Market*Access International

Introduction to Network Security & Intrusion Detection

A Hands-On Course in Network Security
 

Course Overview

This is a five-day course designed to teach students how to identify vulnerabilities and protect networks. This course is taught by Federal Network Systems network security experts with real-world experience in the area of network intrusion detection and prevention. The course includes a UNIX primer/refresher necessary to enable students to learn material throughout the course. The UNIX overview covers specific elements including: command line instruction, operating system fundamentals, UNIX directory/file architecture, file manipulation, SMTP mail, and the UNIX IP protocol suite. A dual-boot Linux/Win95 laptop will be provided to each student for use during the class.

Who Should Attend

Network support personnel, network administrators, systems analysts, computer security professional, data processing professionals, and telecommunications professionals who require an understanding of network intrusions and countermeasures.

Course Benefits
  • Familiarize yourself with common intrusion techniques.
  • Learn how to protect against conventional and unconventional attacks.
  • Explore real-world case studies presented by Federal Network Systems engineers.
  • Interact and share your experiences in a small class environment.
  • Obtain the knowledge you need in only five days!
  • Students receive a CD Rom with various hacker software tools (e.g. Exploit source codes, password crackers with multi-lingual dictionaries, scanning programs, Secure Shell, and many others)

Course Schedule

This five-day class is taught at Federal Network Systems at 9861 Broken Land Parkway, Suite 110, Columbia, MD 21046. Find this address on Yahoo maps.

For students with special needs, travel arrangements can be made from the DC Metro area.

Class times: 8:00 a.m. - 4:30 p.m.

Class dates to be announced.  Please call for more information.

 

Cost

$2,700 per student -- Commercial
$2,475 per student -- Government

On-site training also available for up to 12 students.

Registration Information

NOTICE: All payments should be made payable to "Federal Network Systems LLC", not "Market*Access".  Thank you.

[1] Email: netsecureinfo@bbn.com.

[2] Phone: 1-800-334-1553.

[3] Fax: registration form to 410-309-4245.

Effective immediately, we only accept the following forms of payment: credit card, personal check, bank check, company check, or purchase order. Other forms of payment, i.e. DD1556, SF182, Form 350, etc. are no longer accepted. Invoice remittance is due upon receipt.

 

Cancellation Policy

Cancellation must be made in writing not less than one week prior to course start date. Notification after that time will result in a 20% non-refundable cancellation fee. Written notification of cancellation may be made by sending an e-mail message to netsecureinfo@bbn.com or by fax to 410-309-4245. Substitutions may be made if a student is unable to attend.

Course Outline
Introduction (Hands-On)
  • Quick familiarization of Linux
  • Gain super-user access with a password cracker
  • Security History (Lecture)
  • Security, in general
  • Discussion of significant security events
  • Definition of terms
Intrusion Detection (Mostly Hands-On)
  • Discussion of how logs and various tools can be used to detect unauthorized activities
  • Hands-on experience with three different sniffers
  • How to read audit files
  • Hands-on experience with several system commands and various tools to detect unauthorized activity
Reconnaissance (Hands-On)
Students will learn how to scan and detect scans from several different manual, as well as automated tools including:
  • Basic UNIX commands
  • Nmap
  • ISS
  • NetCat
  • Sendmail Version Scan
Low-Level Access (Hands-On)
Students will run a series of several “attacks and detect labs” to gain low-level access to various servers. Examples of the exploits include:
  • HTTP Remote Buffer Overflow
  • NFS Attack
  • NIS Attack
  • X Windows Attack
  • DNS Spoofing
Privileged Access (Hands-On)
Students will use their low-level access knowledge gained in previous labs to gain access as a super user. Some exploits they will perform and detect include:
  • IMAP Buffer Overflow
  • DIP Buffer Overflow
  • EUID Buffer Overflow
Covert Access (Hands-On & Discussion)
Although covert access is often difficult to detect, students will learn how to recognize when someone is using a covert channel. They will also learn how intruders conceal their real identity and hide in normal network traffic from being detected by Intrusion Detection Systems and Audit Logs. Following are examples of which the students will gain hands-on experience:
  • UNIX Shell Games
  • NetCat
  • ICMP Covert Channel
  • Trojan Horses
  • NetBus
  • Back Orifice
Denial of Service (Hands-On & Discussion)
These attacks are commonly executed on today's networks and are often difficult to trace back to the actual attacker. However, sometimes the evidence needed can be found in your Audit System. Students will learn how these attacks work and how to detect them. Examples of some attacks students will learn to perform and detect include:
  • Land Attack
  • UDP Bomb
  • Smurf Attack

Helpful Experience (not required)
  • Understanding of IP networking
  • Basic understanding of UNIX
  • Familiarity with basic UNIX commands
  • Basic use of VI

Sales Support and Marketing
Market*Access International, Inc.
301-455-5633

Market*Access International

Market*Access International provides marketing, business development and sales support to companies selling into federal and international markets.

 

Last revision: 24 August 2001


For more information regarding this training course, contact:

Donna Anderson
Vice President, Sales and Teleservices
Market*Access International
Phone (703) 807-2740
Fax (703) 807-2728
danderson@marketaccess.org



©2000 by Market*Access International. All rights reserved.