of DNS Domain Namensraum Name servers Resolver
Logical Elements of Network IP Addresses IP Address Space Assignment of IP Address Prefix Based Addressing
Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer
Gateways Working of Gateway Functional Categories of Gateway Devices Data Gateway Multimedia Gateway Home Control Gateway
TCP/IP Model Physical Layer Data Link Layer Logical Link Control(LLC) Media Access Control (MAC)
Types of network media Wired media or Bounded Network Media Twisted pair cable Shielded Twisted Pair Unshielded Twisted Pair
Coaxial cable or copper cable Fiber-optic cable Plenum and PVC cable
Types of Transmission Serial Data Transmission Parallel Data Transmission Unicast Transmission Multicast Transmission
Logical Network Classification Client Server networking Peer to peer networking Mixed Mode Networking
Network Equipments Network Interface Cards Access Points Switches Concentrators/hub Modem Router Brouter Bridges Adapters
Terminal Emulation Protocol (TELNET) of TCP/IP TELNET: Vulnerabilities Network News Transfer Protocol Network News Transfer Protocol: Vulnerabilities
Application Layer Protocols Boot Strap Protocol (BOOTP) Data Link Switching Client Access Protocol(DCAP) Dynamic Host Configuration Protocol (DHCP)
Domain Name System(service) Protocol (DNS) File Transfer Protocol (FTP) Trivial FTP (FTP) and Trivial FTP: Vulnerabilities Network Time Protocol Network News Transfer Protocol Simple Network Management Protocol(SNMP) and Its Versions Internet Relay Chat Protocol(IRCP) Service Location Protocol(SLP) Hyper Text Transfer Protocol (HTTP) Hyper Text Transfer Protocol Secure (HTTPs)
Mobility Support Protocol for IP(Mobile IP) Network Address Resolution Protocol Next Hop Resolution Protocol Open Shortest Path First(OSPF) protocol Routing Information Protocol
Multicasting Protocols Border Gateway Multicast Protocol Distance Vector Multicast Protocol Internet Group Management Protocol
Other Network Protocols The NetBEUI Protocol The IPX/SPX Protocol Service Advertisement Protocol IPX/SPX Node Address IPX/SPX Server Address IPX Frame Types NWLink Protocol
Transport Layer Protocols Reliable Data Protocol(RDP) Transmission Control Protocol(TCP) User Datagram Protocol(UDP) TCP, UDP: Attacks and Countermeasures
Data link Layer Protocol Address Resolution Protocol(ARP) Vulnerabilities and Security Measures
Network Layer Protocols Routing Protocols Border Gateway Protocol(BGP) Exterior Gateway Protocol(EGP) Internet Protocol and its versions Internet Control Message Protocol(ICMP) &V6 The Internet Group Management Protocol (IGMP) ICMP Router Discovery Protocol(IRDP)
Network Address Resolution Protocol (NARP) Reverse Address Resolution Protocol(RARP) Serial Line Protocol (SLP) High Level Data Link Control (HDLC) Protocol Point-to-Point Protocol (PPP)
TCP/lower -level Interface TCP/lower level Commands Open call Listen state Send Call Receive Call Close Call Abort Call Status call
Relation to other Protocol Tcp/ip Protocol suite Physical And Data link Layer Network Layer Transport layer Application Layer
TCP Tcp header format Source port Destination port Sequence Number Acknowledgement Number Data offset Reserved Control Bits Window Checksum Urgent Pointer Options Data
Algoritms in TCP Appropriate byte Counting(ABC) Additive Increase Multiplicative Decrease(AIMD) Selective Acknowledgement(SACK) TCP Friendly Rate Control(TFRC)
TCP Checksum Calculation Performance Estimation in TCP Round Trip Time Estimation
Problems related to TCP Packet Replication Checksum Error Out of order data delivery Bottleneck Bandwidth Packet Loss
Overview of IP IP Header Format Version IHL Type of Service Preceedence Delay Throughput Reliablity
IPv6 IPv6 Header Version Priority Flowlabel Payload Length Next Header Hop limit Source Address Destination address
Total Length Identification Flags Fragment Offset Time to live Protocol Header Checksum Source Address/ Destination Address Options Data
5.12.
IP Addressing IP datagram Maximum Transmission Unit Fragmentation Encapsulation Formatting Reassembly Delivery Routing Multicasting Encapsulating Security Payload
802.7-Broad Band LAN 802.10-Security 802.11-Wireless LAN(WLAN) 802.12-Demand Priority Access 802.15-Wireless Personal Area Networks (WPAN) 802.16-Broad Band Wireless MAN (WMAN) 802.17-Resilliant Packet Ring Work Group
Security awareness Functions of Network security administrator Develop, Maintain and implement IT security Maintain and implement firewalls Monitor and secure network and servers Monitor critical system files Backup the files
Wireless Networking Standards IEEE Standards 802.1X 802.11 Architecture 802.11 Standards (Wi-Fi Standard) 802.11a 802.11b 802.11e 802.11g 802.11h 802.11i standards 802.11n
Cabling Standards Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Configuration of security policy Implementation of security policy Incident Handling and Escalation Procedures Security operations and life cycle management Securing Assets Defining Responses to Security Violations
Specification Standards
Presenting and Reviewing the Process Compliance with Law and Policy Intellectual Property Legal Issues Describing the Electronic Communications Privacy Act
Goals of security Policies Vital role of a security policy Classification of Security policy User policies Password Management policy
IT policies General Policies Partner Policies Types of Security Policies: Issues Specific Policies
Policy design Contents of Security Policy Privacy and Confidentiality Security levels Separation of duties, dual controls, job rotation
Security organization and policy development Security policy features ITPro Global 2009 www.itpro.net.vn
Dumpster Diving
Laptop Security Countermeasures Laptop Security Tools Laptop Tracker - XTool Computer Tracker Tools to Locate Stolen Laptops
Prevention & Detection of physical hazards Premises Security Office Security Reception Area Authenticating individuals Personal Access Control Smart Cards Proximity Control
Securing Network Devices Server Security Securing Backup devices Physical Access to the Boot CDROM and Floppy Drives Other equipment, such as fax, and removable media
Biometrics Process of Biometrics Accuracy of Biometrics Applications of Biometrics Fingerprint Verification Hand Geometry Voice Recognition Retina Scanning Iris Scanning Panasonic Authentication
EPS (Electronic Physical Security) Challenges in Ensuring Physical Security Countermeasures Fencing Security force Watch Dogs Locks and Keys Physical Security: Lock Down USB Ports Tool: DeviceLock Blocking the Use of USB Storage Devices Track Stick GPS Tracking Device USB Tokens TEMPEST Fire Safety: Fire Suppression, Gaseous Emission Systems Fire Safety: Fire Detection Failures of Supporting Utilities: Heating Ventilation, Air Condition
Workplace security Controlling system access: Desktop security Workstation security Laptop Theft: Security Statistics Laptop Theft
Attacks Smurfing Man-in-the-Middle Attacks Denial of service DDoS Buffer Overflow Zero Day Attacks Jamming Password Attacks Brute Force Password Attacks
Spoofing Session Hijacking Web Page Defacement Recording Key Strokes Cracking Encrypted Passwords Revealing Hidden Password
Hiding Evidence of an Attack Problems Detecting Network Attacks Network Scanning Tools: The Netstat Tool Nmap NetscanTool Superscan
Sniffing
Common Vulnerabilities and Exposures (CVE) Threats ITPro Global 2009 www.itpro.net.vn
hping
Data Resource Theft Denial of Service Password Download Malformed Packet Packet Flooding
Module: Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS)
Introduction to IDS History of Intrusion Detection Intrusion Detection Concepts Architecture Monitoring Strategies Analysis type Timing Goal of detection Control Issues
Tool: NetRanger Tool: Bro Tool: Arpwatch (in Linux) Tool: Psad(in Linux) Tool: ippl(in Linux)
Host Based IDS HIDS Architecture Centralized Host Based Distributed Real Time Host Based
Characteristics of IDS Importance of IDS Aggregate Analysis with IDS Types of IDS Network based IDS NIDS Architecture Traditional Sensor-Based Distributed Network Node ITPro Global 2009 www.itpro.net.vn
Host Based Detection Abuse of Privilege Attack Scenarios Critical data Access and Modification Changes in Security Configuration
Tool: Host sentry Tool: KFSensor Tool: LIDS Tool: SNARE Tool: Tiger(in Linux)
Host Based IDS Vs Network Based IDS The Hybrid IDS Framework
Prelude IDS Components Interaction between Prelude components Relaying Reverse Relaying Tool: Libasfe
Intrusion Prevention System Intrusion Prevention Strategies IPS Deployment Risks Flexible response with Snort Snort Inline Patch
Information Flow in IDS and IPS Raw Packet Capture Filtering Packet Decoding Storage Fragment Reassembly Stream Reassembly Stateful Inspection of TCP Sessions Firewalling
Protocol Intrusion Detection System Network Behavior Analysis (NBA) Unified Thread Management
Deployment of IDS Types of Signatures Network signatures Host based signatures Compound Signatures
True/False-Positive/Negative Major Methods of Operation Signature Based Detection Anomaly Based Detection
IDS Vs IPS
Module: Firewalls
Firewalls: Introduction Security features Securing individual users Perimeter security for networks
IDS Tool Snort BlackICE M-ICE Secure4Audit (auditGUARD) Emerald Nides SECUREHOST GFI EventsManager
Multiple components of Firewall Firewall Operations Software Firewall Hardware Firewall Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Types of Firewalls Packet Filtering Firewall IP Packet Filtering Firewall TCP Packet Filtering Firewall Circuit-Level Gateway Application Level Firewalls Application Packet Filtering Firewall Stateful Multilayer Inspection Firewall Network Level Firewalls
Multi firewall DMZ Two firewalls, One DMZ Two firewalls, Two DMZ
Specialty firewalls and Reverse firewalls Advantages of using Firewalls Disadvantages of using Firewalls Threats Firewalking Banner Grabbing Placing Backdoors Through Firewalls
Pix Firewall Basic features of PIX firewal ADvanced Features of PIX firewall Firewall Features Establishing Rules and Restrictions for your Firewall Firewall Configuration Strategies Scalability Productivity Firewall Architecture Dual-Homed Host Architecture Screened Host Architecture Screened Subnet Architecture
Limitations of Firewalls Personal Firewall Software ZoneAlarm Pro PC-Cillin Norton Personal Firewall McAfee Personal Firewall Windows Personal Firewall
Personal Firewall Hardware Linksys and Netgear SonicWall and Watchguard Ciscos PIX Netscreen
Handling threats and security tasks Protection against hacking Centralization and Documentation Multi-layer firewall protection Firewall deployment strategies Screened Host Two router with one firewall Introduction to Demilitarized Zone(DMZ) DMZ screened subnet
Firewall Log Analysis Firewall Analyzer Firewall Logs Automatic Firewall Detection Firewall Log Import Firewall Log Archiving
IP Header Configuring Types of Filtering Stateful Packet Filtering Stateless Packet Filtering Dynamic Packet Filtering
Comparison of Various Firewall Products T-REX Open Source Firewall SQUID WinGate Symantec Enterprise Firewall Firewall Testers Firewalk FTester Firewall Leak Tester
Filtering rules Packet Filter Rules That Cover Multiple Variations Packet Filter Rules That Cover ICMP Packet Filter Rules That Block Ping Packets Packet Filter Rules That Enable Web Access Packet Filter Rules That Enable DNS Packet Filter Rules That Enable FTP Packet Filter Rules That Enable EMail
Advantages/Disadvantages of filtering Flags used TCP Urgent Flag Ack Flag Push Flag Reset Flag Syn flag Fin Flag
Proxy servers
Role of Proxy Server Routed Environment Network Environment Blocking URLs and unblocking URLs
Configuring Bastion Host Locating Bastion Host Physical Location Network Location Configuring Bastion Host Making the Host Defend Itself
Securing the Machine Itself Making the Host Defend Itself Selecting Services to be Provided Special Considerations for UNIX System Special Considerations for Windows System
Installation & configuration Administration and management of Proxy servers Security and access control Reorganizing the Single-Point-of-Failure (SPOF) Reverse Proxies How Proxy Servers Differ From Packet Filters Performance enhancement, monitoring, and troubleshooting
Disabling Accounts Disabling Unnecessary Services Limiting Ports Handling Backups Role of Bastion host Bastion Host security policy
