Security Essentials Framework (SEF)

This framework has been developed to make strong fundamentals of security; it covers most required topics to deliver routine security tasks.

Objective

• To develop strong conceptual understanding of protocols
• To develop strong conceptual understanding of security terms
• To develop hack proofing with Windows and Unix Systems
• To develop conceptual and practical firewall and intrusion detection skills
• To get familiarity with penetration testing skills
• To get familiarity with forensic skills
• To develop password cracking and management skills
• To provide strong familiarity with important security tools/techniques

Goal

• To develop strong fundamentals of security
• To teach all important functions of important tools/products.

Target Audience

This framework is designed for those who are just beginning their journey in information technology security. It�s a starting point from where one can build his base, which includes:

• Students Interested to learn information security
• Network / System and Web application administrator
• IT Staff responsible for information security

This framework, which focuses on security more from a technical perspective, addresses cutting edge most required topics.

Table of Contents

 

Introduction

• Target Audience
• What this Framework Covers
• Conventions used
• Lab Overview
• Step-by-step configuration of your systems
• Brief Introduction to Security
• Security Policy
• Introduction to Security Tools

How protocol works?

• HTTP, FTP, SMTP, DNS, SNMP
• TCP
• IP
• ARP/RARP, STP

IP Addressing and Subnetting

• Binary Translation
• Subnetting

Getting familiarity with sniffers

• tcpdump
• ethereal

Hack Proofing Windows System

• System Security
  • Hardening System
  • Secure Implementation
  • Patch Management
• Hfnetchk
• IISLockdown
• MPSA
• Backups
• Auditing System

Hack Proofing Linux System

• Understanding Unix file System
• Understanding Unix Permissions
• System Security
  • Hardening System
  • Secure Implementation
  • Patch Management
• Unix Network Commands
• Backup
• tar utility
• Auditing

Understanding Virus, Worm and Trojans

• Trust Relationships
• Fun with Sub7
• How Slammer, Blaster worm works?

Firewalls

• Understanding NAT, PAT and Proxing
• Understanding various architectures of Firewalls
• Statefull Firewall: CheckPoint NG
• Application Gateway: Microsoft ISA
• Statefull Firewall: Cisco Secure IOS Firewall
• Statefull Firewall: iptables
• Host Based Firewall: Zone Alarm

Intrusion Detection Systems

• Understanding various architectures of IDS
• Sniffing with tcpdump and ethereal
• Network based Intrusion Detection System � Snort
• Network based Intrusion Detection System � ISS Real Secure
• Host based Intrusion Detection System � xinetd
• Host based Intrusion Detection System � Swatch
• Host based Intrusion Detection and Prevention System � PortSentry

Vulnerability Scanning

• Understanding various types of scanning
• Scanning with hping2
• Scanning with Nmap
• Scanning with Nessus
• Scanning with Amap

Penetration Testing

• Overview
• Understanding Methodology
  • Information Gathering
  • Network Mapping
  • Vulnerability Identification
  • Penetration
  • Gaining Access & Privilege Escalation
  • Enumerate Further
  • Maintaining Access
  • Covering The Tracks
  • Reporting
  • Clean up and Destroy Artifacts
• Playing with Exploits

Password Cracking

• Understanding Password cracking
• John the Ripper
• Lepton Crack
• L0pht Crack (LC4)

Forensic Backups

• Using Ghost for disk imaging
• Using dd for forensic analysis

Denial of Service and Distributed Denial of Service Attacks

• Understanding type of Denial of Service Attacks
• Understanding type of Distributed Denial of Service Attacks

Web Application Security

• Understanding Web Attacks
• Experiment with Web Sleuth
• Finding bugs using Nikto

Communication Security

• PGP
• Steganography with JPHS
• Steganography with S-Tools