EC-Council Course Catalogs
Transcription
EC-Council Course Catalogs
Education Services EC-Council Course Catalogs ITPro Global Coyright by ITPro Global ® 2009 Educational Services Educational Services EC-Council Certification Path Senior Security Forensics Investigator Advanced Penetration Testing Functions include the design, implementation and creation of plans, strategies and actions necessary for a successful security investigations program. Responsibilities will include careful analysis of risk and threat conditions and associated mitigations or remediation's available through the use of appropriate technical security applications and/or use of security resources. Elective Certifications The Senior Specialist for Disaster Recovery is responsible for all aspects of the IT Disaster Recovery Plan. Provides oversight and guidance for all disaster recovery related activities within the IT department. Ideal candidates include those individuals that have the abilities to conduct either an application or network based penetration test, which includes initial identification of vulnerabilities through a variety of software tools, and then exploiting vulnerabilities using appropriate techniques that minimize likelihood of causing harm to networks. This position is responsible for responding to and for leading security investigations of varying types. Job Roles Based On Monster.com Disaster Recovery Specialist Manages all aspects of IT disaster recovery including the development, implementation and testing of a comprehensive IT Disaster recovery plan. Responsible for developing, coordinating, and maintaining a comprehensive disaster recovery testing program. Lead in performing disaster recovery capacity planning coordination IT departments to ensure that new initiative focus proactively on disaster recovery and its requirements and costs are part of each new IT initiative. Some one that can work individually or in teams to perform these tasks using ethical hacking protocol. Certified VoIP Professional Secure Programmer An expert level lead engineer with a strong technical background in IP networking, experienced in designing carrier grade ATM, IP and MPLS enabled networks to support the newest as well as the legacy technologies for mobile networks and applications. Conducts technical research and provide evaluations on new technologies and networking solutions. Communicates recommendations necessary to guide our strategic and technical decision making. The Programmer's role is to define, develop, test, analyze, and maintain new software applications in .NET. This includes writing, coding, testing, and analyzing software programs and applications. Candidate will work with network administrators, systems analysts, and product vendors to assist in resolving problems with software products or company software systems. Deals with computer crime investigations and are qualified to handle Cyberspace, allegations or downloading pornography, solicitation of minors, hacking/cracking, internet stalking cases, and allegations of online fraud. This role will also consist of assistance in proactive administration of the companies Database servers. TM TM C HFI Computer Hacking Forensic INVESTIGATOR TM TM TM TM L PT E CSA Licensed Penetration Tester EC-Council Certified Security Analyst EC-Council E CVP Disaster Recovery Professional EC-Council Certified E C SP TM VOIP Professional EC-Council Certified Secure Programmer TM Certified Ethical Hacker (CEH) C EH Certified Ethical Hacker Core Certifications EC-Council Network Security Administrator (ENSA) Entry Level Certifications: Lawyers and Corporate Attorneys A+ Network+ TM EC-Council Network Security Administrator Security+ EC-Council Computer Crime Investigator Accredited Training Center Ethical Hacking and Countermeasures- v6 HACKER MŨ TRẮNG - v6 Tổng quan Khóa học tạo cho học viên một môi trường tương tác. Trong môi trường này học viên sẽ được hướng dẫn cách quét, kiểm tra, hack và bảo mật những hệ thống của chính họ . Với môi trường Lab chuyên sâu sẽ trang bị cho mỗi học viên kiến thức sâu rộng và kinh nghiệm thực hành với các hệ thống bảo mật cần thiết hiện thời. Khởi đầu học viên sẽ hiểu được cách thức bảo vệ, quét và cách thức tấn công hệ thống mạng. Sau đó học viên sẽ được học cách mà những kẻ đột nhập sử dụng để gia tăng phạm vi ảnh hưởng và những bước có thể tiến hành để bảo mật một hệ thống. Các học viên cũng sẽ học cách phát hiện xâm nhập, hoạch định chính sách, cách tấn công DDoS, làm tràn bộ nhớ đệm và tạo ra các loại Virus. Sau khi kết thúc khóa học chuyên sâu trong 60 giờ, học viên sẽ nắm vững kiến thức và kinh nghiệm trong Ethical Hacking. Khóa học cung cấp kiến thức và chuẩn bị cho bạn dự thi môn CEH (EC-Council Certified Ethical Hacker) môn thi CEH312-50. Đối tượng Khóa học bổ ích cho các nhân viên có trách nhiệm kiểm soát và đảm bảo an ninh mạng, các chuyên viên bảo mật, các nhà quản trị, và bất kỳ ai quan tâm về sự toàn vẹn của cơ sở hạ tầng mạng. Thời lượng 40 giờ Chứng chỉ Khóa học này cung cấp cho học viên những kiến thức và kỹ năng cần thiết để học viên có thể vượt qua bài thi CEH 312-50. Sau khóa học, học viên sẽ nhận được chứng chỉ hoàn thành khóa học của EC-Council . Để nhận được chứng chỉ quốc tế CEH học viên cần phải vượt qua kỳ thi trực tuyến CEH 312-50 tại các trung tâm khảo thí Prometric. Thỏa thuận pháp lý Sứ mệnh của chương trình CEH là giáo dục, giới thiệu, và cung cấp ra các công cụ hack chỉ dành cho mục đích kiểm tra sự xâm nhập. Trước khi tham gia khóa học này, học viên sẽ phải ký thỏa thuận cam kết học viên sẽ không sử dụng các kỹ năng mới học được để dùng cho các tấn công bất hợp pháp hay cố tình làm hại. Học viên sẽ không sử dụng những công cụ đó để làm hại bất kỳ hệ thống máy tính nào, và mượn danh EC-Council để sử dụng hay lạm dụng những công cụ này, dù không chủ ý. Không phải ai cũng được học chương trình này. Các đơn vị đào tạo ủy quyền của EC-Council sẽ phải đảm bảo người nộp đơn vào học làm việc cho các công ty hoặc các tổ chức hợp pháp. ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Nội dung khóa học – phiên bản 6 Chương trình CEHv6 bao gồm giảng dạy trên lớp và tự nghiên cứu. Giảng viên sẽ cung cấp chi tiét các học phần tự nghiên cứu cho học viên ngay từ đầu khóa học. Module 1: Introduction to Ethical Hacking Problem Definition -Why Security? Essential Terminologies Elements of Security The Security, Functionality and Ease of Use Triangle Case Study What does a Malicious Hacker do? o Vulnerability Research Websites National Vulnerability Database (nvd.nist.gov) Securitytracker (www.securitytracker.com) Securiteam (www.securiteam.com) Secunia (www.secunia.com) Hackerstorm Vulnerability Database Tool (www.hackerstrom.com) o Phase2-Scanning HackerWatch (www.hackerwatch.org) o Phase3-Gaining Access MILWORM o Phase4-Maintaining Access How to Conduct Ethical Hacking o Phase5-Covering Tracks How Do They Go About It Types of Hacker Attacks Approaches to Ethical Hacking o Operating System attacks Ethical Hacking Testing o Application-level attacks Ethical Hacking Deliverables o Shrink Wrap code attacks Computer Crimes and Implications Reconnaissance Types o Vulnerability Research Tools o Phase1-Reconnaissaance o Why Hackers Need Vulnerability Research o Misconfiguration attacks Hacktivism Hacker Classes Security News: Suicide Hacker Ethical Hacker Classes What do Ethical Hackers do Can Hacking be Ethical How to become an Ethical Hacker Skill Profile of an Ethical Hacker What is Vulnerability Research ITPro Global ® 2009 www.itpro.net.vn Module 2: Hacking Laws § U.S. Securely Protect Yourself Against Cyber Trespass Act (SPY ACT) § Legal Perspective (U.S. Federal Law) o 18 U.S.C. § 1029 Penalties o 18 U.S.C. § 1030 Penalties o 18 U.S.C. § 1362 Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o 18 U.S.C. § 2318 § France Laws o 18 U.S.C. § 2320 § German Laws o 18 U.S.C. § 1831 § Italian Laws o 47 U.S.C. § 605, unauthorized publication or use of communications § MALAYSIA: THE COMPUTER CRIMES ACT 1997 o Washington: § HONGKONG: TELECOMMUNICATIONS RCW 9A.52.110 § Korea: ACT ON PROMOTION OF INFORMATION AND COMMUNICATIONS NETWORK UTILIZATION AND INFORMATION PROTECTION, ETC. o Florida: § 815.01 to 815.07 § Greece Laws o Indiana: § Denmark Laws IC 35-43 § Netherlands Laws § Federal Managers Financial Integrity Act of 1982 § Norway § The Freedom of Information Act 5 U.S.C. § 552 § ORDINANCE § Mexico § Federal Information Security Management Act (FISMA) § The Privacy Act Of 1974 5 U.S.C. § 552a § SWITZERLAND Module 3: Footprinting § USA Patriot Act of 2001 Revisiting Reconnaissance § United Kingdom’s Cyber Laws Defining Footprinting § United Kingdom: Police and Justice Act 2006 Why is Footprinting Necessary Areas and Information which Attackers Seek Information Gathering Methodology § European Laws § Japan’s Cyber Laws § Australia : The Cybercrime Act 2001 o Unearthing Initial Information · Finding Company’s URL § Indian Law: THE INFORMTION TECHNOLOGY ACT · Internal URL § Argentina Laws · Extracting Archive of a Website § Germany’s Cyber Laws § www.archive.org § Singapore’s Cyber Laws · Google Search for Company’s Info § Belgium Law · People Search § Brazilian Laws § Yahoo People Search § Canadian Laws § Satellite Picture of a Residence ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center § Best PeopleSearch o Alchemy Network Tool § People-Search-America.com o Advanced Administrative Tool § Switchboard o My IP Suite § Anacubis o Wikto Footprinting Tool § Google Finance o Whois Lookup § Yahoo Finance o Whois · Footprinting through Job Sites o SmartWhois · Passive Information Gathering o ActiveWhois · Competitive Intelligence Gathering o LanWhois § Why Do You Need Competitive Intelligence? o CountryWhois o WhereIsIP § Competitive Intelligence Resource o Ip2country § Companies Providing Competitive Intelligence Services o CallerIP § Carratu International o Web Data Extractor Tool § CI Center o Online Whois Tools § Competitive Intelligence - When Did This Company Begin? How Did It Develop? o What is MyIP o DNS Enumerator § Competitive Intelligence - Who Leads This Company o SpiderFoot o Nslookup § Competitive Intelligence - What Are This Company's Plans § Competitive Intelligence - What Does Expert Opinion Say About The Company § Competitive Intelligence - Who Are The Leading Competitors? § Competitive Intelligence Tool: Trellian § Competitive Intelligence Tool: Web Investigator · Public and Private Websites Footprinting Tools o Sensepost Footprint Tools o Big Brother o BiLE Suite ITPro Global ® 2009 www.itpro.net.vn o Extract DNS Information Types of DNS Records Necrosoft Advanced DIG o Expired Domains o DomainKing o Domain Name Analyzer o DomainInspect o MSR Strider URL Tracer o Mozzle Domain Name Pro o Domain Research Tool (DRT) o Domain Status Reporter Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Reggie Faking Websites using Man-in-the-Middle Phishing Kit Benefits to Fraudster Steps to Perform Footprinting o Locate the Network Range · ARIN · Traceroute § Traceroute Analysis · 3D Traceroute Module 4: Google Hacking § What is Google hacking · NeoTrace § What a hacker can do with vulnerable site · VisualRoute Trace § Anonymity with Caches · Path Analyzer Pro § Using Google as a Proxy Server · Maltego § Directory Listings · Layer Four Traceroute o Locating Directory Listings · Prefix WhoIs widget o Finding Specific Directories · Touchgraph o Finding Specific Files · VisualRoute Mail Tracker o Server Versioning · eMailTrackerPro · Read Notify § Going Out on a Limb: Traversal Techniques E-Mail Spiders o Directory Traversal st o 1 E-mail Address Spider o Incremental Substitution o Power E-mail Collector Tool § Extension Walking o GEOSpider Site Operator o Geowhere Footprinting Tool intitle:index.of o Google Earth error | warning o Kartoo Search Engine login | logon o Dogpile (Meta Search Engine) username | userid | employee.ID | “your username is” password | passcode | “your password is” admin | administrator o Tool: WebFerret o robots.txt o WTR - Web The Ripper o admin login o Website Watcher Steps to Create Fake Login Pages How to Create Fake Login Pages ITPro Global ® 2009 www.itpro.net.vn –ext:html –ext:htm –ext:shtml –ext:asp – ext:php inurl:temp | inurl:tmp | inurl:backup | inurl:bak Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center intranet | help.desk o Default Pages Query for Web Server Locating Public Exploit Sites o Outlook Web Access Default Portal o Locating Exploits Via Common Code Strings Searching for Passwords o Windows Registry Entries Can Reveal Passwords Searching for Exploit Code with Nonstandard Extensions Locating Source Code with Common Strings Locating Vulnerable Targets Google Hacking Database (GHDB) o Locating Targets Via Demonstration Pages SiteDigger Tool o Usernames, Cleartext Passwords, and Hostnames! Gooscan “Powered by” Tags Are Common Query Fodder for Finding Web Applications Goolink Scanner o Locating Targets Via Source Code Goolag Scanner Vulnerable Web Application Examples Tool: Google Hacks o Locating Targets Via CGI Scanning Google Hack Honeypot A Single CGI Scan-Style Query Google Protocol Directory Listings Google Cartography o Finding IIS 5.0 Servers Module 5: Scanning Web Server Software Error Messages Scanning: Definition o IIS HTTP/1.1 Error Page Titles Types of Scanning o “Object Not Found” Error Message Used to Find IIS 5.0 Objectives of Scanning CEH Scanning Methodology o Apache Web Server Apache 2.0 Error Pages o Checking for live systems - ICMP Scanning Application Software Error Messages · Angry IP o ASP Dumps Provide Dangerous Details · HPing2 o Many Errors Reveal Pathnames and Filenames · Ping Sweep · Firewalk Tool o CGI Environment Listings Reveal Lots of Information · Firewalk Commands Default Pages · Firewalk Output o A Typical Apache Default Web Page · Nmap o Locating Default Installations of IIS 4.0 on Windows NT 4.0/OP · Nmap: Scan Methods · NMAP Scan Options ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center · NMAP Output Format · TCP Communication Flags · Three Way Handshake o Atelier Web Ports Traffic Analyzer (AWPTA) o Atelier Web Security Port Scanner (AWSPS) o Syn Stealth/Half Open Scan o IPEye o Stealth Scan o ike-scan o Xmas Scan o Infiltrator Network Security Scanner o Fin Scan o YAPS: Yet Another Port Scanner o Null Scan o Advanced Port Scanner o Idle Scan o NetworkActiv Scanner o ICMP Echo Scanning/List Scan o NetGadgets o TCP Connect/Full Open Scan o P-Ping Tools o FTP Bounce Scan o MegaPing · o LanSpy Ftp Bounce Attack o SYN/FIN Scanning Using IP Fragments o HoverIP o UDP Scanning o LANView o Reverse Ident Scanning o NetBruteScanner o RPC Scan o SolarWinds Engineer’s Toolset o Window Scan o AUTAPF o Blaster Scan o OstroSoft Internet Tools o Portscan Plus, Strobe o Advanced IP Scanner o IPSec Scan o Active Network Monitor o Netscan Tools Pro o Advanced Serial Data Logger o WUPS – UDP Scanner o Advanced Serial Port Monitor o Superscan o WotWeb o IPScanner o Antiy Ports o Global Network Inventory Scanner o Port Detective o Net Tools Suite Pack o Roadkil’s Detector o Floppy Scan o Portable Storage Explorer o FloppyScan Steps o E-mail Results of FloppyScan ITPro Global ® 2009 www.itpro.net.vn War Dialer Technique o Why War Dialing Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Wardialing o Nessus o Phonesweep – War Dialing Tool o GFI Languard o THC Scan o Security Administrator’s Tool for Analyzing Networks (SATAN) o ToneLoc o Retina o ModemScan o Nagios o War Dialing Countermeasures: Sandtrap Tool o PacketTrap's pt360 Tool Suite Banner Grabbing o NIKTO o OS Fingerprinting § SAFEsuite Internet Scanner, IdentTCPScan · Active Stack Fingerprinting · Passive Fingerprinting o Cheops o Active Banner Grabbing Using Telnet o Friendly Pinger o GET REQUESTS o LANsurveyor o P0f – Banner Grabbing Tool o Ipsonar o p0f for Windows o LANState o Httprint Banner Grabbing Tool § Insightix Visibility o Tool: Miart HTTP Header § IPCheck Server Monitor o Tools for Active Stack Fingerprinting · Xprobe2 · Ringv2 · Netcraft o Disabling or Changing Banner o IIS Lockdown Tool o Tool: ServerMask o Hiding File Extensions o Tool: PageXchanger Vulnerability Scanning o Bidiblah Automated Scanner o Qualys Web Based Scanner o SAINT o ISS Security Scanner ITPro Global ® 2009 www.itpro.net.vn Draw Network Diagrams of Vulnerable Hosts § PRTG Traffic Grapher Preparing Proxies o Proxy Servers o Free Proxy Servers o Use of Proxies for Attack o SocksChain o Proxy Workbench o Proxymanager Tool o Super Proxy Helper Tool o Happy Browser Tool (Proxy Based) o Multiproxy o Tor Proxy Chaining Software o Additional Proxy Tools Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center · o Anonymizers Despoof Tool · Surfing Anonymously Scanning Countermeasures · Primedius Anonymizer Tool: SentryPC · StealthSurfer · Anonymous Surfing: Browzar · Torpark Browser Overview of System Hacking Cycle · GetAnonymous What is Enumeration? · IP Privacy Techniques for Enumeration · Anonymity 4 Proxy (A4Proxy) NetBIOS Null Sessions · Psiphon o So What's the Big Deal · Connectivity Using Psiphon o DumpSec Tool · AnalogX Proxy o NetBIOS Enumeration Using Netview · NetProxy · Nbtstat Enumeration Tool · Proxy+ · SuperScan · ProxySwitcher Lite · Enum Tool · JAP o Enumerating User Accounts · Proxomitron · Module 6: Enumeration o Google Cookies · G-Zapper GetAcct o Null Session Countermeasure PS Tools o SSL Proxy Tool o PsExec o How to Run SSL Proxy o PsFile o HTTP Tunneling Techniques o PsGetSid · Why Do I Need HTTP Tunneling o PsKill · Httptunnel for Windows o PsInfo · How to Run Httptunnel o PsList · HTTP-Tunnel o PsLogged On · HTTPort o PsLogList o Spoofing IP Address o PsPasswd · Spoofing IP Address Using Source Routing o PsService · Detection of IP Spoofing ITPro Global ® 2009 www.itpro.net.vn o PsShutdown Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o PsSuspend o Terminal Service Agent Simple Network Management Protocol (SNMP) Enumeration o TXNDS o Unicornscan o Management Information Base (MIB) o Amap o SNMPutil Example o SolarWinds o SNScan o Getif SNMP MIB Browser o UNIX Enumeration o SNMP UNIX Enumeration o SNMP Enumeration Countermeasures o LDAP enumeration o JXplorer o LdapMiner o Softerra LDAP Browser o NTP enumeration o SMTP enumeration o Netenum Steps to Perform Enumeration Module 7: System Hacking Part 1- Cracking Password o CEH hacking Cycle o Password Types o Types of Password Attack · · Passive Online Attack: Man-in-themiddle and replay attacks · Active Online Attack: Password Guessing · Pre-computed Hashes o Web enumeration Offline Attacks Brute force Attack o Smtpscan o Asnumber Passive Online Attack: Wire Sniffing Syllable Attack/Rule-based Attack/ Hybrid attacks o Lynx Distributed network Attack Winfingerprint Rainbow Attack o Windows Active Directory Attack Tool · o How To Enumerate Web Application Directories in IIS Using DirectoryServices o Default Password Database IP Tools Scanner Enumerate Systems Using Default Password § Tools: o NBTScan o NetViewX o FREENETENUMERATOR ITPro Global ® 2009 www.itpro.net.vn Non-Technical Attacks § http://www.defaultpassword.com/ § http://www.cirt.net/cgi-bin/passwd.pl § http://www.virus.org/index.php? o PDF Password Cracker o Abcom PDF Password Cracker o Password Mitigation Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Permanent Account Lockout-Employee Privilege Abuse o Tool: LCP o Tool: SID&User o Administrator Password Guessing · o Tool: Ophcrack 2 Manual Password cracking Algorithm o Tool: Crack · Automatic Password Cracking Algorithm o Tool: Access PassView o Tool: Asterisk Logger o Performing Automated Password Guessing · o Tool: CHAOS Generator Tool: NAT o Tool: Asterisk Key · Smbbf (SMB Passive Brute Force Tool) · SmbCrack Tool: Legion · Hacking Tool: LOphtcrack o Password Recovery Tool: MS Access Database Password Decoder o Password Cracking Countermeasures o Microsoft Authentication o Do Not Store LAN Manager Hash in SAM Database · o LM Hash Backward Compatibility LM, NTLMv1, and NTLMv2 o How to Disable LM HASH · NTLM And LM Authentication On The Wire · Kerberos Authentication · What is LAN Manager Hash? LM “Hash” Generation o Password Brute-Force Estimate Tool o Syskey Utility o AccountAudit LM Hash Part2-Escalating Privileges o CEH Hacking Cycle · Salting · PWdump2 and Pwdump3 · Tool: Rainbowcrack · Hacking Tool: KerbCrack · Hacking Tool: NBTDeputy · Change Recovery Console Password - Method 1 · NetBIOS DoS Attack · · Hacking Tool: John the Ripper o Password Sniffing o How to Sniff SMB Credentials? o SMB Replay Attacks o Replay Attack Tool: SMBProxy o Privilege Escalation o Cracking NT/2000 passwords o Active@ Password Changer Change Recovery Console Password Method 2 o Privilege Escalation Tool: x.exe Part3-Executing applications o CEH Hacking Cycle o Tool: psexec o Tool: remoexec o SMB Signing ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Ras N Map o Stealth Website Logger o Tool: Alchemy Remote Executor o Digi Watcher Video Surveillance o Emsa FlexInfo Pro o Desktop Spy Screen Capture Program o Keystroke Loggers o Telephone Spy o E-mail Keylogger o Print Monitor Spy Tool o Revealer Keylogger Pro o Stealth E-Mail Redirector o Handy Keylogger o Spy Software: Wiretap Professional o Ardamax Keylogger o Spy Software: FlexiSpy o Powered Keylogger o PC PhoneHome o Quick Keylogger o Keylogger Countermeasures o Spy-Keylogger o Anti Keylogger o Perfect Keylogger o Advanced Anti Keylogger o Invisible Keylogger o Privacy Keyboard o Actual Spy o Spy Hunter - Spyware Remover o SpyToctor FTP Keylogger o Spy Sweeper o IKS Software Keylogger o Spyware Terminator o Ghost Keylogger o WinCleaner AntiSpyware o Hacking Tool: Hardware Key Logger Part4-Hiding files o What is Spyware? o CEH Hacking Cycle o Spyware: Spector o Hiding Files o Remote Spy o RootKits o Spy Tech Spy Agent · Why rootkits o 007 Spy Software · Hacking Tool: NT/2000 Rootkit o Spy Buddy · Planting the NT/2000 Rootkit o Ace Spy · Rootkits in Linux o Keystroke Spy · Detecting Rootkits o Activity Monitor · Steps for Detecting Rootkits o Hacking Tool: eBlaster · Rootkit Detection Tools o Stealth Voice Recorder · Sony Rootkit Case Study o Stealth Keylogger · Rootkit: Fu ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center · AFX Rootkit · Tool: Mp3Stego · Rootkit: Nuclear · Tool: Snow.exe · Rootkit: Vanquish · Steganography Tool: Fort Knox · Rootkit Countermeasures · Steganography Tool: Blindside · Patchfinder · Steganography Tool: S- Tools · RootkitRevealer · Steganography Tool: Steghide o Creating Alternate Data Streams · Tool: Steganos o How to Create NTFS Streams? · Steganography Tool: Pretty Good Envelop · NTFS Stream Manipulation · NTFS Streams Countermeasures · Tool: Gifshuffle · Tool: JPHIDE and JPSEEK · Tool: wbStego · Tool: OutGuess o What is Steganography? · Tool: Data Stash · · Tool: Hydan § Least Significant Bit Insertion in Image files · Tool: Cloak § Process of Hiding Information in Image Files · Tool: StegoNote · Tool: Stegomagic · Steganos Security Suite · C Steganography · Isosteg · FoxHole · Video Steganography · NTFS Stream Detectors (ADS Spy and ADS Tools) · Hacking Tool: USB Dumper Steganography Techniques § Masking and Filtering in Image files § Algorithms and transformation · Tool: Merge Streams · Invisible Folders · Tool: Invisible Secrets · Tool : Image Hide · Tool: Stealth Files · Tool: Steganography · Masker Steganography Tool · Hermetic Stego · Steganalysis Methods/Attacks on Steganography · DCPP – Hide an Operating System · Stegdetect · Tool: Camera/Shy · SIDS · www.spammimic.com · High-Level View ITPro Global ® 2009 www.itpro.net.vn · Case Study: Al-Qaida members Distributing Propaganda to Volunteers using Steganography · Steganalysis Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center · Tool: dskprobe.exe o What do Trojan Creators Look for? · Stego Watch- Stego Detection Tool · StegSpy o Different Ways a Trojan can Get into a System Part5-Covering Tracks o CEH Hacking Cycle Indications of a Trojan Attack Ports Used by Trojans o How to Determine which Ports are Listening o Covering Tracks o Disabling Auditing Trojans o Clearing the Event Log o Trojan: iCmd o Tool: elsave.exe o MoSucker Trojan o Hacking Tool: Winzapper o Proxy Server Trojan o Evidence Eliminator o SARS Trojan Notification o Tool: Traceless o Wrappers o Tool: Tracks Eraser Pro o Wrapper Covert Program o Armor Tools o Wrapping Tools o Tool: ZeroTracks o One Exe Maker / YAB / Pretator Wrappers o PhatBooster o Packaging Tool: WordPad o RemoteByMail Module 8: Trojans and Backdoors o Tool: Icon Plus Effect on Business o Defacing Application: Restorator What is a Trojan? o Tetris o Overt and Covert Channels o HTTP Trojans o Working of Trojans o Trojan Attack through Http o Different Types of Trojans o HTTP Trojan (HTTP RAT) § Remote Access Trojans o Shttpd Trojan - HTTP Server § Data-Sending Trojans o Reverse Connecting Trojans § Destructive Trojans o Nuclear RAT Trojan (Reverse Connecting) § Denial-of-Service (DoS) Attack Trojans o Tool: BadLuck Destructive Trojan § Proxy Trojans o ICMP Tunneling § FTP Trojans o ICMP Backdoor Trojan § Security Software Disablers o Microsoft Network Hacked by QAZ Trojan ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Backdoor.Theef (AVP) o Skiddie Rat o T2W (TrojanToWorm) o Biohazard RAT o Biorante RAT o Troya o DownTroj o ProRat o Turkojan o Dark Girl o Trojan.Satellite-RAT o DaCryptic o Yakoza o Net-Devil o DarkLabel B4 Classic Trojans Found in the Wild o Trojan.Hav-Rat o Trojan: Tini o Poison Ivy o Trojan: NetBus o Rapid Hacker o Trojan: Netcat o SharK o Netcat Client/Server o HackerzRat o Netcat Commands o TYO o Trojan: Beast o 1337 Fun Trojan o Trojan: Phatbot o Criminal Rat Beta o Trojan: Amitis o VicSpy o Trojan: Senna Spy o Optix PRO o Trojan: QAZ o ProAgent o Trojan: Back Orifice o OD Client o Trojan: Back Oriffice 2000 o AceRat o Back Oriffice Plug-ins o Mhacker-PS o Trojan: SubSeven o RubyRAT Public o Trojan: CyberSpy Telnet Trojan o SINner o Trojan: Subroot Telnet Trojan o ConsoleDevil o Trojan: Let Me Rule! 2.0 BETA 9 o ZombieRat o Trojan: Donald Dick o FTP Trojan - TinyFTPD o Trojan: RECUB o VNC Trojan Hacking Tool: Loki o Webcam Trojan Loki Countermeasures o DJI RAT Atelier Web Remote Commander ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Trojan Horse Construction Kit MD5 Checksum.exe How to Detect Trojans? Microsoft Windows Defender How to Avoid a Trojan Infection o Netstat o fPort o TCPView Virus History o CurrPorts Tool Characteristics of Virus o Process Viewer Working of Virus o Delete Suspicious Device Drivers o Infection Phase o Check for Running Processes: What’s on My Computer o Attack Phase o Super System Helper Tool o Inzider-Tracks Processes and Ports o Tool: What’s Running o MS Configuration Utility o Registry- What’s Running o Autoruns o Hijack This (System Checker) o Startup List Module 9: Viruses and Worms Why people create Computer Viruses Symptoms of a Virus-like Attack Virus Hoaxes Chain Letters How is a Worm Different from a Virus Indications of a Virus Attack Hardware Threats Software Threats Virus Damage Anti-Trojan Software § TrojanHunter § Comodo BOClean § Trojan Remover: XoftspySE § Trojan Remover: Spyware Doctor § SPYWAREfighter § Mode of Virus Infection Stages of Virus Life Virus Classification How Does a Virus Infect? Storage Patterns of Virus o System Sector virus Evading Anti-Virus Techniques Sample Code for Trojan Client/Server Evading Anti-Trojan/Anti-Virus using Stealth Tools · Self -Modification Backdoor Countermeasures · Encryption with a Variable Key Tripwire o Polymorphic Code System File Verification o Metamorphic Virus ITPro Global ® 2009 www.itpro.net.vn o Stealth Virus o Bootable CD-Rom Virus Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Cavity Virus What is Sheep Dip? o Sparse Infector Virus Virus Analysis – IDA Pro Tool o Companion Virus Prevention is better than Cure o File Extension Virus Anti-Virus Software Famous Virus/Worms – I Love You Virus o AVG Antivirus Famous Virus/Worms – Melissa o Norton Antivirus Famous Virus/Worms – JS/Spth o McAfee Klez Virus Analysis o Socketsheild Latest Viruses o BitDefender Top 10 Viruses- 2008 o ESET Nod32 o Virus: Win32.AutoRun.ah o CA Anti-Virus o Virus:W32/Virut o F-Secure Anti-Virus o Virus:W32/Divvi o Kaspersky Anti-Virus o Worm.SymbOS.Lasco.a o F-Prot Antivirus o Disk Killer o Panda Antivirus Platinum o Bad Boy o avast! Virus Cleaner o HappyBox o ClamWin o Java.StrangeBrew o Norman Virus Control o MonteCarlo Family Popular Anti-Virus Packages o PHP.Neworld Virus Databases o W32/WBoy.a o ExeBug.d Module 10: Sniffers o W32/Voterai.worm.e Definition - Sniffing o W32/Lecivio.worm Protocols Vulnerable to Sniffing o W32/Lurka.a Tool: Network View – Scans the Network for Devices The Dude Sniffer Wireshark Display Filters in Wireshark Following the TCP Stream in Wireshark Cain and Abel o W32/Vora.worm!p2p Writing a Simple Virus Program Virus Construction Kits Virus Detection Methods Virus Incident Response ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Tcpdump o Linux Tool: Sshmitm Tcpdump Commands o Linux Tool: Tcpkill Types of Sniffing o Linux Tool: Tcpnice o Passive Sniffing o Linux Tool: Urlsnarf o Active Sniffing o Linux Tool: Webspy What is ARP o Linux Tool: Webmitm o ARP Spoofing Attack DNS Poisoning Techniques o How does ARP Spoofing Work o Intranet DNS Spoofing (Local Network) o ARP Poising o Internet DNS Spoofing (Remote Network) o MAC Duplicating o Proxy Server DNS Poisoning o MAC Duplicating Attack o DNS Cache Poisoning o Tools for ARP Spoofing Interactive TCP Relay · Ettercap Interactive Replay Attacks · ArpSpyX Raw Sniffing Tools Features of Raw Sniffing Tools o MAC Flooding · Tools for MAC Flooding o HTTP Sniffer: EffeTech Linux Tool: Macof o Ace Password Sniffer Windows Tool: Etherflood o Win Sniffer o Threats of ARP Poisoning o MSN Sniffer o Irs-Arp Attack Tool o SmartSniff o ARPWorks Tool o Session Capture Sniffer: NetWitness o Tool: Nemesis o Session Capture Sniffer: NWreader o IP-based sniffing o Packet Crafter Craft Custom TCP/IP Packets Linux Sniffing Tools (dsniff package) o Linux tool: Arpspoof o Linux Tool: Dnssppoof o Linux Tool: Dsniff o Linux Tool: Filesnarf o Linux Tool: Mailsnarf o Linux Tool: Msgsnarf o SMAC o NetSetMan Tool o Ntop o EtherApe o Network Probe o Maa Tec Network Analyzer o Tool: Snort ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Tool: Windump “Rebecca” and “Jessica” o Tool: Etherpeek Office Workers o NetIntercept Types of Social Engineering o Colasoft EtherLook o Human-Based Social Engineering o AW Ports Traffic Analyzer · Technical Support Example o Colasoft Capsa Network Analyzer · More Social Engineering Examples o CommView · Human-Based Social Engineering: Eavesdropping o Sniffem o NetResident o IP Sniffer o Sniphere o IE HTTP Analyzer o BillSniff · Human-Based Social Engineering: Shoulder Surfing · Human-Based Social Engineering: Dumpster Diving · Dumpster Diving Example · Oracle Snoops Microsoft’s Trash Bins o URL Snooper · Movies to Watch for Reverse Engineering o EtherDetect Packet Sniffer o Computer Based Social Engineering o EffeTech HTTP Sniffer o Insider Attack o AnalogX Packetmon o Disgruntled Employee o Colasoft MSN Monitor o Preventing Insider Threat o IPgrab o Common Targets of Social Engineering o EtherScan Analyzer § Social Engineering Threats How to Detect Sniffing o Online Countermeasures o Telephone o Antisniff Tool o Personal approaches o Arpwatch Tool o Defenses Against Social Engineering Threats o PromiScan o proDETECT § Factors that make Companies Vulnerable to Attacks § Why is Social Engineering Effective Module 11: Social Engineering § Warning Signs of an Attack What is Social Engineering? § Tool : Netcraft Anti-Phishing Toolbar Human Weakness § Phases in a Social Engineering Attack ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center § Behaviors Vulnerable to Attacks o Client-side Vulnerabilities § Impact on the Organization o Deceptive Phishing § Countermeasures o Malware-Based Phishing § Policies and Procedures o DNS-Based Phishing § Security Policies - Checklist o Content-Injection Phishing § Impersonating Orkut, Facebook, MySpace o Search Engine Phishing § Orkut § Phishing Statistics: Feb’ 2008 § Impersonating on Orkut § Anti-Phishing § MW.Orc worm § Anti-Phishing Tools § Facebook o PhishTank SiteChecker § Impersonating on Facebook o NetCraft § MySpace o GFI MailEssentials § Impersonating on MySpace o SpoofGuard § How to Steal Identity o Phishing Sweeper Enterprise § Comparison o TrustWatch Toolbar § Original o ThreatFire § Identity Theft o GralicWrap § http://www.consumer.gov/idtheft/ o Spyware Doctor o Track Zapper Spyware-Adware Remover o AdwareInspector Module 12: Phishing o Email-Tag.com § Phishing § Introduction § Reasons for Successful Phishing Module 13: Hacking Email Accounts § Phishing Methods Ways for Getting Email Account Information § Process of Phishing Stealing Cookies § Types of Phishing Attacks Social Engineering o Man-in-the-Middle Attacks Password Phishing o URL Obfuscation Attacks Fraudulent e-mail Messages o Cross-site Scripting Attacks Vulnerabilities o Hidden Attacks ITPro Global ® 2009 www.itpro.net.vn o Web Email Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Reaper Exploit DoS Attack Classification Tool: Advanced Stealth Email Redirector o Smurf Attack Tool: Mail PassView o Buffer Overflow Attack Tool: Email Password Recovery Master o Ping of Death Attack Tool: Mail Password o Teardrop Attack Email Finder Pro o SYN Attack Email Spider Easy o SYN Flooding Kernel Hotmail MSN Password Recovery o DoS Attack Tools Retrieve Forgotten Yahoo Password o DoS Tool: Jolt2 MegaHackerZ o DoS Tool: Bubonic.c Hack Passwords o DoS Tool: Land and LaTierra Creating Strong Passwords o DoS Tool: Targa Creating Strong Passwords: Change Password o DoS Tool: Blast Creating Strong Passwords: Trouble Signing In o DoS Tool: Panther2 Sign-in Seal o DoS Tool: Crazy Pinger Alternate Email Address o DoS Tool: SomeTrouble Keep Me Signed In/ Remember Me o DoS Tool: UDP Flood Tool: Email Protector o DoS Tool: FSMax Tool: Email Security Bot (Derived from the Word RoBOT) Tool: EmailSanitizer Botnets Tool: Email Protector Uses of Botnets Tool: SuperSecret Types of Bots How Do They Infect? Analysis Of Agabot How Do They Infect Module 14: Denial-of-Service o DoS Tool: Nemesy Real World Scenario of DoS Attacks Tool: Nuclear Bot What are Denial-of-Service Attacks What is DDoS Attack Goal of DoS Characteristics of DDoS Attacks Impact and the Modes of Attack DDOS Unstoppable Types of Attacks Agent Handler Model ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center DDoS IRC based Model Deflect Attacks DDoS Attack Taxonomy Post-attack Forensics Amplification Attack Packet Traceback Reflective DNS Attacks Reflective DNS Attacks Tool: ihateperl.pl DDoS Tools What is Session Hijacking? o DDoS Tool: Trinoo Spoofing v Hijacking o DDoS Tool: Tribal Flood Network Steps in Session Hijacking o DDoS Tool: TFN2K Types of Session Hijacking o DDoS Tool: Stacheldraht Session Hijacking Levels o DDoS Tool: Shaft Network Level Hijacking o DDoS Tool: Trinity The 3-Way Handshake o DDoS Tool: Knight and Kaiten TCP Concepts 3-Way Handshake o DDoS Tool: Mstream Sequence Numbers Worms Sequence Number Prediction Slammer Worm TCP/IP hijacking Spread of Slammer Worm – 30 min IP Spoofing: Source Routed Packets MyDoom.B RST Hijacking SCO Against MyDoom Worm How to Conduct a DDoS Attack Blind Hijacking The Reflected DoS Attacks Man in the Middle: Packet Sniffer Reflection of the Exploit UDP Hijacking Countermeasures for Reflected DoS Application Level Hijacking DDoS Countermeasures Programs that Performs Session Hacking Taxonomy of DDoS Countermeasures o Juggernaut Preventing Secondary Victims o Hunt Detect and Neutralize Handlers o TTY-Watcher Detect Potential Attacks o IP watcher DoSHTTP Tool o Session Hijacking Tool: T-Sight Mitigate or Stop the Effects of DDoS Attacks o Remote TCP Session Reset Utility (SOLARWINDS) ITPro Global ® 2009 www.itpro.net.vn Module 15: Session Hijacking o RST Hijacking Tool: hijack_rst.sh Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Paros HTTP Session Hijacking Tool o Tool: HttpZip o Dnshijacker Tool o Tool: LinkDeny o Hjksuite Tool o Tool: ServerDefender AI Dangers that hijacking Pose o Tool: ZipEnable Protecting against Session Hijacking o Tool: w3compiler Countermeasures: IPSec o Yersinia Module 16: Hacking Web Servers Tool: Metasploit Framework Tool: Immunity CANVAS Professional How Web Servers Work Tool: Core Impact How are Web Servers Compromised Tool: MPack Web Server Defacement Tool: Neosploit o How are Servers Defaced Hotfixes and Patches Apache Vulnerability What is Patch Management Attacks against IIS Patch Management Checklist o IIS Components o Solution: UpdateExpert o IIS Directory Traversal (Unicode) Attack o Patch Management Tool: qfecheck Unicode o Patch Management Tool: HFNetChk o Unicode Directory Traversal Vulnerability o cacls.exe utility Hacking Tool o Shavlik NetChk Protect o Hacking Tool: IISxploit.exe o Kaseya Patch Management o Msw3prt IPP Vulnerability o IBM Tivoli Configuration Manager o RPC DCOM Vulnerability o LANDesk Patch Manager o ASP Trojan o BMC Patch Manager o IIS Logs o ConfigureSoft Enterprise Configuration Manager (ECM) o Network Tool: Log Analyzer o BladeLogic Configuration Manager o Hacking Tool: CleanIISLog o IIS Security Tool: Server Mask o Opsware Server Automation System (SAS) o ServerMask ip100 o Best Practices for Patch Management o Tool: CacheRight Vulnerability Scanners o Tool: CustomError Online Vulnerability Search Engine ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Network Tool: Whisker Network Tool: N-Stealth HTTP Vulnerability Scanner Hacking Tool: WebInspect Network Tool: Shadow Security Scanner Secure IIS o Countermeasures o Countermeasures Cryptographic Interception Cookie Snooping Authentication Hijacking o ServersCheck Monitoring o GFI Network Server Monitor o Servers Alive o Webserver Stress Tool o Monitoring Tool: Secunia PSI Countermeasures Increasing Web Server Security Web Server Protection Checklist Directory Traversal/Forceful Browsing o Countermeasures Log Tampering Error Message Interception Attack Obfuscation Platform Exploits DMZ Protocol Attacks o Countermeasures Security Management Exploits o Web Services Attacks Module 17: Web Application Vulnerabilities Web Application Setup Web application Hacking Anatomy of an Attack Web Application Threats Cross-Site Scripting/XSS Flaws o An Example of XSS o Countermeasures SQL Injection Command Injection Flaws o Zero-Day Attacks o Network Access Attacks TCP Fragmentation Hacking Tools o Instant Source o Wget o WebSleuth o BlackWidow o SiteScope Tool o Countermeasures o WSDigger Tool – Web Services Testing Tool Cookie/Session Poisoning o CookieDigger Tool o Countermeasures o SSLDigger Tool Parameter/Form Tampering o SiteDigger Tool Hidden Field at o WindowBomb Buffer Overflow o Burp: Positioning Payloads ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Burp: Configuring Payloads and Content Enumeration o RSA SecurID Token o Biometrics Authentication o Burp: Password Guessing · o Burp Proxy