training
Networking and Cyber Security

Description
Question: My online bank is using SSL - does it mean that my online transactions are secured?
Answer: SSL is very strong and even "Unbreakable"
Question: So am I safe? is my password safe? Is my online bank account secured?
Answer:.......

The Internet is around for more than 30 years. The recent protocols (like SSL) were developed to protect and secure network transactions. However, in the 80s, security wasn't a major concern. The good old protocols, which are the infrastructure to any Internet communication, are vulnerable to many attacks. The vulnerability is "by design" and can't be fixed like patching and upgrading a vulnerable application.
A chain is only as strong as its weakest link...



In this 5 sessions course we will explore the vulnerabilities of the tcp/ip infrastructure protocols and identify the weakest link(s) in the chain. We will survey, analyze and understand them but but we will also develop and practice attack techniques.
We will practice the most devastating attacks and learn how to protect against them.
This course is theoretical and practical (you will develop your own attacks) with many demos and examples.
In order to participate in this course, you don't need a deep background in networking and you don't need an extensive knowledge in programming.

Objectives
After you complete this course you will be able to identify, recognize and understand the components of the TCP/IP model. You will be able to use network analyzers on real networks. You will have a deep understanding of the vulnerabilities in the tcp/ip infrastructure protocols. You will be able to generate Man in the Middle attacks and Denial of Service attacks and you will understand how to protect against them. At the end of this course you will have a state of mind of an attacker, which will help you to protect your networks from cyber attacks.

Duration
5 sessions of 1-2 days each (7-10 days)

Outline

Session 1 - Networking and the tcp/ip model
TCP/IP walkthrough - protocols and processes
Security in the infrastructure protocols (or lack of...)
A viewpoint from the eyes of an attacker

Session 2 - Network Analyzers
Overiview of Wireshark
Dive into packets and sessions
Some demos
Teaser: decrypting SSL sessions

Session 3 - Network programming
Python - basics and client/server applications
Python networking modules
Interactive packet generation and manipulation - Scapy
Many demos and examples

Session 4 - Man in the middle attacks
Understanding and implementing mitm attacks
Many demos and examples
Teaser: harvesting Google accounts password

Session 5 - Denial of service attacks
Understanding and implementing DoS and DDoS attacks
Many demos and examples
Teaser: DoS a whole network using a single packet


© Brainstorm Private Consulting. All Rights Reserved
Designed By : Template World