Docstoc

Hardening the Infrastructure Hardening the Infrastructure

Document Sample
Hardening the Infrastructure Hardening the Infrastructure Powered By Docstoc
					Hardening the Infrastructure
Course Specifications
Course number: 085545
Course length: 5 days
Software:      N/A

Certification
Exam #:            SC0–411
Maps to:           Hardening the Infrastructure, Security Certified Program Level 1: Defense
Course:            1 of 2 for Security Certified Network Professional (SCNP)

Course Description
Hardening the Infrastructure is designed to provide Network Administrators with an awareness of
security-related issues and the essential skills they need to implement security in a given network. It is
the first course offered in the first level of the Security Certified Program.
Target Student: We designed Hardening the Infrastructure for Network Administrators who are
responsible for maintaining a wide range of network technologies, and who need to develop expertise in
securing their networks.
Prerequisites: To ensure your success, we recommend you first take the following Element K course or
have equivalent knowledge:
    •    Network+ Certification: Third Edition—2002 Objectives, A CompTIA Certification
    •    Security+ Certification: A CompTIA Certification
Delivery Method: Instructor-led, group-paced, classroom-delivery learning model with structured
minds-on and hands-on activities.
Benefits: Students will learn to work with various protocols, and create security in router-based
networks and across different platforms. They will also use some of the techniques that network
attackers commonly use to learn the best ways to prevent attacks.
What's Next: After completing this course, students who want to complete Level 1: Defense of the
Security Certified Program should take the next course in the series: Network Defense and
Countermeasures.

Hardware/Software Requirements
         To run this course, you will need:
         The hardware listed in the following table.
 Hardware Type                             Quantity                            Minimum Specifications
 Student machines                          1 per student                       500 MHz Pentium III processor
                                                                               (700 MHz or higher
                                                                               recommended) 128 MB RAM
                                                                               (256 MB or more recommended) 8
                                                                               GB hard disk 2 non-integrated
                                                                               NICs (Intel or 3COM preferred—
                                                                               for promiscuous mode support)
                                                                               Video card (Nvidia TNT2
                                                                               preferred—from the point of view
                                                                               of driver availability for all OSs)


                                                      –1–
    To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                Course Outline


 Instructor machines                       1                                  Same as student machines.
 Cisco routers                             3                                  2500 Series preferred; IOS 12.2
                                                                              or greater, with IPSec/SSH
                                                                              support
 Cisco console cables                      1
 Serial cables                             2                                  DCE to DTE, for connecting
                                                                              routers together
 Switches or hubs                          2                                  10/100 Mbps
 Hardware keylogger                        1
 Null-modem and crossover cables           1 set for each pair of students    CAT 5
       •   For class preparation and use, the following software:
                o A bootable DOS floppy disk with common utilities such as FDISK, FORMAT,
                     MSCDEX, DELPART, and so forth, is sufficient for class purposes.
                o The Windows 2000 Server operating system. The cost of an evaluation copy is $7.95,
                     and you can obtain the software from the Microsoft Training Kits, TechNet, or
                     http://microsoft.order-2.com/win2kast
                o The Red Hat 8.0 Linux operating system. It does not matter if you use the Personal or
                     Professional Edition. The cost of this software is free, if you download it from
                     www.redhat.com (or any of the various mirror sites listed there). It is recommended
                     that you also download the installation guide. If you decide to download the OS from
                     the Internet, download the ISO files and create CDs from the images. Choosing the
                     Burn As Image option ensures that the CDs will be bootable.
                o Hardware drivers for each OS and peripheral, especially NIC and video drivers. You
                     should always keep these handy. In addition to having them on a CD, it is generally
                     advisable to have a set of properly labeled floppy disks.
                o Service Pack 2 for Windows 2000 Server. This Service Pack is free, and can be
                     downloaded from
                     http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-
                     US/W2KSP2.exe (save the file to disk).
                o The Internet Explorer 6 upgrade. This upgrade is free, and can be downloaded from
                     http://www.microsoft.com/windows/ie/default.asp (you might need to be connected to
                     the Internet to do the actual upgrade).
                o The sysprep utility, from the Windows 2000 Resource Kit.
                o Disk-cloning tools. Norton Ghost is recommended.
                o SID-changing utilities. Norton Ghostwalk is recommended.
       •   For use in class, you will also need to acquire the tools and utilities described in the following
           tables. Tables are arranged by function, such as network scanning, firewalls, and so forth. Links
           are provided to enable you to download files from the Web, via an HTML version of these setup
           instructions on the course CD. Create a Tools share (or a CD) for use in class. Download and
           organize the tools in an appropriate folder structure, such as in folders named Linux Tools,
           Windows Tools, and Miscellaneous. The Miscellaneous folder can include utilities like MS
           Office file viewers, file unzippers, Adobe Acrobat Reader, and so forth. The capture and
           signature files required for some of the tasks in the course, as well as all the RFCs, are included
           with each course manual.