Examples of Honeypots
External Direct Connect Modem Advantages and Disadvantages of External Direct Modem
Optical Modems Short Haul Modems Smart Modem Controller Less Modem Acoustic Modem Advantages and Disadvantages of acoustic modem
Null modems
Modem Security Additional Security to modems Password modems Callback modems Encrypting modems Caller-ID and ANI schemes
Honeynet Architecture of Honeynet Types of Honeynet Distributed Honeynet GEN I Honeynet Gen II Honeynet Virtual Honeynet
Modem Security should be a priority for the telephony managers SecureLogix provides Solutions for Modems Security Make modem Security simple with robust Management Tool
Modem Risks Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Virtualization Engine Troubleshooting BR350 (Bridge) Diagnosing Repeater and Gateway Problems Troubleshooting Hubs and Switches Troubleshooting cable modem Troubleshooting DSL or LAN Internet Connection Troubleshooting a Universal Serial Bus Device Troubleshooting IEEE 1394 Bus Devices
Modem Failure Symptoms Modem Firmware Failure Random modem Lock ups due to bug in firmware Newer Firmware upgrades reduced the number of such lockups
Primary Modem Failure No Longer drops all modems Just the one Modem is lost
Troubleshooting Network Slowdowns NetBios Conflicts IP Conflicts Bad NICs DNS Errors Insufficient Bandwidth Excessive Network Based Application Daisy Chaining Spyware Infestation
Reasons for modem Connection Failure Modem Incompabilities Buggy Modem Firmware Bad Phone line Misconfigured Modems or communication software Temporary Modem Failures
Some Common Failures Modem Not Responding Modem Damaged Modem Not Compatible System Crashes
Troubleshooting Wireless devices Checking the Led Indicators Checking Basic setting SSID WEP Keys Security Setting
A Troubleshooting Methodology Overview of Troubleshooting Troubleshooting Strategies Recognizing Symptoms Understanding The Problem System Monitoring Tools
Network Monitor Performance Monitors Protocol Analyzer The Protocol Analysis Process
Troubleshooting Physical Problems Troubleshooting Link Status Physical Troubleshooting Tools Troubleshooting the Topology Troubleshooting the Fault Domain Tracing connectivity ipconfig
Device Manager Troubleshooting Network Communication Identifying Communication Problems Using Ping and Traceroute Exploring Network Communications Find Path Information Access point Interface Identify Communication Capabilities Load balancing Configuration Best Practices for windows 2000,windows Server General consideration Security ad Manageability High Availability
Performance Measurement Tool Host Monitoring Tool Point Monitoring tool Network Monitoring Tool
TCP/IP Troubleshooting Utilities Troubleshooting with IP Configuration Utilities Troubleshooting with Ping Troubleshooting with Tracert Troubleshooting with Arp Troubleshooting with Telnet Troubleshooting with Nbstat Troubleshooting with Netstat Troubleshooting with FTP Troubleshooting with Nslookup Troubleshooting NTP
How to isolate networking problems (Windows XP): Network Adapter Network adapter is unplugged Network adapter has limited or no connectivity Network adapter is connected, but you can't reach the Internet
Troubleshooting Tools Hardware-Based Troubleshooting Tools Network Technicians Hand Tools The POST Card Memory Testers Electrical Safety Rules Wire Crimpers Punch Down Tools
Circuit Testers Voltmeters Cable Testers Crossover Cables Hardware Loopback Plugs LED Indicator Lights Tone Generators
Internal configuration sources Router Initiation Loading the configuration files Configuring from the TFTP Server The Setup Configuration Mode CLI configuration mode
Router Configuration Modes Global Configuration mode Interface Configuration mode Line Configuration Mode Privilege EXEC mode ROM Monitor mode User EXEC Mode
Finger Tool Disabling the auxiliary and closing extra interfaces BOOTp service TCP and UDP small servers Disabling Proxy ARP Disabling SNMP Disabling NTP Hardening a Router Configuring a banner Passwords and secrets Encrypting passwords Creating end user accounts Setting session time-out periods
Cisco Logging Options Console Logging Buffered Logging Terminal Logging Syslog Logging SNMP Logging
Routing Protocols Routing Information Protocol (RIP) Interior Gateway Routing Protocol (IGRP) Enhanced Interior Gateway Routing Protocol (EIGRP) Open Shortest Path First (OSPF) Border Gateway Protocol (BGP)
Filtering Network Traffic Access Control List Basics of ACL Creating Access Control List ACl Types Monitoring ACL Implementing ACL Securing Routers: ACL
Routing Table Maintenance Protocol (RTMP) Troubleshooting a router Troubleshooting tools Troubleshooting with network management tools Troubleshooting IP Connectivity in Routers Troubleshooting PPP Troubleshooting Frame Relay Troubleshooting X.25 Troubleshooting ISDN
Log System Error Messages Securing Routers: Committed Access Rate Securing Routers: Secure Shell Authentication methods Configuring SSH Default Locations of Secure Shell Files Generating the Host Key Ciphers and MACs Compression Configuring Root Logins Restricting User Logins
Regional settings Virtual Servers Share Point Portal Server Antivirus Protection
Process Resource Access Managing Access control Resource Access Privileges Access Lists
Windows Windows Server 2003 Windows 2003 Infrastructure Security Windows 2003 Authentication Windows 2003 Security Configuration Tools Windows 2003 Resource Security Windows 2003 Auditing and Logging Windows 2003 EFS Windows 2003 Network Security
Discretionary Access Control List (DACL) Privileges Objects And Permissions Rights Vs Permissions NTFS File System Permissions Encryption File System Windows Network Security Computer Management File Management Security Configuration And Analysis Tool Firewalls
Windows Certificate Authorities Certificate Authority Requirements Major Functions of a CA Hierarchy Certificate Standard and Format Implement Microsoft Certificate Authorities Implement a Microsoft Enterprise Root CA
Windows infrastructure features Active Directory Group Policy Share Security Dynamic DNS updates
Desktop Management Troubleshoot User Logons Troubleshoot User Configuration Troubleshoot System performance
File Management Troubleshooting Access to Files And Folders Troubleshooting Access to Shared Files And Folders Troubleshooting Access to Offline Files and Folders
Kerberos Authentication And Domain Security Trust Relationships Between Domains IP Security Problems With IP Security
Introduction to Linux Certificate Authorities Certificate Authorities for Linux Preparing to Install a CA Open LDAP Using CATool
Linux User and File system Security Administration Security Data Security Network Security
Pluggable Authentication Module Configuring PAM Pam Configuration Files PAM Framework Security With PAM
Network Information Services Group Management Utilities Network File System Permission Management Tools System Logger Utility Unix Security UNIX Security Checklist v2.0
Guest Account User Account etc/password fields etc/shadow fields etc/gshadow etc/group
File System and Navigation File And Directory Permissions Default Directories
version Patch Management Tool Selecting a Tool Learning Curve Platform Support System targeting Ease of Use Connection Sensitivity Deployment Schedule Cost
Consolidating Patches on Red hat Network Configuring the Proxy Server Configuring the Proxy Client
Red Hat Up2date Patch Management Utility Installation Steps Red Hat Up2date Patch Management: Command Line Interface Security Patch Compliance Distribution Discovery and zero-touch inventory Client Adoption Troubleshoot Security Patch Management Reporting
Patch Management Tools Microsoft Baseline Security Analyzer Qchain BES Patch Management Shavlik HFNetChkPro 5 PatchLink Update SecureCentral PatchQuest
Phase Obtainment Testing Deploy Phase Deployment Preparation Deployment of the Patch
Confirmation
Windows Update Services Microsoft Patch Management Tool: Microsoft Baseline Security Analyzer MBSA: Scanning Updates in GUI Mode MBSA: Scanning Updates in Command-line
Analysis of logs
access_log Domain type Hours Hits Threading Entrance Exit Clock Analysis Download Time
IIS Logs
Limitations of log files System Log Aggregation, Statistics And Analysis Introduction To Syslog Estimating log quantities and log system requirements Back-hauling your logs Building a central loghost Parsing and normalizing Bayesian spam filters for logging Storage and rotation Databases and logs Graphing log data Alerting Legalities of logs as evidence
Overview of logging Secure Audit Logging Setting Up Remote Logging Linux Process Tracking Windows Logging Logging on Windows loghosts NTsyslog Remote Logging in Windows
TCPDump logs
Web Server Log Analysis Analog Mach5 FastStat Analyzer Web Trends Happy Log Net Merit Click Tracks Word Tracker
Monitoring for Intrusion and Security Event Importance of Time Synchronization Passive Detection Methods EventCombMT Event Collection
Apache Logs
Scripting
Watchlog LogDog
Investigating Log Files Log file Codes Log File Information Log Messages
Log File Rotation Tools LogController Newsyslog Spinlogs Trimlog System Log Rotation Service(SLRS) Bzip2
Importance of log review Optimizing system and network Performance Identifying security incidents, policy violations, fraudulent activities, and operational problems Performing audits and forensic analyses Supporting internal investigations Establishing baselines Identifying operational trends and long-term problems
How to Secure Logs(Log Security) Limit Access To Log Files Avoid Recording Unneeded Sensitive data Protect Archived Log Files Secure The Processes That Generate the Log Entries Configure each log source to behave appropriately when logging errors occur Implement secure mechanisms for transporting log data from the system to the centralized log management servers
Log Analysis Tools UserLock WSTOOl Auditing tools ASDIC Tenshi SpoofMAC Gentle MAC PRO Log Manager
Generic Log Parsing Tools LogSentry SL2 Flog Simple Log Clustering Tool(SLCT) xlogmaster GeekTool (mac O.S) Dumpel.exe (Windows O.S)
Secure Vs Non-Secure
Common Threats On Web Identity theft Spam Mail Distributed Denial of Service(DDoS) Reflection Dos Attack Parasitic Malware Bots Cross Site Request Forgery Session Hijacking Smurf attack FTP bounce RSS/Atomic Injection DNS Attack Content Spoofing Logical Attacks Buffer Overflow IP and Routing Protocol Spoofing
Embedded Application Security (EMBASSY) TCP/IP security Technology IPSec And SSL Security IPSec And SSL Security In Embedded Systems Network Security For Embedded Applications Embedded Network Security Hardware Instructions
Secure Coding Common Errors Buffer Overflow Format String Vulnerabilities Authentication Authorization Cryptography
Identifying Unauthorized Devices Restrictive Access Network Addresses Altering the Network Addresses
Tracking the Connectivity: Tracert/Traceroute Testing the Traffic Filtering Devices Installing and Protecting IIS Client Authorization Certificate Authorities
Best Practices For Secure Coding Distrust User Input Input Validation Magic Switches Malicious Code Detection
Input Data Validation Browsing Analysis Browser Security Mozilla Browser Internet Explorer Security Setting of Internet Explorer Configuring Security Zone Setting up the Internet Zone Setting up the Intranet Zone Setting up Trusted and Restricted Sites Zone Working with domain Name suffixes Selecting Custom level Settings Miscellaneous Options User Authentication
Image IPIX
VRML Audio Multimedia Shockwave Real Player Shockwave Flash Quick Time
Browser hijacking Preventing Restoring Tools: Stringer Download Cwshredder Microsoft Anti Spyware software
Mozilla Firefox Plug-ins Acrobat Reader Adobe Flash Player Java Quick Time RealPlayer Shockwave Windows Media player The Validate HTML Plug-ins
Accessibility Analyzer Validate Sites HTML Wayback Versions Validate P3P View In BugMe Not
Webpage Speed Report Validate Links (W3C) Open Text Validate RSS Validate CSS Validate HTML
Field names and values Address list Recipients and Senders Response targets and threading
E-Mail Servers Testing the Email Server E-Mail Encryption Centurion mail Kerberos Hush Mail Pretty good privacy Secure Hive
Common Gateway Interface(CGI) CGI Script CGI Mechanism Web Servers Mechanisms and Variables Third part CGI Scripts Server Side Includes
