Foundstone presents a special 2 day edition of Ultimate Hacking for Black Hat Asia 2002.
Security vulnerabilities are an unfortunate, but unavoidable, part of today's computing systems. If exploited by internal or external users, these weaknesses can be catastrophic to your organization. Ultimate Hacking participants learn step-by-step procedures for executing Internet, intranet, and host-level security reviews through classroom presentations and hands-on lab exercises. This course is the definitive training for learning how to perform "tiger team" and attack and penetration assessments.
Foundstone instructors cover all the bases, presenting manual and scripted security-review techniques that go far beyond what automated analysis tools can do. Equally important, the classroom lab provides a way for participants to take that abstract information and apply it in a hands-on environment. You return to your organization with valuable knowledge and experience.
What Is Taught? Because security is an ever-changing battlefield, we continually update Ultimate Hacking to reflect the latest network vulnerabilities and defenses, from Windows NT and Unix hosts to routers and firewalls. Instructors illustrate each technology's default security posture, common installation weaknesses, methods hackers use to circumvent "secure" settings, and countermeasures for each vulnerability.
Classroom instruction is just the beginning though. The most effective way to gain security skills is to practice them, and Ultimate Hacking participants have a full computer lab at their disposal to do just that.
Foundstone instructors walk you through footprinting an organization's Internet presence (with proper permission!), then show you how to identify, exploit, and secure well-known and little-known vulnerabilities in Windows NT, Windows 2000, and Unix systems.
Participants also explore common weaknesses in router and firewall installations, learning ways to circumvent both traditional and "hardened" security filters or firewalls. The course's final exercise assimilates the multi-day instruction. In it, participants assess and attempt to exploit a simulated "secure" network with multiple OSes and security mechanisms.
Why Do We Teach This? In order to secure and monitor your network, you need to know its weak points. Traditional security assessments, performed by accounting firms or "boutiques," can yield valuable data. Too often though, assessments lack a structure for transferring information to those in your organization who can make the most of it. The hands-on Ultimate Hacking course provides participants with both the knowledge and experience to perform ongoing security assessments themselves.
Who Should Attend? System and network administrators, security personnel, auditors, and consultants concerned with network and system security. Basic Unix and Windows NT competency is required for the course to be fully beneficial.
Course Length: 2 days
NOTE: this is a two day course.
Includes an individual dual-boot Windows NT/Linux laptop for use during the course, use of the lab network and computers, class handouts, and a CD-ROM with course tools and scripts.