Fingerprint-based Identification o Burpsuite Hand Geometry- based Identification o Hacking Tool: cURL Retina Scanning o dotDefender Afghan Woman Recognized After 17 Years o Acunetix Web Scanner o AppScan – Web Application Scanner Face Recognition o AccessDiver Face Code: WebCam Based Biometrics Authentication System o Tool: Falcove Web Vulnerability Scanner o Tool: NetBrute o Tool: Emsa Web Monitor o Tool: KeepNI o Tool: Parosproxy o Tool: WebScarab o Tool: Watchfire AppScan o Tool: WebWatchBot o Tool: Mapper Module 18: Web-Based Password Cracking Techniques Authentication - Definition Authentication Mechanisms o HTTP Authentication · Basic Authentication · Digest Authentication Bill Gates at the RSA Conference 2006 How to Select a Good Password Things to Avoid in Passwords Changing Your Password Protecting Your Password Examples of Bad Passwords The “Mary Had A Little Lamb” Formula How Hackers Get Hold of Passwords Windows XP: Remove Saved Passwords What is a Password Cracker Modus Operandi of an Attacker Using a Password Cracker How Does a Password Cracker Work Attacks - Classification o Password Guessing o Query String o Cookies o Integrated Windows (NTLM) Authentication o Negotiate Authentication Types of Biometrics Authentication o Dictionary Maker Password Crackers Available o Certificate-based Authentication o L0phtCrack (LC4) o Forms-based Authentication o John the Ripper ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Brutus Module 19: SQL Injection o ObiWaN o Authforce o Hydra o Cain & Abel o RAR o Gammaprog o WebCracker o Munga Bunga o PassList o SnadBoy o MessenPass o Wireless WEP Key Password Spy o RockXP o Password Spectator Pro o Passwordstate o Atomic Mailbox Password Cracker o Advanced Mailbox Password Recovery (AMBPR) o Tool: Network Password Recovery o Tool: Mail PassView o Tool: Messenger Key o Tool: SniffPass o WebPassword o Password Administrator o Password Safe o Easy Web Password o PassReminder o My Password Manager Countermeasures What is SQL Injection Exploiting Web Applications Steps for performing SQL injection What You Should Look For What If It Doesn’t Take Input OLE DB Errors Input Validation Attack SQL injection Techniques How to Test for SQL Injection Vulnerability How Does It Work BadLogin.aspx.cs BadProductList.aspx.cs Executing Operating System Commands Getting Output of SQL Query Getting Data from the Database Using ODBC Error Message How to Mine all Column Names of a Table How to Retrieve any Data How to Update/Insert Data into Database SQL Injection in Oracle SQL Injection in MySql Database Attacking Against SQL Servers SQL Server Resolution Service (SSRS) Osql -L Probing SQL Injection Automated Tools Automated SQL Injection Tool: AutoMagic SQL Absinthe Automated SQL Injection Tool o Hacking Tool: SQLDict o Hacking Tool: SQLExec ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o SQL Server Password Auditing Tool: sqlbf § Wireless Concepts and Devices o Hacking Tool: SQLSmack o Related Technology and Carrier Networks o Hacking Tool: SQL2.exe o Antennas o sqlmap o Cantenna – www.cantenna.com o sqlninja o Wireless Access Points o SQLIer o SSID o Automagic SQL Injector o Beacon Frames o Absinthe o Is the SSID a Secret Blind SQL Injection o Setting up a WLAN o Blind SQL Injection: Countermeasure o Authentication and Association o Blind SQL Injection Schema o Authentication Modes SQL Injection Countermeasures o The 802.1X Authentication Process Preventing SQL Injection Attacks § GoodLogin.aspx.cs o Wired Equivalent Privacy (WEP) SQL Injection Blocking Tool: SQL Block o WEP Issues Acunetix Web Vulnerability Scanner o WEP - Authentication Phase WEP and WPA o WEP - Shared Key Authentication Module 20: Hacking Wireless Networks o WEP - Association Phase § Introduction to Wireless o WEP Flaws o Introduction to Wireless Networking o What is WPA o Wired Network vs. Wireless Network o WPA Vulnerabilities o Effects of Wireless Attacks on Business o WEP, WPA, and WPA2 o Types of Wireless Network o WPA2 Wi-Fi Protected Access 2 o Advantages and Disadvantages of a Wireless Network § Wireless Standards o Wireless Standard: 802.11a § Attacks and Hacking Tools o Terminologies o WarChalking o Wireless Standard: 802.11b – “WiFi” o Authentication and (Dis) Association Attacks o Wireless Standard: 802.11g o WEP Attack o Wireless Standard: 802.11i o Cracking WEP o Wireless Standard: 802.11n o Weak Keys (a.k.a. Weak IVs) ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Problems with WEP’s Key Stream and Reuse o Temporal Key Integrity Protocol (TKIP) o Automated WEP Crackers o LEAP: The Lightweight Extensible Authentication Protocol o Pad-Collection Attacks o LEAP Attacks o XOR Encryption o LEAP Attack Tool: ASLEAP o Stream Cipher o Working of ASLEAP o WEP Tool: Aircrack o MAC Sniffing and AP Spoofing o Aircrack-ng o Defeating MAC Address Filtering in Windows o WEP Tool: AirSnort o WEP Tool: WEPCrack o WEP Tool: WepLab o Attacking WPA Encrypted Networks o Attacking WEP with WEPCrack on Windows using Cygwin o Manually Changing the MAC Address in Windows XP and 2000 o Tool to Detect MAC Address Spoofing: Wellenreiter o Man-in-the-Middle Attack (MITM) o Denial-of-Service Attacks o Attacking WEP with WEPCrack on Windows using PERL Interpreter o DoS Attack Tool: Fatajack o Tool: Wepdecrypt o Hijacking and Modifying a Wireless Network o WPA-PSK Cracking Tool: CowPatty o Phone Jammers o 802.11 Specific Vulnerabilities o Phone Jammer: Mobile Blocker o Evil Twin: Attack o Pocket Cellular Style Cell Phone Jammer o Rogue Access Points o 2.4Ghz Wi-Fi & Wireless Camera Jammer o Tools to Generate Rogue Access Points: Fake AP o 3 Watt Digital Cell Phone Jammer o Tools to Detect Rogue Access Points: Netstumbler o Tools to Detect Rogue Access Points: MiniStumbler o 3 Watt Quad Band Digital Cellular Mobile Phone Jammer o 20W Quad Band Digital Cellular Mobile Phone Jammer o ClassicStumbler o 40W Digital Cellular Mobile Phone Jammer o AirFart o Detecting a Wireless Network o AP Radar § Scanning Tools o Hotspotter o Scanning Tool: Kismet o Cloaked Access Point o Scanning Tool: Prismstumbler o WarDriving Tool: shtumble o Scanning Tool: MacStumbler ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Scanning Tool: Mognet V1.16 o Step 1: Find Networks to Attack o Scanning Tool: WaveStumbler o Step 2: Choose the Network to Attack o Scanning Tool: Netchaser V1.0 for Palm Tops o Step 3: Analyzing the Network o Step 4: Cracking the WEP Key o Scanning Tool: AP Scanner o Step 5: Sniffing the Network o Scanning Tool: Wavemon § Wireless Security o Scanning Tool: Wireless Security Auditor (WSA) o WIDZ: Wireless Intrusion Detection System o Scanning Tool: AirTraf o Scanning Tool: WiFi Finder o Radius: Used as Additional Layer in Security o Scanning Tool: WifiScanner o Securing Wireless Networks o eEye Retina WiFI o Wireless Network Security Checklist o Simple Wireless Scanner o WLAN Security: Passphrase o wlanScanner o Don’ts in Wireless Security § Sniffing Tools § Wireless Security Tools o Sniffing Tool: AiroPeek o WLAN Diagnostic Tool: CommView for WiFi PPC o Sniffing Tool: NAI Wireless Sniffer o MAC Sniffing Tool: WireShark o WLAN Diagnostic Tool: AirMagnet Handheld Analyzer o Sniffing Tool: vxSniffer o Auditing Tool: BSD-Airtools o Sniffing Tool: Etherpeg o AirDefense Guard (www.AirDefense.com) o Sniffing Tool: Drifnet o Google Secure Access o Sniffing Tool: AirMagnet o Tool: RogueScanner o Sniffing Tool: WinDump o Sniffing Tool: Ssidsniff o Multiuse Tool: THC-RUT Module 21: Physical Security Security Facts Understanding Physical Security Physical Security What Is the Need for Physical Security o Microsoft Network Monitor Who Is Accountable for Physical Security § Hacking Wireless Networks Factors Affecting Physical Security o Steps for Hacking Wireless Networks Physical Security Checklist o Tool: WinPcap o Tool: AirPcap o AirPcap: Example Program from the Developer's Pack ® ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Physical Security Checklist -Company surroundings o Gates o Security Guards o Physical Security Checklist: Premises o CCTV Cameras o Reception o Server Room o Workstation Area o Wireless Access Point o Other Equipments o Access Control · Biometric Devices · Biometric Identification Techniques · Authentication Mechanisms Statistics for Stolen and Recovered Laptops Laptop Theft Laptop theft: Data Under Loss Laptop Security Tools Laptop Tracker - XTool Computer Tracker Tools to Locate Stolen Laptops Stop's Unique, Tamper-proof Patented Plate Tool: TrueCrypt Laptop Security Countermeasures Mantrap TEMPEST Challenges in Ensuring Physical Security Spyware Technologies Spying Devices Physical Security: Lock Down USB Ports · Authentication Mechanism Challenges: Biometrics Tool: DeviceLock · Faking Fingerprints Blocking the Use of USB Storage Devices · Smart cards Track Stick GPS Tracking Device · Security Token · Computer Equipment Maintenance · Wiretapping § Why Linux · Remote Access § Linux Distributions · Lapse of Physical Security § Linux Live CD-ROMs · Locks § Basic Commands of Linux: Files & Directories Module 22: Linux Hacking Lock Picking § Linux Basic Lock Picking Tools Information Security EPS (Electronic Physical Security) Wireless Security Laptop Theft Statistics for 2007 ITPro Global ® 2009 www.itpro.net.vn o Linux File Structure o Linux Networking Commands Directories in Linux Installing, Configuring, and Compiling Linux Kernel Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center How to Install a Kernel Patch Linux Tool: IPTraf Compiling Programs in Linux Linux Tool: LIDS GCC Commands Hacking Tool: Hunt Make Files Tool: TCP Wrappers Make Install Command Linux Loadable Kernel Modules Linux Vulnerabilities Hacking Tool: Linux Rootkits Chrooting Rootkits: Knark & Torn Why is Linux Hacked Rootkits: Tuxit, Adore, Ramen How to Apply Patches to Vulnerable Programs Rootkit: Beastkit Rootkit Countermeasures Scanning Networks ‘chkrootkit’ detects the following Rootkits Nmap in Linux Linux Tools: Application Security Scanning Tool: Nessus Port Scan Detection Tools Advanced Intrusion Detection Environment (AIDE) Password Cracking in Linux: Xcrack Linux Tools: Security Testing Tools Firewall in Linux: IPTables Linux Tools: Encryption IPTables Command Linux Tools: Log and Traffic Monitors Basic Linux Operating System Defense Linux Security Auditing Tool (LSAT) SARA (Security Auditor's Research Assistant) Linux Security Countermeasures Steps for Hardening Linux Linux Tool: Netcat Linux Tool: tcpdump Linux Tool: Snort Linux Tool: SAINT § Introduction to Intrusion Detection System Linux Tool: Wireshark § Terminologies Linux Tool: Abacus Port Sentry § Intrusion Detection System (IDS) Linux Tool: DSniff Collection o IDS Placement Linux Tool: Hping2 o Ways to Detect an Intrusion Linux Tool: Sniffit o Types of Instruction Detection Systems Linux Tool: Nemesis o System Integrity Verifiers (SIVS) Linux Tool: LSOF o Tripwire ITPro Global ® 2009 www.itpro.net.vn Module 23: Evading IDS, Firewalls and Detecting Honey Pots Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Cisco Security Agent (CSA) o Firewall Operations o True/False, Positive/Negative o Hardware Firewall o Signature Analysis o Software Firewall o General Indication of Intrusion: System Indications o Types of Firewall o General Indication of Intrusion: File System Indications o General Indication of Intrusion: Network Indications o Intrusion Detection Tools · Snort · Running Snort on Windows 2003 · Snort Console · Testing Snort · Configuring Snort (snort.conf) · Snort Rules · Set up Snort to Log to the Event Logs and to Run as a Service · Using EventTriggers.exe for Eventlog Notifications · SnortSam · Packet Filtering Firewall · IP Packet Filtering Firewall · Circuit-Level Gateway · TCP Packet Filtering Firewall · Application Level Firewall · Application Packet Filtering Firewall · Stateful Multilayer Inspection Firewall o Packet Filtering Firewall o Firewall Identification o Firewalking o Banner Grabbing o Breaching Firewalls o Bypassing a Firewall using HTTPTunnel o Placing Backdoors through Firewalls o Hiding Behind a Covert Channel: LOKI o Steps to Perform after an IDS detects an attack o Tool: NCovert o Evading IDS Systems o ACK Tunneling · Ways to Evade IDS o Tools to breach firewalls · Tools to Evade IDS § Common Tool for Testing Firewall and IDS § IDS Evading Tool: ADMutate o IDS testing tool: IDS Informer § Packet Generators o IDS Testing Tool: Evasion Gateway § What is a Firewall? o What Does a Firewall Do o IDS Tool: Event Monitoring Enabling Responses to Anomalous Live Disturbances (Emerald) o Packet Filtering o IDS Tool: BlackICE o What can’t a firewall do o IDS Tool: Next-Generation Intrusion Detection Expert System (NIDES) o How does a Firewall work ITPro Global ® 2009 www.itpro.net.vn o IDS Tool: SecureHost Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o IDS Tool: Snare o A Simple Uncontrolled Overflow of the Stack o IDS Testing Tool: Traffic IQ Professional o Stack Based Buffer Overflows o IDS Testing Tool: TCPOpera o IDS testing tool: Firewall Informer Types of Buffer Overflows: Heap-based Buffer Overflow o Atelier Web Firewall Tester o Heap Memory Buffer Overflow Bug § What is Honeypot? o Heap-based Buffer Overflow o The Honeynet Project o Types of Honeypots § Low-interaction honeypot Understanding Assembly Language o Shellcode How to Detect Buffer Overflows in a Program § Medium-interaction honeypot o Attacking a Real Program § High-interaction honeypot § NOPs o Advantages and Disadvantages of a Honeypot § How to Mutate a Buffer Overflow Exploit § Once the Stack is Smashed o Where to place Honeypots o Honeypots · Honeypot-SPECTER · Honeypot - honeyd · Honeypot – KFSensor · Sebek Defense Against Buffer Overflows o Tool to Defend Buffer Overflow: Return Address Defender (RAD) o Tool to Defend Buffer Overflow: StackGuard o Tool to Defend Buffer Overflow: Immunix System o Physical and Virtual Honeypots o Vulnerability Search: NIST § Tools to Detect Honeypots § What to do when hacked o Valgrind o Insure++ Module 24: Buffer Overflows Buffer Overflow Protection Solution: Libsafe Why are Programs/Applications Vulnerable Buffer Overflows Reasons for Buffer Overflow Attacks Knowledge Required to Program Buffer Overflow Exploits Understanding Stacks Understanding Heaps § Introduction to Cryptography Types of Buffer Overflows: Stack-based Buffer Overflow § Classical Cryptographic Techniques o Comparing Functions of libc and Libsafe Simple Buffer Overflow in C o Code Analysis Module 25: Cryptography o Encryption ® ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Cleversafe Grid Builder http://www.cleversafe.com/ o Decryption § Cryptographic Algorithms § PGP (Pretty Good Privacy) § RSA (Rivest Shamir Adleman) § CypherCalc o Example of RSA Algorithm § Command Line Scriptor o RSA Attacks § CryptoHeaven o RSA Challenge § Hacking Tool: PGP Crack § Data Encryption Standard (DES) § Magic Lantern o DES Overview § Advanced File Encryptor § RC4, RC5, RC6, Blowfish Encryption Engine Encrypt Files Encrypt PDF Encrypt Easy Encrypt my Folder Advanced HTML Encrypt and Password Protect § What is SSH? Encrypt HTML source o SSH (Secure Shell) Alive File Encryption § Algorithms and Security Omziff § Disk Encryption ABC CHAOS § Government Access to Keys (GAK) EncryptOnClick § Digital Signature CryptoForge o Components of a Digital Signature SafeCryptor o Method of Digital Signature Technology CrypTool o Digital Signature Applications Microsoft Cryptography Tools o Digital Signature Standard Polar Crypto Light o Digital Signature Algorithm: Signature Generation/Verification CryptoSafe Crypt Edit CrypSecure o Challenges and Opportunities Cryptlib § Digital Certificates Crypto++ Library o RC5 § Message Digest Functions o One-way Bash Functions o MD5 § SHA (Secure Hash Algorithm) § SSL (Secure Sockets Layer) o Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center § Code Breaking: Methodologies § Denial-of-Service Emulation § Cryptanalysis § Pentest using Appscan § Cryptography Attacks § HackerShield § Brute-Force Attack § Pen-Test Using Cerberus Internet Scanner § Cracking S/MIME Encryption Using Idle CPU Time § Pen-Test Using Cybercop Scanner § distributed.net § Pen-Test Using FoundScan Hardware Appliances § Use Of Cryptography § Pen-Test Using Nessus § Pen-Test Using NetRecon Module 26: Penetration Testing § Pen-Test Using SAINT § Introduction to Penetration Testing (PT) § Pen-Test Using SecureNet Pro § Categories of security assessments § Pen-Test Using SecureScan § Vulnerability Assessment § Pen-Test Using SATAN, SARA and Security Analyzer § Limitations of Vulnerability Assessment § Penetration Testing § Types of Penetration Testing § Risk Management § Do-It-Yourself Testing § Outsourcing Penetration Testing Services § Pen-Test Using STAT Analyzer § Pentest Using VigilENT § Pentest Using WebInspect § Pentest Using CredDigger § Pentest Using Nsauditor § Terms of Engagement § Evaluating Different Types of Pen-Test Tools § Project Scope § Asset Audit § Pentest Service Level Agreements § Fault Tree and Attack Trees § Testing points § GAP Analysis § Testing Locations § Threat § Automated Testing § Business Impact of Threat § Manual Testing § Internal Metrics Threat § Using DNS Domain Name and IP Address Information § External Metrics Threat § Enumerating Information about Hosts on Publicly Available Networks § Calculating Relative Criticality § Test Dependencies § Testing Network-filtering Devices § Defect Tracking Tools: Bug Tracker Server § Enumerating Devices § Disk Replication Tools ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center § DNS Zone Transfer Testing Tools § Pre-attack Phase § Network Auditing Tools § Best Practices § Trace Route Tools and Services § Results that can be Expected § Network Sniffing Tools § Passive Reconnaissance § Denial of Service Emulation Tools § Active Reconnaissance § Traditional Load Testing Tools § Attack Phase § System Software Assessment Tools o Activity: Perimeter Testing § Operating System Protection Tools o Activity: Web Application Testing § Fingerprinting Tools o Activity: Wireless Testing § Port Scanning Tools o Activity: Acquiring Target § Directory and File Access Control Tools o Activity: Escalating Privileges § File Share Scanning Tools o Activity: Execute, Implant and Retract § Password Directories § Post Attack Phase and Activities § Password Guessing Tools § Penetration Testing Deliverables Templates § Link Checking Tools § Web-Testing Based Scripting tools § Buffer Overflow protection Tools § File Encryption Tools § Database Assessment Tools § Keyboard Logging and Screen Reordering Tools § System Event Logging and Reviewing Tools Module 27: Covert Hacking § Insider Attacks § What is Covert Channel? § Security Breach § Why Do You Want to Use Covert Channel? § Motivation of a Firewall Bypass § Tripwire and Checksum Tools § Covert Channels Scope § Mobile-code Scanning Tools § Covert Channel: Attack Techniques § Centralized Security Monitoring Tools § Simple Covert Attacks § Web Log Analysis Tools § Advanced Covert Attacks § Forensic Data and Collection Tools § Standard Direct Connection § Security Assessment Tools § Reverse Shell (Reverse Telnet) § Multiple OS Management Tools § Direct Attack Example § Phases of Penetration Testing § In-Direct Attack Example ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center § Reverse Connecting Agents · Example Directory Traversal Function § Covert Channel Attack Tools · “dot dot” Method o Netcat · Example Code for a “dot dot” Method o DNS Tunneling o Virus Infection: Step II o Covert Channel Using DNS Tunneling o Virus Infection: Step III o DNS Tunnel Client · o DNS Tunneling Countermeasures o Virus Infection: Step IV o Covert Channel Using SSH o Virus Infection: Step V o Covert Channel using SSH (Advanced) § Components of Viruses o HTTP/S Tunneling Attack o Functioning of Replicator part § Covert Channel Hacking Tool: Active Port Forwarder o Writing Replicator Marking a File for Infection o Writing Concealer § Covert Channel Hacking Tool: CCTT o Dispatcher § Covert Channel Hacking Tool: Firepass o Writing Bomb/Payload § Covert Channel Hacking Tool: MsnShell § Covert Channel Hacking Tool: Web Shell § Covert Channel Hacking Tool: NCovert o Ncovert - How it works · Trigger Mechanism · Bombs/Payloads · Brute Force Logic Bombs § Testing Virus Codes § Covert Channel Hacking via Spam E-mail Messages § Tips for Better Virus Writing § Hydan Module 28: Writing Virus Codes Module 29: Assembly Language Tutorial § Introduction of Virus Base 10 System § Types of Viruses Base 2 System § Symptoms of a Virus Attack Decimal 0 to 15 in Binary § Prerequisites for Writing Viruses Binary Addition (C stands for Canary) § Required Tools and Utilities Hexadecimal Number § Virus Infection Flow Chart Hex Example o Virus Infection: Step I Hex Conversion · nibble Directory Traversal Method ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Computer memory Input and output Characters Coding C Interface ASCII and UNICODE Call CPU Creating a Program Machine Language Why should anyone learn assembly at all? Compilers Clock Cycle Assembling the code Original Registers Compiling the C code Instruction Pointer Linking the object files Pentium Processor Understanding an assembly listing file Interrupts Big and Little Endian Representation Interrupt handler Skeleton File External interrupts and Internal interrupts Working with Integers Handlers Signed integers Machine Language Signed Magnitude Assembly Language Two’s Compliment Assembler If statements Assembly Language Vs High-level Language Do while loops Assembly Language Compilers Indirect addressing Instruction operands Subprogram MOV instruction The Stack ADD instruction The SS segment SUB instruction ESP INC and DEC instructions The Stack Usage Directive The CALL and RET Instructions preprocessor General subprogram form equ directive Local variables on the stack %define directive Data directives General subprogram form with local variables Labels Multi-module program Saving registers ITPro Global ® 2009 www.itpro.net.vn o First.asm Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Labels of functions o NASM Calculating addresses of local variables o GDB o objdump o ktrace Module 30: Exploit Writing Exploits Overview o strace Prerequisites for Writing Exploits and Shellcodes o readelf Purpose of Exploit Writing Types of Exploits Stack Overflow Heap Corruption Steps for Writing a Shellcode Issues Involved With Shellcode Writing o Addressing problem o Null byte problem o System call implementation o Format String o Integer Bug Exploits o Race Condition o TCP/IP Attack The Proof-of-Concept and Commercial Grade Exploit Converting a Proof of Concept Exploit to Commercial Grade Exploit Attack Methodologies Socket Binding Exploits Tools for Exploit Writing o LibExploit o Metasploit o CANVAS Module 31: Smashing the Stack for Fun and Profit What is a Buffer? Static Vs Dynamic Variables Stack Buffers Data Region Memory Process Regions What Is A Stack? Why Do We Use A Stack? The Stack Region Stack frame Stack pointer Procedure Call (Procedure Prolog) Steps for Writing an Exploit Compiling the code to assembly Differences Between Windows and Linux Exploits Call Statement Shellcodes Return Address (RET) NULL Byte Word Size Types of Shellcodes Stack Tools Used for Shellcode Development Buffer Overflows ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Error Why do we get a segmentation violation? Segmentation Error Instruction Jump Guess Key Parameters Calculation Shell Code o The code to spawn a shell in C Lets try to understand what is going on here. We'll start by studying main: execve() o execve() system call exit.c o List of steps with exit call The code in Assembly JMP Code using indexed addressing Offset calculation shellcodeasm.c testsc.c Compile the code NULL byte shellcodeasm2.c testsc2.c Writing an Exploit overflow1.c Compiling the code sp.c vulnerable.c NOPs o Using NOPs ITPro Global ® 2009 www.itpro.net.vn o Estimating the Location Module 32: Windows Based Buffer Overflow Exploit Writing Buffer Overflow Stack overflow Writing Windows Based Exploits Exploiting stack based buffer overflow OpenDataSource Buffer Overflow Vulnerability Details Simple Proof of Concept Windbg.exe Analysis EIP Register o Location of EIP o EIP Execution Flow But where can we jump to? Offset Address The Query Finding jmp esp Debug.exe listdlls.exe Msvcrt.dll Out.sql The payload ESP Limited Space Getting Windows API/function absolute address Memory Address Other Addresses Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Compile the program § Tool: LSW DotNet-Reflection-Browser Final Code § Tool: Reflector § Tool: Spices NET.Decompiler § Tool: Decompilers.NET Module 33: Reverse Engineering § .NET Obfuscator and .NET Obfuscation § Positive Applications of Reverse Engineering § Java Bytecode Decompilers § Ethical Reverse Engineering § Tool: JODE Java Decompiler § World War Case Study § Tool: JREVERSEPRO § DMCA Act § Tool: SourceAgain § What is Disassembler? § Tool: ClassCracker § Why do you need to decompile? § Python Decompilers § Professional Disassembler Tools § Reverse Engineering Tutorial § Tool: IDA Pro § OllyDbg Debugger § Convert Machine Code to Assembly Code § How Does OllyDbg Work? § Decompilers § Debugging a Simple Console Application § Program Obfuscation § Convert Assembly Code to C++ code § Machine Decompilers § Tool: dcc § Machine Code of compute.exe Prorgam § Assembly Code of compute.exe Program Module 34: MAC OS X Hacking Introduction to MAC OS Vulnerabilities in MAC o Crafted URL Vulnerability o CoreText Uninitialized Pointer Vulnerability § Code Produced by the dcc Decompiler in C o ImageIO Integer overflow Vulnerability § Tool: Boomerang o DirectoryService Vulnerability § What Boomerang Can Do? o iChat UPnP buffer overflow Vulnerability § Andromeda Decompiler o ImageIO Memory Corruption Vulnerability § Tool: REC Decompiler o Code Execution Vulnerability § Tool: EXE To C Decompiler o UFS filesystem integer overflow Vulnerability § Delphi Decompilers o Kernel "fpathconf()" System call Vulnerability § Tools for Decompiling .NET Applications o UserNotificationCenter Privilege Escalation Vulnerability § Salamander .NET Decompiler ITPro Global ® 2009 www.itpro.net.vn o Other Vulnerabilities in MAC Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center How a Malformed Installer Package Can Crack Mac OS X Worm and Viruses in MAC o OSX/Leap-A o Inqtana.A o Macro Viruses Anti-Viruses in MAC o VirusBarrier o McAfee Virex for Macintosh o Endpoint Security and Control o Norton Internet Security Mac Security Tools o MacScan Types of Router Attacks Router Attack Topology Denial of Service (DoS) Attacks Packet “Mistreating” Attacks Routing Table Poisoning Hit-and-run Attacks vs. Persistent Attacks Cisco Router o Finding a Cisco Router o How to Get into Cisco Router o Breaking the Password o Is Anyone Here o Looking Around o IPNetsentryx o FileGuard Countermeasures Module 35: Hacking Routers, cable Modems and Firewalls Network Devices Identifying a Router o Implications of a Router Attack o Covering Tracks o ClamXav SING: Tool for Identifying the Router Eigrp-tool Tool: Zebra Tool: Yersinia for HSRP, CDP, and other layer 2 attacks Tool: Cisco Torch Monitoring SMTP(port25) Using SLcheck Monitoring HTTP(port 80) Cable Modem Hacking o OneStep: ZUP HTTP Configuration Arbitrary Administrative Access Vulnerability www.bypassfirewalls.net ADMsnmp Waldo Beta 0.7 (b) Solarwinds MIB Browser Brute-Forcing Login Services Hydra Analyzing the Router Config Cracking the Enable Password Tool: Cain and Abel ITPro Global ® 2009 www.itpro.net.vn Module 36: Hacking Mobile Phones, PDA and Handheld Devices Different OS in Mobile Phone Different OS Structure in Mobile Phone Evolution of Mobile Threat Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Threats o Tool to Unlock iPhone: iPhoneSimFree What Can A Hacker Do o Tool to Unlock iPhone: anySIM Vulnerabilities in Different Mobile Phones o Steps for Unlocking your iPhone using AnySIM Malware Spyware o Activate the Voicemail Button on your Unlocked iPhone o Spyware: SymbOS/Htool-SMSSender.A.intd o Spyware: SymbOS/MultiDropper.CG o Best Practices against Malware Blackberry o Blackberry Attacks o Blackberry Attacks: Blackjacking o BlackBerry Wireless Security o BlackBerry Signing Authority Tool o Countermeasures PDA o PDA Security Issues o ActiveSync attacks o HotSync Attack o PDA Virus: Brador o PDA Security Tools: TigerSuite PDA o Security Policies for PDAs iPod o Misuse of iPod o Jailbreaking o Tools for jailbreaking: iFuntastic o Prerequisite for iPhone Hacking o Step by Step iPhone Hacking using iFuntastic o Podloso Virus o Security tool: Icon Lock-iT XP Mobile: Is It a Breach to Enterprise Security? o Threats to Organizations Due to Mobile Devices o Security Actions by Organizations Viruses o Skulls o Duts o Doomboot.A: Trojan Antivirus o Kaspersky Antivirus Mobile o Airscanner o BitDefender Mobile Security o SMobile VirusGuard o Symantec AntiVirus o F-Secure Antivirus for Palm OS o BullGuard Mobile Antivirus Security Tools o Sprite Terminator o Mobile Security Tools: Virus Scan Mobile Defending Cell Phones and PDAs Against Attack Mobile Phone Security Tips o Step by step iPhone Hacking o AppSnapp Steps for AppSnapp ITPro Global ® 2009 www.itpro.net.vn Module 37: Bluetooth Hacking Bluetooth Introduction Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Security Issues in Bluetooth o BlueSweep Security Attacks in Bluetooth Devices o Bluekey o Bluejacking o BlueFire Mobile Security Enterprise Edition o Tools for Bluejacking o BlueAuditor o BlueSpam o Bluetooth Network Scanner o Blue snarfing Countermeasures o BlueBug Attack o Short Pairing Code Attacks Module 38: VoIP Hacking o Man-In-Middle Attacks What is VoIP o OnLine PIN Cracking Attack VoIP Hacking Steps o BTKeylogging attack Footprinting o BTVoiceBugging attack o Information Sources o Blueprinting o Unearthing Information o Bluesmacking - The Ping of Death o Organizational Structure and Corporate Locations o Denial-of-Service Attack o Help Desk o BlueDump Attack o Job Listings Bluetooth hacking tools o Phone Numbers and Extensions o BTScanner o VoIP Vendors o Bluesnarfer o Resumes o Bluediving o WHOIS and DNS Analysis o Transient Bluetooth Environment Auditor o Steps to Perform Footprinting o BTcrack Scanning o Blooover o Host/Device Discovery o Hidattack o ICMP Ping Sweeps Bluetooth Viruses and Worms o ARP Pings o Cabir o TCP Ping Scans o Mabir o SNMP Sweeps o Lasco o Port Scanning and Service Discovery Bluetooth Security tools o BlueWatch ITPro Global ® 2009 www.itpro.net.vn o TCP SYN Scan o UDP Scan Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Host/Device Identification Enumeration o Flooding Attacks o DNS Cache Poisoning o Steps to Perform Enumeration o Sniffing TFTP Configuration File Transfers o Banner Grabbing with Netcat o Performing Number Harvesting and Call Pattern Tracking o SIP User/Extension Enumeration REGISTER Username Enumeration INVITE Username Enumeration OPTIONS Username Enumeration Automated OPTIONS Scanning with sipsak Automated REGISTER, INVITE and OPTIONS Scanning with SIPSCAN against SIP server o Call Eavesdropping o Interception through VoIP Signaling Manipulation o Man-In-The-Middle (MITM) Attack o Application-Level Interception Techniques How to Insert Rogue Application SIP Rogue Application Listening to/Recording Calls Replacing/Mixing Audio o Enumerating TFTP Servers Dropping Calls with a Rogue SIP Proxy o SNMP Enumeration Randomly Redirect Calls with a Rogue SIP Proxy Additional Attacks with a Rogue SIP Proxy Automated OPTIONS Scanning Using SIPSCAN against SIP Phones o Enumerating VxWorks VoIP Devices Steps to Exploit the Network o Denial-of-Service (DoS) o Distributed Denial-of-Service (DDoS) Attack o Internal Denial-of-Service Attack o DoS Attack Scenarios o What is Fuzzing Why Fuzzing Commercial VoIP Fuzzing tools o Signaling and Media Manipulation Registration Removal with erase_registrations Tool Registration Addition with add_registrations Tool o Eavesdropping o Packet Spoofing and Masquerading o Replay Attack o Call Redirection and Hijacking o ARP Spoofing o VoIP Phishing Covering Tracks o ARP Spoofing Attack o Service Interception o H.323-Specific Attacks o SIP Security Vulnerabilities o SIP Attacks ITPro Global ® 2009 www.itpro.net.vn Module 39: RFID Hacking § RFID- Definition § Components of RFID Systems § RFID Collisions Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center RFID Risks o Business Process Risk o Technical Controls § RFID Security o Business Intelligence Risk o Privacy Risk o Externality Risk Module 40: Spamming Introduction Hazards of Electromagnetic Radiation Techniques used by Spammers Computer Network Attacks How Spamming is performed § RFID and Privacy Issues Spammer: Statistics § Countermeasures Worsen ISP: Statistics § RFID Security and Privacy Threats Top Spam Effected Countries: Statistics o Sniffing Types of Spam Attacks o Tracking Spamming Tools o Spoofing o Farelogic Worldcast o Replay attacks o 123 Hidden Sender o Denial-of-service o YL Mail Man § Protection Against RFID Attacks o Sendblaster § RFID Guardian o Direct Sender § RFID Malware o Hotmailer o How to Write an RFID Virus o PackPal Bulk Email Server o How to Write an RFID Worm o IEmailer o Defending Against RFID Malware Anti-Spam Techniques § RFID Exploits Anti- Spamming Tools § Vulnerabilities in RFID-enabled Credit Cards o AEVITA Stop SPAM Email o Skimming Attack o SpamExperts Desktop o Replay Attack o SpamEater Pro o Eavesdropping Attack o SpamWeasel § RFID Hacking Tool: RFDump o Spytech SpamAgent § RFID Security Controls o AntispamSniper o Management Controls o Spam Reader o Operational Controls o Spam Assassin Proxy (SA) Proxy ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o MailWasher Free o USB CopyNotify o Spam Bully o Remora USB File Guard Countermeasures o Advanced USB Pro Monitor o Folder Password Expert USB Module 41: Hacking USB Devices o USBlyzer § Introduction to USB Devices o USB PC Lock Pro § Electrical Attack o Torpark § Software Attack o Virus Chaser USB § USB Attack on Windows § Countermeasures § Viruses and Worms o W32/Madang-Fam Module 42: Hacking Database Servers o W32/Hasnot-A Hacking Database server: Introduction o W32/Fujacks-AK Hacking Oracle Database Server o W32/Fujacks-E o Attacking Oracle o W32/Dzan-C o Security Issues in Oracle o W32/SillyFD-AA o Types of Database Attacks o W32/SillyFDC-BK o How to Break into an Oracle Database and Gain DBA Privileges o W32/LiarVB-A o W32/Hairy-A o W32/QQRob-ADN o W32/VBAut-B o HTTP W32.Drom § Hacking Tools o USB Dumper o USB Switchblade o USB Hacksaw § USB Security Tools o MyUSBonly o USBDeview o USB-Blocker ITPro Global ® 2009 www.itpro.net.vn o Oracle Worm: Voyager Beta o Ten Hacker Tricks to Exploit SQL Server Systems Hacking SQL Server o How SQL Server is Hacked o Query Analyzer o odbcping Utility o Tool: ASPRunner Professional o Tool: FlexTracer Security Tools SQL Server Security Best Practices: Administrator Checklist § SQL Server Security Best Practices: Developer Checklist Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Introduction to Internet Filter o Key Features of Internet Filters o Pros and Cons of Internet Filters Internet Content Filtering Tools o iProtectYou o Tool: Block Porn o Tool: FilterGate o Tool: Adblock o Tool: AdSubtract o Tool: GalaxySpy o Tool: AdsGone Pop Up Killer o Tool: AntiPopUp o Tool: Pop Up Police o Tool: Super Ad Blocker o Tool: Anti-AD Guard o Net Nanny o CyberSieve o BSafe Internet Filter o Tool: Stop-the-Pop-Up Lite o Tool: WebCleaner o Tool: AdCleaner o Tool: Adult Photo Blanker o Tool: LiveMark Family § Table 1: How Websites Support Objectives of terrorist/Extremist Groups o Tool: KDT Site Blocker § Electronic Jihad o Internet Safety Guidelines for Children Module 43: Cyber Warfare- Hacking, Al-Qaida and Terrorism § Cyber Terrorism Over Internet § Cyber-Warfare Attacks § 45 Muslim Doctors Planned US Terror Raids § Net Attack § Al-Qaeda § Why Terrorists Use Cyber Techniques § Cyber Support to Terrorist Operations § Planning § Recruitment § Research § Propaganda § Propaganda: Hizballah Website § Cyber Threat to the Military § Russia ‘hired botnets’ for Estonia Cyber-War § NATO Threatens War with Russia § Bush on Cyber War: ‘a subject I can learn a lot about’ § E.U. Urged to Launch Coordinated Effort Against Cybercrime § Budget: Eye on Cyber-Terrorism Attacks § Cyber Terror Threat is Growing, Says Reid § Terror Web 2.0 § Electronic Jihad' App Offers Cyber Terrorism for the Masses § Cyber Jihad – Cyber Firesale § http://internet-haganah.com/haganah/ Module 45: Privacy on the Internet Internet privacy Proxy privacy Spyware privacy Module 44: Internet Content Filtering Techniques ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Email privacy o Max Internet Optimizer Cookies o Hotspot Shield Examining Information in Cookies o Anonymous Browsing Toolbar How Internet Cookies Work o Invisible Browsing How Google Stores Personal Information o Real Time Cleaner Google Privacy Policy o Anonymous Web Surfing Web Browsers o Anonymous Friend Web Bugs o Easy Hide IP Downloading Freeware Internet Relay Chat o Agnitum firewall Pros and Cons of Internet Relay Chat o Firestarter Electronic Commerce o Sunbelt Personal Firewall Internet Privacy Tools: Anonymizers o Netdefender Internet Privacy Tools: Firewall Tools o Anonymizer Anonymous Surfing o Anonymizer Total Net Shield o Privacy Eraser o Anonymizer Nyms o CookieCop o Anonymizer Anti-Spyware o Cookiepal o Anonymizer Digital Shredder Lite o Historykill o Steganos Internet Anonym o Tracks eraser o Invisible IP Map o NetConceal Anonymity Shield o Protecting Search Privacy o Anonymous Guest o Tips for Internet Privacy o ViewShield o IP Hider o Mask Surf Standard o VIP Anonymity Statistics for Stolen and Recovered Laptops o SmartHide Statistics on Security o Anonymity Gateway o Hide My IP Percentage of Organizations Following the Security Measures Claros Anonymity Laptop threats o Laptop Theft ITPro Global ® 2009 www.itpro.net.vn Internet Privacy Tools: Others Best Practices Counter measures Module 46: Securing Laptop Computers Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Fingerprint Reader Protecting Laptops Through Face Recognition Bluetooth in Laptops Tools o Laptop Security o Laptop Security Tools o Laptop Alarm o Flexysafe o Master Lock o eToken o STOP-Lock o True Crypt o PAL PC Tracker o Cryptex o Dekart Private Disk Multifactor o Laptop Anti-Theft o Inspice Trace o ZTRACE GOLD o SecureTrieve Pro o XTool Laptop Tracker o XTool Encrypted Disk o XTool Asset Auditor o XTool Remote Delete § Securing from Physical Laptop Thefts § Hardware Security for Laptops § Protecting the Sensitive Data § Preventing Laptop Communications from Wireless Threats Module 47: Spying Technologies § Spying § Motives of Spying § Spying Devices o Spying Using Cams o Video Spy o Video Spy Devices o Tiny Spy Video Cams o Underwater Video Camera o Camera Spy Devices o Goggle Spy o Watch Spy o Pen Spy o Binoculars Spy o Toy Spy o Spy Helicopter o Wireless Spy Camera