Installing WorkgroupMail Configuring Outlook Express Secure Email Certificate Revocation E-mail Authentication
CGI operation Responding To the Client Using the Client to call a CGI application
E-mail protocols// inc all protocols Multipurpose Internet Mail Extensions(MIME) /Secure MIME Pragmatic General Protocol(PGP) Simple Mail Transfer Protocol(SMTP) SMTP: Vulnerabilities
Post Office Protocol(POP) and its POP3 Internet Message Access Protocol(IMAP)
Client and server architecture E-Mail Security Risks Spoofed Addresses Spam
Hoaxes Phishing Snarfing Malware E-Mail spoofing E-Mail viruses Gateway virus scanners Outlook Viruses E-mail Attachment Security E-Mail Spamming Protecting against spam Spam filters
Smart Cards
VeriSign Authentication Evolution of Encryption Introduction to Encryption Encryption Systems Firewalls Implementing Encryption Lack of Encryption Cost of encryption Preserving data integrity Maintaining confidentiality Authentication and Identification Authenticity of N/W clients Key Based Encryption Systems Symmetric Key Public Key Public Key: SSL
How to defend against E-Mail security risks Quarantining Suspicious Email Vulnerability check on Email System
Tools for E-mail Security ClipSecure CryptoAnywhere BCArchive CryptainerLE GfiMailEssentials SpamAware
Hashing Algorithms Encryption Algorithms RSA Algorithm Performing RSA Encryption and Decryption Create your RSA Key Pair Creating RSA keys Encrypting and Decrypting with RSA Cracking an RSA Encrypted Message
RC2 and RC4 IDEA SNEFRU RIPE-MD HAVAL SKIPJACK XOR BLOWFISH camellia Cast encryption algorithm Tiny encryption algorithm SCA: Size-Changing Algorithms
Transport Mode Tunnel Mode Choosing Best IPSec Mode for Organizations
IPSec Processing Fragmentation Enabling IPSec Algorithms for IPSec Protocols AH ESP
Analyzing popular encryption schemes Symmetric Vs Asymmetric Encryption Symmetric key encryption Asymmetric key encryption Hashing PGP X.509 SSL
IPSec Protocol Security IPSec Policies IP Filters Filter Action Authentication Methods Tunnel Setting Connection Type
Types of Encryption Algorithms Symmetric Key Encryption Password Based Encryption Asymmetric key encryption
Cryptography History of Cryptography Math and Algorithms Private key Exchange Public Key Exchange Message Authentication DES for Encryption
Introduction to Virtual Private Network Types of VPN Remote Access VPNs Intranet Access VPNs ExtraNet VPNs
Limitations
Digital Certificates Paper Certificates and Identity Cards Authorities that Issue Physical Certificates Difference Between Physical and Digital Certificates Standards For Digital Certificates X.509 as Authentication Standard Public Key Certificate Secret Key Certificate Viewing digital certificates
Point to point Tunneling Protocol(PPTP) Goals And Assumptions Terminology Control Connections Security And Disadvantages
Public and Private Keys A Public Key Generated by PGP Choosing the size of keys Generating Keys Using a Key Server that is on a Users Network Using an Online Key Server
Layer 2 Tunnel Protocol Characteristics L2TP Header Format L2TP Control Message header L2TP Data message L2TP Compulsory Tunnel L2TP Voluntary Tunnel
Digital Signatures Signature as identifiers Features of Digital Signatures Digital Signature In practice PKI Standards of Digital Signatures
Wireless Cards Antenna Wireless Desktop Cards Wireless Laptop Cards Wireless USB Adapters Wireless Internet Video Camera Digital Media Adapter Wireless Converters Wireless Print Server Wireless Rechargeable Bluetooth mouse
Step1: Setting Up VPN Step2: Implement DHCP Services Step3: Create An Enterprise Certificate Authority Step 4: Install IAS Step 5: Configure IAS Step 6: Create A Remote Access Policy Step 7: Configure The VPN Server Step 8: Associate The VPN Server With The DHCP Server Step 9: Configure Remote Clients Step 10: Test The Client Connection VPN Policies VPN Registrations And Passwords Risk Associated With VPN Pre Implementation Review Auditing Implementation Review Auditing Post Implementation Review And Reporting
Wireless Technologies Personal Communication Services(PCS) Time Division Multiple Access(TDMA) Code Division Multiple Access(CDMA) ARDIS BlueTooth Frequency and Data rates Bluetooth Architecture and components
Ultra Wideband
Service Set Identifier (SSID) Detecting Wireless Network How to scan Tool: Kismet Netstumbler
Denial of Service or Distributed Denial of Service Social Engineering Weak key Attacks Dictionary Attacks Birthday Attacks
WPA Security Measures Change the SSID Use Encryption Use a VPN Use a Firewall
WLAN Security Policy Development Issues Goals And Characteristics Auditing WLAN Security Policy
WLANs in Public Space Security Vulnerabilities With Public Access Wireless Networks
Risks Due To Wireless Networks Wired Equivalent Privacy WEP Key Cracking Tools WEPCrack AirSnort Aircrack
Mobile Security Through Certificates Certificate Management Through PKI Trouble Shooting Wireless Network Multipath and Hidden Node Identifying And Resolving Interface Problems
Wireless Network Attack Tool: AirSnarf Tools to detect MAC Address Spoofing: Wellenreiter v2 WLAN Management Detecting Rogue Points
RAID Level 0(Striping) RAID Level 1(Mirroring or Duplexing) RAID Level 2(Striping with Error Correction Code(ECC)) RAID Level 3(Striping with Parity on a single Drive) RAID Level4(Striping by block with Parity on a single Drive) RAID Level 5(Striping with Parity Information Spread Across Drives)
Clustered Servers Simple Server Redundancy Archiving Auditing Anatomy of Auditing Auditing Mechanism Audit Browsing
Reasons for Network Failure Viruses And Trojans Intrusion And Unauthorized Access Power Supply Failure
Reasons For System Failure Crime User Error Environmental Routine Events
Deployment Testing Circuit Redundancy Offsite Storage Perimeter Security Understanding Vulnerabilities Authentication Security Policies
Preventive Measures Physical Security Backups Files Back up Tape Backup Pros And Cons
Practical tips Setting Privileges Access Rights Partitions Peripherals UPS And Power Generators RAID
What Is an Incident Response Incident Response Architecture Six Step Approach for Incident Handling (PICERF Methodology) Preparation Identification Containment Eradication Recovery Follow-up
Recovery of Small and Large Computer Systems Emergency Management Disaster Recovery Planning Process of Disaster Recovery Plan Organizing Training Implementing Process
Incident Response Team Basic Requirements Ways of Communication Staffing Issues Stages
Disaster Recovery Planning Team Training the Disaster Recovery Planning Team
Obstacles in Building a Successful Incident Response Team Computer Security Incident Response Team Services Reactive Services Proactive Services Security Quality Management Services
Business Process Inventory Risk Analysis Concept of risk Analysis Methods of Risk Analysis Process of Risk Analysis Continuous Risk Assessment Techniques To minimize Risk
Business Impact Analysis Risk Assessment Other Policies, standards and process Monitoring
Business Continuity Management Six myths about Business Continuity Management and Disaster Recovery Disaster Prevention Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
Phase 1- Acquisition Phase 2 - Identification Phase 3 - Analyzing Phase 4 - Evaluation Phase 5 - Generation
How to assess vulnerability assessment tools Selecting vulnerability assessment tools Tools: SAINT Nessus BindView Nmap Ethereal Retina Sandcat Scanner Vforce NVA-Team Checklist
Goals of vulnerability assessment Features of a good vulnerability assessment Network Vulnerability Assessment Timeline Network Vulnerability Assessment Team
Vulnerability classes Source Of Vulnerabilities Design Flaws Poor Security management Incorrect Implementation
Choice of Personnel for Network Vulnerability Assessment Network vulnerability Assessment methodology:
Education Services
QUN L D N (PM)
CHNG CH QUC T 212-79 THI LNG KHA HC: 5 ngy TNG QUAN KHA HC
Kha hc ny c thit k dy cho hc vin cc quy tc c bn qun tr tt mt d n. Hc vin s hc cch xc nh v ln k hoch cc ngun ti nguyn d n, to lp s hot ng ca d n, v lm yu cu ch yu cc bo co hoch nh v nh gi. Cc vn quan trng ca vic la chn nhn s v qun tr nhm cng c ging dy. Nhng mc tiu hc tp ny c tng cng bng kha hc d n cho php hc vin p dng nhng nguyn l v cc cng c m h hc c Mt d n l mt n lc c thc hin to ra mt sn phm hay dch v c o. Mi d n c mt s khi u v mt s kt thc nht nh. V mi sn phm hay dch v c to ra th khc nhau mt kha cnh no so vi cc sn phm v dch v tng t. C rt nhiu loi d n khc nhau ph thuc vo tng ngnh cng nghip v phm vi hot ng. Mt vi v d: Pht trin mt sn phm hay dch v mi, Thc hin mt s thay i v c cu, nhn vin, hay phong cch ca mt t chc, Thit k phn mm my tnh, v d nh mt h thng (kho) qun tr vt t, mt h thng x l khiu ni, hay mt h thng k ton. Qun tr d n c ngha nhiu hn vic n thun lp k hoch. N lin quan n vic cn i rt nhiu cc phn vic khc nhau, nhng vic m cc gim c d n sp xp thnh chn lnh vc kin thc. Mt d n in hnh bt u vi vic ai c mt tng, hoc bng mt tng thng nht thng qua tho lun. Ri tng t c s chp thun t mt nhm rng hn: c th khng chnh thc thng qua tho lun vi cc ng nghip v sau thng qua mt qu trnh chnh thc hn lin quan n Ban qun tr cao cp, Ban gim c hay Hi ng qun tr. iu ny s dn n mt qu trnh lp qu, qu trnh thng to ra s chm tr ng k, v ri, nu vic lp qu thnh cng, d n c th bt u, nhn vin s c tuyn v cng vic c th bt u. Cng vic ny phi c lp k hoch v qun l, cc vn c gii quyt, n khi d n hon thnh, hy vng l thnh cng, v c kt thc. Cc phng php chnh thc ca ca Qun tr d n cung cp mt khung qun tr qu trnh ny, cung cp mt lot cc yu t - cc khun mu v th tc qun tr d n thng qua vng i d n. Cc yu t chnh bao gm: Xc nh mc tiu r rng ca d n mt cch chnh xc, h thng. Phn chia d n thnh cc nhim v v giai on c th qun l c. Kim sot cc d n thng qua cc giai on ca d n s dng vic xc nh d n nh l mt nn tng. Nu bt cc ri ro v thit lp cc th tc c th thc hin. Cung cp cc c ch lm vic vi c vn cht lng. Xc nh vai tr cung cp cc nn tng cho nhm hot ng hiu qu. Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
KIN THC T C
Education Services
I TNG KHA HC
Nhng hc vin quan tm hc cc nguyn l c bn ca qun tr tt d n
CHNG CH KHA HC
Chng trnh ny cung cp kin thc v k nng hc vin cn thi t yu cu mn thi Qun l d n ca EC-Council 212-79. Mn thi 120 pht s c tin hnh vo ngy cui ca lp hc ti a im lp ( ng k thi qua Trung tm Prometric)
NI DUNG KHA HC
Module I: Gii thiu v Qun l d nIntroduction to Project Management Hiu c khi nim d n v cc c tnh ca d n Tm quan trng ca Qun l d n Hiu c Vng i d n Hiu c vic phn tch nhng ngi lin quan n d n Lm quen vi Khung qun l d n Xem xt cc yu t khc nhau ca Qun l d n Hc cc cch ng x trong Qun l d n v Qun l d n phn mm Hiu c cc k hoch, phng thc v phng php ca Qun l d n Hiu c khung Qun l d n v cc bc ca n Hiu c Phng thc pht trin h thng theo chc nng v cc nguyn tc ca n Hiu vic thc hin ca cc phng thc v phng php To WBS, D tnh, v Cc tiu chun kim tra v tm quan trng ca cc chun Hc v cc gi v cc cng c phn mm v vic thc nhin chng
Module II: Tng quan v Lp k hoch v nh gi d n- Overview of Project Planning and Evaluation Hc v lp k hoch d n Hc v cc bc trong la chn d n Hiu vic nh gi d n
Module V: Qun l d n thng nht- Project Integration Management V thng nht qun l d n Biu qun l d n thng nht Pht trin Chun y d n Yu cu u vo v u ra trong xy dng Chun y d n Cc cng c v cng ngh trong xy dng Chun y d n iu hnh v kim sot Chun y d n Yu cu u vo v u ra trong Chun y d n Kim sot s thay i thng nht Yu cu u vo v u ra trong kim sot s thay i thng nht Cc cng c v cng ngh trong kim sot s thay i thng nht Kt thc d n
Module III: Qun l chin lc v La chn d n- Strategic Management and Project Selection Hiu c tiu chun la chn v bn cht ca la chn d n Hiu c loi hnh s v khng s ca vic la chn d n v cc hnh thc ca n Hiu c cch lp k hoch k thut Hiu c Quy trnh Lp bng tng hp danh mc u t cc d n (PPP)
Module IV: Phng php Qun l d n- Project Management Methodology ITPro Global 2009 www.itpro.net.vn
Education Services
Module VI: Qun l phm vi d n- Project Scope Management Hiu Qun l phm vi d n v cc chu trnh qun l phm vi d n Hiu Lp k hoch phm vi d n, yu cu u vo, cc cng ngh c s dng v cc kt qu u ra. Hc inh ngha phm vi d n, cc yu cu u vo, cc cng ngh c s dng v cc sn phm u ra. Hiu vic to ra WBS, cc yu cu u vo, cc cng c v cng ngh v kt qu u ra Hiu vic kim tra phm vi d n, yu cu u vo, cc cng c v cng ngh c s dng v cc kt qu u ra. Hc vic kim sot phm vi d n, cc yu cu u vo, cc cng c, cng ngh c s dng v kt qu u ra.
