14 hours (usually 2 days including breaks)
Knowledge of any Unix-like system, and the basic structure of TCP / IP networks.
During the course, participants will learn:
- What is denial of service attacks, Flooding, Sniffing, MIM?
- How to break from the network to the server?
- How to watch packets on the network (also running on switches)?
- Do you watch any combination of the world?
- How to monitor the network?
- How to configure a firewall?
- How to use encrypted connections?
- How to create tunnels?
- How to log packets?
- How to scan ports?
- How to reduce the number of unnecessary services on the server?
Turn off unnecessary services
- Scanning ports (nmap, nessus)
- LAN traffic monitor (iptraf)
- Monitoring changes in Ethernet network interface cards, and IP number by users (arpwatch)
- Dump traffic on a network (tcpdump)
- Log packets from the use of mechanisms NetFilters and iptables
- IP Protocols Logger (ippl)
Firewall (based on NetFilters and iptables)
- Packet path through the filters
- Create your own chains
- WWW Proxy (Squid)
- SSH and SCP
- SSH Tunnelling
- Obtaining information about the owner of the IP address and domain
- Alert the authorities of a breach of the law
The scope of training and practical approach to the issue seemed very promising. Unfortunately, due to the fact that the lecturer does not deal with the administration of the Linux system on a daily basis - in my opinion, he is not able to thoroughly cover the topic related to Linux Security. He couldn't answer us many practical questions - he was looking for her on Wikipedia. We also make nmap and Nessus scans ourselves and were interested in answers to specific, detailed questions.
Nokia Solutions and Networks Sp. z o.o.