|What to bring:
Your laptop with a 10BaseT Network card, web browser and telnet client.
Attacktecs Attack Techniques used to exploit network infrastructure, servers, databases and other services with the intent of stealing or destroying intellectual property and/or to deny users and clients legitimate access.
Defentecs Defense Techniques and implementation methods used to defend against the latest Attacktecs.
This class will cover a wide variety of the publicly available exploit tools and how they can be used specifically against a Cisco infrastructure. A majority of the class time will be spent doing practical labs. Therefore, a certain level of Cisco expertise will be expected. The training will also cover the possible defenses against these attacks.
Students will be using 2651 routers, and 1900 switches for their labs. The lab core will consist of 3600s, 2900s, 2500s and servers of various flavors. Students will be required to bring their own laptops to (with appropriate caution) attach to the labs. This class will focus on Cisco Router and Switch vulnerabilities and will not be covering PIX firewalls, VPN concentrators, or IDS tools.
Here is a list of some of the topics that will be covered:
- Ways of Password Nabbing
- Sniffing traffic on a switch
- VLAN Hopping and 802.1Q issues
- Root Bridge Takeovers
- Local and remote HSRP attacks
- Routing manipulation/injection with RIP, IGRP, EIGRP, OSPF
- BGP attacks
- SNMP Exploits
- Tunneling attacks
- DoS and DDoS issues and preventive methods
Course Length: 2 days
Cost: US $2100 before 25 April 2003 or US $2300 after 25 April 2003
NOTE: this is a two day course. A Black Hat Certificate of Completion will be offered.
Stephen Dugan is currently an independent contract instructor and network engineer.b He has been teaching Cisco networking for the last 3 years focusing on Router and Switch configuration, Voice/Data integration, and Network Security. His students come mostly from Fortune 500 companies and large service providers. He also teaches private internal classes to Cisco Employees. As a Sr. Network Engineer he has worked on the design and implementation of large enterprise, government contractor, and service provider networks. He is also working on a new series of security books entitled "Hacker Attacktecs." The first three planned books will cover Windows, Unix/Linux, and Cisco exploits and how to defend against them.