Training

Hacking — Attack & Defense

This course is an intense two-day journey into the innards of network and computer security. The class is based on case studies of real-life networks riddled with security problems. Participant are given a hands-on experience in performing thorough network design reviews, as well as computer system deployment techniques.

The course is based on a highly proven testing methodology, encompassing black box and white box testing techniques, security principles and practices, and real world examples.

Who Should Attend?

  • Security Consultants and Professional
  • Developers
  • Network administrators
  • Security analysts
  • Project/IT managers

Duration

2 (two) days

Course Times

Day 1: 09:00 - 17:00
Day 2: 09:00 - 17:00

Course Fee

Early bird*: Rp 9,000,000
Normal: Rp 12,000,000

* Early bird valid until 16 June 2008

Course Content

Day 1 — The Network

Day one sets the foundation for penetration test by establishing a strong basis in network monitoring, scanning, and attacks. Emphasis is placed on the tools and techniques used to monitor for potentially malicious activity, as well as the process required to methodically perform network and host reconnaissance.

Day 1 — Attacking and Defending UNIX

The UNIX day presents numerous issues particular to the UNIX environment, including attacks against common misconfigurations and security mechanisms. Students compile and test malicious rootkits, and then participate in an interactive session on using covert channels over many different protocols.

There are several labs that lead the students through the techniques presented in class. These include a variety of local and remote exploits, setting up and breaking up of traditional security mechanisms, and modifying proof-of-concept codes.

Day 2 — Attacking and Defending Windows

Focus on Windows-based technologies and their vulnerabilities. The day walks through complete application of an attack and defense methodology as specifically applied to Windows platforms. Preeminence is given to recent Windows security features, and ways to defeat them. Students will learn how to use Windows-based security tools. The day ends with an review of the latest database attacks and how to protect this commonly vulnerable service from exploits.

Students are given the opportunity to perform labs during each of the sections. These labs allow students to test out the latest exploits and techniques against a variety of Windows platforms and services, including recent Windows XP and 2003 offerings.

Day 2 — Other Advanced Topics

Analyse code-based security vulnerabilities and learn how to audit a program for potential vulnerabilities. Practice techniques by writing several buffer overflow exploits. The day closes out with a cumulative expert ultimate lab exercise.