Phng php qun l i vi Ti chnh d n S lin quan n vng i d n Lp k hoch cc chin lc u t Kim tra Lun chng kh thi ti chnh S dng cc cng ngh v cc n ti chnh S dng cc phng php nh gi
Module IX: Qun l chi ph d n- Cost Management Tm quan trng ca Qun l chi ph d n Quan im qun l ca Qun l chi ph Chu trnh ca Qun l chi ph Lp k hoch ti nguyn D tnh ca Chi ph d n S kt ni then cht ca chi ph d n Xy dng v phn b Ngn sch Thc hin kim sot chi ph Cc nhn t nh hng vt qu chi ph
Module X: Qun l cht lng d n- Quality Management Tm quan trng ca Qun l cht lng d n Theo di cht lng ca Nhng ngi lin quan n d n Cc khi nim c bn ca Qun l cht lng d n Cc chu trnh ca Qun l cht lng d n K hoch qun l cht lng Thit k h thng qun l cht lng Cc yu t ca h thng qun l cht lng M hnh nh gi ca m bo cht lng v Kim sot cht lng Qun l cht lng tng th (TQM)
Module VII: Qun l thi gian d n- Project Time Management Cc chu trnh Qun l thi gian d n Qun l hot ng Hot ng: Tnh ton ti nguyn Chui cc hot ng Tnh ton di cc hot ng Lp k hoch d n Kim sot k hoch Pht trin k hoch Kim sot k hoch: Tc ng ln chi ph. Tm lc
Module VIII: Phn tch ti chnh d n- Project Financial Analysis Tm quan trng ca Phn tch ti chnh d n Tm quan trng ca cc Quyt nh u t Hiu bit thit yu d n
Module XI: Qun l mua sm d n- Project Procurement Management Tng quan M t k hoch thu mua v cc yu cu cn t c Yu cu u vo v kt qu u ra ca k hoch thu mua v yu cu cn t c
Education Services
Cc cng c v cng ngh ca k hoch thu mua v cc yu cu cn t c K hoch k kt hp ng Yu cu u vo v kt qu u ra ca k hoch k kt hp ng Cc cng c v cng ngh ca k hoch k kt hp ng Yu cu phn hi ca nh cung cp Yu cu u vo v kt qu u ra ca yu cu phn hi ca nh cung cp Cc cng c v cng ngh ca Yu cu phn hi ca nh cung cp La chn nh cung cp Cc yu cu i vo v kt qu u ra ca la chn nh cung cp Cc cng c v cng ngh ca la chn nh cung cp Qun tr hp ng Yu cu u vo v kt qu u ra ca Qun tr hp ng Cc cng c v cng ngh ca Qun tr hp ng Kt thc hp ng Cc yu cu u vo v kt qu u ra ca kt thc hp ng Cc cng c v cng ngh ca kt thc hp ng Tm lc
Cc chin lc lp k hoch i ph ri ro Kim tra v kim sot ri ro Cc yu cu u vo v kt qu u ra ca kim sot v kim tra ri ro
Module XIII: Qun l ngun nhn lc d nProject Human Resources Management Qun l ngun nhn lc d n Lp k hoch ngun nhn lc d n Yu cu u vo v kt qu u ra ca lp k hoch ngun nhn lc d n Cc cng c v cng ngh ca lp k hoch ngun nhn lc d n Yu cu cc nhn vin cn thit Yu cu i d n Yu cu u vo v kt qu u ra ca yu cu i ng d n Cc cng c v cng ngh ca yu cu i ng d n Xy dng i ng d n Yu cu u vo v kt qu u ra ca xy dng i ng d n Cc cng c v cng ngh xy dng i ng d n Qun l i ng d n Yu cu u vo v kt qu u ra ca qun l i ng d n Cc cng c v cng ngh ca qun l i ng d n Chun b lp k hoch t chc Lnh o pht trin i ng d n To dng cc hot ng xy dng i ng p dng cc k nng qun l chung
Module XII: Qun l ri ro d n- Project Risk Management Qun l ri ro l g? Cc loi ri ro Lp k hoch qun l ri ro Cc cng c v Cng ngh ca Qun l ri ro Phn tch ri ro Cc nhn t ri ro nh lng v nh tnh v cac syu cu u vo v kt qu u ra Cc cng c v cng ngh ca cc nhn t ri ro Lp k hoch i ph vi ri ro Cc yu cu u vo v kt qu u ra ca i ph ri ro
Module XIV: Kim tra d n v Kt thc d nProject Audit and Closure Tm quan trng ca kim tra di n Cc yu cu ca Kim tra d n Vng i kim tra d n Cc trch nhim ca ngi kim tra d n nh gi thnh cng d n Th tc kim tra d n Cc xem xt kim tra d n
Education Services
Module XV: Qun l cc quy chun v tng lai d n- Ethics and Future of Project Management Cc quy nh chun v tng lai ca Qun l d n Cc quy chun qun l d n S cn thit ca cc quy chun Cc quy chun ca t chc Cc trch nhim ca Gim c d n Chun cc quy nh Quy chun trong khng kh lm vic Cc quan h vi nhn vin v khch hng Cc trch nhim theo hng cng ng Qun l tng lai ca d n Cc chi tit ca chu trnh ca tng lai Qun l cc xu hng mi Cng tc ca Qun l d n Cc vn pht sinh vi s thay i trong xu hng Qun l cc d n quc t Tng lai ca cc s n
Phc hi thm ha v duy tr kinh doanh lin tc (Disaster Recovery and Business Continuity)
Thi lng: 5 ngy M t kha hc
Kha hc cung cp cho hc vin nhng phng php nhn dng cc l hng, cc im yu trong h thng v a ra cc bin php thch hp phng chng nhm gim nh nhng ri ro v bo mt cho mt t chc. Kha hc cng cung cp cc k nng mng mt cch chuyn nghip, c bn v khi phc sau thm ha. Ni dung bao gm chun b k hoch khi phc sau thm ha; nh gi ri ro; pht trin cc th tc v cc chnh sch; hiu r v tr v mi quan h ca cc thnh vin trong t chc; trin khai thc hin k hoch v khi phc sau thm ha. Kha hc a ra mt cch tip cn ton din pht trin k hoch khi phc sau thm ha. Hc vin s hc cch thit lp mt h thng mng an ton bng cch thit lp nhng chnh sch v th tc cng nh lm th no c th khi phc h thng mng trong trng hp xy ra thm ha.
Hc vin
Hc vin l nhng ngi c chc nng qun tr h thng mng my tnh, qun tr my ch chuyn nghip, qun tr firewall, pht trin ng dng v cc k s bo mt.