Network Scanning Tools
Tool              OS/Cost            Used       Download From
                                     in
                                     Tasks
SuperScan         Windows/Eval       Yes        www.foundstone.com/knowledge/scanning.html
                  is Free
Nmap              Linux/Built-in     Yes        Included in Red Hat 8.0
NmapFE            Linux/Built-in     Yes        Included in Red Hat 8.0


                                                      –2–
   To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                   Course Outline


NmapNT          Windows/Free        No          www.eeye.com/html/Research/Tools/nmapnt/nmapNTsp1.zip
Pinger          Windows/Free        No          http://visualsoftru.com/ping/pinger.exe
Strobe          Linux,              No          For Linux, www.luyer.net/software/strobe-classb/
                Windows/Free
Nessus          Linux/Free          Yes         ftp://ftp.nessus.org/pub/nessus/nessus-2.0.3/nessus-
                                                installer/nessus-installer.sh
udpflood.exe    Windows/Free        Yes         www.foundstone.com/knowledge/stress_testing.html
NetScan         Windows/Eval        No          ftp://ftp.netscantools.com/pub/nst430a.zip
Tools Pro       is Free
Netcat          Linux,              Yes         For Linux, included with Red Hat 8.0. For Windows,
                Windows/Free                    www.atstake.com/research/tools/nc11nt.zip

Routing Tools
Tool              OS/Cost                 Used in           Download From
                                          Tasks
Visual Route      Windows/Eval is         Yes               www.visualroute.com/
                  free
NeoTrace          Windows/Eval is         Yes               www.tucows.com/preview/194046.html
                  free

Network Sniffer Tools
Tool              OS/Cost                 Used in          Download From
                                          Tasks
Network           Windows/Built-in        Yes              Included in Windows 2000 Server
Monitor
Ethereal          Windows,                Yes              For Linux, included with Red Hat 8.0. For
0.9.11            Linux/Free                               Windows, www.ethereal.com/distribution/Win32
Tcpdump           Linux/Free              No               www.tcpdump.org/
Windump           Windows/Free            No               http://windump.polito.it/install/default.htm
WinPcap 2.3       Windows/Free            Yes              http://windump.polito.it/install/default.htm

Password Tools
Tool           OS/Cost            Used in       Download From
                                  Tasks
L0pht          Windows/Eval       No            www.32bit.bhs.com/downloads/file.asp?id=4519
Crack 2.5      is Free
L0pht          Windows/Eval       Yes           www.atstake.com/research/lc/application/lc4setup.exe
Crack LC4      is Free
Crack 5.0      Linux/Free         No            ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/i386/crack-
                                                5.0.tgz
John the       Windows,           Yes           For Linux, www.openwall.com/john/john-1.6.tar.gz For
Ripper         Linux,             (Linux        Windows, www.openwall.com/john/john-1.6w.zip
               DOS/Free           version
                                  only)
Snadboy's      Windows/Free       Yes           www.snadboy.com/RevelationV2.zip
Revelation

Trojan Horses and Exploit Tools
Tool             OS/Cost                 Used in        Download From
                                         Tasks
Netbus           Windows/Free            No             http://nttoolbox.com/public/tools/NetBus170.zip


                                                       –3–
   To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                 Course Outline


NetBus Pro       Windows/Free          Yes               http://home.t-
                                                         online.de/home/TschiTschi/netbus_pro_eng.htm
SubSeven         Windows/Free          No                www.subseven.ws/
GetAdmin         Windows               No                http://packetstormsecurity.org
                 NT/Free

Forensics and Keyboard Logging Tools
Tool           OS/Cost                  Used in       Download or Order From
                                        Tasks
NTFSDOS        Linux/Free,              Yes           For DOS, www.sysinternals.com/files/ntfs30r.zip (The
               DOS/Eval is free                       Read-only version will do.) For Linux, linux-
                                                      ntfs.sourceforge.net/info/redhat.html#how
Keylogger      Any (This is             Yes           www.keyghost.com
               hardware.)/$89 to
               $199 (one per class
               only)