o Spy Kit o Spy Scope: Spy Telescope and Microscope o Spy Eye Side Telescope o Audio Spy Devices o Eavesdropper Listening Device o GPS Devices o Spy Detectors o Spy Detector Devices § Vendors Hosting Spy Devices o Spy Gadgets § Protecting the Stolen Laptops from Being Used o Spy Tools Directory § Security Tips o Amazon.com ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Spy Associates Techniques Used for Corporate Espionage o Paramountzone Process of Hacking o Surveillance Protection Former Forbes Employee Pleads Guilty § Spying Tools o Net Spy Pro-Computer Network Monitoring and Protection Former Employees Abet Stealing Trade Secrets California Man Sentenced For Hacking o SpyBoss Pro Federal Employee Sentenced for Hacking o CyberSpy Facts o Spytech SpyAgent Key Findings from U.S Secret Service and CERT Coordination Center/SEI study on Insider Threat Tools o ID Computer Spy o e-Surveiller o KGB Spy Software o NetVizor o O&K Work Spy o Privatefirewall w/Pest Patrol o WebCam Spy § Countermeasures o Golden Eye o Best Practices against Insider Threat § Anti-Spying Tools o Countermeasures o Internet Spy Filter o Spybot - S&D Module 49: Creating Security Policies o SpyCop Security policies o Spyware Terminator Key Elements of Security Policy o XoftSpySE Defining the Purpose and Goals of Security Policy Role of Security Policy Classification of Security Policy Module 48: Corporate Espionage- Hacking Using Insiders Introduction To Corporate Espionage Design of Security Policy Information Corporate Spies Seek Contents of Security Policy Insider Threat Configurations of Security Policy Different Categories of Insider Threat Implementing Security Policies Privileged Access Types of Security Policies Driving Force behind Insider Attack o Promiscuous Policy Common Attacks carried out by Insiders o Permissive Policy ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Prudent Policy o Paranoid Policy o Acceptable-Use Policy Software Activation: Introduction o User-Account Policy o Process of Software Activation o Remote-Access Policy Piracy o Information-Protection Policy o Piracy Over Internet o Firewall-Management Policy o Abusive Copies o Special-Access Policy o Pirated Copies o Network-Connection Policy o Cracked Copies o Business-Partner Policy o Impacts of piracy o Other Important Policies o Software Piracy Rate in 2006 Policy Statements o Piracy Blocking Basic Document Set of Information Security Policies Software Copy Protection Backgrounders o E-mail Security Policy CD Key Numbers o Best Practices for Creating E-mail Security Policies Dongles o o Media Limited Installations o User Identification and Passwords Policy o Protected Media Software Security Policy o Hidden Serial Numbers Software License Policy o Digital Right Management (DRM) Points to Remember While Writing a Security Policy o Copy protection for DVD Warez Sample Policies o Warez o Remote Access Policy o Types of Warez o Warez Distribution o Distribution Methods Tool: Crypkey Tool: EnTrial EnTrial Tool: Distribution File EnTrial Tool: Product & Package Initialization Dialog EnTrial Tool: Add Package GUI o Wireless Security Policy o E-mail Security Policy o E-mail and Internet Usage Policies o Personal Computer Acceptable Use Policy o Firewall Management policy o Internet Acceptable Use Policy o User Identification and Password Policy o Software License Policy ITPro Global ® 2009 www.itpro.net.vn Module 50: Software Piracy and Warez Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Tool: DF_ProtectionKit § Example for Attacker to Attack the Feeds Tool: Crack Killer § Tools Tool: Logic Protect o Perseptio FeedAgent Tool: Software License Manager o RssFeedEater Tool: Quick License Manager o Thingamablog Tool: WTM CD Protect o RSS Builder Module 51: Hacking and Cheating Online Games o RSS Submit Online Games: Introduction o FeedDemon Basics of Game Hacking o FeedForAll Threats in Online Gaming o FeedExpress Cheating in Online Computer Games o RSS and Atom Security Types of Exploits Example of popular game exploits Module 53: Hacking Web Browsers (Firefox, IE) Stealing Online Game Passwords § Introduction o Stealing Online Game Passwords: Social Engineering and Phishing § How Web Browsers Work Online Gaming Malware from 1997-2007 Best Practices for Secure Online Gaming Tips for Secure Online Gaming § How Web Browsers Access HTML Documents § Protocols for an URL § Hacking Firefox Module 52: Hacking RSS and Atom o Firefox Proof of Concept Information Leak Vulnerability § Introduction o Firefox Spoofing Vulnerability § Areas Where RSS and Atom is Used o Password Vulnerability § Building a Feed Aggregator o Concerns With Saving Form Or Login Data § Routing Feeds to the Email Inbox o Cleaning Up Browsing History § Monitoring the Server with Feeds o Cookies § Tracking Changes in Open Source Projects o Internet History Viewer: Cookie Viewer § Risks by Zone § Firefox Security o Remote Zone risk o Blocking Cookies Options o Local Zone Risk o Tools For Cleaning Unwanted Cookies § Reader Specific Risks o Tool: CookieCuller § Utilizing the Web Feeds Vulnerabilities o Getting Started ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Privacy Settings o AutoFill o Security Settings o Security Features o Content Settings § Hacking Netscape o Clear Private Data o Netscape Navigator Improperly Validates SSL Sessions o Mozilla Firefox Security Features § Hacking Internet Explorer o Redirection Information Disclosure Vulnerability o Window Injection Vulnerability § Internet Explorer Security o Getting Started o Security Zones o Custom Level o Netscape Navigator Security Vulnerability § Securing Netscape o Getting Started o Privacy Settings o Security Settings o Content Settings o Clear Private Data o Trusted Sites Zone o Privacy o Overwrite Automatic Cookie Handling o Per Site Privacy Actions o Specify Default Applications o Internet Explorer Security Features § Hacking Opera o JavaScript Invalid Pointer Vulnerability o BitTorrent Header Parsing Vulnerability o Torrent File Handling Buffer Overflow Vulnerability § Security Features of Opera o Security and Privacy Features § Hacking Safari o Safari Browser Vulnerability o iPhone Safari Browser Memory Exhaustion Remote Dos Vulnerability Module 54: Proxy Server Technologies § Introduction: Proxy Server § Working of Proxy Server § Types of Proxy Server § Socks Proxy § Free Proxy Servers § Use of Proxies for Attack § Tools o WinGate o UserGate Proxy Server o Advanced FTP Proxy Server o Trilent FTP Proxy o SafeSquid o AllegroSurf o ezProxy § Securing Safari o Proxy Workbench o Getting started o ProxyManager Tool o Preferences o Super Proxy Helper Tool ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o MultiProxy o Imperva: SecureSphere § How Does MultiProxy Work o MailMarshal § TOR Proxy Chaining Software o WebMarshal § TOR Proxy Chaining Software o Marshal EndPoint § AnalogX Proxy o Novell ZENworks Endpoint Security Management § NetProxy o Prism EventTracker § Proxy+ o Proofpoint Messaging Security Gateway § ProxySwitcher Lite o Proofpoint Platform Architecture § Tool: JAP o Summary Dashboard § Proxomitron o End-user Safe/Block List § SSL Proxy Tool o Defiance Data Protection System § How to Run SSL Proxy o Sentrigo: Hedgehog o Symantec Database Security Module 55: Data Loss Prevention o Varonis: DataPrivilege § Introduction: Data Loss o Verdasys: Digital Guardian § Causes of Data Loss o VolumeShield AntiCopy § How to Prevent Data Loss o Websense Content Protection Suite § Impact Assessment for Data Loss Prevention § Tools o Security Platform o Check Point Software: Pointsec Data Security o Cisco (IronPort) o Content Inspection Appliance o CrossRoads Systems: DBProtector o Strongbox DBProtector Architecture o DeviceWall o Exeros Discovery o GFi Software: GFiEndPointSecurity o GuardianEdge Data Protection Platform o ProCurve Identity Driven Manager (IDM) Module 56: Hacking Global Positioning System (GPS) Geographical Positioning System (GPS) Terminologies GPS Devices Manufacturers Gpsd-GPS Service Daemon Sharing Waypoints Wardriving Areas of Concern Sources of GPS Signal Errors Methods to Mitigate Signal Loss GPS Secrets o ITPro Global ® 2009 www.itpro.net.vn GPS Hidden Secrets Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Secret Startup Commands in Garmin o Category of Incidents: Low Level o Hard Reset/ Soft Reset o Category of Incidents: Mid Level Firmware Hacking o Category of Incidents: High Level o Firmware o How to Identify an Incident o Hacking GPS Firmware: Bypassing the Garmin eTrex Vista Startup Screen o How to Prevent an Incident o Hacking GPS Firmware: Bypassing the Garmin eTrex Legend Startup Screen o Hacking GPS Firmware: Bypassing the Garmin eTrex Venture Startup Screen GPS Tools o Tool: GPS NMEA LOG o Tool: GPS Diagnostic o Tool: RECSIM III o Tool: G7toWin o Tool: G7toCE o Tool: GPS Security Guard o GPS Security Guard Functions o UberTracker o Defining the Relationship between Incident Response, Incident Handling, and Incident Management o Incident Response Checklist o Handling Incidents o Procedure for Handling Incident · Stage 1: Preparation · Stage 2: Identification · Stage 3: Containment · Stage 4: Eradication · Stage 5: Recovery · Stage 6: Follow-up § Incident Management § Why don’t Organizations Report Computer Crimes § Estimating Cost of an Incident Module 57: Computer Forensics and Incident Handling § Whom to Report an Incident § Computer Forensics § Incident Reporting o What is Computer Forensics § Vulnerability Resources o Need for Computer Forensics § What is CSIRT o Objectives of Computer Forensics o CSIRT: Goals and Strategy o Stages of Forensic Investigation in Tracking Cyber Criminals o Why an Organization needs an Incident Response Team o Key Steps in Forensic Investigations o CSIRT Case Classification o List of Computer Forensics Tools o Types of Incidents and Level of Support § Incident Handling o Incident Specific Procedures-I (Virus and Worm Incidents) o Present Networking Scenario o Incident Specific Procedures-II (Hacker Incidents) o What is an Incident ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Incident Specific Procedures-III (Social Incidents, Physical Incidents) o Credit Card Fraud Detection Technique: Pattern Detection o How CSIRT Handles Case: Steps o Credit Card Fraud Detection Technique: Fraud Screening o Example of CSIRT o Best Practices for Creating a CSIRT · in Step 1: Obtain Management Support and Buy- o XCART: Online fraud Screening Service o Card Watch o MaxMind Credit Card Fraud Detection · Step 2: Determine the CSIRT Development Strategic Plan · Step 3: Gather Relevant Information · Step 4: Design your CSIRT Vision · Step 5: Communicate the CSIRT Vision · Step 6: Begin CSIRT Implementation · Step 7: Announce the CSIRT § World CERTs http://www.trustedintroducer.nl/teams/country.html o 3D Secure o Limitations of 3D Secure o FraudLabs o www.pago.de o Pago Fraud Screening Process o What to do if you are a Victim of a Fraud o Facts to be Noted by Consumers § Best Practices: Ways to Protect Your Credit Cards § http://www.first.org/about/organization/teams/ § IRTs Around the World Module 58: Credit Card Frauds § E-Crime § Statistics § Credit Card o Credit Card Fraud o Credit Card Fraud o Credit Card Fraud Over Internet o Net Credit/Debit Card Fraud In The US After Gross Charge-Offs Module 59: How to Steal Passwords § § § § Password Stealing How to Steal Passwords Password Stealing Techniques Password Stealing Trojans o MSN Hotmail Password Stealer o AOL Password Stealer o Trojan-PSW.Win32.M2.14.a o CrazyBilets o Dripper o Fente o GWGhost § Credit Card Generators o Kesk o Credit Card Generator o MTM Recorded pwd Stealer o RockLegend’s !Credit Card Generator o Password Devil § Credit Card Fraud Detection § Password Stealing Tools o Password Thief ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Remote Password Stealer o Symantec Enterprise Firewall o POP3 Email Password Finder o Kerio WinRoute Firewall o Instant Password Finder o Sunbelt Personal Firewall o MessenPass o Xeon Firewall o PstPassword o InJoy Firewall o Remote Desktop PassView o PC Tools Firewall Plus o IE PassView o Comodo Personal Firewall o Yahoo Messenger Password o ZoneAlarm § Recommendations for Improving Password Security § Best Practices § Linux Firewalls o KMyFirewall o Firestarter Module 60: Firewall Technologies o Guarddog § Firewalls: Introduction o Firewall Builder § Hardware Firewalls § Mac OS X Firewalls o Hardware Firewall o Flying Buttress o Netgear Firewall o DoorStop X Firewall o Personal Firewall Hardware: Linksys o Intego NetBarrier X5 o Personal Firewall Hardware: Cisco’s PIX o Little Snitch o Cisco PIX 501 Firewall o Cisco PIX 506E Firewall o Cisco PIX 515E Firewall Module 61: Threats and Countermeasures Domain Level Policies o CISCO PIX 525 Firewall o Account Policies o CISCO PIX 535 Firewall o Password Policy o Check Point Firewall o Password Policy o Nortel Switched Firewall o Password Policy - Policies § Software Firewalls Enforce Password History o Software Firewall o Enforce Password History - Vulnerability § Windows Firewalls o Enforce Password History - Countermeasure o Norton Personal Firewall o Enforce Password History - Potential Impact o McAfee Personal Firewall ITPro Global ® 2009 www.itpro.net.vn Maximum Password Age Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Password Age - Vulnerability o Account Lockout Threshold - Vulnerability o Maximum Password Age - Countermeasure o Account Lockout Threshold - Countermeasure o Maximum Password Age - Potential Impact o Account Lockout Threshold - Potential Impact o Maximum Password Age Reset Account Lockout Counter After o Minimum Password Age Kerberos Policy o Minimum Password Age - Vulnerability o Kerberos Policy - Policies o Minimum Password Age - Countermeasure Enforce User Logon Restrictions o Minimum Password Age - Potential Impact Maximum Lifetime for Service Ticket o Minimum Password Age Minimum Password Length o Minimum Password Length - Vulnerability o Maximum Lifetime for User Ticket o Maximum Lifetime for User Ticket Renewal Maximum Tolerance for Computer Clock Synchronization Audit Policy o Minimum Password Length - Countermeasure o Minimum Password Length - Potential Impact o Minimum Password Length Passwords Must Meet Complexity Requirements o Passwords must Meet Complexity Requirements Vulnerability o Passwords must Meet Complexity Requirements Countermeasure o Passwords must Meet Complexity Requirements Potential Impact o Passwords must Meet Complexity Requirements Store Password using Reversible Encryption for all Users in the Domain Account Lockout Policy o Audit Settings o Audit Account Logon Events o Audit Account Management o Audit Directory Service Access o Audit Logon Events o Audit Object Access o Audit Policy Change o Audit Privilege Use o Audit Process Tracking o Audit System Events User Rights Access this Computer from the Network Account Lockout Duration Act as Part of the Operating System o Account Lockout Duration - Vulnerability Add Workstations to Domain o Account Lockout Duration - Countermeasure Adjust Memory Quotas for a Process o Account Lockout Duration - Potential Impact Allow Log On Locally o Account Lockout Duration Allow Log On through Terminal Services Back Up Files and Directories o Account Lockout Policy - Policies Account Lockout Threshold ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Bypass Traverse Checking Shut Down the System Change the System Time Synchronize Directory Service Data Create a Page File Take Ownership of Files or Other Objects Create a Token Object Security Options Create Global Objects Accounts: Administrator Account Status Create Permanent Shared Objects Debug Programs Deny Access to this Computer from the Network Deny Log On as a Batch Job Deny Log On as a Service Deny Log On Locally Deny Log On through Terminal Services Enable Computer and User Accounts to be Trusted for Delegation Force Shutdown from a Remote System Generate Security Audits Impersonate a Client after Authentication Increase Scheduling Priority Load and Unload Device Drivers Lock Pages in Memory Log On as a Batch Job Log On as a Service Manage Auditing and Security Log Modify Firmware Environment Values Perform Volume Maintenance Tasks Profile Single Process Profile System Performance Remove Computer from Docking Station Replace a Process Level Token Restore Files and Directories ITPro Global ® 2009 www.itpro.net.vn o Accounts: Administrator Account Status Vulnerability o Accounts: Administrator Account Status o Accounts: Guest Account Status o Accounts: Limit Local Account Use of Blank Passwords to Console Logon Only o Accounts: Rename Administrator Account o Accounts: Rename Guest Account Audit: Audit the Access of Global System Objects o Audit: Audit the Use of Backup and Restore Privilege o Audit: Shut Down System Immediately if Unable to Log Security Audits DCOM: Machine Access/Launch Restrictions in Security Descriptor Definition Language (SDDL) o DCOM: Machine Access/Launch Restrictions in Security Descriptor Definition Language (SDDL) Devices: Allow Undock without having to Log On Devices: Allowed to Format and Eject Removable Media Devices: Prevent Users from Installing Printer Drivers Devices: Restrict CD-ROM/Floppy Access to Locally Logged-on User Only Devices: Restrict CD-ROM Access to Locally Logged-on User Only Devices: Unsigned Driver Installation Behavior Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Domain Controller: Allow Server Operators to Schedule Tasks Network Access: Do Not Allow Anonymous Enumeration of SAM Accounts Domain Controller: LDAP Server Signing Requirements Domain Controller: Refuse Machine Account Password Changes Network Access: Do Not Allow Storage of Credentials or .NET Passports for Network Authentication Domain Member: Digitally Encrypt or Sign Secure Channel Data Network Access: Let Everyone Permissions Apply to Anonymous Users Domain Member: Disable Machine Account Password Changes Network Access: Named Pipes that can be Accessed Anonymously Domain Member: Maximum Machine Account Password Age Network Access: Remotely Accessible Registry Paths Domain Member: Require Strong (Windows 2000 or Later) Session Key Network Access: Remotely Accessible Registry Paths and Sub-paths Interactive Logon: Do Not Display Last User Name Network Access: Restrict Anonymous Access to Named Pipes and Shares Interactive Logon: Do Not Require CTRL+ALT+DEL Network Access: Shares that can be Accessed Anonymously Interactive Logon: Message Text for Users Attempting to Log On Network Access: Sharing and Security Model for Local Accounts Network Security: Do Not Store LAN Manager Hash Value on Next Password Change Network Security: Force Logoff when Logon Hours Expire Network Security: LAN Manager Authentication Level Network Security: LDAP Client Signing Requirements Interactive Logon: Number of Previous Logons to Cache Interactive Logon: Prompt User to Change Password before Expiration Interactive Logon: Require Domain Controller Authentication to Unlock Workstation Interactive Logon: Require Smart Card Interactive Logon: Smart Card Removal Behavior Microsoft Network Client and Server: Digitally Sign Communications (Four Related Settings) Network Security: Minimum Session Security for NTLM SSP based (Including Secure RPC) Clients/Servers Microsoft Network Client: Send Unencrypted Password to Third-party SMB Servers Network Security: Minimum Session Security for NTLM SSP based (Including Secure RPC) Clients Microsoft Network Server: Amount of Idle Time Required before Suspending Session Recovery Console: Allow Automatic Administrative Logon Microsoft Network Server: Disconnect Clients when Logon Hours Expire Recovery Console: Allow Floppy Copy and Access to all Drives and all Folders Network Access: Allow Anonymous SID/Name Translation Shutdown: Allow System to be Shut Down Without Having to Log On Shutdown: Clear Virtual Memory Page File ® ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center System Cryptography: Force Strong Key Protection for User Keys Stored on the Computer Client Service for NetWare ClipBook System Cryptography: Use FIPS Compliant Algorithms for Encryption, Hashing, and Signing Cluster Service COM+ Event System System Objects: Default Owner for Objects Created by Members of the Administrators Group COM+ System Application Computer Browser System Objects: Require Case Insensitivity for Non-Windows Subsystems Cryptographic Services DCOM Server Process Launcher DHCP Client DHCP Server Distributed File System Distributed Link Tracking Client Distributed Link Tracking Server Distributed Transaction Coordinator DNS Client o Retain Event Logs DNS Server o Retention Method for Event Log Error Reporting Service o Delegating Access to the Event Logs Event Log System Objects: Strengthen Default Permissions of Internal System Objects System Settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Event Log o Maximum Event Log Size o Prevent Local Guests Group from Accessing Event Logs System Services Fast User Switching Compatibility Services Overview Fax Service Do Not Set Permissions on Service Objects File Replication Manually Editing Security Templates File Server for Macintosh System Services - Alerter FTP Publishing Service Application Experience Lookup Service Help and Support Application Layer Gateway Service HTTP SSL Application Management Human Interface Device Access ASP .NET State Service IAS Jet Database Access Automatic Updates IIS Admin Service Background Intelligent Transfer Service (BITS) IMAPI CD-Burning COM Service Certificate Services Indexing Service ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Infrared Monitor Plug and Play Internet Authentication Service Portable Media Serial Number Intersite Messaging Print Server for Macintosh IP Version 6 Helper Service Print Spooler IPSec Policy Agent (IPSec Service) Protected Storage IPSec Services QoS RSVP Service Kerberos Key Distribution Center Remote Access Auto Connection Manager License Logging Service Logical Disk Manager o Logical Disk Manager Administrative Service Machine Debug Manager Message Queuing o Remote Access Connection Manager Remote Administration Service Help Session Manager o Remote Desktop Help Session Manager Remote Installation o Message Queuing Down Level Clients o Remote Procedure Call (RPC) o Message Queuing Triggers o Remote Procedure Call (RPC) Locator o Messenger o Remote Registry Service Microsoft POP3 Service o Remote Server Manager Microsoft Software Shadow Copy Provider o Remote Server Monitor MSSQL$UDDI o Remote Storage Notification MSSQLServerADHelper o Remote Storage Server .NET Framework Support Service Removable Storage Net Logon Resultant Set of Policy Provider NetMeeting Remote Desktop Sharing Routing and Remote Access Network Connections SAP Agent Network DDE Secondary Logon Network DDE DSDM Security Accounts Manager Network Location Awareness (NLA) Security Center Network Provisioning Service Server Network News Transfer Protocol (NNTP) Shell Hardware Detection NTLM Security Support Provider Simple Mail Transport Protocol (SMTP) Performance Logs and Alerts Simple TCP/IP Services ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Smart Card NetMeeting Special Administration Console Helper Disable Remote Desktop Sharing System Event Notification Internet Explorer Computer Settings System Restore Service Task Scheduler Disable Automatic Install of Internet Explorer Components TCP/IP NetBIOS Helper Service Disable Periodic Check for Internet Explorer Software Updates TCP/IP Print Server Telnet Disable Software Update Shell Notifications on Program Launch Terminal Services Make Proxy Settings Per-Machine (Rather than Per-User) Security Zones: Do Not Allow Users to Add/Delete Sites Turn off Crash Detection Do Not Allow Users to Enable or Disable Add-ons Internet Explorer\Internet Control Panel\Security Page Internet Explorer\Internet Control Panel\Advanced Page Allow Software to Run or Install Even if the Signature is Invalid Allow Active Content from CDs to Run on User Machines o Windows System Resource Manager Allow Third-party Browser Extensions o Windows Time Check for Server Certificate Revocation o Terminal Services Licensing o Terminal Services Session Directory Trivial FTP Daemon Uninterruptible Power Supply Upload Manager Virtual Disk Service WebClient Web Element Manager Windows Firewall /Internet Connection Sharing o Windows Installer WinHTTP Web Proxy Auto-Discovery Service Check for Signatures On Downloaded Programs Wireless Configuration Do Not Save Encrypted Pages to Disk Workstation Empty Temporary Internet Files Folder when Browser is Closed World Wide Web Publishing Service Internet Explorer\Security Features Software Restriction Policies Binary Behavior Security Restriction The Threat of Malicious Software MK Protocol Security Restriction Windows XP and Windows Server 2003 Administrative Templates Local Machine Zone Lockdown Security Computer Configuration Settings Consistent MIME Handling ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center MIME Sniffing Safety Features Windows Update Scripted Window Security Restrictions Configure Automatic Updates Restrict ActiveX Install Restrict File Download Reschedule Automatic Updates Scheduled Installations Network Protocol Lockdown System Internet Information Services Turn off Autoplay Prevent IIS Installation Do Not Process The Run Once List Terminal Services Logon Deny Log Off of an Administrator Logged in to the Console Session Don't Display The Getting Started Welcome Screen At Logon Do Not Allow Local Administrators to Customize Permissions Do Not Process The Legacy Run List Group Policy Sets Rules for Remote Control of Terminal Services User Sessions Internet Explorer Maintenance Policy Processing Client/Server Data Redirection IP Security Policy Processing Allow Time Zone Redirection Registry Policy Processing Do Not Allow COM Port Redirection Security Policy Processing Do Not Allow Client Printer Redirection Error Reporting Do Not Allow LPT Port Redirection Display Error Notification Do Not Allow Drive Redirection Report Errors Encryption and Security Internet Communications Management Set Client Connection Encryption Level Distributed COM Always Prompt Client For A Password On Connection Browser Menus Disable Save This Program To Disk Option RPC Security Policy Attachment Manager Secure Server (Require Security) Inclusion List For High Risk File Types Sessions Inclusion List For Moderate Risk File Types Set Time Limit For Disconnected Sessions Inclusion List For Low File Types Allow Reconnection From Original Client Only Trust Logic For File Attachments Windows Explorer Hide Mechanisms To Remove Zone Information Turn Off Shell Protocol Protected Mode Windows Messenger Notify Antivirus Programs When Opening Attachments ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Windows Explorer Remove Security Tab System\Power Management Additional Registry Entries How to Modify the Security Configuration Editor User Interface TCP/IP-Related Registry Entries Disableipsourcerouting: IP Source Routing Protection Level (Protects Against Packet Spoofing) Enabledeadgwdetect: Allow Automatic Detection Of Dead Network Gateways (Could Lead To Dos) Enableicmpredirect: Allow ICMP Redirects To Override OSPF Generated Routes Keepalivetime: How Often Keep-alive Packets Are Sent In Milliseconds (300,000 Is Recommended) Synattackprotect: Syn Attack Protection Level (Protects Against Dos) Tcpmaxconnectresponseretransmissions: SYN-ACK Retransmissions When A Connection Request Is Not Acknowledged Tcpmaxdataretransmissions: How Many Times Unacknowledged Data Is Retransmitted (3 Recommended, 5 Is Default) Enable Safe DLL Search Order: Enable Safe DLL Search Mode (Recommended) Security Log Near Capacity Warning: Percentage Threshold for the Security Event Log at which the System will Generate a Warning Registry Entries Available In Windows XP With SP2 And Windows Server 2003 With SP1 RunInvalidSignatures Registry Entries Available in Windows XP with SP2 Security Center Registry Entries for XP StorageDevicePolicies\WriteProtect Registry Entries Available in Windows Server 2003 with SP1 UseBasicAuth DisableBasicOverClearChannel Additional Countermeasures Securing the Accounts NTFS Data and Application Segmentation Configure SNMP Community Name Miscellaneous Registry Entries Disable NetBIOS and SMB on Public Facing Interfaces Configure Automatic Reboot from System Crashes Disable Dr. Watson: Disable Automatic Execution of Dr. Watson System Debugger Enable Administrative Shares Configure IPsec Policies Disable Saving of Dial-Up Passwords Configuring Windows Firewall Hide the Computer from Network Neighborhood Browse Lists: Hide Computer From the Browse List Configure Netbios Name Release Security: Allow the Computer to Ignore Netbios Name Release Requests Except from WINS Servers ITPro Global ® 2009 www.itpro.net.vn Module 62: Case Studies Module 63: Botnets Module 64: Economic Espionage Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 65: Patch Management Module 66: Security Convergence Module 67: Identifying the Terrorist ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Computer Hacking Forensic Investigator-v3 ĐIỀU TRA TỘI PHẠM MÁY TÍNH-v3 Tổng quan khóa học Khóa học CHFI sẽ đem đến cho học viên những kỹ năng cần thiết để nhận dạng những dấu hiệu của kẻ xâm nhập mạng máy tính và tập hợp những chứng cớ cần thiết để phục vụ cho công việc tiếp tục điều tra. Nhiều công cụ hàng đầu hiện nay của ngành điều tra tội phạm máy tính sẽ được đưa vào giảng dạy trong khóa học này, bao gồm cả phần mềm, phần cứng và những kỹ thuật chuyên ngành. Nhu cầu phát triển ứng dụng máy tính của các ngành kinh tế để hoạt động trở nên hiệu quả hơn và mở rộng khả năng tích hợp với nhiều lĩnh vực khác, cũng như nhu cầu của người sử dụng máy tính tại nhà ngày càng tăng, đã dẫn đến một loại tội phạm mới, “Tội phạm mạng”. Ngày nay không đơn thuần là câu hỏi “Tổ chức của bạn có bị tấn công không?” mà là câu hỏi “Khi nào thì bị tấn công?”. Ngày nay cuộc chiến giữa các tập đoàn, giữa các chính phủ và giữa các các quốc gia không còn chỉ diễn ra ở các phòng họp, trên đấu trường quốc tế mà còn xảy ra ở các chiến trường ảo với việc sử dụng các phương tiện kỹ thuật cao xảy ra trong hầu hết lĩnh vực của đời sống hiện đại. Nếu bạn hoặc tổ chức của bạn cần có kiến thức và kỹ năng để có thể nhận biết, theo dõi và tố cáo tội phạm mạng thì đây chính là khóa học dành cho bạn. Đối tượng tham gia Nhân viên cảnh sát và cán bộ của các cơ quan lập pháp, cơ quan thi hành pháp luật, nhân viên Bộ Quốc Phòng; các chuyên gia bảo mật, nhân viên quản trị hệ thống của những công ty: thuơng mại điện tử, ngân hàng, bảo hiểm và các ngành nghề chuyên nghiệp khác,… các nhà quản lý công nghệ thông tin. Yêu cầu Học viên nên tham gia khóa học CEH trước khi học khóa CHFI. Thời lượng 60 giờ Chứng chỉ Bài kiểm tra CHFI 312-49 sẽ được tổ chức vào ngày cuối cùng của khóa học, sau khóa học học viên sẽ nhận được chứng chỉ hoàn thành khóa học của EC-Council. Để nhận được chứng chỉ quốc tể CHFI, học viên cần phải vượt qua kỳ thi quốc tế tại các trung tâm khảo thí Prometric. Nội dung khóa học – phiên bản 3 Module 01: Computer Forensics in Today’s World Ways of Forensic Data Collection Objectives of Computer Forensics Benefits of Forensic Readiness Categories of Forensics Data Computer Facilitated Crimes ITPro Global ® 2009 www.itpro.net.vn Type of Computer Crimes Examples of Evidence Stages of Forensic Investigation in Tracking Cyber Criminals Key Steps in Forensics Investigations Need for Forensic Investigator When An Advocate Contacts The Forensic Investigator, He Specifies How To Approach Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Enterprise Theory of Investigation (ETI) Where and when do you use Computer Forensics Legal Issues Reporting the Results Module 02: Law and Computer Forensics Privacy Issues Involved in Investigations Fourth Amendment Definition Interpol- Information Technology Crime Center Internet Laws and Statutes Intellectual Property Rights Cyber Stalking Crime Investigating Organizations The G8 Countries: Principles to Combat High-tech Crime The G8 Countries: Action Plan to Combat High-Tech Crime (International Aspects of Computer Crime) United Kingdom: Police and Justice Act 2006 Australia: The Cybercrime Act 2001 Belgium European Laws Austrian Laws Brazilian Laws Belgium Laws Canadian Laws France Laws Indian Laws German Laws Italian Laws Greece Laws Denmark Laws Norwegian Laws Netherlands Laws Internet Crime Schemes Why You Should Report Cybercrime Reporting Computer-related Crimes Person Assigned to Report the Crime When and How to Report an Incident? Who to Contact at the Law Enforcement? Federal Local Agents Contact More Contacts Cyberthreat Report Form ITPro Global ® 2009 www.itpro.net.vn Module 03: Computer Investigation Process Securing the Computer Evidence Preparation for Searches Chain-of Evidence Form Accessing the Policy Violation Case: Example 10 Steps to Prepare for a Computer Forensic Investigation Investigation Process Policy and Procedure Development Evidence Assessment Case Assessment Processing Location Assessment Legal Considerations Evidence Assessment Evidence Acquisition Write Protection Acquire the Subject Evidence Evidence Examination Physical Extraction Logical Extraction Analysis of Extracted Data Timeframe Analysis Data Hiding Analysis Application and File Analysis Ownership and Possession Documenting and Reporting What Should be in the Final Report? Maintaining Professional Conduct Module 04: First Responder Procedure Electronic Evidence The Forensic Process Types of Electronic Devices Electronic Devices: Types and Collecting Potential Evidence Evidence Collecting Tools and Equipment First Response Rule Incident Response: Different Situations First Response for System Administrators First Response by Non-Laboratory Staff First Response by Laboratory Forensic Staff Securing and Evaluating Electronic Crime Scene Ask These Questions When A Client Calls A Forensic Investigator Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Health and Safety Issues Consent Planning the Search and Seizure Initial Search of the Scene Witness Signatures Conducting Preliminary Interviews Initial Interviews Documenting Electronic Crime Scene Photographing the Scene Sketching the Scene Collecting and Preserving Electronic Evidence Evidence Bag Contents List Order of Volatility Dealing with Powered OFF Computers at Seizure Time Dealing with a Powered ON PC Computers and Servers Collecting and Preserving Electronic Evidence Seizing Portable Computers Switched ON Portables Packaging Electronic Evidence Exhibit Numbering Transporting Electronic Evidence Handling and Transportation to the Forensic Laboratory ‘Chain of Custody’ Findings of Forensic Examination by Crime Category Module 06: Computer Forensic Lab Module 05 : CSIRT How to Prevent an Incident? Defining the Relationship between Incident Response, Incident Handling, and Incident Management Incident Response Checklist Incident Management Why don’t Organizations Report Computer Crimes? Estimating Cost of an Incident Vulnerability Resources Category of Incidents Category of Incidents: Low Level Category of Incidents: Mid Level Category of Incidents: High Level CSIRT: Goals and Strategy Motivation behind CSIRTs Why an Organization needs an Incident Response Team? Who works in a CSIRT? ITPro Global ® 2009 www.itpro.net.vn Staffing your Computer Security Incident Response Team: What are the Basic Skills Needed? Team Models CSIRT Services can be Grouped into Three Categories: CSIRT Case Classification Types of Incidents and Level of Support Service Description Attributes Incident Specific Procedures How CSIRT handles Case: Steps US-CERT Incident Reporting System CSIRT Incident Report Form CERT(R) Coordination Center: Incident Reporting Form Limits to Effectiveness in CSIRTs Working Smarter by Investing in Automated Response Capability World CERTs http://www.trustedintroducer.nl/teams/country.html http://www.first.org/about/organization/teams/ IRTs Around the World Ambience of a Forensics Lab: Ergonomics Forensic Laboratory Requirements Paraben Forensics Hardware: Handheld First Responder Kit Paraben Forensics Hardware: Wireless StrongHold Bag Paraben Forensics Hardware: Remote Charger Paraben Forensics Hardware: Device Seizure Toolbox Paraben Forensics Hardware: Wireless StrongHold Tent Paraben Forensics Hardware: Passport StrongHold Bag Paraben Forensics Hardware: Project-aPhone Paraben Forensics Hardware: SATA Adaptor Male/ Data cable for Nokia 7110/6210/6310/i Paraben Forensics Hardware: Lockdown Paraben Forensics Hardware: SIM Card Reader/ Sony Clie N & S Series Serial Data Cable Paraben Forensics Hardware: USB Serial DB9 Adapter Portable Forensic Systems and Towers: Forensic Air-Lite VI MKII laptop Portable Forensic Systems and Towers: Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Original Forensic Tower II Portable Forensic Systems and Towers: Portable Forensic Workhorse V Portable Forensic Workhorse V: Tableau 335 Forensic Drive Bay Controller Portable Forensic Systems and Towers: Forensic Air-Lite IV MK II Portable Forensic Systems and Towers: Forensic Tower II Forensic Write Protection Devices and Kits: Ultimate Forensic Write Protection Kit Tableau T3u Forensic SATA Bridge Write Protection Kit Tableau T8 Forensic USB Bridge Kit/Addonics Mini DigiDrive READ ONLY 12-in-1 Flash Media Reader Power Supplies and Switches DIBS® Mobile Forensic Workstation DIBS® Advanced Forensic Workstation DIBS® RAID: Rapid Action Imaging Device Forensic Archive and Restore Robotic Devices: Forensic Archive and Restore (FAR Pro) Forensic Workstations Tools: LiveWire Investigator Features of the Laboratory Imaging System Technical Specification of the Laboratory-based Imaging System Computer Forensic Labs, Inc Procedures at Computer Forensic Labs (CFL), Inc Data Destruction Industry Standards Module 07: Understanding File Systems and Hard Disks Types of Hard Disk Interfaces Types of Hard Disk Interfaces: SCSI Types of Hard Disk Interfaces: IDE/EIDE Types of Hard Disk Interfaces: USB Types of Hard Disk Interfaces: ATA Types of Hard Disk Interfaces: Fibre Channel Disk Capacity Calculation Evidor: The Evidence Collector WinHex EFS Key FAT vs. NTFS Windows Boot Process (XP/2003) http://www.bootdisk.com ITPro Global ® 2009 www.itpro.net.vn Module 08: Understanding Digital Media Devices Digital Storage Devices Magnetic Tape Floppy Disk Compact Disk CD-ROM DVD DVD-R, DVD+R, and DVD+R(W) DVD-RW, DVD+RW DVD+R DL/ DVD-R DL/ DVD-RAM HD-DVD (High Definition DVD) HD-DVD Blu-Ray CD Vs DVD Vs Blu-Ray HD-DVD vs. Blu-Ray iPod Zune Flash Memory Cards Secure Digital (SD) Memory Card Compact Flash (CF) Memory Card Memory Stick (MS) Memory Card Multi Media Memory Card (MMC) xD-Picture Card (xD) SmartMedia Memory (SM) Card USB Flash Drives USB Flash in a Pen Module 09: Windows, Linux and Macintosh Boot Processes Terminologies Boot Loader Boot Sector Anatomy of MBR Basic System Boot Process MS-DOS Boot Process Windows XP Boot Process Common Startup Files in UNIX List of Important Directories in UNIX Linux Boot Process Macintosh Forensic Software by BlackBag Directory Scan FileSpy HeaderBuilder Carbon Copy Cloner (CCC) Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center MacDrive6 Module 10: Windows Forensics Windows Forensics Tool: Helix Tools Present in Helix CD for Windows Forensics Helix Tool: SecReport Helix Tool: Windows Forensic Toolchest (WFT) MD5 Generator: Chaos MD5 Secure Hash Signature Generator MD5 Generator: Mat-MD5 MD5 Checksum Verifier 2.1 Registry Viewer Tool: RegScanner Virtual Memory System Scanner Integrated Windows Forensics Software: XWays Forensics Tool: Traces Viewer Investigating ADS Streams Module 13: Computer Forensic Tools Part I- Software Forensics Tools Module 11: Linux Forensics File System Description Mount Command Popular Linux Forensics Tools The Sleuth Kit Tools Present in “The Sleuth Kit” Autopsy The Evidence Analysis Techniques in Autopsy SMART for Linux Penguin Sleuth Tools Included in Penguin Sleuth Kit Forensix Maresware Major Programs Present in Maresware Captain Nemo THE FARMER'S BOOT CD Module 12: Data Acquisition and Duplication Mount Image Pro Snapshot Tool Snapback DatArrest Hardware Tool: Image MASSter Solo-3 Forensic Hardware Tool: LinkMASSter-2 Forensic ITPro Global ® 2009 www.itpro.net.vn Hardware Tool: RoadMASSter-2 Save-N-Sync Hardware Tool: ImageMASSter 6007SAS Hardware Tool: Disk Jockey IT SCSIPAK IBM DFSMSdss Tape Duplication System: QuickCopy Visual TimeAnalyzer X-Ways Forensics Evidor Data Recovery Tools: Device Seizure 1.0 Data Recovery Tools: Forensic Sorter v2.0.1 Data Recovery Tools: Directory Snoop Permanent Deletion of Files: Darik's Boot and Nuke (DBAN) File Integrity Checker: FileMon File Integrity Checker: File Date Time Extractor (FDTE) File Integrity Checker: Decode - Forensic Date/Time Decoder Partition Managers: Partimage Linux/Unix Tools: Ltools and Mtools Password Recovery Tool: Decryption Collection Enterprise v2.5 Password Recovery Tool: AIM Password Decoder Password Recovery Tool: MS Access Database Password Decoder Internet History Viewer: CookieView - Cookie Decoder Internet History Viewer: Cookie Viewer Internet History Viewer: Cache View Internet History Viewer: FavURLView Favourite Viewer Internet History Viewer: NetAnalysis FTK- Forensic Toolkit Email Recovery Tool: E-mail Examiner Email Recovery Tool: Network E-mail Examiner Case Agent Companion Chat Examiner Forensic Replicator Registry Analyzer Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center SIM Card Seizure Text Searcher Autoruns Autostart Viewer Belkasoft RemovEx HashDig Inforenz Forager KaZAlyser DiamondCS OpenPorts Pasco Patchit PE Explorer Port Explorer PowerGREP Process Explorer PyFLAG Registry Analyzing Tool: Regmon Reverse Engineering Compiler SafeBack TapeCat Vision Part II- Hardware Forensics Tools List of Hardware Computer Forensic Tools Hard Disk Write Protection Tools: Nowrite & Firewire Drivedock LockDown Write Protect Card Reader Drive Lock IDE Serial-ATA DriveLock Kit Wipe MASSter ImageMASSter Solo-3 IT ImageMASSter 4002i ImageMasster 3002SCSI Image MASSter 3004SATA Module 14: Forensics Investigations Using Encase Evidence File Evidence File Format Verifying File Integrity Hashing Acquiring Image Configuring Encase Encase Options Screen Encase Screens View Menu ITPro Global ® 2009 www.itpro.net.vn Device Tab Viewing Files and Folders Bottom Pane Viewers in Bottom Pane Status Bar Status Bar Searching Keywords Adding Keywords Grouping Add multiple Keywords Starting the Search Search Hits Tab Search Hits Bookmarks Creating Bookmarks Adding Bookmarks Bookmarking Selected Data Recovering Deleted Files/folders in FAT Partition Viewing Recovered Files Recovering Folders in NTFS Master Boot Record NTFS Starting Point Viewing Disk Geometry Recovering Deleted Partitions Hash Values Creating Hash Sets MD5 Hash Creating Hash Viewers Signature Analysis Viewing the Results Copying Files Folders E-mail Recovery Reporting Encase Boot Disks IE Cache Images Module 15: Recovering Deleted Files and Deleted partitions Part I: Recovering Deleted Files Deleting Files What happens when a File is Deleted in Windows? Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Storage Locations of Recycle Bin in FAT and NTFS System How The Recycle Bin Works Damaged or Deleted INFO File Damaged Files in Recycled Folder Damaged Recycle Folder Tools to Recover Deleted Files Tool: Search and Recover Tool: Zero Assumption Digital Image Recovery Tool: PC Inspector Smart Recovery Tool: Fundelete Tool: RecoverPlus Pro Tool: OfficeFIX Tool: Recover My Files Tool: Zero Assumption Recovery Tool: SuperFile Recover Tool: IsoBuster Tool: CDRoller Tool: DiskInternals Uneraser Tool: DiskInternal Flash Recovery Tool: DiskInternals NTFS Recovery Recover Lost/Deleted/Corrupted files on CDs and DVDs Tool: Undelete Tool: Active@ UNDELETE Data Recovery Tool: CD Data Rescue Tool: File Recover Tool: WinUndelete Tool: R-Undelete Tool: Image Recall Tool: eIMAGE Recovery Tool: File Scavenger Tool: Recover4all Professional Tool: eData Unerase Tool: Easy-Undelete Tool: InDisk Recovery Tool: Repair My Excel Tool: Repair Microsoft Word Files Tool: Zip Repair Tool: Canon RAW File Recovery Software Part II: Recovering Deleted Partitions Deletion of Partition Deletion of Partition using Windows Deletion of Partition using Command Line Recovery of Deleted Partition Deleted Partition Recovery Tools Tool: GetDataBack Tool: DiskInternals Partition Recovery Tool: Active@ Partition Recovery Tool: Handy Recovery ITPro Global ® 2009 www.itpro.net.vn Tool: Acronis Recovery Expert Tool: Active Disk Image Tool: TestDisk Tool: Recover It All! Tool: Scaven Tool: Partition Table Doctor Tool: NTFS Deleted Partition Recovery Module 16: Image Files Forensics Common Terminologies Understanding Image File Formats GIF (Graphics Interchange Format) JPEG (Joint Photographic Experts Group) JPEG 2000 BMP (Bitmap) File PNG (Portable Network Graphics) Tagged Image File Format (TIFF) ZIP (Zone Information Protocol) How File Compression Works Huffman Coding Algorithm Lempel-Ziv Coding Algorithm Vector Quantization http://www.filext.com Picture Viewer: AD Picture Viewer: Max FastStone Image Viewer XnView Faces – Sketch Software Steganalysis Steganalysis Tool: Stegdetect Image File Forensic Tool: GFE Stealth (Graphics File Extractor) Tool: ILook v8 Tool: P2 eXplorer Module 17: Steganography Classification of Steganography Steganography vs. Cryptography Model of Stegosystem Model of Cryptosystem Introduction to Stego-Forensics Important Terms in Stego-Forensics Steganography vs. Watermarking Attacks on Watermarking pplication of Watermarking Digimarc's Digital Watermarking Watermarking – Mosaic Attack Mosaic Attack – Javascript code Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center 2Mosaic – Watermark breaking Tool Steganalysis teganalysis Methods/Attacks on Steganography TEMPSET Van Eck phreaking Printer Forensics Is Your Printer Spying On You? DocuColor Tracking Dot Decoding Steganography Tools Tool: Steganos Steganography Tool: Pretty Good Envelop Tool: Gifshuffle Refugee Tool: JPHIDE and JPSEEK Tool: wbStego Tool: OutGuess Tool: Invisible Secrets 4 Tool: Masker Tool: Hydan Tool: Cloak Tool: StegaNote Tool: Stegomagic Hermetic Stego Application of Steganography How to Detect Steganography? Stego Suite – Steg Detection Tool StegSpy Module: 18: Application Password Crackers Brute Force Attack Dictionary Attack Syllable Attack/Rule-based Attack/Hybrid Attack Password Guessing Rainbow Attack CMOS Level Password Cracking Tool CmosPwd ERD Commander Active Password Changer http://www.virus.org/index.php? Pdf Password Crackers Password Cracking Tools Tool: Cain & Abel Tool: LCP Tool: SID&User Tool: Ophcrack 2 Tool: John the Ripper Tool: DJohn ITPro Global ® 2009 www.itpro.net.vn Tool: Crack Tool: Brutus Tool: Access PassView Tool: RockXP Tool: Magical Jelly Bean Keyfinder Tool: PstPassword Tool: Protected Storage PassView Tool: Network Password Recovery Tool: Mail PassView Tool: Asterisk Key Tool: Messenger Key Tool: MessenPass Tool: Password Spectator Pro Tool: SniffPass Tool: Asterisk Logger Tool: Dialupass Tool: Mail Password Recovery Tool: Database Password Sleuth Tool: CHAOS Generator Tool: PicoZip Recovery Tool: Netscapass Common Recommendations for Improving Password Security Standard Password Advice Module 19: Network Forensics and Investigating Logs Introduction to Network Forensics The Hacking Process The Intrusion Process Looking for Evidence Log Files as Evidence Records of Regularly Conducted Activity Legality of Using Logs Maintaining Credible IIS Log Files Log File Accuracy Log Everything Keeping Time UTC Time Use Multiple Logs as Evidence Avoid Missing Logs Log File Authenticity Work with Copies Access Control Chain of Custody Importance of Audit Logs Central Logging Design Steps to Implement Central Logging Centralized Syslog Server Syslog-ng: Security Tool Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center IIS Centralized Binary Logging ODBC Logging IISLogger: Development tool Socklog: IDS Log Analysis Tool KiwiSysLog Tool Microsoft Log Parser: Forensic Analysis Tool Firewall Analyzer: Log Analysis Tool Adaptive Security Analyzer (ASA) Pro: Log Analysis Tool GFI EventsManager How does GFI EventsManager work? Activeworx Security Center EventLog Analyzer Why Synchronize Computer Times? What is NTP Protocol? NTP Stratum Levels NIST Time Servers Configuring the Windows Time Service Module 20: Investigating Network Traffic Network Addressing Schemes Tool: Tcpdump CommView Softperfect Network Sniffer HTTP Sniffer EtherDetect Packet Sniffer OmniPeek Iris Network Traffic Analyzer SmartSniff NetSetMan Tool Evidence Gathering at the Data-link Layer: DHCP database DHCP Log Siemens Monitoring Center Netresident Tool eTrust Network Forensics IDS Policy Manager http://www.activeworx.org Module 21: Investigating Wireless Attacks Association of Wireless AP and Device Search Warrant for Wireless Networks Key Points to Remember Points You Should Not Overlook while Testing the Wireless Network ITPro Global ® 2009 www.itpro.net.vn Methods to Access a Wireless Access Point Direct-connect To the Wireless Access Point Nmap Scanning Wireless Access Points using Nmap Rogue Access Point “Sniffing” Traffic Between the Access Point and Associated Devices Scanning using Airodump MAC Address Information Airodump: Points to Note Searching for Additional Devices Forcing Associated Devices to Reconnect Check for MAC Filtering Changing the MAC Address Passive Attack Active Attacks on Wireless Networks Investigating Wireless Attacks Module 22: Investigating Web Attacks Types of Web Attacks Cross-Site Scripting (XSS) Investigating Cross-Site Scripting (XSS) Cross-Site Request Forgery (CSRF) Anatomy of CSRF Attack Pen-testing CSRF Validation Fields Code Injection Attack Investigating Code Injection Attack Command Injection Attack Parameter Tampering Cookie Poisoning Investigating Cookie Poisoning Attack Buffer Overflow/Cookie Snooping Investigating Buffer Overflow DMZ Protocol Attack, Zero Day Attack Example of FTP Compromise Acunetix Web Vulnerability Scanner Tools for Locating IP Address: Hide Real IP Tools for Locating IP Address: www.whatismyip.com Tools for Locating IP Address: IP Detective Suite Tools for Locating IP Address: Enterprise IP – Address Manager Intrusion Detection CounterStorm-1: Defense against Known, Zero Day and Targeted Attacks Module 23: Router Forensics Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Routing Information Protocol Hacking Routers Router Attack Topology Recording your Session Router Logs NETGEAR Router Logs Link Logger Sawmill: Linksys Router Log Analyzer Real Time Forensics Router Audit Tool (RAT) Module 24: Investigating DoS Attacks DoS Attacks Types of DoS Attacks Types of DoS Attacks: Ping of Death Attack Types of DoS Attacks: Teardrop Attack Types of DoS Attacks: SYN Flooding Types of DoS Attacks: Land Types of DoS Attacks: Smurf Types of DoS Attacks: Fraggle Types of DoS Attacks: Snork Types of DoS Attacks: WINDOWS OUTOF-BAND (OOB) Attack DDoS Attack Working of DDoS Attacks (FIG) Classification of DDoS Attack DoS Attack Modes Indications of a DoS/DDoS Attack Techniques to Detect DoS Attack Techniques to Detect DoS Attack: Activity Profiling Sequential Change-Point Detection Wavelet-based Signal Analysis Challenges in the Detection of DoS Attack Module 26: Tracking E-mails and Investigating E-mail Crimes Module 25: Investigating Internet Crimes Internet Crimes Internet Forensics Why Internet Forensics IP Address Domain Name System (DNS) DNS Record Manipulation DNS Lookup Email Headers Email Headers Forging ITPro Global ® 2009 www.itpro.net.vn Tracing Back Spam Mails Switch URL Redirection Sample Javascript for Page-based Redirection Embedded JavaScript Recovering Information from Web Pages Downloading a Single Page or an Entire Web Site Tool: Grab-a-Site Tool: SurfOffline 1.4 Tool: My Offline Browser 1.0 www.newprosoft.com Tool: WayBack Machine HTTP Headers Viewing Header Information Examining Information in Cookies Viewing Cookies in Firefox Tracing Geographical Location of a URL: www.centralops.net DNS Lookup Result: centralops.net DNS Lookup Result: centralops.net NetScanTools Pro Tool: Privoxy http://www.privoxy.org Client and Server in E-mail E-mail Client E-mail Server Real E-mail System Received: Headers Forging Headers List of Common Headers Exchange Message Tracking Center MailDetective Tool Forensic ToolKit (FTK) Tool: E-Mail Detective Recover My Email for Outlook Diskinternals – Outlook Recovery Tool: SpamArrest Tool: ID Protect - www.enom.com U.S. Laws Against Email Crime: CAN-SPAM Act U.S.C. § 2252A U.S.C. § 2252B Email crime law in Washington: RCW 19.190.020 Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 27: Investigating Corporate Espionage Introduction to Corporate Espionage Motives behind Corporate Espionage Information that Corporate Spies Seek Corporate Espionage: Insider/Outsider Threat Techniques of Spying Defense Against Corporate Spying Netspionage Investigating Corporate Espionage CasesEmployee Monitoring: Activity Monitor Spy Tool: SpyBuddy Module 28: Investigating Trademark and Copyright Infringement Characteristics of Trademarks Copyright Copyright Infringement: Plagiarism Plagiarism Detection Factors Plagiarism Detection Tool: Copy Protection System (COPS) Plagiarism Detection Tool: SCAM (Stanford Copy Analysis Mechanism) Plagiarism Detection Tool: CHECK Plagiarism Detection Tool: Jplag Plagiarism Detection Tool: VAST Plagiarism Detection Tool: SIM Plagiarism Detection Tool: PLAGUE Plagiarism Detection Tool: YAP Plagiarism Detection Tool: SPlaT Plagiarism Detection Tool: Sherlock Plagiarism Detection Tool: Urkund Plagiarism Detection Tool: PRAISE Plagiarism Detection Tool: FreestylerIII Plagiarism Detection Tool: SafeAssignment http://www.ip.com How it works? Investigating Intellectual Property US Laws for Trademarks and Copyright Indian Laws for Trademarks and Copyright Japanese Laws for Trademarks and Copyright Australia Laws For Trademarks and Copyright ITPro Global ® 2009 www.itpro.net.vn UK Laws for Trademarks and Copyright Module 29: Investigating sexually harassment incidents Sexual Harassment - Introduction Types of Sexual Harassment Consequences of Sexual Harassment Responsibilities of Supervisors Responsibilities of Employees Complaint Procedures Investigation Process Sexual Harassment Investigations Sexual Harassment Policy Preventive Steps U.S Laws on Sexual Harassment The Laws on Sexual Harassment: Title VII of the 1964 Civil Rights Act The Laws on Sexual Harassment: The Civil Rights Act of 1991 The Laws on Sexual Harassment: Equal Protection Clause of the 14th Amendment The Laws on Sexual Harassment: Common Law Torts The Laws on Sexual Harassment: State and Municipal Laws Module 30: Investigating Child Pornography Introduction to Child Pornography People’s Motive Behind Child Pornography People Involved in Child Pornography Role of Internet in Promoting Child Pornography Effects of Child Pornography on Children Measures to Prevent Dissemination of Child Pornography Challenges in Controlling Child Pornography Guidelines for Investigating Child Pornography Cases Sources of Digital Evidence Antichildporn.org How to Report Antichildporn.org about Child Pornography Cases Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Report Format of Antichildporn.org Tools to Protect Children from Pornography: Reveal Tool: iProtectYou Child Exploitation Tracking System (CETS) http://www.projectsafechildhood.gov/ Innocent Images National Initiative Internet Crimes Against Children (ICAC) Reports on Child Pornography U.S. Laws against Child Pornography Australia Laws against Child Pornography Austria Laws against Child Pornography Belgium Laws against Child Pornography Cyprus Laws against Child Pornography Japan Laws against Child Pornography Module 33: Blackberry Forensics Module 31: PDA Forensics Features PDA Forensics Steps Investigative Methods Tool: PDA Secure – Forensic Tool EnCase – Forensic Tool Module 32: iPod Forensics iPod iPod Features iPod as Operating System Apple HFS+ and FAT32 Application Formats Misuse of iPod iPod Investigation Mac Connected iPods Windows Connected iPods Storage Lab Analysis Remove Device From Packaging Testing Mac Version Full System Restore as Described in the Users’ Manual Testing Windows Version User Account Calendar and Contact Entries Macintosh Version EnCase ® ITPro Global 2009 www.itpro.net.vn Deleted Files Windows Version Registry Key Containing the iPod’s USB/Firewire Serial Number Tool: DiskInternals Music Recovery Recover My iPod: Tool Blackberry: Introduction BlackBerry Functions BlackBerry as Operating System How BlackBerry (RIM) Works BlackBerry Serial Protocol BlackBerry Security BlackBerry Wireless Security BlackBerry Security for Wireless Data Security for Stored Data Forensics Acquisition Collecting Evidence from Blackberry Collecting Evidence from Blackberry: Gathering Logs Collecting Evidence from Blackberry: Imaging and Profiling Review of Evidence Simulator – Screenshot Blackberry Attacks Protecting Stored Data Data Hiding in BlackBerry BlackBerry Signing Authority Tool Module 34: Investigative Reports Understanding the Importance of Reports Investigating Report Requirements Sample Forensic Report Sample Report Guidelines for Writing Reports Important Aspects of a Good Report Dos and Don'ts of Forensic Computer Investigations Case Report Writing and Documentation Create a Report to Attach to the Media Analysis Worksheet Investigative Procedures Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Collecting Physical and Demonstrative Evidence Collecting Testimonial Evidence Best Practices for Investigators Module 35: Becoming an Expert Witness What is Expert Witness Types of Expert Witnesses Computer Forensics Experts Medical & Psychological Experts Civil Litigation Experts Construction & Architecture Experts Criminal Litigation Experts Scope of Expert Witness Testimony Checklists for Processing Evidence Examining Computer Evidence Recognizing Deposing Problems Dealing with Media ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center EC-Council Certified Security Analyst/Licensed Penetration Tester ECSA/LPT CERTIFICATION BOOTCAMP (v4) Nhà Phân tích an ninh /Kiểm tra sự xâm nhập của EC-Council - ECSA/LPT Tổng quan ECSA/LPT là lớp học không như các lớp học khác! Cung cấp thế giới thực hành thực trên kinh nghiệm thực tế. Lớp học chỉ tập trung sâu vào Kiểm tra sự xâm nhập và Hack nâng cao. Bao gồm việc kiểm tra ở tất cả cơ sở hạ tầng, các hệ điều hành và các môi trường ứng dụng hiện đại. Chương trình Nhà phân tích an ninh, kiểm tra sự xâm nhập của EC-Council (EC-Council’s Certified Security Analyst/LPT) là khóa học về an ninh 5 ngày có sự tương tác cao được thiết kế để giảng dạy cho các chuyên viên an ninh việc sử dụng các phương pháp, các công cụ và công nghệ cao cấp đẻ kiểm tra sự xâm nhập cần thiết để thực hiện các kiểm tra an ninh thông tin tổng thể. Đối tượng Các nhà Quản trị máy chủ mạng, Quản trị bức tường lửa, Các nhà kiểm tra an ninh, Quản trị hệ thống và Các chuyên viên đánh giá rủi ro. Thời lượng 5 ngày Mục tiêu Các học viên sẽ học cách thiết kế, bảo vệ và kiểm tra các mạng để bảo vệ tổ chức của học viên từ các đe dọa của các kiểu tin tặc và tội phạm máy tính. Bằng cách giảng dạy các công cụ và các kỹ thuật xâm nhập cơ bản cho việc kiểm tra xâm nhập và an ninh, lớp học này sẽ giúp học viên thực hiện các đánh giá chuyên sâu cần thiết để xác định và làm giảm bớt một cách hiệu quả các rủi ro cho an ninh cơ sở hạ tầng của tổ chức.Do học viên học cách xác định các vấn đề an ninh, học viên cũng học cách làm thế nào tránh và loại trừ các vấn đề đó, bằng việc cung cấp đồng bộ .cho lớp học các đề tài phân tích và kiểm tra an ninh mạng. Chứng chỉ Việc thi lấy chứng chỉ quốc tế môn ECSA sẽ được thực hiện vào ngày cuối cùng của lớp học. Các học viên cần thi online đạt yêu cầu tại trung tâm thi Prometric môn thi 412-79 để nhận chứng chỉ ECSA. Học viên cũng sẽ được chuẩn bị để lấy chứng chỉ LPT. Nội dung khóa học – phiên bản 4 Module 1: The Need for Security Analysis New Technologies What Are We Concerned About? New Threats, New Exploits So What Are You Trying To Protect? Limited Focus Why Are Intrusions Successful? Limited Expertise Authentication Authorization So Often What Are The Greatest Challenges? Environmental Complexity ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Confidentiality Network-Connection Policy Integrity Business-Partner Policy Availability Other Important Policies Nonrepudiation Policy Statements We Must Be Diligento:p> Threat Agents Basic Document Set of Information Security Policies Assessment Questions ISO 17799 How Much Security is Enough? Domains of ISO 17799 Risk No Simple Solutions Simplifying Risk U.S. Legislation Risk Analysis California SB 1386 Risk Assessment Answers Seven Questions Sarbanes-Oxley 2002 Gramm-Leach-Bliley Act (GLBA) Health Insurance Portability Accountability Act (HIPAA) USA Patriot Act 2001 U.K. Legislation How Does This Law Affect a Security Officer? Steps of Risk Assessment Risk Assessment Values Information Security Awareness Security policies Types of Policies Promiscuous Policy The Data Protection Act 1998 Permissive Policy The Human Rights Act 1998 Prudent Policy Interception of Communications Paranoid Policy Acceptable-Use Policy The Freedom of Information Act 2000 User-Account Policy The Audit Investigation and Community Enterprise Act 2005 Remote-Access Policy Information-Protection Policy Firewall-Management Policy Special-Access Policy ITPro Global ® 2009 www.itpro.net.vn and Module 2: Advanced Googling Site Operator intitle:index.of error | warning Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center login | logon username | userid | employee.ID | “your username is” Web Server Messages IIS HTTP/1.1 Error Page Titles “Object Not Found” Error Message Used to Find IIS 5.0 passcode | “your Software Error password | password is” admin | administrator Apache Web Server admin login Apache 2.0 Error Pages –ext:html –ext:htm ext:asp –ext:php Application Software Error Messages inurl:temp | inurl:tmp | inurl:backup | inurl:bak ASP Dumps Details intranet | help.desk Many Errors Reveal Pathnames and Filenames Locating Public Exploit Sites Locating Exploits Via Common Code Strings CGI Environment Listings Reveal Lots of Information Default Pages A Typical Apache Default Web Page Locating Default Installations of IIS 4.0 on Windows NT 4.0/OP Default Pages Query for Web Server Outlook Web Access Default Portal Searching for Passwords Windows Registry Reveal Passwords Usernames, Cleartext Passwords, and Hostnames! –ext:shtml – Searching for Exploit Code with Nonstandard Extensions Locating Source Code with Common Strings Locating Vulnerable Targets Locating Targets Via Demonstration Pages “Powered by” Tags Are Common Query Fodder for Finding Web Applications Locating Targets Via Source Code Vulnerable Examples Web Application Locating Targets Via CGI Scanning A Single CGI Scan-Style Query Directory Listings Finding IIS 5.0 Servers ITPro Global ® 2009 www.itpro.net.vn Provide Dangerous Entries Can Module 3: TCP/IP Packet Analysis TCP/IP Model Application Layer Transport Layer Internet Layer Network Access Layer Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Comparing OSI and TCP/IP Sequencing Numbers Addressing IPv4 Addresses Positive Acknowledgment Retransmission (PAR) IP Classes of Addresses UDP Operation Reserved IP Addresses Private Addresses Port Numbers Positioning between Transport and Application Layer (TCP and UDP) Subnetting Port Numbers IPv4 and IPv6 http://www.iana.org/assignments/port -numbers Transport Layer Flow Control What Makes Unique? Three-Way Handshake Internet Control Message Protocol (ICMP) TCP/IP Protocols Error Reporting and Error Correction TCP Header ICMP Message Delivery IP Header Format of an ICMP Message IP Header: Protocol Field Unreachable Networks UDP Destination Unreachable Message TCP and UDP Port Numbers Port Numbers ICMP Echo (Request) and Echo Reply TCP Operation Detecting Excessively Long Routes Synchronization Handshake IP Parameter Problem ICMP Control Messages Denial of Service (DoS) Attacks ICMP Redirects DoS Syn Flooding Attack Windowing Clock Synchronization and Transit Time Estimation Acknowledgement Windowing and Window Sizes Information Requests Message Formats Simple Windowing Address Masks Sliding Windows Router Solicitation Advertisement ITPro Global ® 2009 www.itpro.net.vn or 3-way Each and Connection and Reply and Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 4: Advanced Sniffing Techniques Wireless Sniffing with Wireshark What is Wireshark? AirPcap Wireshark: Filters Using Channel Hopping IP Display Filters Interference and Collisions Example Wireshark: Tshark Recommendations Wireless Wireshark: Editcap Analyzing Wireless Traffic Wireshark: Mergecap IEEE 802.11 Header Wireshark: Text2pcap IEEE 802.11 Header Fields Using Wireshark Troubleshooting Filters Filtering on Source MAC Address and BSSID Filtering on BSSID Filter on SSID Wireless Frame Types Filters Unencrypted Data Traffic Identifying Hidden SSIDs Network Methodology for Network Troubleshooting Using Wireshark Administration for System ARP Problems ICMP Echo Request/Reply Header Layout for Sniffing TCP Flags Revealed SSID TCP SYN Packet Flags Bit Field Capture Filter Examples Identifying Failures Scenario 1: SYN no SYN+ACK Identifying the EAP Type Scenario 2: Response RST Identifying Properties Scenario 3: SYN SYN+ACK ACK EAP Identity Disclosure Using Wireshark for Security Administration Identifying WEP Identifying TKIP and CCMP Identifying IPSec/VPN SYN Relay Chat Authentication Key Detecting Activity Decrypting Traffic Wireshark as a Detector for Proprietary Information Transmission Scanning Sniffer Detection TCP Connect Scan ITPro Global ® 2009 www.itpro.net.vn Internet Immediate EAP Negotiation Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center SYN Scan Report Generation XMAS Scan Reports: Result Null Scan Identifying False Positives Remote Access Trojans Suspicious Signs NetBus Analysis False Positives Trojan Analysis Example NetBus Analysis Examples of False Positives Writing Nessus Plugins Writing a Plugin Module 5: Vulnerability Analysis with Nessus Nessus Installing and Running the Plugin Features of Nessus Nessus Report with output from our plugin Nessus Assessment Process Nessus: Scanning Security Center http://www.tenablesecurity.com Nessus: Enumeration Nessus: Vulnerability Detection Wireless Concepts Configuring Nessus Wireless Concepts Updating Nessus Plug-Ins 802.11 Types Using the Nessus Client Core Issues with 802.11 Starting a Nessus Scan What’s the Difference? Generating Reports Other Types of Wireless Data Gathering Spread Spectrum Background Host Identification Channels Port Scan Access Point SYN scan Service Set ID Timing Default SSIDs Port Scanning Rules of Thumb Chipsets Plug-in Selection Wi-Fi Equipment Dangerous plugins Expedient Antennas Scanning Rules of Thumb ITPro Global ® 2009 www.itpro.net.vn Module 6: Advanced Wireless Testing Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Vulnerabilities RADIUS to 802.1x and Wireless Penetration Testing with Windows Wired Equivalent Privacy Attacks And Tools Security - WEP War Driving Wired Equivalent Privacy The Jargon – WarChalking Exclusive OR WarPumpkin Encryption Process Wireless: Tools of the Trade Chipping Sequence Mapping with Kismet WEP Issues WarDriving with NetStumbler WEP - Authentication Phase How NetStumbler Works? WEP - Shared Key Authentication WEP - Association Phase “Active” versus Detection WEP Flaws Disabling the Beacon WEP Attack Running NetStumbler WEP: Solutions Captured Data Using NetStumbler WEP Solution – 802.11i Filtering by Channels Wireless Security Technologies Airsnort WPA Interim 802.11 Security WEPCrack WPA Monkey-Jack 802.1X Authentication and EAP How Monkey-Jack Works EAP Types Before Monkey-Jack Cisco LEAP After Monkey-Jack TKIP (Temporal Protocol) AirCrack-ng How Does It Work? Key Integrity “Passive” WLAN Wireless Networks Testing FMS and Korek Attacks Wireless Communications Testing Crack WEP Report Recommendations Available Options Wireless Attack Countermeasures Usage Examples Cracking WPA/WPA2 Passphrases ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Notes Determining Network Network View IP Forwarding Iptables Installing Iptables and IP Forwarding Establishing the NAT Rules Topology: and NAT Using WarDriving and Wireless Penetration Testing with OS X Dnsmasq What is the Difference between “Active" and “Passive" Sniffing? Configuring Dnsmasq Using a GPS Apache Web Servers Attacking KisMAC Virtual Directories Clone the Target Access Point and Begin the Attack WEP Encryption with Deauthenticating Clients Attacking WPA with KisMAC Start the Wireless Interface Brute-force Attacks Against 40-bit WEP Deauthenticate Clients Connected to the Target Access Point Wordlist Attacks Wait for the Client to Associate to Your Access Point Mapping StumbVerter Spoof the Application MITM Attack basics Modify the Page MITM Attack Design Example Page MITM Attack Variables Login/php page Hardware for the Attack Antennas, Amps, WiFi Cards Redirect Web Traffic Using Dnsmasq Wireless Network Cards Choosing the Right Antenna Amplifying the Wireless Signal Identify and Compromise the Target Access Point Compromising the Target Crack the WEP key Aircrack-ng Cracked the WEP Key The MITM Configuration ITPro Global ® 2009 www.itpro.net.vn WarDrives Attack with Module 7: Designing a DMZ Laptop Introduction DMZ Concepts Multitiered Firewall With a DMZ Flow DMZ Design Fundamentals Advanced Design Strategies Designing Windows DMZ Designing Windows DMZ Precautions for DMZ Setup Security Analysis for the DMZ Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Designing Sun Solaris DMZ Output Plugins Placement of Servers Rules Advanced Implementation Solaris DMZ Server Working of Snort Initializing Snort Solaris DMZ Servers in a Conceptual Highly Available Configuration Signal Handlers Private and Public Network Firewall Ruleset Parsing the Configuration File Decoding Possible Decoders Preprocessing Detection Content Matching Content-Matching Functions The Stream4 Preprocessor Inline Functionality Writing Snort Rules Snort Rule Header of a DMA Server Firewall Ruleset Solaris DMZ System Design Disk Layout and Considerations Designing Wireless DMZ Placement of Wireless Equipment Access to DMZ and Authentication Considerations Wireless DMZ Components Wireless DMZ Using RADIUS to Authenticate Users WLAN DMZ Security Best-Practices Snort Rule Header: Actions DMZ Router Security Best-Practice Snort Rule Header: Other Fields DMZ Switch Security Best-Practice IP Address Negation Rule Six Ways to Stop Data Leaks IP Address Filters Reconnex Port Numbers Direction Operator Module 8: Snort Analysis Snort Overview Rule Options Modes of Operation Activate/Dynamic Rules Features of Snort Meta-Data Rule Options: msg Configuring Snort Reference Keyword Variables sid/rev Keyword Preprocessors Classtype Keyword ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Payload Detection Rule Options: content Modifier Keywords Offset/depth Keyword Uricontent keyword fragoffset keyword ttl keyword id keyword flags keyword itype keyword : icmp id Writing Good Snort Rules Syslog: Enabling Message Logging Main Display Window Configuring Kiwi Syslog to Log to a MS SQL Database Configuring Ethereal Syslog Messages Sending Log Files via email Configuring Cisco Router for Syslog Configuring DLink Router for Syslog Configuring Cisco PIX for Syslog Configuring an Intertex / Ingate/ PowerBit/ SurfinBird ADSL router Sample Rule to Catch Metasploit Buffer Overflow Exploit Configuring a LinkSys wireless VPN Router Tool for writing Snort rules: IDS Policy Manager Configuring a Netgear ADSL Firewall Router Subscribe to Snort Rules Analyzing Web Server Logs Honeynet Security Console Tool Apache Web Server Log Key Features AWStats Configuring AWStats for IIS Module 9: Log Analysis to Capture Introduction to Logs Log Processing in AWStats Types of Logs Analyzing Router Logs Events that Need to be Logged Router Logs What to Look Out For in Logs W3C Extended Log File Format Analyzing Wireless Network Devices Logs Automated Log Analysis Approaches Wireless Traffic Log Log Shipping Analyzing Windows Logs Analyzing Syslog Configuring Firewall Logs in Local Windows System Syslog Viewing Local Windows Firewall Log Setting up a Syslog Viewing Windows Event Log ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center AAnalyzing Linux Logs Configuring an NTP Server iptables NTP: Setting Local Date and Time Log Prefixing with iptables Log Analysis Tools Firewall Log Analysis with grep Analyzing SQL Server Logs All-Seeing Tracker SQL Database Log Network Sniffer Interface Test Tool ApexSQL Log Syslog Manager 2.0.1 Configuring ApexSQL Log Sawmill Analyzing VPN Server Logs WALLWATCHER VPN Client Log Log Alert Tools Analyzing Firewall Logs Network Eagle Monitor Why Firewall Logs are Important Network Eagle Monitor: Features Firewall Log Sample SQL Server Database Log Navigator ManageEngine Firewall Analyzer What Log Navigator does? Installing Firewall Analyzer How Does Log Navigator Work? Viewing Firewall Analyzer Reports Snortsnarf Firewall Analyzer Log Reports Types of Snort Alarms Analyzing IDS Logs ACID (Analysis Console for Intrusion Databases) SnortALog IDS Log Sample Common Vulnerabilities Analyzing DHCP Logs Buffer Overflows Revisited DHCP Log NTP Configuration Smashing the Stack for Fun and Profit Time Synchronization and Logging Smashing the Heap for Fun and Profit NTP Overview NTP Client Configuration Format Strings Mayhem Configuring an NTP client using the Client Manager The Anatomy of an Exploit Vulnerable code ITPro Global ® 2009 www.itpro.net.vn Eye Tool: Event Log Module 10: Advanced Exploits and Tools for Chaos and Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 11: Penetration Testing Methodologies Shellcoding Shellcode Examples Delivery Code Delivery Code: Example Linux Exploits Versus Windows Windows Versus Linux Tools of the Trade: Debuggers Tools of the Trade: GDB Tools of the Trade: Metasploit Metasploit Frame work User-Interface Modes Metasploit: Environment Environment: Global Environment Environment: Environment Metasploit: Options Metasploit: Commands Metasploit: Launching the Exploit MetaSploit: Advanced Features Tools of the Trade: Canvas Tools of the Trade: CORE Impact IMPACT Industrializes Penetration Testing Ways to Use CORE IMPACT Other IMPACT Benefits Module 27: Stolen Laptop, PDAs and Cell phones Penetration Testing ANATOMY OF A REAL-WORLD ATTACK Module 28: Application Penetration Testing CLIENT SIDE EXPLOITS Module 29: Physical Security Penetration Testing Impact Demo Lab ITPro Global ® 2009 www.itpro.net.vn Module 12: Customers and Legal Agreements Module 13: Rules of Engagement Module 14: Penetration Testing Planning and Scheduling Module 15: Pre Penetration Testing Checklist Module 16: Information Gathering Module 17: Vulnerability Analysis Module 18: External Penetration Testing Module 19: Internal Network Penetration Testing Temporary Module 20: Routers and Switches Penetration Testing Module 21: Firewall Penetration Testing Module 22: IDS Penetration Testing Module 23: Wireless Network Penetration Testing Module 24: Denial of Service Penetration Testing Module 25: Password Cracking Penetration Testing Module 26: Social Engineering Penetration Testing Module 30: Database Penetration testing Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 31: VoIP Penetration Testing Module 32: VPN Penetration Testing Module 33: War Dialing Module 34: Virus and Trojan Detection Module 35: Log Management Penetration Testing Module 36: File Integrity Checking Module 37: Blue Tooth and Hand held Device Penetration Testing Module 38: Telecommunication and Broadband Communication Penetration Testing Module 39: Email Security Penetration Testing ITPro Global ® 2009 www.itpro.net.vn Module 40: Security Patches Penetration Testing Module 41: Data Leakage Penetration Testing Module 42: Penetration Testing Deliverables and Conclusion Module 43: Penetration Testing Report and Documentation Writing Module 44: Penetration Testing Report Analysis Module 45: Post Testing Actions Module 46: Ethics of a Licensed Penetration Tester Module 47: Standards and Compliance Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center EC-COUNCIL CERTIFIED SECURE PROGRAMMER - ECSP (v2) An ninh cho lập trình viên của EC-Council (v2) Tổng quan Nội dung khóa đào tạo “An ninh cho lập trình viên” của EC-Council đưa ra những nền tảng cơ bản để đảm bảo an ninh cho hệ thống do các nhà thiết kế chương trình ứng dụng và các tổ chức phát triển phần mềm ứng dụng yêu cầu để tạo lập các chương trình ứng dụng có độ ổn định cao và ít rủi ro cho khách hàng. Nội dung khóa đào tạo được xây dựng trên cơ sở tổng kết và đóng góp của các chuyên gia giàu kinh nghiệm trong nhiều lĩnh vực khác nhau. Đối tượng Chứng chỉ hoàn thành khóa học ECSP cấp cho các lập trình viên, những người có trách nhiệm thiết kế và xây dựng các ứng dụng tron môi trường Windows/Web với khung .NET/Java. Chương trình này được thiết kế cho các nhà thiết kế có các kỹ năng sử dụng C#, C++, Java, PHP, ASP, .NET và SQL. Thời lượng Khóa học có thời lượng là 5 ngày Điều kiện Học viên phải có kiến thức lập trình cơ bản. Mục tiêu Điểm nổi bật của khóa học ECSP là cung cấp những kiến thức về an ninh hệ thống không phụ thuộc vào một lĩnh vực cụ thể, Nội dung khóa đào tạo ECSP đáp ứng yêu cầu của các ngôn ngữ lập trình khác nhau trên quan điểm an ninh. Điều này dẫn đến sự hiểu biết sâu hơn về các lĩnh vực chuyên môn / kiến trúc / ngôn ngữ cũng như về các vấn đề liên quan. Chứng chỉ Sau khóa học, học viên sẽ đạt được chứng chỉ hoàn thành khóa học của EC-Council. Để lấy chứng chỉ quốc tế ECSP bạn phải thi môn thi ECSP 312-92 tại các trung tâm khảo thí Prometric Nội dung khóa học – phiên bản 2 Module I: Introduction to Secure Coding Common Security Mistakes Software Security Scenario Why Security Mistakes