Chng ch
Cui k hc vin s lm bi kim tra v c cp chng ch hon thnh kha hc. nhn c chng ch ca EC-Council v chuyn ngnh thm ha v phc hi (Disaster Recovery Professional) hc vin cn vt qua k thi trc tuyn t chc ti cc trung tm kho th ca EC-Council
Ni dung kha hc
Module 01: Introduction to Disaster Recovery and Business Continuity Disaster Recovery & Business Continuity: Terminologies Disaster Types Consequences of Disaster Disaster Recovery & Business Continuity Principles of Disaster Recovery and Business Continuity Disaster Recovery & Business Continuity: Issues Addressed Activities of Disaster Recovery & Business Continuity Disaster Recovery and Business Continuity Program Disaster Recovery & Business Continuity Solutions Best Practices in Disaster Recovery & Business Continuity Program International Strategy for Disaster Reduction (ISDR) International Day for Disaster Reduction
Module 02: Nature and Causes of Disasters Nature of Disasters Categorization of Disasters Natural Disasters Earthquakes Protecting Yourself During Earthquake Earthquakes: Volcanoes Protection from Volcanoes Forecasting Volcanoes Estimating Earthquakes Earthquakes: Tsunami Protecting Yourself During Tsunami Landslides Effects of Landslides Protecting Yourself from Landslides Hurricanes Safety Measures During Hurricanes Predicting Hurricanes Floods Effect of floods Prevention Measures Wildfires Safety Measures Drought Consequences of Drought Measures to Overcome Drought Effects Man-Made Disasters Accidents Power Outage Telecommunication Outage Categorization of Human Intentional Disasters Arson Civil Disorder Terrorism War Chemical Biological Radiological Nuclear (CBRN)
Mitigation Preparedness Response Recovery Effect of Disaster on Business Organizations Emergency Management for Business Organizations FEMA- Federal Emergency Management Agency FEMA as an Organization Activities of FEMA
Module 04: Laws and Acts Applicable Acts in DR Laws and Acts in United States of America Industries: Sarbanes-Oxley Act Foreign Corrupt Practices Act (FCPA) Healthcare: HIPAA Regulations Financial Institutions: Gramm-Leach-Bliley Act Flood Disaster Protection Act of 1973 Robert T. Stafford Disaster Relief and Emergency Assistance Act CAN-SPAM Act of 2003 Federal Financial Institutions Examinations Council (FFIEC) Personal Information Protection and Electronic Documents Act (PIPEDA) Laws and Acts of Europe Data Protection Act 1998 Transmission of Personal Data: Directive 2002/58/EC Personal Data: Directive 95/46/EC Insurance: Financial Groups Directive (FGD) The Foundation of Personal Data Security Law: OECD Principles Dutch Personal Data Protection Act Austrian Federal Act concerning the Protection of Personal Data German Federal Data Protection Act Laws and Acts in Australia Health Records and Information Privacy Act (HRIP)
Module 03: Emergency Management Emergency Emergency Management Need for Emergency Management Emergency Management Phases
Module 05: Business Continuity Management Business Continuity Management Business Continuity Planning Objectives of Business Continuity Planning Essential Resources in Business Continuity Planning Business Continuity Management Planning Steps ISO (International Organization for Standardization) Overview of BS 7799 / ISO 17799 ISO/IEC 17799:2005 ISO/IEC 17799:2005: Business Continuity Management Risk Analysis Risk Assessment Basic Elements of Risk Assessment Business Impact Analysis (BIA) Components of Business Impact Analysis Threat Analysis Risk Analysis and Business Impact Analysis Crisis Management Steps in Crisis Management Crisis Management Phases Compliance Preparedness Training and Resource Development Contingency Planning Points to remember in BCM Plan Testing Birmingham City Councils BCM Assessment Template Greenwich Council Emergency and BCM Plan
Module 06: Disaster Recovery Planning Process Disaster Recovery Planning Process Management Support Organizing DR Team Components of Disaster Recovery Team Disaster Recovery Planning Team Building a Planning Team Establishing Team at the Departmental Level
Risk Assessment Risk Assessment Conduct Business Impact Analysis Critical Business Activities Analysis Sheet Example: Analysis Sheet for IT System Roles and Responsibilities Individual: Leader Individual: Disaster Recovery Coordinator Individual: IT Administrator Individual: Network Manager Individual: Disaster Recovery Manager Individual: DR Team Member Team: Administration Team Team: Technical Team Team: Damage Evaluation and Salvage Team Team: Physical Security Team Team: Communications Team Responsibilities Common to all Disaster Recovery Teams Developing Charts of Responsibilities Facility Disaster Recovery Chart of Responsibilities Department Disaster Recovery Chart of Responsibilities Business Process Disaster Recovery Chart of Responsibilities Developing Policies and Procedures Assumptions for DR Planning Need for Disaster Recovery Planning Disaster Recovery Plan Development Disaster Recovery & Management: Budgeting Centralized Office of DR Planning: Budget Safety and Health Procedures Procedures for Internal and External Communications Procedures for Containment and Property Protection Procedures for Recovering and Resuming Operations Assessing Insurance Requirements & Coverage Needs
Need for Insurance Evaluating Insurance Policies Testing and Training DRP Testing and Rehearsal Process DRP Testing: Advantages DRP Testing: Methods DRP Testing Steps DRP Testing Flow Chart Training DR Teams Commence Training Program for Disaster Recovery Training for Executives Training for Middle Managers Training for Supervisors Training for Disaster Response Teams Training for Employees Documentation of DR Procedures Need for Documentation of Plans Important Documentations in Disaster Recovery Process Writing Disaster Recovery Plan Best Practices for Documentation Managing Records DRP Maintenance Monitoring Process Monitoring Procedures Evaluate Latest Technologies Conducting Regular Reviews Conducting Training Programs for Updated Plan DRP Implementation DR Plan Implementation Internal and External Awareness Campaigns
Project Risk Management IT Security Risk Management Risk Management Standards Financial Risk Management Basel II and Risk Management Pillar I: Minimum Capital Requirement Pillar II: Supervisory Review Process Pillar III: Market Discipline Quantitative Risk Management Best Practices in Risk Management
Module 08: Facility Protection Facility Protection Water Supply Protecting Water Supply Fire Types of Fire Extinguishers APW Extinguishers Dry Chemical Extinguisher Carbon Dioxide Extinguishers Points to Remember Using a Fire Extinguisher Fire Suppression for Companies Fire exits Power Supply Common Power Supply Problems Ensuring Steady Power Supply Ventilation Kinds of Ventilation Measures for Proper Ventilation Air Conditioners Measures for Proper Working of Air Conditioners Building and Premises Checklist for Securing Facility
Module 07: Risk Management What is Risk Introduction to Risk Management Functions of Risk Management Analytic Process of Risk Management Risk Analysis Risk Reduction Analysis Management Decision Risk Reduction Planning Reviews and Audit
Module 09: Data Recovery Types of Data Recovery Logical Data Recovery Physical Data Recovery Disk-to-Disk-to Disaster Recovery (3DR) Concept Steps in Data Recovery Recovery Management Recovery Management Evaluation Metrics
Recovery Time Objective (RTO) Role of RTO in Disaster recovery Recovery Point Objective (RPO) Network Recovery Objective (NRO) Recovery Management Model Layers Data Protection Continuum Dos and Don'ts Lumigent's Log Explorer Best Practices in Data Recovery
Module 10: System Recovery System Restore in Windows XP Linux System Recovery Linux System Crash Recovery Crash Recovery Kit for Linux Mac System Recovery Restoring Windows Server 2003 Recovering from Boot problems in Windows Server 2003 Step 1: Start computer by using Last Known Good Configuration Step 2: Starting computer in Safe Mode Step 3: Use Event Viewer to Identify the Cause of the Startup Problem Step 4: Use System Information to Identify the Cause of the Startup Problem Step 5: The Safe Mode Boot Log File Step 6: Use Device Manager to Identify the Cause of the Startup Problem Step 7: Use System Configuration Utility Microsoft Windows Recovery Console Automated System Recovery Windows 2000 Backup and Restore Utility Methods for Restoring Replicated Data Restoring Server Services Active Directory Recovery: Non-Authoritative Restore Active Directory Recovery: Authoritative Restore Verifying Active Directory Restoration: Advanced Verification Verifying Active Directory Restoration: Basic Verification
Active Directory Recovery on a Computer with a Different Hardware Configuration Sysvol Recovery: Primary Restore Sysvol Recovery: Non-authoritative Restore Sysvol Recovery: Authoritative Restore Recovery of Global Catalog Server Recovery of an Operations Master Domain Controller Recovery: With a Working Domain Controller Domain Controller Recovery: Without a Working Domain Controller Database Integrity Testing Rights Management Services Restoration Rights Management Services Database Restoration Tools for Active Directory Disaster Recovery: Recovery Manager Restoring IIS Configurations: iisback.vbs Restoring Microsoft IIS Metabase Backup WANSync IIS WANSync IIS: Working Restoring Exchange Server 2003 Data Recovery Scenarios Exchange Data Recovery Preparation Single Mailbox Recovery Single Item Recovery using Deleted Items Retention Single Item Recovery using Third-party Brick Backup Programs Full-Server Recovery: Preparation Full-Server Recovery: Option 1 Full-Server Recovery: Option 2 Full-Server Recovery: Option 3 Full-Server Recovery: Option 4 Exchange Server Backup/Recovery Solution: SonaSafe Recovering Blackberry Enterprise Server IBM WebSphere Application Server Recovery Recovering Coldfusion Application Server: CFMAIL Bug Recovering Coldfusion Application Server: Variable Deadlocks
Recovering Coldfusion Application Server: ODBC Errors Recovering Coldfusion Application Server:500 IIS Internal Server Error Recovering Coldfusion Application Server: System Registry Access Problem Recovering from Domino Server Crashes Tool: SteelEye LifeKeeper Restoring MySQL Server Restoring MS SQL Server: Option 1 Restoring MS SQL Server: Option 2 Restoring MS SQL Server: Option 3 Restoring MS SQL Server: Option 4 Restoring MS SQL Server: Option 5 Restoring MS SQL Server: Option 6 Restoring MS SQL Server: Option 7 Restoring MS SQL Server: Option 8 Restoring My SQL Server Recovering Cisco IOS
ABC Backup Software Genie Backup Manager NTI BackupNow High Availability Disaster Recovery (HADR) Best Practices in Backup & Recovery
Module 12: Centralized and Decentralized System Recovery Distributed Computing Objectives of Distributed Computing Architecture for Distributed Computing Working of Distributed Computing Centralized Backup Centralized Backup Using SAN or NAS Server Data Consolidation Cross-Platform Data Consolidation Mainframe as Centralized Storage Source Tiers of Disaster Recovery GDPS/PPRC GDPS/PPRC Configuration GDPS/PPRC Single-site Workload Configuration GDPS/PPRC Multi-site Workload Configuration Best Practices in Centralized and Decentralized System Recovery
Module 11: Backup and Recovery Backup Need for Backup Types of Backup: Full Backup Incremental Backup Differential Backup Hot Backup Hot Backup Sample Code Cold Backup Cold Backup Sample Code Backup Sites Hot Site/ Cold Site Redundant Array of Inexpensive Disks (RAID) RAID: Some Important Levels Wide Area File Services (WAFS) Backup for UNIX Bare Metal Recovery for LINUX Bucky Backup for Mac OS X System Backup Administrator NanoCopy Technology Backup4all Backup4all Features
Module 13: Windows Data Recovery Tools Digital Photo Recovery Active@ UNERASER Test Disk PhotoRec BadCopy Pro Directory Snoop Data Advisor Fast File Undelete File Scavenger GetDataBack Kernel Recovery for FAT+NTFS R-Mail R-Studio Recover4all Recover It All Recover My Files Data Recovery
Quick Recovery for Windows Restorer2000 File Recovery EasyRecovery DataRecovery EasyRecovery Professional RecoverSoft Media Tools Professional RecoverSoft Data Rescue PC ADRC Data Recovery Software Tool SalvageRecovery for Windows Disk Doctors Email Recovery Winternals Recovery Manager