Forensics and Keyboard Logging Tools
Security       Any (This is             Yes           www.keyghost.com
keyboard       hardware.)/$129 to
               $299 (one per class
               only)
Keystroke      Any (This is             Yes           www.electronickits.com/spy/finish/computer/key.htm
logger         hardware.)/$54.95
               (one per class
               only)
Klogger        Windows/Free             Yes           http://ntsecurity.nu/cgi-bin/download/klogger.exe.pl

Intrusion Detection Tools
Tool               OS/Cost                  Used in           Download From
                                            Tasks
ISS Internet       Windows/Free             No                Included with the Windows 2000 Server
Scanner 6                                                     Resource Kit, or you can visit:
                                                              www.iss.net/download/
ISS System         Windows/Free             No                Included with the Windows 2000 Server
Scanner 6                                                     Resource Kit, or you can visit:
                                                              www.iss.net/download/
Snort              Linux,                   No                www.snort.org/dl/binaries
                   Windows/Free
IDSCenter          Windows/Free             No                www.snort.org/dl/contrib/front_ends

Firewalls
Tool             OS/Cost            Used in       Download From
                                    Tasks
CheckPoint       Windows            No            www.checkpoint.com. Part number is CPFW-FM-25-NG
NG               2000 Server
                 with
                 SP2/$2000
                 approx. (one
                 per class
                 only)


                                                       –4–
   To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                  Course Outline


ISA               Windows            No            www.microsoft.com/isaserver/evaluation/trial/default.asp
Server2000        2000 with
                  SP1
                  min./Eval is
                  Free

Network and Security Administration Tools
Tool                OS/Cost                    Used      Download From
                                               in
                                               Tasks
IPv6                Windows/Free               Yes       http://msdn.microsoft.com/downloads/sdks/platform/tpipv6/
Technology                                               download.asp
Preview
Webmin              Any (browser-based         Yes       www.webmin.com. Download either the rpm or the tarball.
                    management.)/Free
Tripwire            Linux/Built-in             Yes       Included with Red Hat 8.0

Network and Security Administration Tools
Bastille            Linux/Free                 Yes       http://osdn.dl.sourceforge.net/sourceforge/bastille-linux/
                                                         Bastille-2.0.4-1.0.i386.rpm
pwlib-1.3.3-        Linux/Free                 Yes       www.bastille-linux.org/pwlib-1.3.3-5.i386.rpm
5.i386.rpm
perl-Tk-            Linux/Free                 Yes       www.bastille-linux.org/perl-Tk-800.023-9mdk.i586.rpm
800.023-
9mdk.i586.rpm
Windows 2000        Windows/Free               Yes       www.cisecurity.org
Gold Standard
PuTTY.exe           Windows/Free               Yes       http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
HiSecWeb            Windows/Free               Yes       http://download.microsoft.com/download/win2000srv/SCM/
security                                                 1.0/NT5/EN-US/hisecweb.exe
template
IIS Lockdown        Windows/Free               Yes       http:/download.microsoft.com/download/iis50/Utility/2.1/
tool                                                     NT45XP/EN-US/iislockd.exe
HFNetChk tool       Windows/Free               Yes       http://download.microsoft.com/download/win2000platform/
                                                         Utility/3.3/NT45/EN-US/Nshc332.exe
                                                         (For the original command-line tool, go to
                                                         hfnetchk.shavlik.com/hfnetchk_3.86.0.1.exe. Or, for the new
                                                         Microsoft Baseline Security Analyzer, go to
                                                         download.microsoft.com/download/e/5/7/e57f498f-2468-
                                                         4905-aa5f-369252f8b15c/mbsasetup.msi.)

Miscellaneous Tools
Tool              OS/Cost               Used in        Download From
                                        Tasks
File              Windows,              Yes            www.winzip.com, www.pkware.com, or
Unzippers         DOS/Free                             www.rarlab.com
PDF Viewer        Windows/Free          No             www.adobe.com/products/acrobat/readstep2.html
MS Office         Windows/Free          No             http://office.microsoft.com/downloads/default.aspx
Viewers




                                                       –5–
    To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                 Course Outline


For use in class, students will need the following:
•   A bootable DOS floppy disk, similar to the one used for class preparation.
•   Tools and utilities as described previously. These tools need to be
    downloaded from the Web and can be burned onto a CD-ROM,
    placed in a shared folder on the classroom network, or copied onto
    the student machines. If you decide to create a Tools CD-ROM for
    use in class, make sure that the instructor collects the CD-ROMs
    from the students at the end of the course.
•   The CD-ROM included with the course manual.
For use in class, the instructor will need the following:
• A bootable DOS floppy disk, similar to the one used for class preparation.
• Tools and utilities as described previously. These tools need to be
    downloaded from the Web, and can be burned onto a CD-ROM or
    copied onto the instructor's machine.
• The CD-ROM included with the course manual.
• A hardware keylogger. During class, the instructor does not need to
    have, but should have access to, the disks used for class preparation.

