Solaris Operating System Network Intrusion Detection

Sun Educational Services Australia
Adelaide, Brisbane, Canberra, Melbourne, Gordon, Perth, Sydney, Australia

Course Format: Classroom | E-learning | Virtual Class | Online/Live | On-site/In-house | Blended | Self-paced

Course Description:

'' Module 1 - Ethernet and IP Operation

Review OSI network model
Review application and network service layers
Identify Ethernet security issues
Review IPv4 addressing
Understand IP fragmentation
Identify ICMP security issues
Implement basic traffic capture and analysis

Module 2 - IP and ARP Vulnerability Analysis

Identify IP security issues
Describe IP routing and routing protocol security
Protect against IP abuse
Identify ARP security issues
Execute attacks against ARP
Protect against ARP abuse
Implement advanced packet capture and analysis

Module 3 - UDP/TCP Protocol and TELNET Vulnerability Analysis

Discuss characteristics of UDP and TCP
Identify TCP security issues
Describe common TCP abuses: SYN attack, sequence guessing, connection hijacking
Discuss characteristics of TELNET
Identify TELNET security issues
Execute attacks on TCP and TELNET
Protect against TCP and TELNET abuse

Module 4 - FTP and HTTP Vulnerability Analysis

Discuss characteristics of FTP
Describe FTP transfer methods and modes
Identify FTP security issues
Describe common FTP abuses: FTP bounce attack, port stealing, brute force
Discuss characteristics of HTTPv1.1
Describe role of HTTP proxy servers and HTTP authentication
Identify HTTP security issues
Describe common HTTP abuses: path name stealing, header spoofing, proxy poisoning
Execute attacks on FTP and HTTP
Protect against FTP and HTTP abuse

Module 5 - DNS Vulnerability Analysis

Discuss characteristics of DNS
Identify DNS security issues
Describe common DNS abuses: DNS spoofing, DNS cache poisoning, unauthorized zone transfers
Execute attacks on DNS
Protect against DNS abuse

Module 6 - SSH and HTTPS Vulnerability Analysis

Discuss characteristics of SSH
Describe differences between SSH1 and SSH2 protocol
Identify SSH security issues
Describe common SSH abuses: insertion attack, brute force attack, CRC compensation attack
Describe characteristics HTTPS (SSL)
Discuss other SSL enabled protocols
Identify SSL issues
Describe common SSL abuses: man-in-the-middle and version rollback attack

Module 7 - Remote Operating System Detection

Use standard system commands and exploit default settings to guess remote operating systems
Use open source utilities to guess remote operating systems by scanning open ports
Describe TCP/IP stack fingerprinting
Install and use nmap for remote OS detection

Module 8 - Network Attack Techniques and Basic Attack Detection

Identify sources of network attacks
Discuss methods of intrusion
Describe common network attacks: denial-of-service, software buffer overflow, poor system configuration, password guessing/cracking
Describe a typical intrusion scenario
Introduce the concept of an Intrusion Detection System (IDS)
List some of the most popular IDS tools: Klaxon, Portsentry, snort
Implement basic scan detection

Module 9 - Implementing Intrusion Detection Technologies

Identify the difference between host based and network based IDS
Discuss different types of IDS implementation: hybrid NIDS and honeypots
Describe core components of a NIDS using the snort NIDS
Compile and install the snort NIDS

Module 10 - Advanced NIDS Configuration

Discuss advanced snort features like "real time response" and snort log monitors
Install a database (mysql) to log snort alerts
Install the graphical user interfaces (GUI) Demarc and ACID to better
interpret snort logs by querying the snort database
Generate outside attacks that trigger snort alerts
Interpret GUI snort monitors to identify attacks

Module 11 - Writing snort rules

Describe the different components of a snort rule
Configure different snort rule options
Write custom snort rules to watch for specific traffic patterns
Execute attacks against custom snort rules and interpret GUI snort monitors to identify attacks

Module 12 - Solaris Routing

List requirements for a Solaris host to be a router
Implement a Solaris host as a router
Use the ndd utility to secure a Solaris router

Module 13 - Solaris Firewalls

Describe different types of Solaris firewalls: application firewalls and packet filters
Identify two of the most common Solaris firewall products: Sunsceen Lite and IPfilter
Learn firewall policy basics
Write firewall rules for network or host based firewalls
Install an IPfilter firewall on a Solaris host

Module 14 - Solaris Network (NAT) and Port Translation (PAT)

Describe NAT and PAT concepts
Implement NAT to secure a private network behind a Solaris firewall ...''

Elements of this syllabus are subject to change.

Phone:1800 628-193

School Address/Venue(s):

Sun Educational Services
Level 3, 33 Berry Street
North Sydney NSW 2060


Jobs & Resumes: Adelaide, Brisbane, Canberra, Melbourne, Gordon, Perth, Sydney
Houses & Roommates: Adelaide, Brisbane, Canberra, Melbourne, Gordon, Perth, Sydney
Travel Agencies: Brisbane, Melbourne, Perth, Sydney

Search other schools for Solaris Operating System Network Intrusion Detection training resources.

Red Hat Linux Kernel Internals
Red Hat Embedded Systems Engineering
Red Hat Linux Application Development and Porting
Red Hat Enterprise SELinux Policy Administration
Red Hat Firewall Solutions
Red Hat Enterprise Security: Network Services
Red Hat Enterprise Storage Management
Red Hat Enterprise Directory Services and Authentication
Red Hat Enterprise System Monitoring and Performance Tuning
Network Administration for the Solaris 10 Operating System
Computer Security Forensics and System Recovery

Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
 

Facts: We serve the schools and students around the world. Major visitors come from India, United States, United Kingdom, Canada, Australia, Philippines, Malaysia, Singapore and South Africa.