Are Made Secure Coding Need for Secure Programming ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Building Blocks of Software Security o JAD (Joint Application Development) Types of Security Vulnerabilities o Fountain Model Vulnerability Cycle o Spiral Model Types of Attacks o Build and Fix Hackers and Crackers or Attackers o Synchronize-and-Stabilize Risk Assessment and Threat Modeling Agile Methodologies STRIDE Threat Model Extreme Programming (XP) Common Criteria o XP Practices Security Architecture o The Rules and Practices of Extreme Programming Security Principles Secure Development Checklists Use of Privilege o Data, Configuration, and Temporary Files Unified Modeling Language (UML) o Primary Goals o Diagram o UML Tool Rational Rose o Network Port Use o Audit Logs User-Server Authentication Vulnerabilities and Other Security Issues in a Software Application o Security Through Obscurity o Buffer Overflows Module II: Designing Secure Architecture o Format String Vulnerabilities/ Race Conditions Introduction Secure Architecture o Locking Problems Application Security o Exception Handling Factors Affecting Application Security o Fundamentals of Control Granularity Software Engineering and Development Life Cycle (SDLC) Different Phases of Software Development Life Cycle System o Of Fail Safe Design o Fail Safe Design Strategies Fault Detection Tolerance and and o Design Fault Removal Avoidance o Coding o Input and Parameter Validation o Testing o o System Requirements o Specifications o Integration Testing o Software Methodology Models o Waterfall Model o RAD (Rapid Development) ITPro Global ® 2009 www.itpro.net.vn Encrypting Secrets in Memory and Storage o Scrubbing Information o Maintenance Concepts Strategies Privilege Access Levels for Information o Loose Coupling Application o High Cohesion Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Change Management and Version Control o Components of a Digital Signature o Best Practices for Software Development Projects Signature o Digital Signature Standard o Digital Signature Algorithm: Signature Generation/Verification Introduction to Cryptography o Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme o Encryption o Decryption Classical Cryptographic Techniques Digital o Use of Digital Signature Module III: Cryptography Use of Cryptography Method of Technology o Challenges and Opportunities Digital Certificates Modern Cryptographic Techniques o Creating and Verifying a Simple XML Digital Signature in C# Cipher o RSA (Rivest Shamir Adleman) Cleversafe Grid http://www.cleversafe.com/ o Example of RSA Algorithm PGP (Pretty Good Privacy) o RSA Attacks CypherCalc o RSA Challenge Command Line Scriptor o Implementation of RSA in C++ CryptoHeaven Data Encryption Standard (DES) Cryptanalysis o DES Overview Cryptography Attacks o Implementation of DES in Java Brute-Force Attack RC4, RC5, RC6, Blowfish o RC5 Builder Use Of Cryptography Module IV: Buffer Overflows Blowfish Algorithm in C Buffer Overflows Message Digest Functions Reasons for Buffer Overflow Attacks o One-way Bash Functions Why are Programs/Applications Vulnerable? o MD5 Understanding Stacks o Implementation of MD5 in Java Understanding Heaps Types of Buffer Overflows: Stack-based Buffer Overflow SHA (Secure Hash Algorithm) o SHA Implementation in Java SSL (Secure Sockets Layer) What is SSH? o SSH (Secure Shell) Algorithms and Security o A Simple Uncontrolled Overflow of the Stack o Stack Based Buffer Overflows Types of Buffer Overflows: Heap-based Buffer Overflow Disk Encryption o Heap Memory Buffer Overflow Bug Government Access to Keys (GAK) o Heap-based Buffer Overflow Digital Signature ITPro Global ® 2009 www.itpro.net.vn How to Detect Buffer Overflows in a Program Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Attacking a Real Program o Heap-Based Buffer Overflow Defense Against Buffer Overflows o Tool to Defend Buffer Overflow: Return Address Defender (RAD) o Tool to Defend Buffer Overflow: StackGuard o Tool to Defend Buffer Overflow: Immunix System o Vulnerability Search – ICAT o Off By One/Five Errors o Double Free Vulnerability Secure Memory Allocation Tips Symmetric Encryption o Blowfish Algorithm in C Public Key Cryptography o Valgrind o o Insure++ Comparing Functions of libc and Libsafe Simple Buffer Overflow in C o o Creating an SSL Client in C++ o Creating an SSL Server Random Number Generation Problem Anti-Tampering Code Analysis o Anti-Tampering Techniques Erasing Data from Memory Securely using C/C++ Preventing Memory From Being Paged to Disk Using Variable Arguments Properly o Strcpy() Signal Handling o Strncat() Encapsulation in C++ o Strncpy() Best Practices for Input Validation o Sprintf() Code Profiling And Memory Debugging Tool: Val grind Module V: Secure C and C++ Programming Introduction of C/C++ Vulnerable C/C++ Functions o Gets() Public Key Cryptography in C++ Networking Buffer Overflow Protection Solution: Libsafe o Symmetric Encryption in C++ C/C++ Vulnerabilities o Buffer Overflow Module VI: Secure Java and JSP Programming Strings Introduction to Java Countermeasures JVM Integer Vulnerabilities Java Security Truncation Sandbox Model Sign Error Security Issues with Java Countermeasures o SQL Injection Attack o Pointer Subterfuge SQL Injection using UNION o Dynamic Memory Management Preventive Measures for SQL Injection o Stack Smashing o GCC Extension to Protect StackSmashing Attacks ® ITPro Global 2009 www.itpro.net.vn o URL Tampering o Denial-of-Service (DoS) Attack on Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Applet Java GSS Security Sample Attack DoS by Opening Untrusted Windows Preventing DOS Attacks Code for o Code for GSS Server DoS o Code for GSS Client o Problem of Untrusted User Input Security From Untrusted User Input Cross Site Scripting o .Class File Format o o Byte Code Attack o Reverse Engineering/ Decompilation by Mocha Permissions in Java o o Obfuscation Tools: Jmangle o Cinnabar Canner types of o Policy Tool o Building a SimpleClassLoader Security Manager jarsigner - JAR Signing and Verification Tool Applet new o Specifying an additional Policy File at runtime Class Loader Signing an Certificates How to create permissions? Security Policy Byte Code Verifier Overcoming Cross Site Scripting Problem Using RSA-Signed Policy Tool: Creating a new Policy File Best practices for developing secure Java Code o Signing Tools o Getting RSA Certificates o Bundling Java Applets as JAR Files o Signing Java Applets Using Jarsigner o Signing Java Applets Using Netscape Signing Tool Module VII: Secure Java Script and VB Script Programming Script: Introduction JavaScript Vulnerability o Cross-Site Scripting (XSS) How to Avoid XSS? Security Extensions o Java Authentication and Authorization Service (JAAS) o JavaScript Hijacking o Java Cryptographic Extension (JCE) Defending Against JavaScript Hijacking o Java Cryptography Architecture Decline Malicious Requests o JCE: Pseudo Code for Encryption Prevent Direct Execution of the JavaScript Response o JCE: Pseudo Code for Decryption o Sample Code for Encryption and Decryption o Java(TM) Secure Socket Extension (JSSE) Creating Secure Client Sockets Creating Secure Server Sockets Choosing the Cipher Suites ITPro Global ® 2009 www.itpro.net.vn Malicious Script Embedded in Client Web Requests Tool: Thicket Obfuscator for JavaScript JavaScript Security in Mozilla JavaScript Security in Mozilla: Same Origin Policy o Same Origin Check Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o JavaScript Security in Mozilla: Signed Script Policy Detecting Exceptions with Scripting Language Error-Handling Mechanisms o Using VBScript to Detect an Error o Using Jscript to Detect an Error Netscape's SignTool o Netscape's SignTool: Signing a File Privileges Tool for Encryption: TagsLock Pro JavaScript Shell (Jash): Command-Line Debugging Tool Tool: Script Encoder Tool: Scrambler VBScript: CryptoAPI Tools Signing A Script (Windows Script Host ) Verifying a Script Signature Verification Policy Software Restriction Policies for Windows XP o Javascript Notifying the Support Team When an Error Occurs Using CheckForError Attacks on ASP ASP DypsAntiSpam: A CAPTCHA for ASP o How To Prevent Automatic Submission With DypsAntiSpam o CAPTCHA: Examples How to Use Database and ASP Sessions to Implement ASP Security o Step 1: Create A User Database Table Step-by-Step Guide for Designing a Software Restriction Policy o Step 2: Create And Configure The Virtual Directory Step-by-Step Guide for Creating Additional Rules o Step 3: Create The Sample Pages o Step 4: Add Validation Code To Pages Rule for Blocking Malicious Scripts Module VIII: Secure ASP Programming ASP- Introduction ASP Design Problems Improving ASP Design Protecting Your ASP Pages o Encoding ASP Code: Script Encoder o Protecting Passwords of ASP Pages with a One-way Hash Function ASP Best Practices o ASP Best Practices: Error Handling o Using Server-Side Includes o Using Server-Side Includes: Example Using Server-Side Includes: Protecting the Contents of Include Files Taking Classes Advantage of Module IX: Secure Microsoft.NET Programming Common Terminology Microsoft .NET: Introduction .NET Framework VBScript o .NET Framework Security Policy Model o Using Server.Execute Security Policy Levels o Using Server.Transfer Security Features in .NET #include Directive Key Concepts in .NET Security .BAK Files on the Server Code Access Security (CAS) Programming Errors Evidence-Based Security Role-Based Security ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Role-Based Principal o Role-Based principal Security: Windows Administration Tool: Authorization Manager (AzMan) with ASP.Net Generic ASP.NET Security Architecture Authentication and Authorization Strategies Security: Declarative and Imperative Security o URL Authorization Cryptography o File Authorization Generate Key for Encryption and Decryption o Windows Authentication o Symmetric Encryption in .Net o Forms Authentication o Asymmetric Encryption in .Net o Passport Authentication o Symmetric Decryption in .Net o Custom Authentication o Asymmetric Decryption in .Net o Implementing Custom Authentication Scheme Protecting Client and Server Data Using Encryption Configuring Security with Mscorcfg.msc Cryptographic Signatures Process Identity for ASP.NET Impersonation o Write a Signature in .Net o Verify a Signature in .Net o Impersonation Sample Code Ensuring Data Integrity with Hash Codes Secure Communication o Hash Code Generation Storing Secrets o Verification of Hash Code o Permissions Options for ASP.NET Storing o Code Access Permissions Securing Session and View State o Identity Permissions Web Form Considerations o Role-Based Security Permissions Securing Web Services Secure Remoting Secrets SkipVerification Stack Walk Writing Secure Class Libraries Secure Data Access Runtime Security Policy .NET Security Tools Step-By-Step Configuration Security Policies Code Access Security Policy Tool Creating a Package Type Safety Canonicalization Access Control List Editor Securing User Information o Security Policy of Runtime o Caspol.exe Deployment o Caspol.exe Parameters Certificate Creation Tool: Makecert.exe o Credentials Create a Remotable Object and Logon Options in Makecert.exe Certificate Manager Tool: Certmgr.exe Certificate Verification Tool: Chktrust.exe Permissions View Tool: Permview.exe Obfuscation PEVerify Tool: Peverify.exe Dotfuscator: .NET Obfuscator Tool Best Practices for .NET Security ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] in Accredited Training Center Forgeries Module X: Secure PHP Programming Introduction to PHP (Hypertext Preprocessor) o SQL Injection o PHP Security Blunders o Defending SQL Injection Attacks o Unvalidated Input Errors o PHP Configuration Attacks o Solution for Access Control Flaws o o Solution for Session ID Protection Preventing PHP Configuration Attacks o Error Reporting File System Attacks o o Data Handling Errors Defending File System Attacks o o Security Sensitive PHP Functions: File Functions Information Gathering Attacks o o PHP Injection Attacks o Security Sensitive PHP Functions: ezmlm_hash PHP Vulnerabilities Secure PHP Practices o Safe Mode o Disable Register Globals o Informational Vulnerabilities o Validating Input o Common File Name Vulnerability o PHP Input Filter Class o Revealed Source Code Vulnerability Best Practices for PHP Security o Revealing Error Message Vulnerability PHP Tools o Sensitive Data Vulnerability in o Session File Vulnerability Shared in Web Root o o Server o o Sensitive Data in Globally Readable File Vulnerability o Revealing Vulnerability HTML o Web Application Vulnerability o Comment Fingerprint o Packet Sniffing Vulnerability Acunetix Web Vulnerability Scanner Encryption Software: PHP Code Lock Zend Guard POBS stands for Obfuscator/Obscurer PHP Module XI: Secure PERL Programming Common Terminology o Attack Vulnerabilities Introduction: Practical Extraction and Report Language (PERL) o Global Variable Vulnerability Security Issues in Perl Scripts o Default Password Vulnerability Basic User Input Vulnerabilities o Online Backup Vulnerability Overcoming Basic User Input Vulnerabilities Common PHP Attacks Insecure Environmental Variables o Remote Code Execution Algorithmic Complexity Attacks o Cross-Site Scripting Attack (CSS) Perl: Taint, Strict, and Warnings o Cross Site Scripting Attack: Example o Taint Mode o Cross-Site Request Forgeries (CSRF, Sea-Surf or XSRF) o How Does Taint Mode Work? o Taint Checking o Workaround for Cross-Site Request ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Using Tainted Data Security of URI in XML o Securing the Program Using Taint Security of Opaque Data in XML o Strict Pragma Growth of XML as Percentage of Network Traffic Setuid XML Web Services Security Best Practices o Setuid Sample Code XML Security Tools o Setuid: Authenticating the user o Security bug with Setuid The Perl crypt() Function Logging Into a Secure Web Site with Script Perl Secure Log-in Checklist o V-Sentry o Vordel SOAPbox AJAX- Introduction Anatomy of an AJAX Interaction (Input Validation Example) AJAX: Security Issues Program for Secure Log-in How to Prevent AJAX Exploits Securing open() Function Tool: HTML Guardian ™ Unicodes Tool: Sprajax- AJAX Security Scanner Displaying Unicode As Text Tool: DevInspect Module XII: Secure XML, Web Services and AJAX Programming Web Application and Web Services Web Application Vulnerabilities o Coding Errors Module XIII: Secure RPC, ActiveX and DCOM Programming RPC Introduction o RPC Authentication o RPC Authentication Protocol o Design Flaws o NULL Authentication XML- Introduction o UNIX Authentication XSLT and XPath o XML Signature o Applying XML Signatures to Security Data Encryption Standard (DES) Authentication An Enveloped, Enveloping and Detached XML Signature Simultaneously o Diffie-Hellman Encryption XML Encryption o The abstract Element <Encrypted-Type> Security Considerations for the XML Encryption Syntax Canonicalization Validation Process in XML XML Web Services Security o XML-aware Network Devices Expand Network Layer Security ITPro Global ® 2009 www.itpro.net.vn Data Encryption Standard (DES) Authentication on Server Side o Security Methods o Security Support Provider Interface (SSPI) o Security Support Providers (SSPs) Writing an Authenticated SSPI Client Writing an Authenticated SSPI Server o Secure RPC Protocol Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o RpcServerRegisterAuthInfo Prevents Unauthorized Users from Calling your Server Module XIV Secure Linux Programming Introduction o RPC Programming Best Practices Is Open Source Good for Security? o Make RPC Function Calls Linux – Basics Making RPC Function Calls: Using Binding Handles Linux File Structure Making RPC Function Calls: Choose the Type of Binding Handles and Choose a Protocol Sequence Linux Networking Commands Use Context Handles o Deal of RPC With Network o Write a Secure RPC Client or Server ActiveX Programming: Introduction Basic Linux Commands Linux Processes POSIX Capabilities o UTF-8 Security Issues o UTF-8 Legal Values Advantages of Security Functionality o Security Audit o Preventing Repurposing o Communication o SiteLock Template o Encryption o IObjectSafety Interface o Identification and Authentication o Code Signing o Security Management o o How to Create Your Own Code Signing Certificate and Sign an ActiveX Component in Windows Protecting ActiveX Controls DCOM: Introduction Requirements for Security Measure Assurance o Enabling Source Address Verification o iptables and ipchains o Code to save the ipv6tables state o Security in DCOM o Controlling Access by MAC Address o Application-Level Security o Permitting SSH Access Only o Security by Configuration o Programmatic Security o Run As a Launching user o Run As a Interactive User o Prohibiting Root Logins on Terminal Devices o Run As a Specific User o Authentication Techniques o Security Problem on the Internet o Authorization Controls o Security on the Internet o Running a Root Login Shell o Heap Overflow Vulnerability o o Workarounds for Heap Overflow Vulnerability Network Access Control o Layers of Security for Incoming Network Connections Protecting Connections Outgoing Network o Logging in to a Remote Host o Tool: DCOMbobulator o Invoking Remote Programs o DCOM Security Best Practices o Copying Remote Files Public-key Authentication between OpenSSH Client and Server ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Authenticating in Cron Jobs o Dangers in C/C++ o Protecting Files o Sample Codes o File Permissions o Perl o Shared Directory o Perl (cont’d) o Encrypting Files o Ada o Listing Keyring o Java o Signing Files o Java (cont’d) o Encrypting Directories o Tcl POP/IMAP Mail Server o Tcl Sample Code Testing an SSL Mail Connection o PHP Securing POP/IMAP with SSL and Pine o PHP (cont’d) SMTP Server Testing and Monitoring o Testing Login Passwords (John the Ripper) Linux Security Tools o Linux Application grsecurity Auditing Tool: o grsecurity Configuration o Testing Login Passwords (CrackLib) o Testing Search Path o Searching Filesystems Effectively o Finding Setuid (or Setgid) Programs o Securing Device Special Files o Looking for Rootkits o Tracing Processes o Observing Network Traffic o Detecting Insecure Network Protocols o Detecting Intrusions with Snort o Log Files (syslog) o Testing a Syslog Configuration Module XV: Secure Linux Kernel Programming Introduction What to do after Building Kernel? Linux Kernel Configuration Menu Steps to compile a Linux Kernel o Compiling the Kernel Module XVI: Secure Xcode Programming Introduction to Xcode Mac OS X applications o Cocoa o Carbon o AppleScript Minimize Privileges Sample Code o Script Editor Filter Cross-Site Malicious Content on Input o Script Window Filter HTML/URIs that may be Re-Presented o CDSA o Logwatch Filter Linux Security Best Practices Structure Program Internals and Approach Avoid Buffer Overflow Language−Specific Issues o C/C++ Secure Transport API Set and Cryptographic Service Provider (CSP) Creating SSL Certificate on Mac OS X Server o Using SSL with the Web Server o C/C++ (cont’d) ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Setting up SSL for LDAP Labels Protecting Security Information o Step 4: Apply Policy to Tables and Schemas o Step 5: Authorize Users Security in Mac OS X Security Management Preferences Using System o Step 6: Create and Authorize Trusted Program Units (Optional) o Step 7: Configure Auditing (Optional) Authentication Methods Encrypted disk images Networking Security Standards Personal firewall Using Oracle Label Security with a Distributed Database Checklist of recommended steps required to secure Mac OS X Oracle Identity Management Module XVII: Secure Oracle PL/SQL Programming Security Tools Secure Backups: Tool Encryption and Its Types: Obfuscation Introduction: PL/SQL Obfuscation Sample Code PL/SQL in Oracle Server Encryption Using DBMS_CRYPTO Security Issues in Oracle Advanced Security Option o SQL Injection Row Level Security o Defending SQL Injection Attacks Oracle Database Vaults: Tool o SQL Manipulation Auditing o Code Injection Attack o Auditing Methods o Function Call Injection Attack o Audit Options o View Audit Trail o Oracle Auditing Tools o Fine-Grained Auditing (FGA) o Buffer Overflow Vulnerabilities and Other o DBMS_SQL in PL/SQL o Prevent DBMS_SQL in PL/SQL Types of Database Attacks SQL Unit Testing Tools: SPUnit Establishing Security Policies SQL Unit Testing Tools: TSQLUnit Password Management Policy o Password Management Password History Testing PL/SQL Programs policy: SQL Unit Testing Tools: utPLSQL Steps to Use utPLSQL Auditing Policy Oracle Policy Manager Module XVIII: Secure SQL Server Programming Oracle Label Security (OLS) Introduction Create an Oracle Label Security Policy SQL Server Security Model o SQL Server Security Model: Login o Step 1: Define the Policy o Step 2: Define the Components of the Labels Database User o Step 3: Identify the Set of Valid Data Guest User ITPro Global ® 2009 www.itpro.net.vn Steps to Create a SQL Server Login Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Permissions o AppDetective Database Engine Permissions Hierarchy o NGSSquirrel Roles o AuditPro o Public Role o Predefined Roles Fixed Server Roles Module XIX: Secure Network Programming Basic Network Concepts: Fixed Database Roles o Network User-Defined Roles o Protocols Application roles Security Features of MS-SQL Server 2005 SQL Server Security Vulnerabilities: o Buffer Overflow in pwdencrypt() o Extended Stored Procedures Contain Buffer Overflows SQL Injection o Client Server Model Basic Web Concepts Network Programming Benefits of Secure Network Programming Network Interface How to Secure Sockets: o Server Program Prevent SQL Injection o Client Program Sqlninja: o SQL Server Injection & Takeover Tool o Finding Target Data Encryption Built-in Encryption Capabilities Encryption Keys Encryption Hierarchy Transact-SQL Create Symmetric Key in T-SQL Create Asymmetric Key in T-SQL Certificates Create Certificate in T-SQL SQL Server Security: Administrator Checklist Ports UDP Datagram and Sockets Internet Address How to connect to secure websites URL Decoder Reading Directly from a URL Content Handler Cookie Policy RMI Connector .Net : Internet Authentication Network Scanning www.securecentral.com Tool: ScanFi Network Programming Best Practices Database Programming Best Practices SQL Server Installation o Authentication o Authorization Module XX: Windows Socket Programming Introduction Best Practices for Database Authorization Windows NT and Windows 2000 Sockets Architecture Auditing and Intrusion Detection Socket Programming How to Enable Auditing Client-Side Socket Programming Database Security Auditing Tools: ITPro Global ® 2009 www.itpro.net.vn o The Socket Address Structure Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center The Socket Address Structure: Code Analysis Initializing a Socket and Connecting Server-Side Socket Programming Creating a Server Winsock 2.0 Winsock Linking Methods Starting a Winsock 2 API Accepting Connections: o AcceptEx WinSock: TransmitFile and TransmitPackets Grabbing a Web Page Using Winsock Generic File – Grabbing Application o Binding Shellcode: Socket Descriptor Reuse Shellcode o Socket Descriptor Reuse Shellcode in C o Socket Descriptor Reuse Shellcode: Sample Code Local Shellcode execve Executing /bin/sh Byte Code setuid Shellcode chroot Shellcode o Breaking of chroot jails in Traditional Way o Breaking Out of Chroot Jails on Linux Kernels Writing Client Applications TCP Client Application Sample Code Clean Port sckcode Writing Server Applications TCP Server Application Sample Code Windows Shellcode Winsock Secure Socket Extensions Shellcode Examples o WSADeleteSocketPeerTargetName Steps to Execute Shell Code Assembly o WSAImpersonateSocketPeer The Write System Call o WSAQuerySocketSecurity o Linux Shellcode for “Hello, world!” o WSARevertImpersonation o The Write System Call in FreeBSD o WSASetSocketPeerTargetName execve Shellcode in C o FreeBSD execve jmp/call Style SOCKET_SECURITY_SETTINGS o FreeBSD execve Push Style Case Study: Using WinSock to Execute a Web Attack o FreeBSD execve Push Several Arguments o WSASetSocketSecurity Function Style, Implementation of execve on Linux Case Study: Using Winsock to Execute a Remote Buffer Overflow Linux Push execve Shellcode MDACDos Application System Calls o The Socket System Call Module XXI: Writing Shellcodes o The Bind System Call Introduction o The Listen System Call Shellcode Development Tools o The Accept System Call Remote Shellcode o The dup2 System Calls Port Binding Shellcode o The execve System Call FreeBSD Port Binding Shellcode Linux Port Binding Shellcode Clean Port Binding Shellcode Compile, Print, and Test Shellcode ® ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Reverse Connection Shellcode Socket Reusing Shellcode Linux Implementation of Socket Reusing Shellcode Reusing File Descriptors Writing Exploits and Vulnerability Checking Programs o Writing Exploits and Vulnerability Checking Programs Sample Code Stack Overflow Exploits o Memory Organization o setuid Root: Executing the Program o Stack Overflows o setuid Root: System calls used by the program o Finding Exploitable Stack Overflows in Open-Source Software o Finding Exploitable Stack Overflows in Closed-Source Software setuid Root Using ltrace utility Using GDB Assembly Implementation SysCall Trace RW Shellcode Encoding Shellcode Decoder Implementation and Analysis Decoder Implementation Program Results of Implementation Program OS-Spanning Shellcode Assembly Creation Module XXII: Writing Exploits Heap Corruption Exploits o Doug Lea Malloc o Freed Dlmalloc Chunk o Vulnerable Program Example o Figures: Fake Chunk, Overwritten Chunk Case Study: OpenSSL SSLv2 Malformed Client Key Remote Buffer Overflow Vulnerability CAN-2002-0656 Exploitation Exploitation Sample Code The Complication Improving the Exploit Introduction Integer Bug Exploits Targeting Vulnerabilities Integer Wrapping o Remote and Local Exploits Program: Addition-Based Integer Wrapping o A Two-Stage Exploit Multiplication-Based Integer Wrapping Format String Attacks o Example of a Vulnerable Program Using %n Character Fixing Format String Bugs o Case Study: xlockmore UserSupplied Format String Vulnerability CVE-2000-0763 Bypassing Size Checks o Signed Size Check Without Integer Wrapping Using the Metasploit Framework Determining Attack Vector Finding the Offset: Overwriting the Return Address TCP/IP Vulnerabilities The First Attack String Race Conditions Overwriting EIP with a Known Pattern o File Race Conditions Selecting a Control Vector o Signal Race Conditions Finding a Return Address Case Study: ‘man’ Input Validation Error ITPro Global ® 2009 www.itpro.net.vn Selecting the Search Method in the Metasploit Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Opcode Database o libpcap Search Method in Metasploit Opcode Database Using the Return Address Capturing Packets o Packet Capturing Example o Inserting the Return Address o Saving Captured Packets to a File o Verifying Return Address Reliability o The wiretap Library Nop Sleds: Increasing Reliability with a Nop Sled o Adding a new file format to the wiretap library Choosing a Payload and Encoder o wtap Struct o Listing Available Payloads o Setting up a New Dissector o Determining Payload Variables o Programming the Dissector o Generating the Payload o Adding a tap Module o msfencode Options Coding for Nessus List of Available Encoders o Choosing a Payload and Encoder: msfencode Results o Writing Personal-Use Tools in NASL msfweb Payload Generation o Setting msfweb Payload Options msfweb Generated and Encoded Payload Port Scanner o Working of a Simple Port Scanner o Prerequisites for Writing a Port Scanner o Port Scanner in C++ o Port Scanner in C# o Building a Simple Port Scanner in VC++ o Port Scanner in Java o Example JavaScript Port Scanner o Port Scanner in ASP.Net o Port Scanner in Perl o Port Scanner in PHP o UDP Port Scanning in PHP o Port Scanner in XML Coding for Ethereal ITPro Global ® 2009 www.itpro.net.vn Programming Framework in the Nessus o Porting to and from NASL Integrating Exploits into Framework Module XXIII: Programming Port Scanners and Hacking Tools Nessus Attack Scripting Language (NASL) Porting to NASL Porting from NASL Extending Metasploit o Metasploit Framework (MSF) o msfweb Interface o Selecting the Exploit Module o msfconsole Interface o Using msfconsole Interface o Steps Involved in Executing an Exploit under msfconsole o msfcli Interface o Using msfcli Interface o Updating the MSF Writing Snort rules o Writing Basic Rules o The Rule Header o Rule Options o Writing Advanced Rules: PerlCompatible Regular Expressions (PCRE) Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Byte_test and Byte_jump o Optimizing Rules Certificate Enrollment in SATSA o Generating a Private Key and Certificate Signing Request in SATSA o Requesting the Signed Certificate (Verifying the CSR) o Storing a Certificate Certificate Local Store o Testing Rules o Writing Detection Plugins Netcat Source Code Module XXIV: Secure Mobile phone and PDA Programming into Data Integrity with Message Digests Mobile Phone Programming o Generating a Message Digest Different OS Structure in Mobile Phone o Verifying a Message Digest o o Symbian Operating System Guidelines Symbian OS for Securing PalmOS PalmOS Vulnerabilities HotSync Vulnerability Creator ID Switching o Windows Mobile Calling Services Security Practices for Windows Mobile Programming Secure Authentication With Digital Signatures o Signing a byte Array Authentication Purposes o Verifying a Digital Signature using SATSA Comparison of Common Programming Tasks o Using Cipher to Encrypt Data using a Symmetric Encryption o Using Cipher to Decrypt Data using a Symmetric Encryption PDA Programming Security Issues in Bluetooth o Security Devices Attacks in Bluetooth Bluetooth security o Bluetooth Security Management o PDA Security Issues o Tool: Bluekey o Security Policies for PDAs o Tool: BlueWatch o PDA Security Products o Tool: BlueSweep o PDA Security Vendors o Tool: Bluediving : Key Java 2 Micro Edition(J2ME) o Tool: Smartphone Security Client J2ME Architecture o J2ME Security Issues Tool: BlueFire Mobile Enterprise Edition o CLDC Security Mobile Information Device Profile (MIDP) o MIDP Security Programming the BlackBerry With J2ME Security and Trust Services API (SATSA) for J2ME: The Security APIs Security Mobile Phone Security Tips o for Data Confidentiality - Using Ciphers for Data Encryption Web the Defending Cell Phones and PDAs Against Attack Antivirus Tools for Mobile Devices o F-Secure Antivirus for Palm OS Module XXV: Secure Game Designing ® ITPro Global 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Game Designing Introduction Scheme Type of Games ® o Console Games o Mobile Games o o Online Games o Off-line Games o Wii Games Threats to Online Gaming Game Authoring Tools HACKER SAFE Technology Guidelines for Developing Commerce Applications Secure E- Module XXVII: Software Activation, Piracy Blocking and Automatic Updates o The 2D Shooter Game Creator o Multimedia Fusion o Adventure Game Studio o Game Maker o FPS Creator o Stagecast Creator HACKER SAFE Certification Software Activation: Introduction o Process of Software Activation o Software Activation: Advantages o Activation Explained o Online License Management Server o Activation Policies o Policy Control Parameters Piracy o RPG Maker XP o Impacts of piracy o The Scrolling Game Development Kit o Piracy Blocking o Visual3D.NET o Digital Right Management (DRM) o Software Strategies o Copy protection for DVD o Application Framework –DVD Copy Protection System Game Engine Best Practices for Secure Game Designing Module XXVI: Securing E-Commerce Applications Piracy Protection Purpose of Secure E-Commerce Application o E-Business Concepts: Secure Electronic Transaction (SET) Content Protection During Digital Transmission o Watermark System Design Issues o Economic Costs o False Positives Rate o Working of SET Secure Socket Layer (SSL) o SSL Certificates o Interaction with MPEG compression o VeriSign SSL Certificates o Detector Placement o Entrust SSL Certificates o Copy Generation Management Digital Certificates o Tool: Crypkey Digital Signature o EnTrial Key Generation o Digital Signature Technology o EnTrial Distribution File o Digital Signature Algorithm o EnTrial Product Initialization Dialog ITPro Global ® 2009 www.itpro.net.vn Signature Generation/Verification & Package Windows Automatic Updates ECDSA, ElGamal Signature Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Options for Setting up Windows Automatic Updates on XP o Automatic Updates Option on AVG Antivirus o Automatic Explorer Updates for Internet o Automatic Firefox Updates for Mozilla Real Time Testing Module XXIX: Writing Secure Documentation and Error Messages Error Message Module XX VIII: Secure Application Testing Software Development Life Cycle (SDLC) Introduction to Testing Types of Testing o White Box Testing Types of White Box Testing Dynamic White-Box Testing Integration Test Regression Testing System Testing o Black Box Testing o Load Testing Strategies For Load Testing o Functional Testing Testing Steps o Creating Test Strategy o Creating Test Plan o Creating Test Cases and Test Data o Executing, Bug Fixing and Retesting Classic Testing Mistakes User Interface Errors What Makes a Good User Interfaces Use Automatic Testing and Tools Generic Code Review Checklist Software Testing Best Practices Testing Tools o QEngine o WinRunner o LoadRunner ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center EC-COUNCIL NETWORK SECURITY ADMINISTRATOR - ENSA (v3) Quản trị an ninh mạng của EC-COUNCIL (v3) Tổng quan Khóa học ENSA nhìn nhận vấn đề an ninh mạng trên quan điểm phòng vệ. Chương trình của ENSA được thiết kế nhằm cung cấp các kỹ năng cơ bản cần thiết để phân tích các mối đe dọa về an ninh bên trong và bên ngoài đối với một mạng máy tính, và những kỹ năng để xây dựng các chính sách an ninh nhằm bảo vệ thông tin của tổ chức. Học viên sẽ học cách đánh giá các vấn đề có liên quan tới an ninh mạng, Internet; phương pháp thiết kế và làm thế nào để có thể thực hiện thành công các chính sách về an ninh cũng như chiến lược thực thi bức tường lửa. Học viên cũng sẽ học cách làm thế nào để tìm ra những điẻm yếu dễ bị tấn công trong một hệ thống mạng và phương pháp bảo vệ. Đối tượng Các nhà quản trị hệ thống, Quản trị mạng và bất cứ ai quan tâm đến các công nghệ về an ninh mạng. Thời lượng 5 ngày Điều kiện Khóa học này là điều kiện cần để học chương trình CEH. Chứng chỉ Sau khóa học, học viên sẽ được nhận chứng chỉ hoàn thành khóa học của EC-Council. Để đạt chứng chỉ quốc tế ENSA bạn cần thi môn thi 312-38 tại các trung tâm khảo thí Prometric Nội dung khóa học – phiên bản 3 Module: Fundamentals of Network Pre Interface based Assignment Key elements of network Virtual Addresses Nodes Dynamic Addressing The Network Backbone Static Addressing Segments Subnets Logical Elements of Network IP Addresses Domain Name System Domain Names Creating a new Domain Name Components Of DNS IP Address Space Domain Namensraum Assignment of IP Address Name servers Resolver Prefix Based Addressing ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Securing DNS Services Gateways Data Link Layer Working of Gateway Network Layer Functional Categories of Gateway Devices Transport Layer Session Layer Presentation Layer Application Layer Data Gateway Multimedia Gateway Home Control Gateway Wired media or Bounded Network Media Physical Layer Types of network media Physical Layer Data Link Layer Twisted pair cable Shielded Twisted Pair Unshielded Twisted Pair Coaxial cable or copper cable Fiber-optic cable Plenum and PVC cable Wireless Transmission Infrared transmission Microwave Transmission Satellite Transmission Media Access Methods TCP/IP Model Multiplexed Media Access Logical Link Control(LLC) Media Access Control (MAC) Network Layer Transport Layer Application Layer Transmission Modes Simplex Half Duplex Full Duplex Types of Transmission Serial Data Transmission Parallel Data Transmission TDM Unicast Transmission FDM Multicast Transmission Polling Token-Based Media Access Client Server networking CSMA/CD Peer to peer networking CSMA/CA Mixed Mode Networking Contention Domains OSI Model ITPro Global ® 2009 www.itpro.net.vn Logical Network Classification Network Topologies Bus Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Linear Bus Network Load Balancers Distributed Bus Repeaters Gateways Star or Hub Extended Star Transceivers Distributed Star Converters Terminals Star-Wired ring Ring Mesh Module: Network Protocols Tree Introduction to protocols Hybrid Topology Implementing Network protocols Physical Network Classification LAN Introduction to TCP/IP Configuring TCP/IP Ethernet Configuring Netware Links Intranet Managing TCP/IP Network Classes WAN MAN Internet Class A Class B PAN Class C CAN Class D GAN Class E Network Equipments Terminal Emulation Protocol (TELNET) of TCP/IP TELNET: Vulnerabilities Network News Transfer Protocol Network News Transfer Protocol: Vulnerabilities Network Interface Cards Access Points Switches Concentrators/hub Modem Router Boot Strap Protocol (BOOTP) Brouter Bridges Data Link Switching Client Access Protocol(DCAP) Adapters Dynamic Host Configuration Protocol (DHCP) ITPro Global ® 2009 www.itpro.net.vn Application Layer Protocols Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Domain Name System(service) Protocol (DNS) Mobility Support Protocol for IP(Mobile IP) File Transfer Protocol (FTP) Network Address Resolution Protocol Trivial FTP Next Hop Resolution Protocol (FTP) and Trivial FTP: Vulnerabilities Open Shortest Path First(OSPF) protocol Network Time Protocol Routing Information Protocol Network News Transfer Protocol Simple Network Management Protocol(SNMP) and Its Versions Internet Relay Chat Protocol(IRCP) Service Location Protocol(SLP) Hyper Text Transfer Protocol (HTTP) Hyper Text Transfer Protocol Secure (HTTPs) Multicasting Protocols Border Gateway Multicast Protocol Distance Vector Multicast Protocol Internet Group Management Protocol Other Network Protocols The NetBEUI Protocol The IPX/SPX Protocol Presentation Layer Protocol Light Weight Presentation Protocol(LWPP) Session Layer Protocol Remote Procedure Call Protocol(RPC) Transport Layer Protocols Service Advertisement Protocol IPX/SPX Node Address IPX/SPX Server Address IPX Frame Types NWLink Protocol Reliable Data Protocol(RDP) The AppleTalk Protocol Transmission Control Protocol(TCP) User Datagram Protocol(UDP) Remote Authentication Dial-in User Service(RADIUS) TCP, UDP: Attacks and Countermeasures Network Layer Protocols Data link Layer Protocol Address Resolution Protocol(ARP) Routing Protocols Vulnerabilities and Security Measures Network Address Resolution Protocol (NARP) Exterior Gateway Protocol(EGP) Reverse Address Resolution Protocol(RARP) Internet Protocol and its versions Serial Line Protocol (SLP) Internet Control Message Protocol(ICMP) &V6 High