Performance-
Performance-Based Objectives
    o    Investigate advanced concepts and procedures related to the TCP/IP protocol.
    o    Work with the secure version of IP, IPSec.
    o    Secure Linux computers and networks.
    o    Secure Windows 2000 computers and test the effectiveness of various security measures.
    o    Secure routers by using Access Control Lists and logging options.
    o    Investigate measures that can help ensure business continuity in the event of a disaster, such as
         contingency planning, and power and backup issues.
    o    Define common Internet components and identify techniques used in Web hacking and other
         attacks.
    o    Examine and work with common techniques used to attack networks and specific operating
         systems.

Course Content
Lesson 1: Advanced TCP/IP
        Topic 1A: TCP/IP Concepts
        Topic 1B: Analyzing the Three-Way Handshake
        Topic 1C: Capturing and Identifying IP Datagrams
        Topic 1D: Capturing and Identifying ICMP Messages
        Topic 1E: Capturing and Identifying TCP Headers
        Topic 1F: Capturing and Identifying UDP Headers
        Topic 1G: Analyzing Packet Fragmentation
        Topic 1H: Analyzing an Entire Session
        Topic 1I: Fundamentals of IPv6

Lesson 2: Implementing IPSec
        Topic 2A: Internet Protocol Security
        Topic 2B: IPSec Policy Management
        Topic 2C: IPSec AH Implementation
        Topic 2D: IPSec ESP Implementation
        Topic 2E: Combining AH and ESP in IPSec

Lesson 3: Hardening Linux Computers
        Topic 3A: Introduction to Linux Administration


                                                      –6–
    To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za
                                                Course Outline


        Topic 3B: Fundamental Linux Security
        Topic 3C: Access Control
        Topic 3D: Securing Network Services
        Topic 3E: Final OS Hardening

Lesson 4: Hardening Windows Computers
        Topic 4A: Windows 2000 Infrastructure Security
        Topic 4B: Windows 2000 Authentication
        Topic 4C: Windows 2000 Security Configuration Tools
        Topic 4D: Windows 2000 Resource Security
        Topic 4E: Windows 2000 Auditing and Logging
        Topic 4F: Windows 2000 EFS
        Topic 4G: Windows 2000 Network Security

Lesson 5: Routers and Access Control Lists
        Topic 5A: Fundamental Cisco Security
        Topic 5B: Routing Principles
        Topic 5C: Removing Protocols and Services
        Topic 5D: Creating Access Control Lists
        Topic 5E: Implementing Access Control Lists
        Topic 5F: Logging Concepts

Lesson 6: Contingency Planning
        Topic 6A: Continuity and Recovery
        Topic 6B: Developing the Plan
        Topic 6C: The Technologies of Staying On
        Topic 6D: Backing up the Operating Systems

Lesson 7: Security on the Internet and the WWW
        Topic 7A: Describing the Components of the Internet
        Topic 7B: Identifying the Weak Points of the Internet
        Topic 7C: Describing Web-Hacking Techniques
        Topic 7D: Describing Methods Used to Attack Users

Lesson 8: Attack Techniques
        Topic 8A: Network Reconnaissance
        Topic 8B: Mapping the Network
        Topic 8C: Sweeping the Network
        Topic 8D: Scanning the Network
        Topic 8E: Viruses, Worms, and Trojan Horses
        Topic 8F: Malicious Web sites
        Topic 8G: Gaining Control over the System
        Topic 8H: Recording Keystrokes
        Topic 8I: Cracking Encrypted Passwords
        Topic 8J: Revealing Hidden Passwords
        Topic 8K: Social Engineering
        Topic 8L: Case Study: Social Engineering
        Topic 8M: Gaining Unauthorized Access
        Topic 8N: Hiding Evidence of an Attack
        Topic 8O: Performing a Denial of Service




                                                     –7–
   To find out more about all of the products and services from Masterskill, please visit www.masterskill.co.za

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:148
posted:3/23/2011
language:English
pages:7