Module 14: Linux, Mac and Novell Netware Data Recovery Tools Kernel Recovery for Linux Kernel Recovery for ReiserFS Kernel Recovery for JFS Kernel Recovery for Macintosh Kernel Recovery for Novell-Netware Stellar Phoenix Linux R-Linux Quick Recovery for Linux Quick Recovery for Macintosh SalvageRecovery for Linux SalvageRecovery for Mac SalvageRecovery for Netware Disk Doctors Linux Data Recovery Software DiskInternals Linux Reader
Risk Analysis and Incident Response Incident Response Methodology Preparation Identification Containment Eradication Recovery Follow up CERT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) General Categories of CSIRTs Members of CSIRT Team Building an Effective CSIRT FIRST (Forum of Incident Response and Security Teams) Request Tracker for Incident Response Helix Incident Response & Computer Forensics Live CD Incident Response Tools Present in Helix CD THE FARMER'S BOOT CD Resources
Module 16: Role of Public Services in Disaster Public Services State and Local Governments Public Utilities and Departments Hospitals Blood Banks Medical Laboratories Food Banks Fire Fighting Service Waste/ Debris Management Police Armed Forces Public Transportation Water Supply System Electricity Department Information & Public Relations Department IT Service Providers
Module 15: Incident Response Incident Category of Incidents Low Level Mid Level High Level How to Identify an Incident? How to Prevent an Incident? Relationship between Incident Response, Incident Handling, and Incident Management Incident Management Plan Incident Handling Information Security Life Cycle Incident Response Incident Response Policy Risk Analysis
Organizations Providing Services during Disasters Relief Organizations International Committee of the Red Cross (ICRC) International Federation of Red Cross and Red Crescent Societies (IFRC) United Nations Children's Fund (UNICEF) National Emergency Response Team (NERT) CARE Ananda Marga Universal Relief Team (AMURT) Action Against Hunger (AAH) Emergency Nutrition Network (ENN) Doctors Without Borders Hunger Plus, Inc. InterAction International Rescue Committee (IRC) Mennonite Central Committee (MCC) Mercy Corps (MC) Refugees International Relief International Save the Children Project HOPE
E-Mail Continuity DELL Oracle Data Guard Utility RMAN Utility for Database Backup NAS (Network Attached Storage) Sun Microsystems Integrated Solutions of Sun and Vignette Sun Cluster Geographic Edition Infosys Business Continuity Planning Solution Infosys BCP solution Sybase Business Continuity Planning Solution Sybase Model HP Business Continuity and Availability solutions HP 3-tiered Service Levels Balance Investment with Risk PricewaterhouseCoopers Fast Track BCP AT&T's Business Continuity and Disaster Recovery
Module 19: Case Studies Business Continuity for Critical Applications Jones Walker: Weathering the Storm Lets be prepared: An educational project about disasters in Cuba From rehabilitation to safety: Gujarat school safety initiative, India Disaster-resistant schools: A tool for universal primary education Disaster Recovery Situation Assessment Disaster Recovery Planning Business Continuity Planning and Business Impact Analysis Local risk management in earthquake zones of Kazakhstan Disaster Recovery Case Study: Max Re Disaster Recovery Case Study: GSD&M Storage Assessment Services Backup and Recovery Plan and Design Storage Infrastructure Design and Implementation
Module 18: Organizations Providing Disaster Recovery Solutions Organizations Providing Disaster Recovery Solutions Symantec System Sizing System Sizing: Practices Disk-based Backup Manual System Recovery Disadvantages Automated System Recovery IBM Human Capital Resilience Human Capital Risks in Crisis Situations Business Resilience Elements of Business Resilience Framework for Business Resilience Causes of E-Mail Outages
Continuous Data Protection and Disaster Recovery Disaster Recovery Testing Disaster Recovery Strategy Assessment and Validation Case Study: Improving Disaster Recovery Without Breaking the Bank
Hc vin
Hc vin l cc k s tin hc chuyn nghip, nhng ngi c trch nhim thit k, xy dng cc h thng mng VoIP
Chng ch
Cui k hc vin s lm bi kim tra v c cp chng ch hon thnh kha hc. nhn c chng ch ca EC-Council v VoIP chuyn nghip hc vin cn vt qua k thi trc tuyn t chc ti cc trung tm kho th ca EC-Council
Ni dung kha hc
Module 01: Introduction to VoIP What is VoIP? Why use IP for Voice? VoIP-Convergence of Technologies Basic VoIP Architecture Need of a Layered Architecture VoIP Layers TCP/IP Overview o Functions of TCP/IP Layers Basic VoIP Features Benefits of VoIP Building The ROI Model Disadvantages of VoIP Future of VoIP Growth in VoIP Subscribers
Module 02: Analog to Digital Conversions Source: o o o A to D Conversion Types of ADC's Sigma Delta ADC
VoIP Layers Vs. TCP/IP Layers Public Switched Telephone Networking(PSTN) Circuit Switching Vs. Packet Switching
o o o o o o o o
Successive Approximation ADC Pipelined ADC Flash ADC Comparison of ADC's Working of ADC's Voice Compression Encryption Headers
Call Control Signaling Signaling System 7 (SS7) o o o Signaling Points Signaling Links SS7 Protocol Stack
Module 04: VoIP Devices and Cisco Components Basic VoIP Equipments VoIP Network Components o o o o o o o o o o o o o o Loop-Start o Ground-Start o Dial-Pulse Signaling o Dual Tone Multi-Frequency Signaling o Analog Systems Analog Network Components Cabling Basic Telephone System Operation Plain Old Telephone Service (POTS) Direct Inward Dialing (DID) Digital Subscriber Line (DSL) Digital Loop Carrier (DLC) Passive Optical Network (PON) Dial Plans Four-Wire Circuit Time Division Multiplexing (TDM) Analog Telephone Adaptor (ATA) Media Gateway Features of Media Gateway Media Gateway Controller Signaling Gateway Call Manager VoIP Switches IP Phones Private Branch eXchange (PBX) PSTN Gateway Session Controller Modems VoIP Router Cisco's VoIP Components
Module 03: Traditional Voice Telephony Principles Analog Signaling Types of Analog Signaling o Earth & Magnet (E&M) Signaling
Types of VoIP Ports Foreign Exchange Station (FXS) Foreign (FXO) Earth & Magnet (E&M) Exchange Office
Interface o VNM/VIC
o o o o
Configuring POTS Dial Peers Configuring Dial-Peer For VoIP Configuring Dial-Peer For VoFR Configuring Dial-Peer For VoATM
Disconnect Voice Class o o o Configuring ISDN BRI Voice Ports Configuring ISDN PRI Voice Ports Configuring ISDN PRI Voice Ports with Q.931 o o Configuring QSIG Configuring T-CCS
Module 05: Configuring VoIP Prerequisites for VoIP Configuration Voice Port Cabling and Configuration o o o Port Numbering: 1700 Series Port Numbering: Cisco 1760 Port Numbering: 2600 and 3600 Series o o o o Port Numbering: MC3810 Series Port Numbering: 7200 Series Port Numbering: AS5300 Series Port Numbering: AS5x00 Series
Configuring H.323 Gateways Configuring H.323 Gatekeepers o o o o o o o H.323 ID Addresses Zone Prefixes Gatekeeper Zone Prefix Technology Prefixes IP Precedence RTP Priority Traffic Shaping
Configuring Voice Ports Configuring FXO or FXS Voice Ports Configuring E&M Ports Configuring to adjust Parameters of E&M Ports Configuring DID Ports Connection Command Configuring Delay o o o Fine-Tuning FXS/FXO Ports Fine-Tuning E&M Ports Fine-Tuning DID Ports
Configuring cRTP o o Enable cRTP on a Serial Interface Enable cRTP with Frame Relay Encapsulation o Change the Number Of Header Compression Connections o o Displaying Statistics Configuring Custom Queuing
Enabling Custom Queuing Applying Configuration to an Interface Enabling Priority Queuing: Priority-List Command Enabling Priority Queuing: Set Up Configuration Configuring Limits Applying Priority List to an Interface the Queue
o o
Call Admission Control (CAC) o o Verifying Call Admission Control Configuring Priority Queuing with WFQ o Verifying Priority Queuing with WFQ
Enabling Weighted Fair queuing o Verifying Weighted Fair Queuing: Show Interface Command o Verifying Weighted Fair Queuing: Show Queuing Command
Interleaving Configuring a Single-Router VoIP Network o o o Reviewing the Design Configuring the Router: Step by Step Testing and Verification
Configuring Class-Based Weighted Fair Queuing (CBWFQ) o o o o Defining Class Maps Creating Policies Attaching Policies to Interfaces Verifying CBWFQ: Show-Policy-Map Command o Verifying CBWFQ: Show-Policy-Map Interface Command o o o Configuring Packet Classification IP Precedence Verifying IP Precedence
Module 06: Implementation and Applications of VoIP VoIP Implementation Types o o Phone to Phone Connection Analog Telephone Adaptor (ATA) Setup o Phone to Phone Connection Using Gateway o Phone to Phone Connection Using Router o Computer to Computer Connection
IP-Enabled PBX (Private Branch Exchange) Method IP Centric LAN Method Satellite VoIP Software Support for VoIP Applications of VoIP o o o o o What is Skype? System Requirements Getting Started with Skype Skype is Safe Features of Skype
Module 08: H.323 Standards VoIP Standards What is the need for VoIP Protocols? Introduction to H.323 o o o o o o o o H.225 o o o o H.225/Q.931 Call Signaling Q.931 Call Signaling Messages H.225/Q.931 Signaling H.225 Registration, Admission, Network Components of H.323 Components of H.323 H.323 Protocols Suite H.323 Protocol Stack Control and Signaling in H.323 H.323 Advantages Network Address Translation (NAT) o H.323 and NAT
Skype for Windows Skype for Mac OSX Skype for LINUX Skype for Business Skype Web Toolbar Skype Email Toolbar Skype Office Toolbar Skype for Mobile
Module 07: Quality of Service (QoS) of VoIP Introduction to QoS Quality of Experience (QoE) Vs. QoS QoE for VoIP Why is QoS needed in IP Transmission? Why is QoS needed for VoIP Networks? Factors Affecting Quality of Voice in VoIP QoS Monitoring o o Passive Monitoring Active Monitoring
Status (RAS) o o o o o H.225/Q.931 RAS Key RAS Messages H.225 Protocol Structure H.225 Security Considerations H.235: Security and Encryption for H.323 o o o H.245 Call Control Messages H.245 Call Control H.245 Security Mechanism
Multiprotocol Label Switching (MPLS) Integrated Services (IntServ) Differentiated Services (DiffServ)
H.261 (Video Stream for Transport Using the Real-Time Transport) H.263 (Bitstream in the Real-Time Transport Protocol)
DVB (Digital Video Broadcasting) H.450.1 H.450.2 H.450.3 H.450.4 H.450.5 H.450.6 H.450.7 H.450.8 T.38 T.120 T.121 T.122 T.124 T.125 T.126 T.127
Real-Time Transport Protocol (RTP) Real-Time Transport Control Protocol (RTCP) Real-Time Transport Streaming Protocol (RTSP) Simple Gateway Control Protocol (SGCP) Session Announcement Protocol (SAP) Skinny Client Control Protocol (SCCP) Security Implications for Skinny Dynamic Host Configuration Protocol (DHCP) Trivial File Transfer Protocol (TFTP) Hyper Text Transfer Protocol (HTTP) Skype Protocol Inter-Asterisk Exchange (IAX) Simple Network Management Protocol (SNMP)
Module 09: SIP and Supporting Protocols Session Initiation Protocol (SIP) o o o o o o o o o o o o o Components of SIP SIP Messages Headers for SIP Entities SIP Functions SIP: Supported Protocols Understanding SIP's Architecture Registering with a SIP Registrar Requests through Proxy Servers Requests through Redirect Servers Peer to Peer Architecture Instant Messaging and SIMPLE SIP security H.323 Vs. SIP
Module 10: Megaco Protocol Media Gateway Control Protocol (MGCP) History of Megaco (H.248) Media Gateway Reference Architecture MGCP Connections Per-Call Requirements Megaco Vs. MGCP Megaco Protocol Design Megaco Commands Megaco Messaging Sequence Megaco Packages Megaco IP Phone Media Gateway Role of Call Processing Language Call Processing Language Characteristics Protocol Security
Module 11: Resource Reservation Protocol Resource Reservation Protocol (RSVP) RSVP Setup RSVP Message Structure RSVP Message RSVP Message Types RSVP Object Fields RSVP Object Classes RSVP Operation RSVP Data Payload RSVP Quality of Service
RSVP Session Start-up RSVP Reservation Style RSVP Tunneling RSVP Traffic Control Module Security Implications
o o o
Module 12: Wireless VoIP Voice Over WLAN (VoWLAN) o o o VoWLAN Call Routing Characteristics of VoWLAN Limitations of VoWLAN
Solutions to VoIPSec Issues o o o o o IETF Encryption Solutions for VoIP Suites from the IETF S/MIME: Message Authentication Transport Layer Security (TLS) TLS: Key Exchange and Signaling Packet Security o Secure Real-Time Transport