Level Data Link Control (HDLC) Protocol The Internet Group Management Protocol (IGMP) Point-to-Point Protocol (PPP) ICMP Router Discovery Protocol(IRDP) Border Gateway Protocol(BGP) ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module: Protocol Analysis Send Overview of TCP/IP Receive Streams Close Reliable delivery Status Network adaption Abort Flow control TCP/lower -level Interface Relation to other Protocol TCP/lower –level Commands Tcp/ip Protocol suite Open call Physical And Data link Layer Listen state Network Layer Send Call Transport layer Receive Call Application Layer Close Call Abort Call Status call TCP Tcp header format Source port Destination port Sequence Number Acknowledgement Number Algoritms in TCP Appropriate byte Counting(ABC) Additive Increase Multiplicative Decrease(AIMD) Data offset Selective Acknowledgement(SACK) Reserved TCP Friendly Rate Control(TFRC) Control Bits TCP Checksum Calculation Window Performance Estimation in TCP Checksum Urgent Pointer Options Packet Replication Data Checksum Error TCP Interface Out of order data delivery User/TCP Interface Bottleneck Bandwidth Packet Loss User /TCP Commands Open ITPro Global ® 2009 www.itpro.net.vn Round Trip Time Estimation Problems related to TCP IP Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Overview of IP IP Header Format Modes in ESP Tunnel modes Transport mode Version IHL IPv6 Type of Service IPv6 Header Preceedence Version Delay Priority Throughput Flowlabel Reliablity Payload Length Total Length Next Header Identification Hop limit Flags Source Address Fragment Offset Destination address Time to live IPv6 Specification Protocol Addressing Header Checksum Packet Tunneling Source Address/ Destination Address Multicast Options Hop by Hop option Data IP Addressing IP datagram 5.12. Module: IEEE standards Maximum Transmission Unit Introduction to IEEE standards Fragmentation IEEE LAN Protocol Specification Encapsulation 802-Overview And Architecture Formatting 802.1-Briding And Management Reassembly 802.2-Logical Link Control(LLC) Delivery 802.3-CSMA/CD(Ethernet) Routing 802.4-Token Passing Bus Multicasting 802.5-Token Passing Ring Encapsulating Security Payload 802.6-DQDB Access Method ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center 802.7-Broad Band LAN Security awareness 802.10-Security Functions of Network security administrator 802.11-Wireless LAN(WLAN) Develop, Maintain and implement IT security 802.12-Demand Priority Access Maintain and implement firewalls 802.15-Wireless Personal Area Networks (WPAN) Monitor and secure network and servers Monitor critical system files 802.16-Broad Band Wireless MAN (WMAN) Backup the files 802.17-Resilliant Packet Ring Work Group Wireless Networking Standards IEEE Standards 802.1X 802.11 Architecture 802.11 Standards (Wi-Fi Standard) 802.11a 802.11b 802.11e 802.11g 802.11h 802.11i standards 802.11n Module: Security Standards Organizations Internet Corporation for Assigned Names and Numbers (ICANN) International Organization for Standardization (ISO) Consultative Committee For Telephone and Telegraphy(CCITT) International Telecommunication Union(ITU) American National Standards Institute(ANSI) Institute Of Electronics and Electrical Engineers(IEEE) Electronic Industries Association National Center for Standards and Certification Information (NIST) World Wide Web Consortium (W3C) 802.15 802.16 Wi-MAX Module: Security Standards ETSI Standards Introduction to Standards HIPERLAN Introduction to Internet Standards HIPERMAN Standards Creation Committee Internet Standards Module: Network Security RFC Evolution Overview of Network Security Types and Submissions The need for network security Obtaining RFCs The goals of network security ITPro Global ® 2009 www.itpro.net.vn Cabling Standards Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center EIA/TIA -568 Configuration of security policy UTP Categories Implementation of security policy Cable Specifications Incident Handling and Escalation Procedures Electronic Industries Association Security operations and life cycle management Specification Standards Securing Assets Defining Responses to Security Violations Module: Security Policy Presenting and Reviewing the Process Security Policy overview Compliance with Law and Policy Concept Of Security Policy Intellectual Property Key Security Elements Legal Issues Security Awareness Programs Describing the Electronic Communications Privacy Act Trainings Meetings Goals of security Policies Transborder encryption issues Points To Remember While Writing Security Policy Vital role of a security policy Classification of Security policy User policies Password Management policy Module: Hardening Physical Security Need for physical security Security Stastics IT policies Physical Security Breach Incidents General Policies Who is Accountable for Physical Security? Partner Policies Factors Affecting Physical Security Types of Security Policies: Issues Specific Policies Physical Security Threats Policy design Contents of Security Policy Privacy and Confidentiality Security levels Separation of duties, dual controls, job rotation Environmental threats Floods Fire Earthquakes Man Made threats Terrorism Security organization and policy development Wars Security policy features Bombs ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Laptop Security Countermeasures Prevention & Detection of physical hazards Laptop Security Tools Premises Security Laptop Tracker - XTool Computer Tracker Tools to Locate Stolen Laptops Dumpster Diving Office Security Reception Area Authenticating individuals Personal Access Control Smart Cards Proximity Control Biometrics Process of Biometrics Accuracy of Biometrics Applications of Biometrics Fingerprint Verification Hand Geometry Voice Recognition Retina Scanning Iris Scanning Panasonic Authentication Securing Network Devices Server Security Securing Backup devices Physical Access to the Boot CDROM and Floppy Drives Other equipment, such as fax, and removable media CCT (Close Circuit Televisions/Cameras) Parking Area EPS (Electronic Physical Security) Challenges in Ensuring Physical Security Countermeasures Fencing Security force Watch Dogs Locks and Keys Facial Recognition Physical Security: Lock Down USB Ports Biometric Signatures Tool: DeviceLock Further Biometrics technology Blocking the Use of USB Storage Devices Techniques for Compromising Biometrics Track Stick GPS Tracking Device USB Tokens TEMPEST Fire Safety: Fire Suppression, Gaseous Emission Systems Workplace security Controlling system access: Desktop security Workstation security Laptop Theft: Security Statistics Laptop Theft ITPro Global ® 2009 www.itpro.net.vn Fire Safety: Fire Detection Failures of Supporting Utilities: Heating Ventilation, Air Condition Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Failures of Supporting Utilities: Power Management and Conditioning Trojan Virus Uninterruptible Power Supplies Mantrap Mantrap: Diagrammatical Representation Physical Security Checklist Module: Network Security Threats Current Statistics IRC bot Worms Logic Bombs Eavesdropping Phishing Attacks Smurfing Defining Terms: Vulnerability, Threats, and Attacks Man-in-the-Middle Attacks Types of Attackers Denial of service Classification of Hackers DDoS Techniques Buffer Overflow Spamming Zero Day Attacks Revealing hidden passwords Jamming War Dialing Password Attacks War Diving War Chalking Spoofing War Flying Session Hijacking Wire Tapping Web Page Defacement Scanning Recording Key Strokes Brute Force Password Attacks Port Scanning Cracking Encrypted Passwords Network Scanning Revealing Hidden Password Vulnerability Scanning Sniffing 5.9.2. Passive Sniffing Hiding Evidence of an Attack Problems Detecting Network Attacks Network Scanning Tools: Network Reconnaissance The Netstat Tool Social Engineering Nmap Common Vulnerabilities and Exposures (CVE) NetscanTool Threats Superscan ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center hping Module: Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS) Introduction to IDS History of Intrusion Detection Intrusion Detection Concepts Architecture Monitoring Strategies Analysis type Timing Goal of detection Control Issues Selecting an IDS Deploying an IDS Maintaining an IDS Malformed Packet Packet Flooding Tool: Arpwatch (in Linux) Tool: Psad(in Linux) Tool: ippl(in Linux) Host Based IDS Types of IDS Password Download Aggregate Analysis with IDS Tool: Bro Importance of IDS Denial of Service Network based IDS Tool: NetRanger Characteristics of IDS Data Resource Theft IDS for an Organization HIDS Architecture Centralized Host Based Distributed Real Time Host Based Operational Concept Tip Off Surveillance Damage Assessment Compliance Host Based Detection NIDS Architecture Abuse of Privilege Attack Scenarios Traditional Sensor-Based Critical data Access and Modification Distributed Network Node Changes in Security Configuration Operational Concept Tool: Host sentry Tip off Tool: KFSensor Surveillance Tool: LIDS Forensic Workbench Tool: SNARE Tool: Tiger(in Linux) Network-Based Detection Unauthorized Access ITPro Global ® 2009 www.itpro.net.vn Host Based IDS Vs Network Based IDS The Hybrid IDS Framework Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Prelude IDS Intrusion Prevention System Components Intrusion Prevention Strategies Interaction between Prelude components IPS Deployment Risks Flexible response with Snort Relaying Reverse Relaying Tool: Libasfe Distributed IDS Introduction and Advantages Components Protocol Intrusion Detection System Network Behavior Analysis (NBA) Unified Thread Management Deployment of IDS Types of Signatures Network signatures Host based signatures Compound Signatures True/False-Positive/Negative Major Methods of Operation Signature Based Detection Anomaly Based Detection IDS Tool Snort BlackICE M-ICE Secure4Audit (auditGUARD) Emerald Nides SECUREHOST GFI EventsManager ITPro Global ® 2009 www.itpro.net.vn Snort Inline Patch Controlling your Border Information Flow in IDS and IPS Raw Packet Capture Filtering Packet Decoding Storage Fragment Reassembly Stream Reassembly Stateful Inspection of TCP Sessions Firewalling IPS Tool Sentivist StoneGate IPS McAfee IDS Vs IPS Module: Firewalls Firewalls: Introduction Security features Securing individual users Perimeter security for networks Multiple components of Firewall Firewall Operations Software Firewall Hardware Firewall Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Types of Firewalls Multi firewall DMZ Packet Filtering Firewall Two firewalls, One DMZ IP Packet Filtering Firewall Two firewalls, Two DMZ TCP Packet Filtering Firewall Screening Router Circuit-Level Gateway Dual homed host Application Level Firewalls Specialty firewalls and Reverse firewalls Application Packet Filtering Firewall Advantages of using Firewalls Stateful Multilayer Inspection Firewall Disadvantages of using Firewalls Network Level Firewalls Threats Pix Firewall Firewalking Basic features of PIX firewal Banner Grabbing ADvanced Features of PIX firewall Placing Backdoors Through Firewalls Firewall Features Limitations of Firewalls Establishing Rules and Restrictions for your Firewall Personal Firewall Software Firewall Configuration Strategies Scalability Productivity Firewall Architecture Dual-Homed Host Architecture Screened Host Architecture Screened Subnet Architecture Handling threats and security tasks Protection against hacking Centralization and Documentation Multi-layer firewall protection Firewall deployment strategies Screened Host Two router with one firewall Introduction to Demilitarized Zone(DMZ) DMZ screened subnet ITPro Global ® 2009 www.itpro.net.vn ZoneAlarm Pro PC-Cillin Norton Personal Firewall McAfee Personal Firewall Windows Personal Firewall Personal Firewall Hardware Linksys and Netgear SonicWall and Watchguard Cisco’s PIX Netscreen Firewall Log Analysis Firewall Analyzer Firewall Logs Automatic Firewall Detection Firewall Log Import Firewall Log Archiving Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Firewall Tools Abnormal Traffic Signatures Firewall Builder IP Header Fwanalog Configuring Wflogs Types of Filtering Comparison of Various Firewall Products Stateful Packet Filtering T-REX Open Source Firewall Stateless Packet Filtering SQUID Dynamic Packet Filtering WinGate Symantec Enterprise Firewall Filtering rules Packet Filter Rules That Cover Multiple Variations Packet Filter Rules That Cover ICMP Packet Filter Rules That Block Ping Packets Packet Filter Rules That Enable Web Access Packet Filter Rules That Enable DNS Packet Filter Rules That Enable FTP Packet Filter Rules That Enable EMail Firewall Testers Firewalk FTester Firewall Leak Tester Module: Packet Filtering and Proxy Servers Application layer gateway Network Address Translation Packet Filtering Advantages/Disadvantages of filtering Approaches Flags used Architecture Packet Sequencing and Prioritization Urgent Flag Packet cataloging Ack Flag Packet Fragmentation Push Flag Analyzing Packet Fragmentation Reset Flag Analyzing Packet Signatures Syn flag Signature Analysis Fin Flag Common Vulnerabilities and Exposure Signatures Normal Traffic Signatures ITPro Global ® 2009 www.itpro.net.vn TCP UDP Control Flag Proxy servers Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Role of Proxy Server Processor Speed Selecting the OS Routed Environment Network Environment Configuring Bastion Host Blocking URLs and unblocking URLs Locating Bastion Host Proxy Control Physical Location Transparent Proxies Network Location Non-transparent Proxies Configuring Bastion Host Socks Proxy Making the Host Defend Itself Authentication Process Securing the Machine Itself Authentication Configuration Making the Host Defend Itself Types of Authentication Selecting Services to be Provided Firewall Firewalls Based on Proxy Special Considerations for UNIX System Special Considerations for Windows System Application Proxy firewall Installation & configuration Administration and management of Proxy servers Disabling Accounts Disabling Unnecessary Services Limiting Ports Security and access control Handling Backups Reorganizing the Single-Point-of-Failure (SPOF) Role of Bastion host Reverse Proxies Bastion Host security policy How Proxy Servers Differ From Packet Filters Performance enhancement, monitoring, and troubleshooting Honeypot History of Honeypot Value of Honeypot Types of Honeypots Module: Bastion Host and Honeypots Bastion Hosts Principles Need of Bastion host Building a Bastion Host Selecting the Host Machine Memory Considerations ITPro Global ® 2009 www.itpro.net.vn Production Research Classifying Honeypots by Interaction Low-Interaction Honeypots Medium-Interaction Honeypots High-Interaction Honeypots Examples of Honeypots Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Backofficer Friendly Specter Honeyd Homemade Mantrap Optical Modems Honeynet Short Haul Modems Use of Honeypot Smart Modem Advantages and Disadvantages of Internal Direct Modem External Direct Connect Modem Advantages and Disadvantages of External Direct Modem Preventing Attacks Controller Less Modem Detecting Attacks Acoustic Modem Responding to attacks Homemade Honeypot Port Monitoring Honeypots Jailed Environment Mantrap Advantages and Disadvantages of acoustic modem Null modems Modem Security Advantages and Disadvantages of Honey pot Honeynet Additional Security to modems Password modems Callback modems Architecture of Honeynet Encrypting modems Types of Honeynet Caller-ID and ANI schemes Distributed Honeynet GEN I Honeynet Gen II Honeynet Virtual Honeynet Legal Issues related Modem Security should be a priority for the telephony managers SecureLogix provides Solutions for Modems Security Make modem Security simple with robust Management Tool Categorizing Modem Access Module: Securing Modems Dial out Access Introduction to Modems Dial In Access Origin of Modems Modem Attacks Modem Features Spoofing Attacks Types of Modems Call Forwarding Attacks War Dialing Hardware Modems Internal Direct Connect Modem ITPro Global ® 2009 www.itpro.net.vn Modem Risks Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Virtualization Engine War Dialers Packet Sniffing Troubleshooting BR350 (Bridge) Modem Failure Symptoms Diagnosing Repeater and Gateway Problems Troubleshooting Hubs and Switches Troubleshooting cable modem Troubleshooting DSL or LAN Internet Connection Troubleshooting a Universal Serial Bus Device Troubleshooting IEEE 1394 Bus Devices Modem Firmware Failure Random modem Lock ups due to bug in firmware Newer Firmware upgrades reduced the number of such lockups Primary Modem Failure No Longer drops all modems Just the one Modem is lost Reasons for modem Connection Failure Troubleshooting Network Slowdowns NetBios Conflicts Modem Incompabilities IP Conflicts Buggy Modem Firmware Bad NICs Bad Phone line DNS Errors Misconfigured Modems or communication software Insufficient Bandwidth Excessive Network Based Application Temporary Modem Failures Daisy Chaining Spyware Infestation Some Common Failures Modem Not Responding Modem Damaged Modem Not Compatible System Crashes Troubleshooting Modems External Modems Internal Modems Module: Troubleshooting Network Introduction to troubleshooting Troubleshooting Network devices Windows PC Network Interface Card Troubleshooting Cisco Aironet Bridge Troubleshooting bridges using the ITPro Global ® 2009 www.itpro.net.vn Troubleshooting Wireless devices Checking the Led Indicators Checking Basic setting SSID WEP Keys Security Setting A Troubleshooting Methodology Overview of Troubleshooting Troubleshooting Strategies Recognizing Symptoms Understanding The Problem System Monitoring Tools Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Network Monitor Troubleshooting Physical Problems Performance Monitors Troubleshooting Link Status Protocol Analyzer Physical Troubleshooting Tools The Protocol Analysis Process Troubleshooting the Topology Testing the Cause of the problem Troubleshooting the Fault Domain Solving Problem Tracing connectivity Device Manager Troubleshooting Network Communication ipconfig Performance Measurement Tool Identifying Communication Problems Host Monitoring Tool Using Ping and Traceroute Point Monitoring tool Exploring Network Communications Network Monitoring Tool Find Path Information Access point Interface Identify Communication Capabilities Load balancing Troubleshooting with IP Configuration Utilities Troubleshooting with Ping Troubleshooting with Tracert Configuration Best Practices for windows 2000,windows Server Troubleshooting with Arp General consideration Troubleshooting with Telnet Security ad Manageability Troubleshooting with Nbstat High Availability Troubleshooting with Netstat Troubleshooting Network Load Balancing Troubleshooting with FTP Troubleshooting with Nslookup Problems and Solutions Troubleshooting NTP Network adapter is unplugged Network adapter has limited or no connectivity Network adapter is connected, but you can't reach the Internet Troubleshooting Connectivity TCP/IP Troubleshooting Utilities How to isolate networking problems (Windows XP): Network Adapter Causes for connectivity Problem ITPro Global ® 2009 www.itpro.net.vn Troubleshooting Tools Hardware-Based Troubleshooting Tools Network Technician’s Hand Tools The POST Card Memory Testers Electrical Safety Rules Wire Crimpers Punch Down Tools Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Circuit Testers Internal configuration sources Voltmeters Router Initiation Cable Testers Loading the configuration files Crossover Cables Configuring from the TFTP Server Hardware Loopback Plugs The Setup Configuration Mode LED Indicator Lights CLI configuration mode Tone Generators Router Configuration Modes Global Configuration mode Module: Hardening Routers Interface Configuration mode Introduction to Routers Line Configuration Mode Routing Metrics Privilege EXEC mode Multiple Routing ROM Monitor mode Types of Routers User EXEC Mode Routing Algorithms Finger Tool Internet work Operating Systems (IOS) Disabling the auxiliary and closing extra interfaces IOS: FEATURES Routing Principles The ARP Process LAN – to- LAN Routing Process LAN –to- WAN Routing Process Modes Of Operation User Mode Enable Mode Global Configuration MODE BOOTp service TCP and UDP small servers Disabling Proxy ARP Disabling SNMP Disabling NTP Hardening a Router IP Routing Configuring IP and IP routing Configuring RIP IP Source Routing Configuration of Routers External configuration sources ITPro Global ® 2009 www.itpro.net.vn Configuring a banner Passwords and secrets Encrypting passwords Creating end user accounts Setting session time-out periods Cisco Discovery Protocol Configuring CDP Logging Concept Log Priority Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Configuring Logging Timestamping Cisco Logging Options Console Logging Buffered Logging Terminal Logging Syslog Logging SNMP Logging Filtering Network Traffic Access Control List Reviewing IP Traffic and Configuring static Routers Types of Routing Distance Vector Routing Link State Routing Routing Protocols Routing Information Protocol (RIP) Interior Gateway Routing Protocol (IGRP) Enhanced Interior Gateway Routing Protocol (EIGRP) Open Shortest Path First (OSPF) Border Gateway Protocol (BGP) Basics of ACL Creating Access Control List Routing Table Maintenance Protocol (RTMP) ACl Types Troubleshooting a router Monitoring ACL Troubleshooting tools Implementing ACL Securing Routers: ACL Troubleshooting with network management tools Troubleshooting IP Connectivity in Routers Troubleshooting PPP Troubleshooting Frame Relay Troubleshooting X.25 Troubleshooting ISDN Log System Error Messages Securing Routers: Committed Access Rate Securing Routers: Secure Shell Authentication methods Configuring SSH Default Locations of Secure Shell Files Generating the Host Key Ciphers and MAC’s Compression Configuring Root Logins Restricting User Logins Router Commands Configuring Router Interface setting Managing Router Configuration Components of router security Router security: testing tools Module: Hardening Operating Systems BIOS security Windows Registry Registry Editor Rootkit Revealer Configuring Windows Services ® ITPro Global 2009 www.itpro.net.vn E-mail Services Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Regional settings Update System Virtual Servers Antivirus Share Point Portal Server Anti Spyware Antivirus Protection Anti Spam Process Resource Access Windows Windows Server 2003 Managing Access control Windows 2003 Infrastructure Security Resource Access Privileges Windows 2003 Authentication Access Lists Windows 2003 Security Configuration Tools Windows 2003 Resource Security Windows 2003 Auditing and Logging Windows 2003 EFS Windows 2003 Network Security Discretionary Access Control List (DACL) Privileges Objects And Permissions Rights Vs Permissions NTFS File System Permissions Encryption File System Windows Network Security Computer Management File Management Security Configuration And Analysis Tool Firewalls Windows infrastructure features Active Directory Group Policy Share Security Dynamic DNS updates Kerberos Authentication And Domain Security Trust Relationships Between Domains IP Security Windows Certificate Authorities Certificate Authority Requirements Major Functions of a CA Hierarchy Certificate Standard and Format Implement Microsoft Certificate Authorities Implement a Microsoft Enterprise Root CA Desktop Management Troubleshoot User Logons Troubleshoot User Configuration Troubleshoot System performance File Management Troubleshooting Access to Files And Folders Troubleshooting Access to Shared Files And Folders Troubleshooting Access to Offline Files and Folders Problems With IP Security Windows Security Tools Security Issues ITPro Global ® 2009 www.itpro.net.vn Troubleshooting User Account Control Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Troubleshooting Windows Firewall Introduction to Linux Certificate Authorities Troubleshooting Windows Defender and Locators Certificate Authorities for Linux Preparing to Install a CA Open LDAP Using CATool Linux User and File system Security Administration Security Data Security Network Security OS Security Measures Linux Update Agent Configuring Unix Services User Management etc/password fields etc/shadow fields Account Security Password Security Shadow Password Pluggable Authentication Module Configuring PAM Pam Configuration Files PAM Framework Security With PAM Network Information Services Group Management Utilities Network File System Permission Management Tools System Logger Utility Unix Security UNIX Security Checklist v2.0 Guest Account User Account etc/password fields Using Kerberos Authentication etc/shadow fields Rendezvous Security etc/gshadow etc/group Macintosh Security Enterprise Security Application Security Restricting User Capabilities Command Line administration Tools File System and Navigation File And Directory Permissions Module: Patch Management Introduction Default Directories Network Interface configuration The Patch Concept Security Scripting Patch Sources Useful Linux Security Tools Patch testing Linux Certificate Authorities ITPro Global ® 2009 www.itpro.net.vn Patch Monitoring and Management Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Create a Change Process Monitor the Patch Process Consolidating Patches on Red hat Network version Patch Management Tool Selecting a Tool Configuring the Proxy Server Learning Curve Configuring the Proxy Client Platform Support System targeting Ease of Use Connection Sensitivity Red Hat Up2date Patch Management Utility Installation Steps Red Hat Up2date Patch Management: Command Line Interface Security Patch Compliance Deployment Schedule Distribution Cost Discovery and zero-touch inventory Client Adoption Microsoft Baseline Security Analyzer Troubleshoot Security Patch Management Qchain Reporting BES Patch Management Shavlik HFNetChkPro 5 Patch Management Process Patch Management Tools Identification PatchLink Update Assessment Phase SecureCentral™ PatchQuest Inventory Base Lining Module: Log Analysis Phase Introduction to Log Analysis Obtainment Overview of log analysis Testing Audit Events Deploy Phase Log Types Deployment Preparation Content Deployment of the Patch Source Format Confirmation Windows Update Services Microsoft Patch Management Tool: Microsoft Baseline Security Analyzer MBSA: Scanning Updates in GUI Mode MBSA: Scanning Updates in Command-line ITPro Global ® 2009 www.itpro.net.vn Log Files Access_log Variables of Access_log Analysis of logs Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center access_log IIS Logs Domain type Limitations of log files Hours System Log Aggregation, Statistics And Analysis Hits Introduction To Syslog Threading Estimating log quantities and log system requirements Back-hauling your logs Building a central loghost Parsing and normalizing Bayesian spam filters for logging Storage and rotation Entrance Exit Clock Analysis Download Time agent log Browser Databases and logs Version Graphing log data Operating System Alerting Legalities of logs as evidence error_log Error 404 Stopped Transmission Secure Audit Logging Cross Reference Setting Up Remote Logging refer log Linux Process Tracking Windows Logging Referral Overview of logging Missing Links TCPDump logs Web Server Log Analysis Logging on Windows loghosts NTsyslog Remote Logging in Windows Analog Application Logging Mach5 FastStat Analyzer Extended Logging Web Trends Firewall Logging Happy Log Net Merit Importance of Time Synchronization Click Tracks Passive Detection Methods Word Tracker Apache Logs ITPro Global ® 2009 www.itpro.net.vn Monitoring for Intrusion and Security Event EventCombMT Event Collection Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Scripting Investigating Log Files Watchlog LogDog Log File Rotation Tools Log file Codes Log File Information LogController Log Messages Newsyslog Spinlogs Importance of log review Optimizing system and network Performance Trimlog Identifying security incidents, policy violations, fraudulent activities, and operational problems System Log Rotation Service(SLRS) Bzip2 How to Secure Logs(Log Security) Performing audits and forensic analyses Supporting internal investigations Limit Access To Log Files Establishing baselines Avoid Recording Unneeded Sensitive data Identifying operational trends and long-term problems Protect Archived Log Files Secure The Processes That Generate the Log Entries Configure each log source to behave appropriately when logging errors occur Implement secure mechanisms for transporting log data from the system to the centralized log management servers Log Analysis Tools UserLock WSTOOl Auditing tools ASDIC Tenshi SpoofMAC Gentle MAC PRO Log Manager Generic Log Parsing Tools LogSentry SL2 Flog Simple Log Clustering Tool(SLCT) xlogmaster GeekTool (mac O.S) Dumpel.exe (Windows O.S) ITPro Global ® 2009 www.itpro.net.vn Module: Application Security Importance of Application Security Why Is Web Security So Difficult? Application Threats and Counter Measures Web Applications Managing Users Managing Sessions Cookies What is in a Cookie Working of a Cookie Persistent Vs Non-Persistent Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Secure Vs Non-Secure Common Threats On Web Session Tokens Identity theft Session Tokens Spam Mail Authentication Tokens Distributed Denial of Service(DDoS) Encrypting Private Data Reflection Dos Attack Event Logging Parasitic Malware What to Log Bots Log Management Cross Site Request Forgery Session Hijacking Embedded Application Security (EMBASSY) TCP/IP security Technology Smurf attack IPSec And SSL Security FTP bounce IPSec And SSL Security In Embedded Systems RSS/Atomic Injection DNS Attack Network Security For Embedded Applications Content Spoofing Embedded Network Security Hardware Instructions Logical Attacks Buffer Overflow IP and Routing Protocol Spoofing Secure Coding Common Errors Buffer Overflow Format String Vulnerabilities Authentication Authorization Cryptography Best Practices For Secure Coding Distrust User Input Input Validation Magic Switches Malicious Code Detection Module: Web Security Identifying Unauthorized Devices Restrictive Access Network Addresses Altering the Network Addresses Tracking the Connectivity: Tracert/Traceroute Testing the Traffic Filtering Devices Installing and Protecting IIS Client Authorization Certificate Authorities Client-Side Data Client Authentication User’s Approach Authentication Techniques Overview of Web Security ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Input Data Validation Image Browsing Analysis Browser Security IPIX VRML Mozilla Browser Audio Internet Explorer Multimedia Security Setting of Internet Explorer Shockwave Configuring Security Zone Real Player Setting up the Internet Zone Shockwave Flash Setting up the Intranet Zone Quick Time Setting up Trusted and Restricted Sites Zone Working with domain Name suffixes Selecting Custom level Settings Miscellaneous Options User Authentication Browser hijacking Preventing Restoring Tools: Stringer Download Cwshredder Microsoft Anti Spyware software Browser Behavior Analysis Benefits of Behavior Analysis Browser Security Settings Dynamic Code Securing Application Code Netscape/IE Plug-Ins ITPro Global ® 2009 www.itpro.net.vn Util Net Zip Plug-in Asgard Plug-in Wizard Neptune Others Browser Analysis Plug-ins Java Plug-in Mozilla Firefox Plug-ins Acrobat Reader Adobe Flash Player Java Quick Time RealPlayer Shockwave Windows Media player The Validate HTML Plug-ins Accessibility Analyzer Validate Sites HTML Wayback Versions Validate P3P View In BugMe Not Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Webpage Speed Report Field names and values Validate Links (W3C) Address list Open Text Recipients and Senders Validate RSS Response targets and threading Validate CSS E-Mail Servers Validate HTML Testing the Email Server Common Gateway Interface(CGI) CGI Script E-Mail Encryption Centurion mail CGI Mechanism Kerberos Web Servers Hush Mail Mechanisms and Variables Pretty good privacy Third part CGI Scripts Secure Hive Server Side Includes CGI operation Installing WorkgroupMail Configuring Outlook Express Responding To the Client Secure Email Using the Client to call a CGI application Certificate Revocation E-mail Authentication Module: E-mail Security Mail Transfer Overview of E-mail Authenticating Sender History of E-mail Basics of E-Mail Types of E-Mail Web Based Versus POP3 E-mail E-mail protocols// inc all protocols Multipurpose Internet Mail Extensions(MIME) /Secure MIME Pragmatic General Protocol(PGP) Simple Mail Transfer Protocol(SMTP) Components of an Email Headers Working of an E-Mail header Examining an E-Mail header Reading E-Mail headers Opening Attachments Reading E-Mails for different clients ITPro Global ® 2009 www.itpro.net.vn SMTP: Vulnerabilities Post Office Protocol(POP) and its POP3 Internet Message Access Protocol(IMAP) Client and server architecture E-Mail Security Risks Spoofed Addresses Spam Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Smart Cards Hoaxes Phishing VeriSign Authentication Snarfing Evolution of Encryption Malware Introduction to Encryption E-Mail spoofing Encryption Systems E-Mail viruses Firewalls Implementing Encryption Gateway virus scanners Lack of Encryption Outlook Viruses Cost of encryption E-mail Attachment Security Preserving data integrity E-Mail Spamming Maintaining confidentiality Protecting against spam Authentication and Identification Spam filters Authenticity of N/W clients Key Based Encryption Systems E-Mail Bombing, Chain letters How to defend against E-Mail security risks Symmetric Key Quarantining Suspicious Email Public Key Vulnerability check on Email System Public Key: SSL Tools for E-mail Security ClipSecure CryptoAnywhere BCArchive CryptainerLE GfiMailEssentials SpamAware Hashing Algorithms Encryption Algorithms Tracking e-mails readnotify Module: Authentication: Encryption, Cryptography and Digital Signatures Authentication Authentication Tokens RSA SecurID ITPro Global ® 2009 www.itpro.net.vn RSA Algorithm Performing RSA Encryption and Decryption Create your RSA Key Pair Creating RSA keys Encrypting and Decrypting with RSA Cracking an RSA Encrypted Message Diffie Hellman Algorithm Finding Diffie-Hellman Public Keys DSS and DSA ELGAMAL CRYPT(3) Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center RC2 and RC4 Transport Mode IDEA Tunnel Mode SNEFRU RIPE-MD Choosing Best IPSec Mode for Organizations HAVAL SKIPJACK XOR BLOWFISH camellia Cast encryption algorithm Tiny encryption algorithm SCA: Size-Changing Algorithms IPSec Processing Fragmentation Enabling IPSec Algorithms for IPSec Protocols Analyzing popular encryption schemes AH ESP Levels of IPSec Client Symmetric Vs Asymmetric Encryption Server Symmetric key encryption Secure Server Asymmetric key encryption IPSec Protocol Security Hashing IPSec Policies PGP IP Filters X.509 Filter Action SSL Authentication Methods Tunnel Setting Connection Type Types of Encryption Algorithms Symmetric Key Encryption Password Based Encryption Asymmetric key encryption IPSec Policy Management Cryptography Hashing algorithms History of Cryptography IP Sec Math and Algorithms Understanding Private key Exchange IPSec Architecture Public Key Exchange Components of IPSec Message Authentication Modes ITPro Global ® 2009 www.itpro.net.vn DES for Encryption Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center DES ECB and CBC Analysis Introduction to Virtual Private Network Private Key Exchange Types of VPN 3DES Remote Access VPN’s HMAC/MD5 and SHA for Authentication Intranet Access VPN’s ExtraNet VPN’s Limitations Digital Certificates Working of VPN Tunneling Securing Data Making Combination Work Paper Certificates and Identity Cards Authorities that Issue Physical Certificates Difference Between Physical and Digital Certificates Standards For Digital Certificates Fundamentals of Tunneling X.509 as Authentication Standard Tunneling Protocol Public Key Certificate Secret Key Certificate Goals And Assumptions Viewing digital certificates Terminology Certificate Encryption Process Control Connections Security And Disadvantages Encrypted File System Public and Private Keys Tunneling Point to point Tunneling Protocol(PPTP) Layer 2 Tunnel Protocol A Public Key Generated by PGP Characteristics Choosing the size of keys L2TP Header Format Generating Keys L2TP Control Message header Using a Key Server that is on a User’s Network L2TP Data message L2TP Compulsory Tunnel L2TP Voluntary Tunnel Using an Online Key Server Digital Signatures Signature as identifiers Features of Digital Signatures Digital Signature In practice PKI Standards of Digital Signatures VPN Security Encryption IPSec Server AAA Server Connection to VPN SSH And PPP Module: Virtual Private Networks ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Concentrator Wireless Cards Other Methods Antenna Step1: Setting Up VPN Wireless Desktop Cards Step2: Implement DHCP Services Wireless Laptop Cards Step3: Create An Enterprise Certificate Authority Wireless USB Adapters Step 4: Install IAS Wireless Internet Video Camera Step 5: Configure IAS Digital Media Adapter Step 6: Create A Remote Access Policy Wireless Converters Step 7: Configure The VPN Server Wireless Print Server Step 8: Associate The VPN Server With The DHCP Server Wireless Rechargeable Bluetooth mouse Step 9: Configure Remote Clients Step 10: Test The Client Connection VPN Policies VPN Registrations And Passwords Risk Associated With VPN Wireless Technologies Personal Communication Services(PCS) Time Division Multiple Access(TDMA) Code Division Multiple Access(CDMA) ARDIS BlueTooth Pre Implementation Review – Auditing Implementation Review – Auditing Post Implementation Review And Reporting Frequency and Data rates Bluetooth Architecture and components Ultra Wideband Wireless Communications: Examples Module: Wireless Network Security Introduction to Wireless Satellite communications Cellular phone communications Types of wireless networks: WLAN, WWAN, WPAN and WMAN Wired Vs. Wireless Networks PDA Advantages and Disadvantages of Wireless BlackBerry Types of Wireless Networks Devices using Wireless Communications Service Set Identifier (SSID) Detecting Wireless Network Based on Type of Connection Based on Geography How to scan Components of Wireless Network Tool: Kismet Netstumbler Access Points ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Types of Wireless Attacks Man in the Middle Attacks Eavesdropping Manipulation Denial of Service or Distributed Denial of Service Social Engineering “Weak key” Attacks Dictionary Attacks Birthday Attacks Wireless Threats Rogue Access Points MAC Sniffing and AP Spoofing Wireless Security Eavesdropping Security Vulnerabilities With Public Access Wireless Networks WEP Key Cracking Tools WEPCrack AirSnort Aircrack Authentication Mechanism Kerberos Components Exchanges Of Kerberos Client Security Measures Risks Due To Wireless Networks Wired Equivalent Privacy Multifactor Authentication WLANs in Public Space WPA Open Wi-Fi Vulnerabilities Unauthorized Network Access