Goals
- Discover Network security
- Understand vulnerabilities and threats
- Protect your infrastructures
Program
Security problems on the Internet
Origin of vulnerabilities, risks and threats
Fundamentals of risk management
Typical flowchart of an attack
Malware (state of the art)
Risks related to Malware
Antivirus (operation and limits)
Logical attacks
Analysis of an APT (Advanced Persistent Threat)
Authentication and password management
Threats on Web applications (OWASP …)
LAN network security (Ethernet, VLAN …)
Classic network attacks: spoofing, man-in-the-middle, denial of service …
Recognition and remote fingerprinting techniques
Denial of service attacks: taxonomy , means of protection
Practical workshop: ARP operation, fingerprinting via nmap
Problem of security architectures
Examples of secure architectures: DMZ, partitions, multiple VLANs
Network
firewalls (packet filters, application relays, stateful inspection) Major players in the network firewalls market, comparison between commercial and non-commercial products
Criteria for choosing a network firewall
Example of configuring a network
firewall Evolution of firewalls
Practical workshop: setting up a basic firewall and port routing with iptables
IPv4 and IPv6 contexts: nature of the weaknesses of each of the protocols
Handshake, record, alert and change
Weaknesses inherent in the protocols: telnet vs ssh v1 / v2, encapsulation,
TLS / SSL tunneling : role and operation, history of faults, apprehension of the impact
The fallback problem
Virtual private networks (VPN): typology of VPN networks, PPTP and L2TP architectures and protocols, technical solutions, state of the art.
IPsec: operating principle, implementation, architecture, operating modes
Practical workshop: SSL traffic analysis, setting up an IPSec session, crossing a firewall via an ssh tunnel.
Intrusion detection / prevention (IDS / IPS): principles, architectures, implementation
Security event management (SIEM): principles, architectures, implementation
Log monitoring: principles, architecture, implementation, what to look for and how to react ?
Practical workshop: positioning of IDS, port mirroring, implementation of suricata
Social engineering (techniques)
Security by passwords (breaking, password policies)
Security audits (state of the art of categories, demonstrations of tools)
Organizational
audit Configuration audit
Search for vulnerabilities by Metasploit and Nessus or OpenVAS
Practical workshop: using John The Ripper to break in force, demonstration
Security issues: history and current state
Security principles (802.11i, 802.1X, EAP)
Hot-spot, residential, business architectures
Fallback issue
Workshop: password discovery with aircrack-ng, captive portal spoofing
Basis of Internet exchanges, peering operation
Risks associated with BGP: traffic theft, malicious announcements
Relations between AS, RPKI
Role of registers (IRR)
Duration
5 days
Price
£ 3028
Audience
Experienced Network Administrators
Prerequisites
Very good knowledge of networks
Reference
Re100230-F
Operation of SS7 interconnections (Unsecured signaling, geolocation, interception)
Risks associated with telephony
Risks linked to VoIP
Monitoring of dated equipment
Exploitation of latent vulnerabilities
Security of radio-mobile networks: from GSM to 4G / LTE
Threats, loopholes and protection measures in mobile networks (IMSI-Catcher, etc.)
Security of wireless interfaces (NFC, etc.)
Particular case of the security of mobile terminals
Heterogeneity of security levels between networks and fixed and mobile terminals
As part of the deployment of a web app via dedicated wifi access, diagnose weaknesses at each stage from the establishment of the connection to the application, and issue the appropriate recommendations
Sessions
Contact us for more informations about session date