Wireless VoIP o o o o Wireless VoIP Deployment Advantages of Wireless VoIP Limitations of Wireless VoIP Standards and Protocols
Unlicensed Mobile Access (UMA) Wireless VoIP Gateway: AH1038 Wireless VoIP Gateway: D-Link DVGG1402S Wireless VoIP Gateway: Motorola HH1620 DSL Wireless IP Phone Wireless VoIP Phone: EZLoop Wireless VoIP Phone: P-2000W_V2 Wireless VoIP Phone: Shenzhen WP10W-S Challenges to Build Successful Wireless VoIP Product Attacks on Wireless VoIP
Module 14: Troubleshooting VoIP Network Issues of Network Slow Down Troubleshooting Packet Loss Troubleshooting Jitter Troubleshooting Packetization Delay Troubleshooting Bandwidth Problems Troubleshooting Echo Troubleshooting Voice Quality on Voice Ports Troubleshooting Two-stage Dialing Failures Troubleshooting Socket Failures Troubleshooting Speech Recognition Troubleshooting Cabling Troubleshooting Private Branch Exchange (PBX) Problems Troubleshooting Central Office (CO) Problems Troubleshooting Trunk Signaling Troubleshooting Gateways and Gatekeepers Troubleshooting Dial Peers Troubleshooting Serial Interfaces Troubleshooting Frame Relay
Module 13: Encryption Techniques for VoIP Encryption o o o o o Why VoIP needs Encryption? VoIP Encryption How to Encrypt VoIP? Pros & Cons of VoIP Encryption Voice and Data Encryption Device (V/DED) ITPro Global 2009 www.itpro.net.vn
Troubleshooting FXS and FXO Voice Ports Troubleshooting E&M Voice Ports Troubleshooting Dial Plans Basic VoIP Issues and Solutions Troubleshooting RSVP Troubleshooting MGCP Troubleshooting RTP Troubleshooting RTSP
o o o o o o o o
Module 15: VoIP Testing and Tools Test Strategy VoIP Network Component Testing o o o o o o Gateway Testing Gatekeeper Testing IVR Testing Billing and Prepaid Testing NMS Testing VoIP Test Suite
VoIP Packet Creation and Flooding Tools o o o o o o o Sipsak SIPp SIPNess Messenger SIP Bomber Spitter Sip Send Fun Scapy
MediaPro: VoIP and Video Analyzer 323Sim: H.323 Simulator Vulnerability Assessment Penetration and Vulnerability Testing VoIP Security Tools VoIP Sniffing Tools o o o o o o o o o Auth Tool VoIPong Vomit PSIPDump Netdude Oreka
VoIP Fuzzing Tools o o o o o Ohrwurm Fuzzy Packet SIP Forum Test Framework (SFTF) Asteroid SIP-Proxy
VoIP Signaling Manipulation Tools o o RTP Tools Tcpdump Windump Ethereal (Wireshark) Softperfect Network Sniffer Http Sniffer
o o o o
Ether Detect Packet Sniffer Iris Network Traffic Analyzer SmartSniff NetResident Tool
VoIP Troubleshooting Tools o o o o o o o o P.862 P.563 RTCP-RFC3550 RTCP XR-RFC3611 Packet Statistics Test Tools Traceroute VQmon
Why VoIP Security? Constituents of VoIP Security VoIP Myths and Realities Securing VoIP with DoS Attacks Securing against Replay Attack Securing ARP Caches against ARP Manipulation Securing H.235 Protocol Transport Layer Security (TLS) Skype Protocol Security IAX Protocol Security Security Implications for TFTP Security Implications for HTTP Security Implications for DHCP Security Policies and Processes Physical Security o Human Recommendations o Environmental Recommendations Safeguard Safeguard
Module 16: Threats to VoIP Communication Network VoIP is Prone to Numerous Threats VoIP Vulnerabilities o o o o o o o Denial of Service (DOS) DoS Attack Scenarios Eavesdropping Packet Spoofing and Masquerading Replay Attack Call Redirection and Hijacking ARP Spoofing ARP Spoofing Attack
Network Intrusion Detection Systems Host-Based Intrusion Detection Systems Guidelines for Securing VoIP Network Best-Practice Approaches for Minimizing common VoIP Network Risks
Module 18: Logical Segregation of Network Traffic Logical Separation of Data Converged Network Virtual LANs (VLANs) o o VLAN Security VLANs and Softphones
QoS and Traffic Shaping NAT and IP Addressing o o o How does NAT Work? NAT: Modes of Operation NAT and Encryption
Encapsulation Security Payload (ESP) o ESP Header: Transport Mode and Tunnel Mode
Sarbanes-Oxley Act (SOX) Management Assessment of Internal Controls SOX Compliance and
Firewalls o o o o Deep packet Inspection (DPI) Shallow packet Inspection Stateful Inspection Medium-Depth Packet Inspection o
Enforcement Gramm-Leach-Bliley Act (GLBA) Privacy Rule -Protection of Nonpublic Information Risk Management Personal
VoIP-Aware Firewalls Issues o o o o H.323 Firewalls Issues SIP Firewalls Issues Bypassing Firewalls and NAT Methods for Enabling SIP o Health
Guidelines for VoIP Systems Development Implementation Information Security Insurance Portability and and of
Module 19: Hardware and Software VoIP Vendors Alcatel Global Crossing Avaya Whaleback Nortel Norstar VoIP Gateway Polycom Packet8 Vonexus Infotel Net 4 India Dialexia NGT Qwest Pingtel Cisco 3Com Vocalocity Motorola Nokia
Accountability Act (HIPAA) Security Standards for the Protection of PHI Safeguards Standard for the Protection of PHI Types of Safeguards Administrative safeguards Physical safeguards Technical safeguards o Communication Assistance for Law Enforcement ACT (CALEA) Assistance Requirements Cooperation of Equipment Manufacturers and Providers Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn Capability
of
Telecommunications
o o o o
Host/Device Discovery ICMP Ping Sweeps ARP Pings TCP Ping Scans SNMP Sweeps Port Scanning and Service Discovery TCP SYN Scan UDP Scan Host/Device Identification
What is Enumeration? o o o Steps to Perform Enumeration Banner Grabbing with Netcat SIP User/Extension Enumeration REGISTER Enumeration INVITE Enumeration OPTIONS Enumeration Username Username Username
Module 21: VoIP Hacking Types of VoIP Hacking Stages of VoIP Hacking: o o o Foot printing Scanning Enumeration
Automated
OPTIONS
Corporate Locations o o o o o o o Help Desk Job Listings Phone Numbers and Extensions VoIP Vendors Resumes WHOIS and DNS Analysis Steps to Perform Footprinting o o o
Scanning with sipsak Automated INVITE Scanning and with REGISTER, OPTIONS SIPSCAN
Scanning Using SIPSCAN against SIP Phones Enumerating TFTP Servers SNMP Enumeration Enumerating VxWorks VoIP Devices
Steps to Exploit the Network o o o o DoS & DDoS Attacks Flooding Attacks DNS Cache Poisoning Sniffing Transfers o Performing Number Harvesting and Call Pattern Tracking o o Call Eavesdropping Interception through VoIP Signaling Manipulation o o Man-In-The-Middle (MITM) Attack Application-Level Techniques How to Insert Rogue Interception TFTP Configuration File o
Registration
Addition
with
Covering Tracks
Application? SIP Rogue Application Listening to/Recording Calls Replacing/Mixing Audio Dropping Calls with a Rogue SIP Proxy Randomly Redirect Calls
with a Rogue SIP Proxy Additional Attacks with a Rogue SIP Proxy o What is Fuzzing? Why Fuzzing? Commercial VoIP Fuzzing tools o Signaling and Media Manipulation
Chng ch
Hc vin s lm bi kim tra vo ngy cui ca kha hc v nhn chng ch hon thnh kha hc ca EC-council. t c chng ch CEP quc t, hc vin cn phi vt qua k thi trc tuyn ng k ti cc trung tm kho th Prometric.
Ni dung kha hc
The evolution of software systems for planning and control in manufacturing companies Material Requirements Planning Manufacturing Resource Planning Enterprise Resource Planning (ERP) systems Basic methods and common features of ERP systems The market for ERP systems Selected functions of the SAP R/3 system Supply Chain Management (SCM) systems Basic methods and common features of SCM systems The market for SCM systems Selected procedures of the mySAP SCM system APO Customer Relationship Management (CRM) systems Basic methods and common features of CRM systems The market for CRM systems Selected functions of the mySAP CRM system Information Warehouses Architectures, interfaces, and integration issues Present state of ERP, SCM, and CRM applications and possible developments in the near future Case studies
Chng ch
Hc vin s c lm bi kim tra chng ch mn Linux Security vo ngy cui ca kha hc v nhn c chng ch hon thnh kha hc ca EC-Council. t c chng ch Linux Security 212-77 quc t, hc vin cn phi vt qua k thi trc tuyn ng k ti cc trung tm kho th Prometric.
Ni dung kha hc
Module 1: Linux Networking Fundamentals Explain the purposes and development of computer networking Identify common types of networking hardware Describe how networking software operates Understand when popular networking protocols are used Define network routing and describe the purpose of popular routing protocols Module 2: Configuring Basic Linux Networking Describe how networking devices differ from other Linux devices Configure Linux networking using scripts and text-mode utilities Configure Linux networking using popular graphical utilities Effectively use networking utilities to test a network and troubleshoot networking problems
Module 3: Configuring Client Services Configure DNS name solution Configure dial-up network access using PPP Understand client services such as DHCP and LDAP Use remote graphical applications and remote dial-up authentication Use common clients tools such as Linux Web browsers and email clients
Understand how to assess risk and create a security policy Describe the function of top securityawareness organizations Outline the role of the government in security and privacy Locate Linux products designed especially for security-conscious environments
Module 8: Making Data Secure Explain commonly used cryptographic systems Understand digital certificates and certificate authorities Use the PGP and CPG data-encryption utilities Describe different ways in which cryptography is applied to make computer systems more secure.
Module 4: Using Simple Network Services Module 5: Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file sharing between Linux and UNIX systems Understand NetWare NCP based file sharing Use SMB to share files and printers with Windows based Pcs Configure Superservers to handle multiple network services Set up administrative services like logging and printing Use simple network information services like finger and talk Understand basic mailing list and news server configurations
Module 9: User Security Follow good password security practices Understand Linux Pluggable Authentication Modules (PAM) Use Common utilities to promote user security Set up user access to system administration tasks with sudo
Module 10: File Security Correctly set up special Linux file permissions Monitor log files to check for suspicious system activity Automate checks for file integrity and unauthorized modifications
Module 6: Configuring Major Network Services Expand the routing capabilities of your Linux server Set up your own DNS name server Configure a basic email server Understand how Linux can excel as a Web server
Module 11: Linux Networking Fundamentals Summarize the types of network security breaches that crackers attempt Describe how to use special routing techniques to protect local network traffic Configure a basic Linux firewall
Module 7: Security, Ethics and Privacy List security risks typical in modern networked computer systems
Use networking utilities and techniques that protect network traffic through encryption
Module 12: Network Intrusion Detection Use network scanning and packet-sniffing utilities Understand basic intrusion detection systems Perform automated security audits of your Linux system
Qun tr d n an ninh cng ngh thng tin Project Management in IT Security (PMITS)
Thi lng: 2 ngy Gii thiu
D n an ninh cng ngh thng tin l mt d n c tnh c th ca d n thng mi in t. Ni dung chng trnh ch ra cho chng ta bit lm th no qun l cc d n an ninh cng ngh thng tin. Mc ch l nng cao mc thnh cng cho cc t chc cng nh cc nh qun l CNTT trong cc d n CNTT. N nh l khun kh hot ng cho nhng ngi mun thit k d n an ninh CNTT ring. Kha hc gip cho hc vin cng c thm cc k nng v cng ngh thng tin k nng qun l d n v cung cp l trnh cho vic thc hin an ninh thng tin trong cc t chc ca h. Kha hc qun tr d n an ninh cng ngh thng tin (PMITS) cn c mt mi lin quan l gip cho hc vin tip tc c c chng ch thng mi in t chuyn nghip ca hng EC-Council, chng ch ny cng b xung kin thc cho hc vin trong lnh vc kinh doanh. Kha hc PMITS chun ha cc kin thc c bn cho cc nh kinh doanh chuyn nghip bng cch kt hp cc bi thc hnh tt nht c xy dng bi cc chuyn gia giu kinh nghim trong lnh vc chuyn mn. Mc tiu ca EC-Council PMITS l nng cao gi tr cho cc chuyn gia giu kinh nghim v lnh vc an ninh thng tin bng cch gip h phn tch cc kt qu ca d n. Kha hc cng cung cp thng tin ngn gn v ni dung ca cc k hoch an ninh cng ngh thng tin v nhng tiu chun php l lin quan ti s hp tc an ninh cng ngh thng tin.