Communications Hotspot LDAP Overview of Wi-Fi Authentication Change the SSID Use Encryption Use a VPN Use a Firewall WLAN Security Policy Development Issues Goals And Characteristics Auditing WLAN Security Policy RADIUS Authentication Security Configuration Wireless Auditing Baselining DHCP Services Server And Client Mobile Security Through Certificates Wireless Network Attack Tool: AirSnarf Certificate Management Through PKI Tools to detect MAC Address Spoofing: Wellenreiter v2 Trouble Shooting Wireless Network WLAN Management Detecting Rogue Points ITPro Global ® 2009 www.itpro.net.vn Multipath and Hidden Node Identifying And Resolving Interface Problems Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Wireless Network Security Checklist Module: Creating Fault Tolerance Network Security: Fault Tolerance RAID Level 0(Striping) RAID Level 1(Mirroring or Duplexing) RAID Level 2(Striping with Error Correction Code(ECC)) RAID Level 3(Striping with Parity on a single Drive) RAID Level4(Striping by block with Parity on a single Drive) RAID Level 5(Striping with Parity Information Spread Across Drives) Why Create Fault Tolerance Planning For Fault Tolerance Network Security Key Aspect of Fault Tolerance Fault Tolerant Network Reasons for Network Failure Clustered Servers Simple Server Redundancy Viruses And Trojans Archiving Intrusion And Unauthorized Access Auditing Power Supply Failure Reasons For System Failure Anatomy of Auditing Auditing Mechanism Audit Browsing Crime User Error Deployment Testing Environmental Circuit Redundancy Routine Events Offsite Storage Preventive Measures Perimeter Security Physical Security Understanding Vulnerabilities Backups Authentication Security Policies Files Back up Tape Backup – Pros And Cons Practical tips Module: Incident Response Setting Privileges What is an Incident Access Rights Category of Incident Partitions Types of Incident Peripherals Who should I report an Incident UPS And Power Generators Step by Step Procedure RAID Managing Incidents ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center What Is an Incident Response Recovery of Small and Large Computer Systems Incident Response Architecture Emergency Management Six Step Approach for Incident Handling (PICERF Methodology) Disaster Recovery Planning Preparation Identification Containment Eradication Recovery Follow-up Incident Response Team Basic Requirements Ways of Communication Staffing Issues Stages Obstacles in Building a Successful Incident Response Team Computer Security Incident Response Team Services Reactive Services Proactive Services Security Quality Management Services Process of Disaster Recovery Plan Organizing Training Implementing Process Disaster Recovery Testing Testing Process Testing Steps Testing Scenarios Disaster Recovery Planning Team Training the Disaster Recovery Planning Team Business Process Inventory Risk Analysis Concept of risk Analysis Methods of Risk Analysis Process of Risk Analysis Continuous Risk Assessment Techniques To minimize Risk Business Continuity Planning Process Module: Disaster Recovery and Planning Overview of Disaster and its types What is a Disaster Recovery Principles of Disaster Recovery Types of Disaster Recovery Systems Synchronous Systems Asynchronous Systems Backup Site ITPro Global ® 2009 www.itpro.net.vn Business Impact Analysis Risk Assessment Other Policies, standards and process Monitoring Business Continuity Management Six myths about Business Continuity Management and Disaster Recovery Disaster Prevention Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module: Network Vulnerability Assessment Statistics of Network Vulnerabilities in 2006 Vulnerability Assessment Vulnerability Assessment services Advantages of Vulnerabilities Assessment services Goals of vulnerability assessment Features of a good vulnerability assessment Phase 1- Acquisition Phase 2 - Identification Phase 3 - Analyzing Phase 4 - Evaluation Phase 5 - Generation How to assess vulnerability assessment tools Selecting vulnerability assessment tools Tools: Network Vulnerability Assessment Timeline SAINT Network Vulnerability Assessment Team Nessus Vulnerability classes BindView Source Of Vulnerabilities Nmap Design Flaws Ethereal Poor Security management Retina Incorrect Implementation Sandcat Scanner Vforce NVA-Team Checklist Choice of Personnel for Network Vulnerability Assessment Network vulnerability Assessment methodology: ITPro Global ® 2009 www.itpro.net.vn 10.1.10. Tool: ScanIT Online Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Education Services QUẢN LÝ DỰ ÁN (PM) CHỨNG CHỈ QUỐC TẾ 212-79 THỜI LƯỢNG KHÓA HỌC: 5 ngày TỔNG QUAN KHÓA HỌC Khóa học này được thiết kế để dạy cho học viên các quy tắc cơ bản để quản trị tốt một dự án. Học viên sẽ học cách xác định và lên kế hoạch các nguồn tài nguyên dự án, tạo lập sơ đồ hoạt động của dự án, và làm yêu cầu chủ yếu các báo cáo hoạch định và đánh giá. Các vấn đề quan trọng của việc lựa chọn nhân sự và quản trị nhóm cũng được giảng dạy. Những mục tiêu học tập này được tăng cường bằng khóa học dự án cho phép học viên áp dụng những nguyên lý và các công cụ mà họ đã học được KIẾN THỨC ĐẠT ĐƯỢC Một dự án là một nỗ lực được thực hiện để tạo ra một sản phẩm hay dịch vụ độc đáo. Mỗi dự án có một sự khởi đầu và một sự kết thúc nhất định. Và mỗi sản phẩm hay dịch vụ được tạo ra thì khác nhau ở một khía cạnh nào đó so với các sản phẩm và dịch vụ tương tự. Có rất nhiều loại dự án khác nhau phụ thuộc vào từng ngành công nghiệp và phạm vi hoạt động. Một vài ví dụ: Phát triển một sản phẩm hay dịch vụ mới, Thực hiện một sự thay đổi về cơ cấu, nhân viên, hay phong cách của một tổ chức, Thiết kế phần mềm máy tính, ví dụ như một hệ thống (kho) quản trị vật tư, một hệ thống xử lý khiếu nại, hay một hệ thống kế toán. Quản trị dự án có nghĩa nhiều hơn việc đơn thuần lập kế hoạch. Nó liên quan đến việc cân đối rất nhiều các phần việc khác nhau, những việc mà các giám đốc dự án sắp xếp thành chín lĩnh vực kiến thức. Một dự án điển hình bắt đầu với việc ai đó có một ý tưởng, hoặc bằng một ý tưởng thống nhất thông qua thảo luận. Rồi ý tưởng đạt được sự chấp thuận từ một nhóm rộng hơn: có thể không chính thức thông qua thảo luận với các đồng nghiệp và sau đó thông qua một quá trình chính thức hơn liên quan đến Ban quản trị cao cấp, Ban giám đốc hay Hội đồng quản trị. Điều này sẽ dẫn đến một quá trình lập quỹ, quá trình thường tạo ra sự chậm trễ đáng kể, và rồi, nếu việc lập quỹ thành công, dự án có thể bắt đầu, nhân viên sẽ được tuyển và công việc có thể bắt đầu. Công việc này phải được lập kế hoạch và quản lý, các vấn đề được giải quyết, đến khi dự án hoàn thành, hy vọng là thành công, và được kết thúc. Các phương pháp chính thức của của Quản trị dự án cung cấp một khung để quản trị quá trình này, cung cấp một loạt các yếu tố - các khuôn mẫu và thủ tục để quản trị dự án thông qua vòng đời dự án. Các yếu tố chính bao gồm: Xác định mục tiêu rõ ràng của dự án một cách chính xác, hệ thống. Phân chia dự án thành các nhiệm vụ và giai đoạn có thể quản lý được. Kiểm soát các dự án thông qua các giai đoạn của dự án sử dụng việc xác định dự án như là một nền tảng. Nêu bật các rủi ro và thiết lập các thủ tục cụ thể để thực hiện. Cung cấp các cơ chế để làm việc với cá vấn đề chất lượng. Xác định vai trò để cung cấp các nền tảng cho nhóm hoạt động hiệu quả. ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Education Services ĐỐI TƯỢNG KHÓA HỌC Những học viên quan tâm học các nguyên lý cơ bản của quản trị tốt dự án CHỨNG CHỈ KHÓA HỌC Chương trình này cung cấp kiến thức và kỹ năng học viên cần để thi đạt yêu cầu môn thi Quản lý dự án của EC-Council 212-79. Môn thi 120 phút sẽ được tiến hành vào ngày cuối của lớp học tại địa điểm lớp ( Đăng ký thi qua Trung tâm Prometric) NỘI DUNG KHÓA HỌC Module I: Giới thiệu về Quản lý dự ánIntroduction to Project Management Hiểu được khái niệm dự án và các đặc tính của dự án Tầm quan trọng của Quản lý dự án Hiểu được Vòng đời dự án Hiểu được việc phân tích những người liên quan đến dự án Làm quen với Khung quản lý dự án Xem xét các yếu tố khác nhau của Quản lý dự án Học các cách ứng xử trong Quản lý dự án và Quản lý dự án phần mềm Module II: Tổng quan về Lập kế hoạch và đánh giá dự án- Overview of Project Planning and Evaluation Học về lập ké hoạch dự án Học về các bước trong lựa chọn dự án Hiểu việc đánh giá dự án Module III: Quản lý chiến lược và Lựa chọn dự án- Strategic Management and Project Selection Hiểu được tiêu chuẩn lựa chọn và bản chất của lựa chọn dự án Hiểu được loại hình số và không số của việc lựa chọn dự án và các hình thức của nó Hiểu được cách lập kế hoạch kỹ thuật Hiểu được Quy trình Lập bảng tổng hợp danh mục đầu tư các dự án (PPP) Module IV: Phương pháp Quản lý dự án- Project Management Methodology ITPro Global ® 2009 www.itpro.net.vn Hiểu được các kế hoạch, phương thức và phương pháp của Quản lý dự án Hiểu được khung Quản lý dự án và các bước của nó Hiểu được Phương thức phát triển hệ thống theo chức năng và các nguyên tắc của nó Hiểu việc thực hiện của các phương thức và phương pháp Tạo WBS, Dự tính, và Các tiêu chuẩn kiểm tra và tầm quan trọng của các chuẩn Học về các gói và các công cụ phần mềm và việc thực nhiện chúng Module V: Quản lý dự án thống nhất- Project Integration Management Về thống nhất quản lý dự án Biểu đồ quản lý dự án thống nhất Phát triển Chuẩn y dự án Yêu cầu đầu vào và đầu ra trong xây dựng Chuẩn y dự án Các công cụ và công nghệ trong xây dựng Chuẩn y dự án Điều hành và kiểm soát Chuẩn y dự án Yêu cầu đầu vào và đầu ra trong Chuẩn y dự án Kiểm soát sự thay đổi thống nhất Yêu cầu đầu vào và đầu ra trong kiểm soát sự thay đổi thống nhất Các công cụ và công nghệ trong kiểm soát sự thay đổi thống nhất Kết thúc dự án Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Education Services Yêu cầu đầu vào và đầu ra của kết thúc dự án Các công cụ và công nghệ của kết thúc dự án Tóm lược Module VI: Quản lý phạm vi dự án- Project Scope Management Hiểu Quản lý phạm vi dự án và các chu trình quản lý phạm vi dự án Hiểu Lập kế hoạch phạm vi dự án, yêu cầu đầu vào, các công nghệ được sử dụng và các kết quả đầu ra. Học điịnh nghĩa phạm vi dự án, các yêu cầu đầu vào, các công nghệ được sử dụng và các sản phẩm đầu ra. Hiểu việc tạo ra WBS, các yêu cầu đầu vào, các công cụ và công nghệ và kết quả đầu ra Hiểu viẹc kiểm tra phạm vi dự án, yêu cầu đầu vào, các công cụ và công nghệ được sử dụng và các kết quả đầu ra. Học việc kiểm soát phạm vi dự án, các yêu cầu đầu vào, các công cụ, công nghệ được sử dụng và kết quả đầu ra. Module VII: Quản lý thời gian dự án- Project Time Management Các chu trình Quản lý thời gian dự án Quản lý hoạt động Hoạt động: Tính toán tài nguyên Chuỗi các hoạt động Tính toán độ dài các hoạt động Lập kế hoạch dự án Kiểm soát kế hoạch Phát triển kế hoạch Kiểm soát kế hoạch: Tác động lên chi phí. Tóm lược Module VIII: Phân tích tài chính dự án- Project Financial Analysis Tầm quan trọng của Phân tích tài chính dự án Tầm quan trọng của các Quyết định Đầu tư Hiểu biết thiết yếu dự án ITPro Global ® 2009 www.itpro.net.vn Phương pháp quản lý đối với Tài chính dự án Sự liên quan đến vòng đời dự án Lập kế hoạch các chiến lược đầu tư Kiểm tra Luận chứng khả thi tài chính Sử dụng các công nghệ và các đề án tài chính Sử dụng các phương pháp đánh giá Module IX: Quản lý chi phí dự án- Cost Management Tầm quan trọng của Quản lý chi phí dự án Quan điểm quản lý của Quản lý chi phí Chu trình của Quản lý chi phí Lập kế hoạch tài nguyên Dự tính của Chi phí dự án Sự kết nối then chốt của chi phí dự án Xây dựng và phân bổ Ngân sách Thực hiện kiểm soát chi phí Các nhân tố ảnh hưởng vượt quá chi phí Module X: Quản lý chất lượng dự án- Quality Management Tầm quan trọng của Quản lý chất lượng dự án Theo dõi chất lượng của Những người liên quan đến dự án Các khái niệm cơ bản của Quản lý chất lượng dự án Các chu trình của Quản lý chất lượng dự án Kế hoạch quản lý chất lượng Thiết kế hệ thống quản lý chất lượng Các yếu tố của hệ thống quản lý chất lượng Mô hình đánh giá của đảm bảo chất lượng và Kiểm soát chất lượng Quản lý chất lượng tổng thể (TQM) Module XI: Quản lý mua sắm dự án- Project Procurement Management Tổng quan Mô tả kế hoạch thu mua và các yêu cầu cần đạt được Yêu cầu đầu vào và kết quả đầu ra của kế hoạch thu mua và yêu cầu cần đạt được Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Education Services Các công cụ và công nghệ của kế hoạch thu mua và các yêu cầu cần đạt được Kế hoạch ký kết hợp đồng Yêu cầu đầu vào và kết quả đầu ra của kế hoạch ký kết hợp đồng Các công cụ và công nghệ của kế hoạch ký kết hợp đồng Yêu cầu phản hồi của nhà cung cấp Yêu cầu đầu vào và kết quả đầu ra của yêu cầu phản hồi của nhà cung cấp Các công cụ và công nghệ của Yêu cầu phản hồi của nhà cung cấp Lựa chọn nhà cung cấp Các yêu cầu đầi vào và kết quả đầu ra của lựa chọn nhà cung cấp Các công cụ và công nghệ của lựa chọn nhà cung cấp Quản trị hợp đồng Yêu cầu đầu vào và kết quả đầu ra của Quản trị hợp đồng Các công cụ và công nghệ của Quản trị hợp đồng Kết thúc hợp đồng Các yêu cầu đầu vào và kết quả đầu ra của kết thúc hợp đồng Các công cụ và công nghệ của kết thúc hợp đồng Tóm lược Module XII: Quản lý rủi ro dự án- Project Risk Management Quản lý rủi ro là gì? Các loại rủi ro Lập kế hoạch quản lý rủi ro Các công cụ và Công nghệ của Quản lý rủi ro Phân tích rủi ro Các nhân tố rủi ro định lượng và định tính và cac syêu cầu đầu vào và kết quả đầu ra Các công cụ và công nghệ của các nhân tố rủi ro Lập kế hoạch đối phó với rủi ro Các yêu cẩu đầu vào và kết quả đầu ra của đối phó rủi ro ITPro Global ® 2009 www.itpro.net.vn Các chiến lược lập kế hoạch đối phó rủi ro Kiểm tra và kiểm soát rủi ro Các yêu cầu đầu vào và kết quả đầu ra của kiểm soát và kiểm tra rủi ro Module XIII: Quản lý nguồn nhân lực dự ánProject Human Resources Management Quản lý nguồn nhân lực dự án Lập kế hoạch nguồn nhân lực dự án Yêu cầu đầu vào và kết quả đầu ra của lập kế hoạch nguồn nhân lực dự án Các công cụ và công nghệ của lập kế hoạch nguồn nhân lực dự án Yêu cầu các nhân viên cần thiết Yêu cầu đội dự án Yêu cầu đầu vào và kết quả đầu ra của yêu cầu đội ngũ dự án Các công cụ và công nghệ của yêu cầu đội ngũ dự án Xây dựng đội ngũ dự án Yêu cầu đầu vào và kết quả đầu ra của xây dựng đội ngũ dự án Các công cụ và công nghệ xây dựng đội ngũ dự án Quản lý đội ngũ dự án Yêu cầu đầu vào và kết quả đầu ra của quản lý đội ngũ dự án Các công cụ và công nghệ của quản lý đội ngũ dự án Chuẩn bị lập ké hoạch tổ chức Lãnh đạo phát triển đội ngũ dự án Tạo dựng các hoạt động xây dựng đội ngũ Áp dụng các kỹ năng quản lý chung Module XIV: Kiểm tra dự án và Kết thúc dự ánProject Audit and Closure Tầm quan trọng của kiểm tra diự án Các yêu cầu của Kiểm tra dự án Vòng đời kiểm tra dự án Các trách nhiệm của người kiểm tra dự án Đánh giá thành công dự án Thủ tục kiểm tra dự án Các xem xét kiểm tra dự án Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Education Services Kết thúc dự án Các loại kết thúc dự án Thủ tục kết thúc dự án Kết thúc các dự án không thành công Báo cáo kết thúc dự án Module XV: Quản lý các quy chuẩn và tương lai dự án- Ethics and Future of Project Management Các quy định chuẩn và tương lai của Quản lý dự án Các quy chuẩn quản lý dự án Sự cần thiết của các quy chuẩn Các quy chuẩn của tổ chức Các trách nhiệm của Giám đốc dự án Chuẩn các quy định Quy chuẩn trong không khí làm việc Các quan hệ với nhân viên và khách hàng Các trách nhiệm theo hướng cộng đồng Quản lý tương lai của dự án Các chi tiết của chu trình của tương lai Quản lý các xu hướng mới Cộng tác của Quản lý dự án Các vấn đề phát sinh với sự thay đổi trong xu hướng Quản lý các dự án quốc tế Tương lai của các sự án ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Phục hồi thảm họa và duy trì kinh doanh liên tục (Disaster Recovery and Business Continuity) Thời lượng: 5 ngày Mô tả khóa học Khóa học cung cấp cho học viên những phương pháp để nhận dạng các lỗ hổng, các điểm yếu trong hệ thống và đưa ra các biện pháp thích hợp để phòng chống nhằm giảm nhẹ những rủi ro về bảo mật cho một tổ chức. Khóa học cũng cung cấp các kỹ năng mạng một cách chuyên nghiệp, cơ bản về khôi phục sau thảm họa. Nội dung bao gồm chuẩn bị kế hoạch khôi phục sau thảm họa; đánh giá rủi ro; phát triển các thủ tục và các chính sách; hiểu rõ vị trí và mối quan hệ của các thành viên trong tổ chức; triển khai thực hiện kế hoạch và khôi phục sau thảm họa. Khóa học đưa ra một cách tiếp cận toàn diện để phát triển kế hoạch khôi phục sau thảm họa. Học viên sẽ học cách thiết lập một hệ thống mạng an toàn bằng cách thiết lập những chính sách và thủ tục cũng như làm thế nào để có thể khôi phục hệ thống mạng trong trường hợp xảy ra thảm họa. Học viên Học viên là những người có chức năng quản trị hệ thống mạng máy tính, quản trị máy chủ chuyên nghiệp, quản trị firewall, phát triển ứng dụng và các kỹ sư bảo mật. Chứng chỉ Cuối kỳ học viên sẽ làm bài kiểm tra và được cấp chứng chỉ đã hoàn thành khóa học. Để nhận được chứng chỉ của EC-Council về “chuyên ngành thảm họa và phục hồi” (Disaster Recovery Professional) học viên cần vượt qua kỳ thi trực tuyến tổ chức tại các trung tâm khảo thí của EC-Council Nội dung khóa học Module 01: Introduction to Disaster Recovery and Business Continuity Disaster Recovery & Business Continuity: Terminologies Disaster Types Consequences of Disaster Disaster Recovery & Business Continuity Principles of Disaster Recovery and Business Continuity Disaster Recovery & Business Continuity: Issues Addressed ITPro Global ® 2009 www.itpro.net.vn Activities of Disaster Recovery & Business Continuity Disaster Recovery and Business Continuity Program Disaster Recovery & Business Continuity Solutions Best Practices in Disaster Recovery & Business Continuity Program International Strategy for Disaster Reduction (ISDR) International Day for Disaster Reduction Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Module 02: Nature and Causes of Disasters Nature of Disasters Categorization of Disasters Natural Disasters Earthquakes Protecting Yourself During Earthquake Earthquakes: Volcanoes Protection from Volcanoes Forecasting Volcanoes Estimating Earthquakes Earthquakes: Tsunami Protecting Yourself During Tsunami Landslides Effects of Landslides Protecting Yourself from Landslides Hurricanes Safety Measures During Hurricanes Predicting Hurricanes Floods Effect of floods Prevention Measures Wildfires Safety Measures Drought Consequences of Drought Measures to Overcome Drought Effects Man-Made Disasters Accidents Power Outage Telecommunication Outage Categorization of Human Intentional Disasters Arson Civil Disorder Terrorism War Chemical Biological Radiological Nuclear (CBRN) Module 03: Emergency Management Emergency Emergency Management Need for Emergency Management Emergency Management Phases ITPro Global ® 2009 www.itpro.net.vn Mitigation Preparedness Response Recovery Effect of Disaster on Business Organizations Emergency Management for Business Organizations FEMA- Federal Emergency Management Agency FEMA as an Organization Activities of FEMA Module 04: Laws and Acts Applicable Acts in DR Laws and Acts in United States of America Industries: Sarbanes-Oxley Act Foreign Corrupt Practices Act (FCPA) Healthcare: HIPAA Regulations Financial Institutions: Gramm-Leach-Bliley Act Flood Disaster Protection Act of 1973 Robert T. Stafford Disaster Relief and Emergency Assistance Act CAN-SPAM Act of 2003 Federal Financial Institutions Examinations Council (FFIEC) Personal Information Protection and Electronic Documents Act (PIPEDA) Laws and Acts of Europe Data Protection Act 1998 Transmission of Personal Data: Directive 2002/58/EC Personal Data: Directive 95/46/EC Insurance: Financial Groups Directive (FGD) The Foundation of Personal Data Security Law: OECD Principles Dutch Personal Data Protection Act Austrian Federal Act concerning the Protection of Personal Data German Federal Data Protection Act Laws and Acts in Australia Health Records and Information Privacy Act (HRIP) Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Financial Transactions Reporting (FTR) Act 1988 Module 05: Business Continuity Management Business Continuity Management Business Continuity Planning Objectives of Business Continuity Planning Essential Resources in Business Continuity Planning Business Continuity Management Planning Steps ISO (International Organization for Standardization) Overview of BS 7799 / ISO 17799 ISO/IEC 17799:2005 ISO/IEC 17799:2005: Business Continuity Management Risk Analysis Risk Assessment Basic Elements of Risk Assessment Business Impact Analysis (BIA) Components of Business Impact Analysis Threat Analysis Risk Analysis and Business Impact Analysis Crisis Management Steps in Crisis Management Crisis Management Phases Compliance Preparedness Training and Resource Development Contingency Planning Points to remember in BCM Plan Testing Birmingham City Council’s BCM Assessment Template Greenwich Council – Emergency and BCM Plan Module 06: Disaster Recovery Planning Process Disaster Recovery Planning Process Management Support Organizing DR Team Components of Disaster Recovery Team Disaster Recovery Planning Team Building a Planning Team Establishing Team at the Departmental Level ITPro Global ® 2009 www.itpro.net.vn Risk Assessment Risk Assessment Conduct Business Impact Analysis Critical Business Activities Analysis Sheet Example: Analysis Sheet for IT System Roles and Responsibilities Individual: Leader Individual: Disaster Recovery Coordinator Individual: IT Administrator Individual: Network Manager Individual: Disaster Recovery Manager Individual: DR Team Member Team: Administration Team Team: Technical Team Team: Damage Evaluation and Salvage Team Team: Physical Security Team Team: Communications Team Responsibilities Common to all Disaster Recovery Teams Developing Charts of Responsibilities Facility Disaster Recovery Chart of Responsibilities Department Disaster Recovery Chart of Responsibilities Business Process Disaster Recovery Chart of Responsibilities Developing Policies and Procedures Assumptions for DR Planning Need for Disaster Recovery Planning Disaster Recovery Plan Development Disaster Recovery & Management: Budgeting Centralized Office of DR Planning: Budget Safety and Health Procedures Procedures for Internal and External Communications Procedures for Containment and Property Protection Procedures for Recovering and Resuming Operations Assessing Insurance Requirements & Coverage Needs Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Need for Insurance Evaluating Insurance Policies Testing and Training DRP Testing and Rehearsal Process DRP Testing: Advantages DRP Testing: Methods DRP Testing Steps DRP Testing Flow Chart Training DR Teams Commence Training Program for Disaster Recovery Training for Executives Training for Middle Managers Training for Supervisors Training for Disaster Response Teams Training for Employees Documentation of DR Procedures Need for Documentation of Plans Important Documentations in Disaster Recovery Process Writing Disaster Recovery Plan Best Practices for Documentation Managing Records DRP Maintenance Monitoring Process Monitoring Procedures Evaluate Latest Technologies Conducting Regular Reviews Conducting Training Programs for Updated Plan DRP Implementation DR Plan Implementation Internal and External Awareness Campaigns Module 07: Risk Management What is Risk Introduction to Risk Management Functions of Risk Management Analytic Process of Risk Management Risk Analysis Risk Reduction Analysis Management Decision Risk Reduction Planning Reviews and Audit ITPro Global ® 2009 www.itpro.net.vn Project Risk Management IT Security Risk Management Risk Management Standards Financial Risk Management Basel II and Risk Management Pillar I: Minimum Capital Requirement Pillar II: Supervisory Review Process Pillar III: Market Discipline Quantitative Risk Management Best Practices in Risk Management Module 08: Facility Protection Facility Protection Water Supply Protecting Water Supply Fire Types of Fire Extinguishers APW Extinguishers Dry Chemical Extinguisher Carbon Dioxide Extinguishers Points to Remember Using a Fire Extinguisher Fire Suppression for Companies Fire exits Power Supply Common Power Supply Problems Ensuring Steady Power Supply Ventilation Kinds of Ventilation Measures for Proper Ventilation Air Conditioners Measures for Proper Working of Air Conditioners Building and Premises Checklist for Securing Facility Module 09: Data Recovery Types of Data Recovery Logical Data Recovery Physical Data Recovery Disk-to-Disk-to Disaster Recovery (3DR) Concept Steps in Data Recovery Recovery Management Recovery Management Evaluation Metrics Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Recovery Time Objective (RTO) Role of RTO in Disaster recovery Recovery Point Objective (RPO) Network Recovery Objective (NRO) Recovery Management Model Layers Data Protection Continuum Do’s and Don'ts Lumigent's Log Explorer Best Practices in Data Recovery Module 10: System Recovery System Restore in Windows XP Linux System Recovery Linux System Crash Recovery Crash Recovery Kit for Linux Mac System Recovery Restoring Windows Server 2003 Recovering from Boot problems in Windows Server 2003 Step 1: Start computer by using Last Known Good Configuration Step 2: Starting computer in Safe Mode Step 3: Use Event Viewer to Identify the Cause of the Startup Problem Step 4: Use System Information to Identify the Cause of the Startup Problem Step 5: The Safe Mode Boot Log File Step 6: Use Device Manager to Identify the Cause of the Startup Problem Step 7: Use System Configuration Utility Microsoft Windows Recovery Console Automated System Recovery Windows 2000 Backup and Restore Utility Methods for Restoring Replicated Data Restoring Server Services Active Directory Recovery: Non-Authoritative Restore Active Directory Recovery: Authoritative Restore Verifying Active Directory Restoration: Advanced Verification Verifying Active Directory Restoration: Basic Verification ITPro Global ® 2009 www.itpro.net.vn Active Directory Recovery on a Computer with a Different Hardware Configuration Sysvol Recovery: Primary Restore Sysvol Recovery: Non-authoritative Restore Sysvol Recovery: Authoritative Restore Recovery of Global Catalog Server Recovery of an Operations Master Domain Controller Recovery: With a Working Domain Controller Domain Controller Recovery: Without a Working Domain Controller Database Integrity Testing Rights Management Services Restoration Rights Management Services Database Restoration Tools for Active Directory Disaster Recovery: Recovery Manager Restoring IIS Configurations: iisback.vbs Restoring Microsoft IIS Metabase Backup WANSync IIS WANSync IIS: Working Restoring Exchange Server 2003 Data Recovery Scenarios Exchange Data Recovery Preparation Single Mailbox Recovery Single Item Recovery using Deleted Items Retention Single Item Recovery using Third-party Brick Backup Programs Full-Server Recovery: Preparation Full-Server Recovery: Option 1 Full-Server Recovery: Option 2 Full-Server Recovery: Option 3 Full-Server Recovery: Option 4 Exchange Server Backup/Recovery Solution: SonaSafe Recovering Blackberry Enterprise Server IBM WebSphere Application Server Recovery Recovering Coldfusion Application Server: CFMAIL Bug Recovering Coldfusion Application Server: Variable Deadlocks Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Recovering Coldfusion Application Server: ODBC Errors Recovering Coldfusion Application Server:500 IIS Internal Server Error Recovering Coldfusion Application Server: System Registry Access Problem Recovering from Domino Server Crashes Tool: SteelEye LifeKeeper Restoring MySQL Server Restoring MS SQL Server: Option 1 Restoring MS SQL Server: Option 2 Restoring MS SQL Server: Option 3 Restoring MS SQL Server: Option 4 Restoring MS SQL Server: Option 5 Restoring MS SQL Server: Option 6 Restoring MS SQL Server: Option 7 Restoring MS SQL Server: Option 8 Restoring My SQL Server Recovering Cisco IOS Module 11: Backup and Recovery Backup Need for Backup Types of Backup: Full Backup Incremental Backup Differential Backup Hot Backup Hot Backup Sample Code Cold Backup Cold Backup Sample Code Backup Sites Hot Site/ Cold Site Redundant Array of Inexpensive Disks (RAID) RAID: Some Important Levels Wide Area File Services (WAFS) Backup for UNIX Bare Metal Recovery for LINUX Bucky Backup for Mac OS X System Backup Administrator NanoCopy Technology Backup4all Backup4all Features ITPro Global ® 2009 www.itpro.net.vn ABC Backup Software Genie Backup Manager NTI BackupNow High Availability Disaster Recovery (HADR) Best Practices in Backup & Recovery Module 12: Centralized and Decentralized System Recovery Distributed Computing Objectives of Distributed Computing Architecture for Distributed Computing Working of Distributed Computing Centralized Backup Centralized Backup Using SAN or NAS Server Data Consolidation Cross-Platform Data Consolidation Mainframe as Centralized Storage Source Tiers of Disaster Recovery GDPS/PPRC GDPS/PPRC Configuration GDPS/PPRC Single-site Workload Configuration GDPS/PPRC Multi-site Workload Configuration Best Practices in Centralized and Decentralized System Recovery Module 13: Windows Data Recovery Tools Digital Photo Recovery Active@ UNERASER Test Disk PhotoRec BadCopy Pro Directory Snoop Data Advisor Fast File Undelete File Scavenger GetDataBack Kernel Recovery for FAT+NTFS R-Mail R-Studio Recover4all Recover It All Recover My Files Data Recovery Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Quick Recovery for Windows Restorer2000 File Recovery EasyRecovery DataRecovery EasyRecovery Professional RecoverSoft Media Tools Professional RecoverSoft Data Rescue PC ADRC Data Recovery Software Tool SalvageRecovery for Windows Disk Doctors Email Recovery Winternals Recovery Manager Module 14: Linux, Mac and Novell Netware Data Recovery Tools Kernel Recovery for Linux Kernel Recovery for ReiserFS Kernel Recovery for JFS Kernel Recovery for Macintosh Kernel Recovery for Novell-Netware Stellar Phoenix Linux R-Linux Quick Recovery for Linux Quick Recovery for Macintosh SalvageRecovery for Linux SalvageRecovery for Mac SalvageRecovery for Netware Disk Doctors Linux Data Recovery Software DiskInternals Linux Reader Module 15: Incident Response Incident Category of Incidents Low Level Mid Level High Level How to Identify an Incident? How to Prevent an Incident? Relationship between Incident Response, Incident Handling, and Incident Management Incident Management Plan Incident Handling Information Security Life Cycle Incident Response Incident Response Policy Risk Analysis ITPro Global ® 2009 www.itpro.net.vn Risk Analysis and Incident Response Incident Response Methodology Preparation Identification Containment Eradication Recovery Follow up CERT (Computer Emergency Response Team) CSIRT (Computer Security Incident Response Team) General Categories of CSIRTs Members of CSIRT Team Building an Effective CSIRT FIRST (Forum of Incident Response and Security Teams) Request Tracker for Incident Response Helix – Incident Response & Computer Forensics Live CD Incident Response Tools Present in Helix CD THE FARMER'S BOOT CD Resources Module 16: Role of Public Services in Disaster Public Services State and Local Governments Public Utilities and Departments Hospitals Blood Banks Medical Laboratories Food Banks Fire Fighting Service Waste/ Debris Management Police Armed Forces Public Transportation Water Supply System Electricity Department Information & Public Relations Department IT Service Providers Module 17: Organizations Providing Services during Disasters Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Organizations Providing Services during Disasters Relief Organizations International Committee of the Red Cross (ICRC) International Federation of Red Cross and Red Crescent Societies (IFRC) United Nations Children's Fund (UNICEF) National Emergency Response Team (NERT) CARE Ananda Marga Universal Relief Team (AMURT) Action Against Hunger (AAH) Emergency Nutrition Network (ENN) Doctors Without Borders Hunger Plus, Inc. InterAction International Rescue Committee (IRC) Mennonite Central Committee (MCC) Mercy Corps (MC) Refugees International Relief International Save the Children Project HOPE Module 18: Organizations Providing Disaster Recovery Solutions Organizations Providing Disaster Recovery Solutions Symantec System Sizing System Sizing: Practices Disk-based Backup Manual System Recovery Disadvantages Automated System Recovery IBM Human Capital Resilience Human Capital Risks in Crisis Situations Business Resilience Elements of Business Resilience Framework for Business Resilience Causes of E-Mail Outages ITPro Global ® 2009 www.itpro.net.vn E-Mail Continuity DELL Oracle Data Guard Utility RMAN Utility for Database Backup NAS (Network Attached Storage) Sun Microsystems Integrated Solutions of Sun and Vignette Sun Cluster Geographic Edition Infosys Business Continuity Planning Solution Infosys BCP solution Sybase Business Continuity Planning Solution Sybase Model HP Business Continuity and Availability solutions HP 3-tiered Service Levels Balance Investment with Risk PricewaterhouseCoopers Fast Track BCP AT&T's Business Continuity and Disaster Recovery Module 19: Case Studies Business Continuity for Critical Applications Jones Walker: Weathering the Storm Let’s be prepared: An educational project about disasters in Cuba From rehabilitation to safety: Gujarat school safety initiative, India Disaster-resistant schools: A tool for universal primary education Disaster Recovery Situation Assessment Disaster Recovery Planning Business Continuity Planning and Business Impact Analysis Local risk management in earthquake zones of Kazakhstan Disaster Recovery Case Study: Max Re Disaster Recovery Case Study: GSD&M Storage Assessment Services Backup and Recovery Plan and Design Storage Infrastructure Design and Implementation Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Continuous Data Protection and Disaster Recovery Disaster Recovery Testing Disaster Recovery Strategy Assessment and Validation Case Study: Improving Disaster Recovery Without Breaking the Bank ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center VoIP chuyên nghiệp EC-Council Certified VoIP Professional Thời lượng: 5 ngày Mô tả khóa học VoIP là dịch vụ thoại được truyền tải qua hệ thống mạng máy tínhảtên cơ sở sử dụng giao thức IP (Internet Protocol). IP là nền tảng của mạng Internet, được sử dụng để truyền tải emails, tin nhắn và các trang Web tới hàng triệu máy vi tính hoặc điện thoại di động. VoIP là một tập hợp công nghệ mà cho phép các thiết bị hỗ trợ internet có thể truyền tải thoại và các dữ liệu đa phương tiện thông qua web chứ không phải thông qua hệ thống mạng điện thoại thông thường. Khóa học đề cập đến công nghệ VoIP: các khái niệm, những mối hiểm họa và các vấn đề về an toàn bảo mật. Học viên Học viên là các kỹ sư tin học chuyên nghiệp, những người có trách nhiệm thiết kế, xây dựng các hệ thống mạng VoIP Chứng chỉ Cuối kỳ học viên sẽ làm bài kiểm tra và được cấp chứng chỉ đã hoàn thành khóa học. Để nhận được chứng chỉ của EC-Council về “VoIP chuyên nghiệp” học viên cần vượt qua kỳ thi trực tuyến tổ chức tại các trung tâm khảo thí của EC-Council Nội dung khóa học Module 01: Introduction to VoIP What is VoIP? Why use IP for Voice? VoIP-Convergence of Technologies Basic VoIP Architecture Need of a Layered Architecture VoIP Layers TCP/IP Overview o Functions of TCP/IP Layers VoIP Layers Vs. TCP/IP Layers Public Switched Telephone Networking(PSTN) Circuit Switching Vs. Packet Switching ITPro Global ® 2009 www.itpro.net.vn Basic VoIP Features Benefits of VoIP Building The ROI Model Disadvantages of VoIP Future of VoIP Growth in VoIP Subscribers Module 02: Analog to Digital Conversions Source: o A to D Conversion o Types of ADC's o Sigma Delta ADC Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Successive Approximation ADC o Pipelined ADC o Flash ADC o Comparison of ADC's o Working of ADC's o Voice Compression o Encryption o Headers Call Control Signaling Signaling System 7 (SS7) o Signaling Points o Signaling Links o SS7 Protocol Stack Module 04: VoIP Devices and Cisco Components Destination o Analog Telephone Adaptor (ATA) o Media Gateway Sequencing o Features of Media Gateway o Decryption o Media Gateway Controller o Decompression o Signaling Gateway o Digital to Analog Conversion o Call Manager o VoIP Switches o IP Phones o Private Branch eXchange (PBX) o PSTN Gateway o Session Controller o Modems o VoIP Router Analog Signaling Types of Analog Signaling o Earth & Magnet (E&M) Signaling o Loop-Start o Ground-Start o Dial-Pulse Signaling o Basic VoIP Equipments VoIP Network Components o Module 03: Traditional Voice Telephony Principles Dual Tone Multi-Frequency Signaling Analog Systems Analog Network Components Cabling Basic Telephone System Operation Plain Old Telephone Service (POTS) Direct Inward Dialing (DID) Digital Subscriber Line (DSL) Digital Loop Carrier (DLC) Passive Optical Network (PON) Dial Plans Four-Wire Circuit Time Division Multiplexing (TDM) ITPro Global ® 2009 www.itpro.net.vn o Cisco's VoIP Components Types of VoIP Ports Foreign Exchange Station (FXS) Foreign Exchange Office Magnet (E&M) (FXO) Earth & Interface o VNM/VIC Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center VNM Models: NM-1V o Configuring POTS Dial Peers VNM Models: NM-2V o Configuring Dial-Peer For VoIP VNM o Configuring Dial-Peer For VoFR o Configuring Dial-Peer For VoATM Models: NM-HDV High-Density VNM VIC Models: VIC-2E/M VIC-2FXS o Supervisory Disconnect VIC-2FXO o Configuring VWIC-2MFT-T1 o Two-Port ISDN BRI Card o Four-Port Analog DID/FXS VICs a o Configuring ISDN BRI Voice Ports o Configuring ISDN PRI Voice Ports o Configuring ISDN PRI Voice Ports with Q.931 Prerequisites for VoIP Configuration Voice Port Cabling and Configuration o Configuring QSIG o Port Numbering: 1700 Series o Configuring T-CCS o Port Numbering: Cisco 1760 o Port Numbering: 2600 and 3600 Configuring H.323 Gateways Configuring H.323 Gatekeepers Series o H.323 ID Addresses o Port Numbering: MC3810 Series o Zone Prefixes o Port Numbering: 7200 Series o Gatekeeper Zone Prefix o Port Numbering: AS5300 Series o Technology Prefixes o Port Numbering: AS5x00 Series o IP Precedence o RTP Priority o Traffic Shaping Configuring Voice Ports Configuring FXO or FXS Voice Ports Configuring E&M Ports Configuring to adjust Parameters of E&M Ports Configuring DID Ports Connection Command Configuring Delay o Fine-Tuning FXS/FXO Ports o Fine-Tuning E&M Ports o Fine-Tuning DID Ports ITPro Global ® 2009 www.itpro.net.vn Supervisory Disconnect Voice Class Module 05: Configuring VoIP Configuring Trunking Configuring cRTP o Enable cRTP on a Serial Interface o Enable cRTP with Frame Relay Encapsulation o Change the Number Of Header Compression Connections o Displaying Statistics o Configuring Custom Queuing Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Enabling Custom Queuing Applying Configuration to an Interface Enabling Priority Queuing: Verifying Policy Routing Configuring RSVP Call Admission Control (CAC) Verifying Call Admission Control Set Up Configuration o Configuring Priority Queuing with Configuring