Overview
During the course, participants will learn:
- What is denial of service attacks, Flooding, Sniffing, MIM?
- How to break from the network to the server?
- How to watch packets on the network (also running on switches)?
- Do you watch any combination of the world?
- How to monitor the network?
- How to configure a firewall?
- How to use encrypted connections?
- How to create tunnels?
- How to log packets?
- How to scan ports?
- How to reduce the number of unnecessary services on the server?
Requirements
Knowledge of any Unix-like system, and the basic structure of TCP / IP networks.
Course Outline
Turn off unnecessary services
Flood Ping
Sniffing
- Sniffit
- Ettercap
- Tcpdump
Network monitoring
- Scanning ports (nmap, nessus)
- LAN traffic monitor (iptraf)
- Monitoring changes in Ethernet network interface cards, and IP number by users (arpwatch)
- Dump traffic on a network (tcpdump)
Logging packets
- Log packets from the use of mechanisms NetFilters and iptables
- IP Protocols Logger (ippl)
Firewall (based on NetFilters and iptables)
- Packet path through the filters
- Create your own chains
Proxies
- WWW Proxy (Squid)
Cryptography
- SSLwrap
- SSH and SCP
- SSH Tunnelling
Spoofing
- Obtaining information about the owner of the IP address and domain
- Alert the authorities of a breach of the law