M t kha hc
Bc u tin trong vic pht trin d n an ninh cng ngh thng tin l xc nh nhng vn . Chng ta c th d dng a ra vn l Mng ca chng ta khng an ton hoc l c nhng ti sn trong t chc cn phi c bo v trnh nhng cuc tn cng c ch v khng c ch . Nhng li tuyn b trn l ng trn cp v m, iu c ngha rng nhng li tuyn b chung ny c p dng cho hu ht cc t chc (v mng my tnh) trn ton th gii. Tuy nhin tnh hnh mi t chc l khc bit v mi mt t chc li c nhng im ring bit v l hng bo mt m cn phi xem xt. p dng chung mt cch gii quyt cho mi vn v an ninh mng l khng ph hp. gii qut vn an ninh cng ngh thng tin mt cch hiu qu cn xy dng k hoch an ninh thng tin tng th trong cp tng lnh vc c th cn m bo an ninh thng tin (v d c s h tng, mng khng dy ). Chng ta c th chia nh k hoch an ninh thng tin thnh cc phn on nh hn v tp trung vo tng phn on. Nh vy cho php qun l tng kha cnh ca cng vic m bo an ninh thng tin mt cch tt nht. Mt thch thc thng gp l rt nhiu lnh vc chng cho nhau (v d truy cp vt l di hot ng bo mt, c s h tng bo mt, hoc bo mt chung ). To ra mt k hoach bo mt cng ngh thng tin tng th v cc k hoch cho tng c nhn s mang n cho ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn
chng ta c hi c cch nhn tng quan nht v k hoch bo mt cng ngh thng tin ca mnh v m bo rng tt c cc yu t an ninh quan trng c lu . Chng trnh Qun tr d n an ninh cng ngh thng tin ca hng EC-Council c b tr hc trn lp vi tnh tng tc cao trong 2 ngy cho cc chuyn gia an ninh cng ngh thng tin. Ni dung bao gm cc thnh phn ca d n tng th an ninh thng tin, chi ph u t, nhng c s d n thnh cng, cc mc gii hn ca mt d n, chin lc tng th an ninh cng ngh thng tin v nh hng ca vn ha cng ng v cc chinh sch v an ninh cng ngh thng tin. Hc vin s c hc nhn bit cc vn pht sinh trong thi gian mt ln k hoch an ninh thng tin v cch phng trch v khc phc.
Chng ch
Hc vin s lm bi kim tra vo ngy cui ca kha hc v c cp chng ch hon thnh kha hc ca EC-Council. nhn c chng ch PMITS quc t, hc vin cn phi vt qua k thi trc tuyn t chc ti cc trung tm kho th Prometric.
Corporate Security Project Plan Components The Costs involved in Security Basis for Success of a Project Well Defined Project Objectives Minimized and Well Defined Scope Smaller Schedules Experienced Project Manager Executive Support User Involvement Well Defined Project Management Process
o o o o o o
Introduction Making of the IT Security Project Team The IT Security Project Stakeholders Requirement Specifications of the IT Security Project Objectives of the IT Security Project Processes involved in the IT Security Project The Acceptance Criteria Risk Management Change Management Communication Quality Status Reports Defect Tracking Escalation Process Documentation Approval Procedures Deployment Operations Training
Module 04: Planning the IT Security Project o o o o Structuring the details of IT Security Project Work Project Tasks and Sub-tasks in the Project Verifying Scope of the Project Tasks in Detail Ownership Resources Priority Schedule Budget Allocated Project Dependencies Limitations o o Experience Tools Budget Constraints Change in the Organization Government Requirements or Regulatory
Module 03: Developing the IT Security Project Team o o Introduction List of the Requirements IT Security Project Team
The Critical Path Testing the Results Defining the Budget, Schedule, Risks, and Communications
Roles and Responsibilities Skill Set Technical Skill Set Communication Ability Training and Negotiation Ability to Negotiate and Understanding of Technical Aspects Reporting Legality, Regulations and Cost Factors Staffing Requirements and o o Module 05: Managing the IT PM o o Start of the IT Security Project Examine and Organize the IT Security Project Progress Authentication Issue Report and Rectification Documentation
o o
Manage the IT Security Project Risk Change Management in the IT Security Project Potential Customers
Staff Environmental
Law concerning Unauthorized Access Myths and Facts Private Entity Penetration Test
Legal Liability and Related Tools Legal Assessment and Implementation in Corporate Scenario Define Rights and Protection and involvement of Certified third-party individuals Standards and Insurance
Module 07: Closing Out the IT PM o o o o o o Introduction Evaluate the Project on Completion Close all Open Issues, Change Requests, and Error Reports Prepare for Implementation, Deployment, and Operational Transfer Review the Lessons Learned Documentation and Compliance Reports o o o o Module 08: Define a Corporate IT Project Plan o o Define a Security Strategy for the IT Project Legal Standards Gramm-Leach-Bliley Act Health Insurance Portability and Accountability Act 195 Sarbanes-Oxley Act Federal Information Management Act FERPA and the TEACH Act Electronic Communications Privacy Act and Computer Fraud and Abuse Act Security and o
o Project
Examples
Project Constraints Project Assumptions Project Schedule and Budget Closing Out the Project IT Infrastructure Security Project Plan
Infrastructure Security Assessment Information People and Process Policies Compliance with Processes Technology Establishing Baselines Recognizing External Threats Network Security Checklist
Project Parameters Project Team Project Organization Project Work Breakdown Structure Risks Mitigation Strategies Project Constraints and Assumptions Project Schedule and Budget Overview of Infrastructure Security Project
Wireless Security Project Plan Wireless Security Auditing Types of Wireless Devices Wireless Threats Risk Assessment Impact Analysis Requirements Scope, Schedule, Budget, Skill Sets and Procedures
Project Parameters
Module 09: General IT Security Plan o IT Security Assessment and Audit Perimeters The Internal Network Information Risk Assessments Vulnerability Scanning and Penetration Testing Risk Assessment
Project Team Project Organization Project Work Breakdown Structure Project Risks and Mitigation Strategies Project Constraints and Assumptions Project Schedule and Budget Wireless Security Project Outline
o o o
Impact Analysis
Module 10: IT Operational Security Plan o Operational Security Assessment Incident Response The Response Team Policies Disaster Recovery Regulatory Issues Health Insurance Accountability Act Sarbanes-Oxley Act Portability and
Authentication Access Control Auditing Review the Policy Review the Procedures Review the Operations Requisites of Legal Reporting
o o
Attacks Assessment and Audit Report Entries in the Finding Report Planning of the Project Requirements Scope, Schedule, Budget, Skill Sets and Procedures Project WBS, Constraints, Schedule and Budget
Gramm-Leach-Bliley Act
o Project Parameters
o o o o Issue, Solution, Scope, Cost, Time, Quality, Functional Specifications and Skill Set
Project Team Project Organization Project Work Breakdown Structure Project Risks and Mitigation Strategies Incident Response
o o o
Project Constraints and Assumptions Project Schedule and Budget Overview of the Operational Security Project
Chng ch
Hc vin s c lm bi kim tra vo ngy cui ca kha hc v c cp chng ch hon thnh kha hc. t c chng ch quc t, hc vin cn phi vt qua k thi trc tuyn (m mn thi 212-93) t chc ti cc trung tm kho th Prometric.
Ni dung kha hc
Module 1 Basics Concepts of Storage Area Networking Define the concept of a storage area network Discuss the reasons for the growing need for storage space Discuss the history of storage area network development Understand the difference between network attached storage and storage area networks Identify and explain the benefits of using storage area networks in enterprise-level networks Discuss evolving SAN technologies Understand the basic operations of the Fibre Channel transport protocol used by most storage area networks Describe the Fibre Channel layered architecture Understand the Physical Interface layer of the Fibre Channel model Understand the use of ordered sets and byte encoding in Fibre Channel communications Identify and describe the Link Services used at the third layer of the Fibre Channel model Identify and describe the Basic Services used at the fourth layer of the Fibre Channel model Understand the upper-level protocols used in the fifth layer of the Fibre Channel model Describe the basic topologies used in Fibre Channel networks
Discuss the role that initiators, target devices, and connectivity devices play in Fibre Channel networks
Module 3 Arbitrated Loop Technology Recognize the difference between Token Ring networks and Arbitrated Loop networks Describe the purpose of identifiers and addresses used for ports attached to an Arbitrated Loop Understand how hubs can be used to centralize loop wiring Understand and describe the steps involved with loop initialization Describe the port login procedure and why it is necessary in an Arbitrated Loop Describe the process used by a member of the Arbitrated Loop to gain access to the shared media Understand how a system of priorities is used to pass data in Arbitrated Loops Describe the effects of adding a switch to a network
Module 6 Connecting SANs Over Long Distances Understand how to use separate SANs for disaster recovery Describe the basics of Asynchronous Transfer Mode (ATM) and frame relay Understand multiplexing technologies, such as TDM, WDM, and DWDM Discuss emerging SAN technologies, such as iSCSI, FCIP, and InfiniBand
Module 4 Fabric Switching Describe the evolution of Ethernet networks and SANs Understand and discuss the reasons for implementing a fabric switched network Understand the method fabric switch ports use for addressing frames Describe the login process for fabric switches Understand how a name server database simplifies routing in a fabric switched network Identify some of the services that can be incorporated into a switch to enhance network functionality
Module 5 - Complex SAN Topologies Understand and describe varied and complex SAN topologies Discuss the SAN management software applications that can be used to help manage SAN hardware
Ni dung kha hc v2
Introduction to Wireless Communications Explain how the major wireless technologies are used today Describe the applications used in wireless technology List and explain the advantages of wireless technology List and explain the disadvantages of wireless technology Describe how different factors affect the design of a radio system Tell why standards are beneficial and list the major telecommunications standards organizations Explain the radio frequency spectrum
Infrared Explain the differences between the OSI communications model and the IEEE 802 communications standards Tell how an infrared WLAN transmits data Describe the features of IrDA
How Wireless Works Explain how network data is represented using binary notation List and explain the two types of wireless transmission Describe the different ways in which data can be transmitted by radio waves
Bluetooth Explain how Bluetooth is used Tell how Bluetooth works Describe several issues that Bluetooth faces
Low-Speed Wireless Local Area Networks Give examples of how WLANs are used today List the components and modes of a WLAN Tell the advantages and disadvantages of HomeRF Explain the background of IEEE 802.11 WLANs Describe how an 802.11b network functions
List the advantages of wireless communications Discuss the challenges of wireless communications Explain the steps needed to build a wireless infrastructure
High-Speed WLANs and WLAN Security Tell how IEEE 802.11a networks function and how they differ from IEEE 802.11b networks List the advantages and disadvantages of an IEEE 802.11g network Describe HiperLAN/2 networks Compare low-speed and high-speed WLANs Explain basic and enhanced WLAN security facilities
Digital Cellular Telephony Describe the applications that can be used on a digital cellular telephone Explain how cellular telephony functions List and describe the features of the generations of cellular telephony List and describe the four types of client software used on a digital cellular telephone Discuss the issues surrounding 3G implementation
Fixed Wireless Define fixed wireless Explain the features of a remote wireless bridge List and describe three types of landbased fixed broadband wireless devices Tell how satellite transmissions work
Wireless Communications in Business ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 Fax: (84-4) 37875729 Email: sales@itpro.net.vn