the WFQ Queue Applying Priority List to an o Verifying Priority Queuing: Show Queuing Priority Command Enabling Weighted Fair queuing o o o Verifying Link fragmentation and Interleaving Verifying Weighted Fair Queuing: Show Queuing Command Verifying WRED Configuring Link fragmentation and Interleaving Verifying Weighted Fair Queuing: Show Interface Command Verifying Traffic Shaping Configuring Congestion Avoidance with WRED o Verifying Priority Queuing: Show Verifying Priority Queuing with WFQ Configuring Traffic Shaping o Interface Command o Verifying RSVP o Interface o o Enabling Priority Queuing: Limits Policy Routing o Priority-List Command o Configuring Class-Based Weighted Fair Queuing (CBWFQ) Configuring a Single-Router VoIP Network o Reviewing the Design o Configuring the Router: Step by Step o Testing and Verification Module 06: Implementation and Applications of VoIP o Defining Class Maps o Creating Policies o Attaching Policies to Interfaces o Phone to Phone Connection o Verifying CBWFQ: Show-Policy-Map o Analog Telephone Adaptor (ATA) VoIP Implementation Types Command o Verifying CBWFQ: Show-Policy-Map Setup o Interface Command o Configuring Packet Classification o IP Precedence o Verifying IP Precedence ITPro Global ® 2009 www.itpro.net.vn Phone to Phone Connection Using Gateway o Phone to Phone Connection Using Router o Computer to Computer Connection Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Phone to Computer and Vice-Versa IP-Enabled PBX (Private Branch Exchange) Method IP Centric LAN Method Satellite VoIP Software Support for VoIP Applications of VoIP IntServ Vs. DiffServ Module 08: H.323 Standards VoIP Standards What is the need for VoIP Protocols? Introduction to H.323 o Network Components of H.323 o What is Skype? o Components of H.323 o System Requirements o H.323 Protocols Suite o Getting Started with Skype o H.323 Protocol Stack o Skype is Safe o Control and Signaling in H.323 o Features of Skype o H.323 Advantages o Network Address Translation (NAT) o o H.323 and NAT Skype for Windows Skype for Mac OSX Skype for LINUX Skype for Business Skype Web Toolbar Skype Email Toolbar Skype Office Toolbar Skype for Mobile H.225 o H.225/Q.931 Call Signaling o Q.931 Call Signaling Messages o H.225/Q.931 Signaling o H.225 Module 07: Quality of Service (QoS) of VoIP Introduction to QoS Quality of Experience (QoE) Vs. QoS QoE for VoIP Why is QoS needed in IP Transmission? Why is QoS needed for VoIP Networks? Factors Affecting Quality of Voice in VoIP QoS Monitoring Registration, Admission, Status (RAS) o H.225/Q.931 RAS o Key RAS Messages o H.225 Protocol Structure o Passive Monitoring o H.225 Security Considerations o Active Monitoring o H.235: Security and Encryption for H.323 QoS Protocols o RTP o H.245 Call Control Messages o RTCP o H.245 Call Control o RSVP o H.245 Security Mechanism Multiprotocol Label Switching (MPLS) Integrated Services (IntServ) Differentiated Services (DiffServ) ITPro Global ® 2009 www.itpro.net.vn H.261 (Video Stream for Transport Using the Real-Time Transport) H.263 (Bitstream in the Real-Time Transport Protocol) Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center DVB (Digital Video Broadcasting) H.450.1 H.450.2 H.450.3 H.450.4 H.450.5 H.450.6 H.450.7 H.450.8 T.38 T.120 T.121 T.122 T.124 T.125 T.126 T.127 Module 09: SIP and Supporting Protocols Session Initiation Protocol (SIP) o Components of SIP o SIP Messages o Headers for SIP Entities o SIP Functions o SIP: Supported Protocols o Understanding SIP's Architecture o Registering with a SIP Registrar o Requests through Proxy Servers o Requests through Redirect Servers o Peer to Peer Architecture o Instant Messaging and SIMPLE o SIP security o H.323 Vs. SIP Session Description Protocol (SDP) o SDP Specifications o Security Issues ITPro Global ® 2009 www.itpro.net.vn Real-Time Transport Protocol (RTP) Real-Time Transport Control Protocol (RTCP) Real-Time Transport Streaming Protocol (RTSP) Simple Gateway Control Protocol (SGCP) Session Announcement Protocol (SAP) Skinny Client Control Protocol (SCCP) Security Implications for Skinny Dynamic Host Configuration Protocol (DHCP) Trivial File Transfer Protocol (TFTP) Hyper Text Transfer Protocol (HTTP) Skype Protocol Inter-Asterisk Exchange (IAX) Simple Network Management Protocol (SNMP) Module 10: Megaco Protocol Media Gateway Control Protocol (MGCP) History of Megaco (H.248) Media Gateway Reference Architecture MGCP Connections Per-Call Requirements Megaco Vs. MGCP Megaco Protocol Design Megaco Commands Megaco Messaging Sequence Megaco Packages Megaco IP Phone Media Gateway Role of Call Processing Language Call Processing Language Characteristics Protocol Security Module 11: Resource Reservation Protocol Resource Reservation Protocol (RSVP) RSVP Setup RSVP Message Structure RSVP Message RSVP Message Types RSVP Object Fields RSVP Object Classes RSVP Operation RSVP Data Payload RSVP Quality of Service Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center RSVP Session Start-up RSVP Reservation Style RSVP Tunneling RSVP Traffic Control Module Security Implications Module 12: Wireless VoIP Speech Encryption o Media Encryption o Wireless Encryption IPSec and Role of IPSec in VoIP o Transport Mode o Tunnel Mode Voice Over WLAN (VoWLAN) o VoWLAN Call Routing o Characteristics of VoWLAN o IETF Encryption Solutions for VoIP o Limitations of VoWLAN o Suites from the IETF o S/MIME: Message Authentication o Transport Layer Security (TLS) o TLS: Key Exchange and Signaling Solutions to VoIPSec Issues Wireless VoIP o Wireless VoIP Deployment o Advantages of Wireless VoIP o Limitations of Wireless VoIP o Standards and Protocols Unlicensed Mobile Access (UMA) Wireless VoIP Gateway: AH1038 Wireless VoIP Gateway: D-Link DVGG1402S Wireless VoIP Gateway: Motorola HH1620 DSL Wireless IP Phone Wireless VoIP Phone: EZLoop Wireless VoIP Phone: P-2000W_V2 Wireless VoIP Phone: Shenzhen WP10W-S Challenges to Build Successful Wireless VoIP Product Attacks on Wireless VoIP Packet Security o o Why VoIP needs Encryption? o VoIP Encryption o How to Encrypt VoIP? o Pros & Cons of VoIP Encryption o Voice and Data Encryption Device (V/DED) ITPro Global ® 2009 www.itpro.net.vn Real-Time Transport SRTP: Voice/ Video Packet Security Module 14: Troubleshooting VoIP Network o Encryption Secure Protocol (SRTP) Module 13: Encryption Techniques for VoIP o Issues of Network Slow Down Troubleshooting Packet Loss Troubleshooting Jitter Troubleshooting Packetization Delay Troubleshooting Bandwidth Problems Troubleshooting Echo Troubleshooting Voice Quality on Voice Ports Troubleshooting Two-stage Dialing Failures Troubleshooting Socket Failures Troubleshooting Speech Recognition Troubleshooting Cabling Troubleshooting Private Branch Exchange (PBX) Problems Troubleshooting Central Office (CO) Problems Troubleshooting Trunk Signaling Troubleshooting Gateways and Gatekeepers Troubleshooting Dial Peers Troubleshooting Serial Interfaces Troubleshooting Frame Relay Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Troubleshooting FXS and FXO Voice Ports Troubleshooting E&M Voice Ports Troubleshooting Dial Plans Basic VoIP Issues and Solutions Troubleshooting RSVP Troubleshooting MGCP Troubleshooting RTP Troubleshooting RTSP Module 15: VoIP Testing and Tools Test Strategy VoIP Network Component Testing Netcat o Smap o SIPScan o SIPcrack o VoIPaudit o iWAR o SiVUS o SCTPscan o Gateway Testing o Gatekeeper Testing o Sipsak o IVR Testing o SIPp o Billing and Prepaid Testing o SIPNess Messenger o NMS Testing o SIP Bomber o VoIP Test Suite o Spitter o Sip Send Fun o Scapy MediaPro: VoIP and Video Analyzer 323Sim: H.323 Simulator Vulnerability Assessment Penetration and Vulnerability Testing VoIP Security Tools VoIP Sniffing Tools VoIP Packet Creation and Flooding Tools VoIP Fuzzing Tools o Ohrwurm o Auth Tool o Fuzzy Packet o VoIPong o SIP Forum Test Framework (SFTF) o Vomit o Asteroid o PSIPDump o SIP-Proxy o Netdude o Oreka o Wireshark o o o VoIP Signaling Manipulation Tools o RTP Tools o Tcpdump o Windump o Ethereal (Wireshark) o Softperfect Network Sniffer o Http Sniffer Web Interface for SIP Trace (WIST) RTP Break VoIP Scanning and Enumeration Tools o SNScan ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center o Ether Detect Packet Sniffer o Iris Network Traffic Analyzer o SmartSniff o NetResident Tool VoIP Troubleshooting Tools o P.862 o P.563 o RTCP-RFC3550 o RTCP XR-RFC3611 o Packet Statistics o Test Tools o Traceroute o VQmon o Other VoIP Tools o o Denial of Service (DOS) o DoS Attack Scenarios o Eavesdropping o Packet Spoofing and Masquerading o Replay Attack o Call Redirection and Hijacking o ARP Spoofing ARP Spoofing Environmental Network Intrusion Detection Systems Host-Based Intrusion Detection Systems Guidelines for Securing VoIP Network Best-Practice Approaches for Minimizing common VoIP Network Risks Attack Logical Separation of Data Converged Network Virtual LANs (VLANs) o VLAN Security o VLANs and Softphones QoS and Traffic Shaping NAT and IP Addressing o How does NAT Work? o Service Interception o NAT: Modes of Operation o H.323-Specific Attacks o NAT and Encryption o SIP Security Vulnerabilities Module 17: VoIP Security Safeguard Module 18: Logical Segregation of Network Traffic Scenarios ITPro Global ® 2009 www.itpro.net.vn Safeguard Recommendations VoIP is Prone to Numerous Threats VoIP Vulnerabilities Human Recommendations Module 16: Threats to VoIP Communication Network Why VoIP Security? Constituents of VoIP Security VoIP Myths and Realities Securing VoIP with DoS Attacks Securing against Replay Attack Securing ARP Caches against ARP Manipulation Securing H.235 Protocol Transport Layer Security (TLS) Skype Protocol Security IAX Protocol Security Security Implications for TFTP Security Implications for HTTP Security Implications for DHCP Security Policies and Processes Physical Security Authentication Header (AH) o AH: Transport and Tunnel Modes Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Encapsulation Security Payload (ESP) o o ESP Header: Transport Mode and Sarbanes-Oxley Act (SOX) Tunnel Mode Deep packet Inspection (DPI) o Shallow packet Inspection o Stateful Inspection o Medium-Depth Packet Inspection o H.323 Firewalls Issues o SIP Firewalls Issues o Bypassing Firewalls and NAT o Methods for Enabling SIP Alcatel Global Crossing Avaya Whaleback Nortel Norstar VoIP Gateway Polycom Packet8 Vonexus Infotel Net 4 India Dialexia NGT Qwest Pingtel Cisco 3Com Vocalocity Motorola Nokia Regulatory Compliance ITPro Global ® 2009 www.itpro.net.vn SOX Compliance and Enforcement o Gramm-Leach-Bliley Act (GLBA) Privacy Rule -Protection of Nonpublic Personal Information Risk Management Guidelines for VoIP Systems Development and Implementation of Information Security Access Control Lists Module 20: Regulatory Compliance of VoIP VoIP-Aware Firewalls Issues Module 19: Hardware and Software VoIP Vendors Internal Controls Firewalls o Management Assessment of o Health Insurance Portability and Accountability Act (HIPAA) Security Standards for the Protection of PHI Safeguards Standard for the Protection of PHI Types of Safeguards Administrative safeguards Physical safeguards Technical safeguards o Communication Assistance for Law Enforcement ACT (CALEA) Assistance Capability Requirements Cooperation of Equipment Manufacturers and Providers Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center of Telecommunications o Host/Device Discovery o ICMP Ping Sweeps o ARP Pings o TCP Ping Scans o SNMP Sweeps o Port Scanning and Service Discovery o TCP SYN Scan European Union (EU) Regulatory o UDP Scan Framework o Host/Device Identification Support Services Technical Requirements and Standards o Steps to Resolve CALEA Enhanced 911 and Related Regulations o E911 Regulatory Basics EU Regulatory Basics Module 21: VoIP Hacking Types of VoIP Hacking Stages of VoIP Hacking: o Foot printing o Scanning o Enumeration What is Enumeration? o Steps to Perform Enumeration o Banner Grabbing with Netcat o SIP User/Extension Enumeration Footprinting Information Sources o Unearthing Information o Organizational Structure o Help Desk o Job Listings o Phone Numbers and Extensions o VoIP Vendors o Resumes o WHOIS and DNS Analysis o Steps to Perform Footprinting Scanning Objectives of Scanning ITPro Global ® 2009 www.itpro.net.vn INVITE Username Enumeration o o Username Enumeration OPTIONS Username Enumeration and Corporate Locations REGISTER Automated OPTIONS Scanning with sipsak Automated INVITE REGISTER, and Scanning with OPTIONS SIPSCAN against SIP server Automated OPTIONS Scanning Using SIPSCAN against SIP Phones o Enumerating TFTP Servers o SNMP Enumeration o Enumerating VxWorks VoIP Devices Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Steps to Exploit the Network erase_registrations Tool o DoS & DDoS Attacks o Flooding Attacks o DNS Cache Poisoning o Sniffing TFTP Registration Addition with add_registrations Tool Configuration File o VoIP Phishing Covering Tracks Transfers o Registration Removal with Performing Number Harvesting and Call Pattern Tracking o Call Eavesdropping o Interception through VoIP Signaling Manipulation o Man-In-The-Middle (MITM) Attack o Application-Level Interception Techniques How to Insert Rogue Application? SIP Rogue Application Listening to/Recording Calls Replacing/Mixing Audio Dropping Calls with a Rogue SIP Proxy Randomly Redirect Calls with a Rogue SIP Proxy Additional Attacks with a Rogue SIP Proxy o What is Fuzzing? Why Fuzzing? Commercial VoIP Fuzzing tools o Signaling and Media Manipulation ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Kế hoạch nguồn lực doanh nghiệp (Enterprise Resource Planning) Thời lượng: 3 ngày Mô tả khóa học Khóa học giới thiệu những khái niệm chính của các hệ thống phần mềm đóng gói tích hợp được sử dụng như nền tảng của hệ thống quản lý ở hầu hết các công ty lớn. Chức năng chính của phần mềm kế hoạch nguồn lực doanh nghiệp (ẺRP) được xây dựng trên cơ sở “Kế hoạch Tài liệu Yêu cầu” và “Kế hoạch Xử lý Nguồn lực”. Khóa học cũng sẽ lý giải những chức năng và tầm quan trọng của ERP. Thị trường cho hệ thống ERP đã được ghi nhận và đang phát triển rộng rãi. Hệ thống SAP R/3 được sử dụng để giải thích cho những chức năng của hệ thống ERP. Đối tượng tham gia Khóa học được thiết kế dành cho mọi người ở tất các các vị trí, những người mới biết đến lĩnh vực Hệ thống thông tin quản lý doanh nghiệp và cần phải hiểu tổng quan về nó. Khóa học sẽ giúp mọi người hiểu và nắm rõ về ERP một cách nhanh chóng và có thể tham gia vào quá trình khởi tạo hệ thống ERP trong tổ chức của họ. Chứng chỉ Học viên sẽ làm bài kiểm tra vào ngày cuối của khóa học và nhận chứng chỉ hoàn thành khóa học của EC-council. Để đạt được chứng chỉ CEP quốc tế, học viên cần phải vượt qua kỳ thi trực tuyến đăng ký tại các trung tâm khảo thí Prometric. Nội dung khóa học The evolution of software systems for planning and control in manufacturing companies Material Requirements Planning Manufacturing Resource Planning Enterprise Resource Planning (ERP) systems Basic methods and common features of ERP systems The market for ERP systems Selected functions of the SAP R/3 system Supply Chain Management (SCM) systems Basic methods and common features of SCM systems The market for SCM systems ITPro Global ® 2009 www.itpro.net.vn Selected procedures of the mySAP SCM system APO Customer Relationship Management (CRM) systems Basic methods and common features of CRM systems The market for CRM systems Selected functions of the mySAP CRM system Information Warehouses Architectures, interfaces, and integration issues Present state of ERP, SCM, and CRM applications and possible developments in the near future Case studies Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Juniper Networks Authorized Education Center ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Linux Security Bảo mật Linux Thời lượng: 5 ngày Mô tả khóa học Mục tiêu chính của khóa học này là cung cấp đến người học với một sự hiểu biết về mạng, cụ thể là mạng Linux và bảo mật. Bạn sẽ học được cách làm như thế nào để thiết lập một máy chủ Linux và làm thế nào để cấu hình phân giải tên và quay số truy cập mạng sử dụng hệ thống window X. Bạn cũng sẽ được tiếp xúc với các công nghệ chia sẻ tập tin Network File System (NFS), chia sẻ tập tin NetWare’s NCP và giao thức truyền file File Transfer Protocol (FTP). Cuối cùng bạn sẽ được giới thiệu về bảo mật mạng, bao gồm các khái niệm như tường lửa, mã hóa và phát hiện sự truy cập mạng. Để củng cố thêm các tài liệu, khóa học cung cấp một loạt các phòng thí nghiệm và bài tập thực hành đặt bạn trong vai trò của người giải quyết vấn đề, yêu cầu bạn cần phải áp dụng các khái niệm đã được trình bày trong các module vào các tình huống có thể xảy ra trong thực tế cuộc sống môi trường làm việc. Đối tượng tham gia Các kỹ sư quản trị mạng máy chủ, các kỹ sư về bảo mật, các kỹ sư về quản trị hệ thống, các nhà phát triển ứng dụng và các nhân viên văn phòng làm về bảo mật Công nghệ thông tin. Chứng chỉ Học viên sẽ được làm bài kiểm tra chứng chỉ môn Linux Security vào ngày cuối của khóa học và nhận được chứng chỉ hoàn thành khóa học của EC-Council. Để đạt được chứng chỉ Linux Security 212-77 quốc tế, học viên cần phải vượt qua kỳ thi trực tuyến đăng ký tại các trung tâm khảo thí Prometric. Nội dung khóa học Module 1: Linux Networking Fundamentals Explain the purposes and development of computer networking Identify common types of networking hardware Describe how networking software operates Understand when popular networking protocols are used Define network routing and describe the purpose of popular routing protocols ITPro Global ® 2009 www.itpro.net.vn Module 2: Configuring Basic Linux Networking Describe how networking devices differ from other Linux devices Configure Linux networking using scripts and text-mode utilities Configure Linux networking using popular graphical utilities Effectively use networking utilities to test a network and troubleshoot networking problems Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Understand the IPX and AppleTalk protocols Module 3: Configuring Client Services Configure DNS name solution Configure dial-up network access using PPP Understand client services such as DHCP and LDAP Use remote graphical applications and remote dial-up authentication Use common clients tools such as Linux Web browsers and email clients Module 4: Using Simple Network Services Configure “Superservers” to handle multiple network services Set up administrative services like logging and printing Use simple network information services like finger and talk Understand basic mailing list and news server configurations Module 5: Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file sharing between Linux and UNIX systems Understand NetWare NCP based file sharing Use SMB to share files and printers with Windows based Pcs Module 6: Configuring Major Network Services Expand the routing capabilities of your Linux server Set up your own DNS name server Configure a basic email server Understand how Linux can excel as a Web server Module 7: Security, Ethics and Privacy List security risks typical in modern networked computer systems ITPro Global ® 2009 www.itpro.net.vn Understand how to assess risk and create a security policy Describe the function of top securityawareness organizations Outline the role of the government in security and privacy Locate Linux products designed especially for security-conscious environments Module 8: Making Data Secure Explain commonly used cryptographic systems Understand digital certificates and certificate authorities Use the PGP and CPG data-encryption utilities Describe different ways in which cryptography is applied to make computer systems more secure. Module 9: User Security Follow good password security practices Understand Linux Pluggable Authentication Modules (PAM) Use Common utilities to promote user security Set up user access to system administration tasks with sudo Module 10: File Security Correctly set up special Linux file permissions Monitor log files to check for suspicious system activity Automate checks for file integrity and unauthorized modifications Module 11: Linux Networking Fundamentals Summarize the types of network security breaches that crackers attempt Describe how to use special routing techniques to protect local network traffic Configure a basic Linux firewall Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Use networking utilities and techniques that protect network traffic through encryption Module 12: Network Intrusion Detection Use network scanning and packet-sniffing utilities Understand basic intrusion detection systems Perform automated security audits of your Linux system ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Quản trị dự án an ninh công nghệ thông tin Project Management in IT Security (PMITS) Thời lượng: 2 ngày Giới thiệu Dự án an ninh công nghệ thông tin là một dự án có tính đặc thù của dự án thương mại điện tử. Nội dung chương trình chỉ ra cho chúng ta biết làm thế nào để quản lý các dự án an ninh công nghệ thông tin. Mục đích là để nâng cao mức độ thành công cho các tổ chức cũng như các nhà quản lý CNTT trong các dự án CNTT. Nó như là khuôn khổ hoạt động cho những người muốn thiết kế dự án an ninh CNTT riêng. Khóa học giúp cho học viên củng cố thêm các kỹ năng về công nghệ thông tin kỹ năng quản lý dự án và cung cấp lộ trình cho việc thực hiện an ninh thông tin trong các tổ chức của họ. Khóa học quản trị dự án an ninh công nghệ thông tin (PMITS) còn có một mối liên quan là giúp cho học viên tiếp tục để có được chứng chỉ thương mại điện tử chuyên nghiệp của hãng EC-Council, chứng chỉ này cũng bổ xung kiến thức cho học viên trong lĩnh vực kinh doanh. Khóa học PMITS chuẩn hóa các kiến thức cơ bản cho các nhà kinh doanh chuyên nghiệp bằng cách kết hợp các bài thực hành tốt nhất được xây dựng bởi các chuyên gia giàu kinh nghiệm trong lĩnh vực chuyên môn. Mục tiêu của EC-Council PMITS đó là nâng cao giá trị cho các chuyên gia giàu kinh nghiệm về lĩnh vực an ninh thông tin bằng cách giúp họ phân tích các kết quả của dự án. Khóa học cũng cung cấp thông tin ngắn gọn về nội dung của các kế hoạch an ninh công nghệ thông tin và những tiêu chuẩn pháp lý liên quan tới sự hợp tác an ninh công nghệ thông tin. Mô tả khóa học Bước đầu tiên trong việc phát triển dự án an ninh công nghệ thông tin là xác định những vấn đề. Chúng ta có thể dễ dàng đưa ra vấn đề đó là “ Mạng của chúng ta không an toàn hoặc là có những tài sản trong tổ chức cần phải được bảo vệ tránh những cuộc tấn công có chủ ý và không có chủ ý “. Những lởi tuyên bố trên là đúng trên cấp độ vĩ mô, điều đó có nghĩa rằng những lời tuyên bố chung này được áp dụng cho hầu hết các tổ chức (và mạng máy tính) trên toàn thế giới. Tuy nhiên tình hình ở mỗi tổ chức là khác biệt và mỗi một tổ chức lại có những điểm riêng biệt về lỗ hổng bảo mật mà cần phải xem xét. Áp dụng chung một cách giải quyết cho mọi vấn đề về an ninh mạng là không phù hợp. Để giải quết vấn đề an ninh công nghệ thông tin một cách hiệu quả cần xây dựng kế hoạch an ninh thông tin tổng thể trong đó đề cập từng lĩnh vực cụ thể cần đảm bảo an ninh thông tin (ví dụ cơ sở hạ tầng, mạng không dây ). Chúng ta có thể chia nhỏ kế hoạch an ninh thông tin thành các phân đoạn nhỏ hơn và tập trung vào từng phân đoạn. Như vậy cho phép quản lý từng khía cạnh của công việc đảm bảo an ninh thông tin một cách tốt nhất. Một thách thức thường gặp là rất nhiều lĩnh vực chồng chéo nhau (ví dụ truy cập vật lý dưới hoạt động bảo mật, cơ sở hạ tầng bảo mật, hoặc bảo mật chung ). Tạo ra một kế hoach bảo mật công nghệ thông tin tổng thể và các kế hoạch cho từng cá nhân sẽ mang đến cho ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center chúng ta cơ hội để có cách nhìn tổng quan nhất về kế hoạch bảo mật công nghệ thông tin của mình và đảm bảo rằng tất cả các yếu tố an ninh quan trọng đã được lưu ý. Chương trình Quản trị dự án an ninh công nghệ thông tin của hãng EC-Council được bố trí học trên lớp với tính tương tác cao trong 2 ngày cho các chuyên gia an ninh công nghệ thông tin. Nội dung bao gồm các thành phần của dự án tổng thể an ninh thông tin, chi phí đầu tư, những cơ sở để dự án thành công, các mức giới hạn của một dự án, chiến lược tổng thể an ninh công nghệ thông tin và ảnh hưởng của văn hóa cộng đồng và các chinh sách về an ninh công nghệ thông tin. Học viên sẽ được học để nhận biết các vấn đề phát sinh trong thời gian một lên kế hoạch an ninh thông tin và cách phòng trách và khắc phục. Đối tượng tham gia Các cán bộ quản lý nhân sự có nhiệm vụ lập kế hoạch an ninh thông tin, các nhân viên quản trị mạng, quản trị máy chủ, quản trị hệ thống và các chuyên gia đánh giá những rủi ro. Chứng chỉ Học viên sẽ làm bài kiểm tra vào ngày cuối của khóa học và được cấp chứng chỉ hoàn thành khóa học của EC-Council. Để nhận được chứng chỉ PMITS quốc tế, học viên cần phải vượt qua kỳ thi trực tuyến tổ chức tại các trung tâm khảo thí Prometric. Nội dung khóa học PMITS Module 01: Components of Project Management in IT Security o Identify the Sponsor for the Security Project o Corporate Security Project Plan Components Defining a Project o The Costs involved in Security Introduction o Basis for Success of a Project The Security Issue Role of Network Security Integrity, Availability Confidentiality and The Outcome Various Possible Security Project Solutions The Optimal Solution Limitations of Security Project Scope of Project Dead Lines Quality Economy Develop the Proposal ITPro Global ® 2009 www.itpro.net.vn Well Defined Project Objectives Minimized and Well Defined Scope Smaller Schedules Experienced Project Manager Executive Support User Involvement Well Defined Project Management Process o Limitations of a Project o Corporate Strategy and IT Security o Importance of the influence of Corporate Culture and Policies on IT Security Module 02: Organizing the IT Security Project Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Developing the IT Project Team o Introduction o Making of the IT Security Project Team Training Objectives o The IT Security Project Stakeholders Team-building o Requirement Specifications of the IT Security Project o Objectives of the IT Security Project o Processes involved in the IT Security Project o Structuring the details of IT Security Project Work The Acceptance Criteria o Project Tasks and Sub-tasks in the Project Risk Management o Verifying Scope of the Project Change Management o Tasks in Detail Communication Quality Status Reports Defect Tracking Escalation Process Documentation Approval Procedures Deployment Operations Training o Module 03: Developing the IT Security Project Team o Introduction o List of the Requirements IT Security Roles and Responsibilities Skill Set Project Team Module 04: Planning the IT Security Project Ownership Resources Priority Schedule Budget Allocated Project Dependencies Limitations Experience Tools Budget Constraints Change in the Organization Government Requirements or Regulatory o The Critical Path o Testing the Results o Defining the Budget, Schedule, Risks, and Communications Module 05: Managing the IT PM Technical Skill Set o Start of the IT Security Project Communication Ability o Training and Negotiation Examine and Organize the IT Security Project Progress Ability to Negotiate and Understanding of Technical Aspects Reporting Legality, Regulations and Cost Factors o Identifying the Constraints o Hiring the Staff ITPro Global ® 2009 www.itpro.net.vn Staffing Requirements and Authentication Issue Report and Rectification Documentation o Manage the IT Security Project Risk o Change Management in the IT Security Project Potential Customers Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Staff Law concerning Unauthorized Access Environmental Myths and Facts o Test the IT Security Project Results Module 06: Building Quality into IT Security Projects o Introduction o Quality in the IT Security Project o User Requirements Functional Specifications Technical Requirements Acceptance Criteria Quality Metrics Operational Standards of the IT Project Monitoring IT Security Project Quality Private Entity Penetration Test Legal Liability and Related Tools Legal Assessment and Implementation in Corporate Scenario Define Rights and Protection and involvement of Certified third-party individuals Standards and Insurance o Overview of the Corporate IT Security Project Plan o Security Auditing Reasons for Security Breaches o Factors of the Corporate IT Security Project Test the IT Security Project Quality Goals of the IT Security Project Module 07: Closing Out the IT PM o Introduction o Evaluate the Project on Completion Close all Open Issues, Change Requests, and Error Reports o Prepare for Implementation, Deployment, and Operational Transfer o Review the Lessons Learned o Documentation and Compliance Reports Module 08: Define a Corporate IT Project Plan Define a Security Strategy for the IT Project o Legal Standards Gramm-Leach-Bliley Act Health Insurance Portability and Accountability Act 195 Sarbanes-Oxley Act Federal Information Management Act and Work Breakdown Structure Risks associated with the Project o Project Constraints o Project Assumptions o Project Schedule and Budget o Closing Out the Project o IT Infrastructure Security Project Plan Infrastructure Security Assessment Information People and Process Policies Compliance with Processes Technology Establishing Baselines FERPA and the TEACH Act Recognizing External Threats Electronic Communications Privacy Act and Computer Fraud and Abuse Act Network Security Checklist ITPro Global ® 2009 www.itpro.net.vn and Examples Security Skills related to Operating System, Networking, Application Security, Security Tools, and Programming o Project o o Scope, Timing, Budget and Quality Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Project Parameters Project Team Project Organization Types of Wireless Devices Project Work Breakdown Structure Wireless Threats Risks Mitigation Strategies Risk Assessment Project Constraints and Assumptions Impact Analysis Project Schedule and Budget Overview of Infrastructure Security Project o Module 09: General IT Security Plan o Wireless Security Project Plan Wireless Security Auditing Project Parameters Requirements Scope, Schedule, Budget, Skill Sets and Procedures Project Team IT Security Assessment and Audit Project Organization Perimeters Project Work Breakdown Structure The Internal Network Project Risks and Mitigation Strategies Information Project Constraints and Assumptions Risk Assessments Project Schedule and Budget Wireless Security Project Outline Vulnerability Scanning and Penetration Testing Risk Assessment Impact Analysis Module 10: IT Operational Security Plan o Operational Security Assessment o Authentication o Access Control Incident Response o Auditing The Response Team Review the Policy Policies Review the Procedures Disaster Recovery Review the Operations Regulatory Issues Requisites of Legal Reporting o Attacks o Assessment and Audit Report Entries in the Finding Report Planning of the Project Health Insurance Accountability Act Portability Gramm-Leach-Bliley Act Sarbanes-Oxley Act Issue, Solution, Scope, Cost, Time, Quality, Functional Specifications and Skill Set Requirements o Project Team Scope, Schedule, Budget, Skill Sets and Procedures o Project Organization o Project Work Breakdown Structure o Project Risks and Mitigation Strategies General IT Security Project Plan Project WBS, Constraints, Schedule and Budget ITPro Global ® 2009 www.itpro.net.vn and o Project Parameters o General IT Security Project Parameters o Incident Response Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Policy Management Disaster Planning Regulatory/Compliance o Project Constraints and Assumptions o Project Schedule and Budget o Overview of the Operational Security Project ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Storage Area Networks Mạng lưu trữ dữ liệu Thời lượng: 3 ngày Mô tả khóa học Mạng lưu trữ dữ liệu (SAN) của EC-Council là khóa học nội dung bao gồm những kiến thức cơ bản về công nghệ mạng lưu trữ dữ liệu. Khóa học cung cấp cho học viên kiến thức sâu về sự hội tụ của kiến trúc kênh sợi quang, công nghệ chuyển mạch quang, quản trị các thiết bị phần phần cứng SAN, và khả năng truyền tải được xa hơn nhờ sử dụng phương pháp quản lý AP Đối tượng tham gia Những kỹ sư quản trị hệ thống, quản trị dự án, những người chụi trách nhiệm phát triển và thiết kế hệ thống. Chứng chỉ Học viên sẽ c làm bài kiểm tra vào ngày cuối của khóa học và được cấp chứng chỉ hoàn thành khóa học. Để đạt được chứng chỉ quốc tế, học viên cần phải vượt qua kỳ thi trực tuyến (mã môn thi 212-93) tổ chức tại các trung tâm khảo thí Prometric. Nội dung khóa học Module 1 – Basics Concepts of Storage Area Networking Define the concept of a storage area network Discuss the reasons for the growing need for storage space Discuss the history of storage area network development Understand the difference between network attached storage and storage area networks Identify and explain the benefits of using storage area networks in enterprise-level networks Discuss evolving SAN technologies Module 2 – Understanding Fibre Channel ITPro Global ® 2009 www.itpro.net.vn Understand the basic operations of the Fibre Channel transport protocol used by most storage area networks Describe the Fibre Channel layered architecture Understand the Physical Interface layer of the Fibre Channel model Understand the use of ordered sets and byte encoding in Fibre Channel communications Identify and describe the Link Services used at the third layer of the Fibre Channel model Identify and describe the Basic Services used at the fourth layer of the Fibre Channel model Understand the upper-level protocols used in the fifth layer of the Fibre Channel model Describe the basic topologies used in Fibre Channel networks Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Discuss the role that initiators, target devices, and connectivity devices play in Fibre Channel networks Module 3 – Arbitrated Loop Technology Recognize the difference between Token Ring networks and Arbitrated Loop networks Describe the purpose of identifiers and addresses used for ports attached to an Arbitrated Loop Understand how hubs can be used to centralize loop wiring Understand and describe the steps involved with loop initialization Describe the port login procedure and why it is necessary in an Arbitrated Loop Describe the process used by a member of the Arbitrated Loop to gain access to the shared media Understand how a system of priorities is used to pass data in Arbitrated Loops Describe the effects of adding a switch to a network Describe the attributes of the Bluefin SAN Management Specification Module 6 – Connecting SANs Over Long Distances Understand how to use separate SANs for disaster recovery Describe the basics of Asynchronous Transfer Mode (ATM) and frame relay Understand multiplexing technologies, such as TDM, WDM, and DWDM Discuss emerging SAN technologies, such as iSCSI, FCIP, and InfiniBand Module 4 – Fabric Switching Describe the evolution of Ethernet networks and SANs Understand and discuss the reasons for implementing a fabric switched network Understand the method fabric switch ports use for addressing frames Describe the login process for fabric switches Understand how a name server database simplifies routing in a fabric switched network Identify some of the services that can be incorporated into a switch to enhance network functionality Module 5 - Complex SAN Topologies Understand and describe varied and complex SAN topologies Discuss the SAN management software applications that can be used to help manage SAN hardware ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Wireless Network Architect Kiến trúc mạng không dây Thời lượng: 3 ngày Mô tả khóa học Trong môi trường mạng cục bộ, hiện nay các tổ chức và doanh nghiệp thường sử dụng cáp đồng trục và cáp quang để kết nối mạng. Việc sử dụng giải pháp mạng LAN không dây cho phép các tổ chức mở rộng những mạng LAN cục bộ sẵn có để phục vụ người sử dụng di động. Khóa học cung cấp cho học viên những hiểu biết về hai chuẩn quốc tế của mạng không dây: chuẩn IEEE 802.11 (còn được gọi là Wifi) và chuẩn Bluetooth. Những kiến thức khóa học cho phép các tổ chức triển khai giải pháp không dây với hiệu suất cao nhất và không có rủi ro. Đối tượng tham gia Những nhà quản trị mạng, quản trị máy chủ, kỹ sư bảo mật, kỹ sư hệ thống, kỹ sư phát triển ứng dụng và các văn phòng có chức năng an ninh công nghệ thông tin Nội dung khóa học v2 Introduction to Wireless Communications Explain how the major wireless technologies are used today Describe the applications used in wireless technology List and explain the advantages of wireless technology List and explain the disadvantages of wireless technology Describe how different factors affect the design of a radio system Tell why standards are beneficial and list the major telecommunications standards organizations Explain the radio frequency spectrum Infrared Explain the differences between the OSI communications model and the IEEE 802 communications standards How Wireless Works Explain how network data is represented using binary notation Tell how an infrared WLAN transmits data List and explain the two types of wireless transmission Describe the features of IrDA Describe the different ways in which data can be transmitted by radio waves Understanding Radio Frequency Communications List the components of a radio system ITPro Global ® 2009 www.itpro.net.vn Bluetooth Explain how Bluetooth is used Tell how Bluetooth works Describe several issues that Bluetooth faces Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected] Accredited Training Center Give examples of how WLANs are used today List the advantages of wireless communications List the components and modes of a WLAN Discuss the challenges of wireless communications Explain the steps needed to build a wireless infrastructure Low-Speed Wireless Local Area Networks Tell the advantages and disadvantages of HomeRF Explain the background of IEEE 802.11 WLANs Describe how an 802.11b network functions High-Speed WLANs and WLAN Security Tell how IEEE 802.11a networks function and how they differ from IEEE 802.11b networks List the advantages and disadvantages of an IEEE 802.11g network Describe HiperLAN/2 networks Compare low-speed and high-speed WLANs Explain basic and enhanced WLAN security facilities Digital Cellular Telephony Describe the applications that can be used on a digital cellular telephone Explain how cellular telephony functions List and describe the features of the generations of cellular telephony List and describe the four types of client software used on a digital cellular telephone Discuss the issues surrounding 3G implementation Fixed Wireless Define fixed wireless Explain the features of a remote wireless bridge List and describe three types of landbased fixed broadband wireless devices Tell how satellite transmissions work Wireless Communications in Business ITPro Global ® 2009 www.itpro.net.vn Tel: (84-4) 37875728 – Fax: (84-4) 37875729 Email: [email protected]