• Describe
  • Basic security attacks
  • RADIUS
  • SSL
  • IPSec
  • VPNs
• Implement digital certificates
• Deploy firewalls to protect Web servers and users.
• Secure Web servers and clients.

Duration: 2 days

>> Dates, prices & bookings for this course

>> Back to Security courses overview

TCP/IP review
Brief overview of the relevant headers. Exercise: Download software for course, use analyser to capture passwords on the wire.

Security review
Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response.

Security exploits
The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death…, keeping up to date with new threats. Exercise: Use a port scanning tool, use a “hacking” tool.

Firewalls
Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Exercise: Set up a firewall and prevent attacks.

NAT
NAT and PAT, Why use NAT, NAT-ALG, RSIP.

Encryption
Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Exercise: Run a password cracking program.

Authentication
Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Exercise: Using certificates.

Web client and server security
Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Exercise: Browser security.

VPNs and IPSec
What is a VPN, tunnelling, L2F, PPTP, L2TP,IPSec, AH, ESP, transport mode, tunnel mode.