Home page logo
/

basics logo Security Basics mailing list archives

Re: Few interesting topics in Network Security please.
From: "Matt Lakin" <honswlos () gmail com>
Date: Mon, 28 Apr 2008 23:17:41 +0000

I would definitely recommend installing and using Wireshark to get a good low level understanding of network traffic.  
Have the class monitor the wire while sending/receiving different kinds of traffic (ICMP, SNMP, DNS, WINS, RPC, WWW, 
ARP, SMTP, STP, EIGRP, etc) to see how different protocols look on the wire.  After some basic network analysis, have 
them fire up Cain&Abel and do some password sniffing, ARP poisoning, etc, with Wireshark open.  Also show how ARP 
poisoning can be used to sniff switched networks or for MITM attacks, and have them initiate a MITM attack to view an 
encrypted SSL session (using fake certificates).  

Nmap is a must also, and use a tool like Metasploit (via a livecd like BackTrack or Auditor) to illustrate how to use 
the information gleaned from Nmap to exploit a remote (and vulnerable) machine.  This would also be a good time to show 
students lists like Bugtraq to find exploitable vulnerabilities

If you're looking for more security tools to mess around with, sectools.org has a great list of a wide range of tools.

-----Original Message-----
From: Jon Kibler <Jon.Kibler () aset com>

Date: Mon, 28 Apr 2008 10:24:25 
To:KishoreKumar Bairi <prf.kishorekumar () gmail com>
Cc:security-basics () securityfocus com
Subject: Re: Few interesting topics in Network Security please.


KishoreKumar Bairi wrote:
Hi all,

I am a student. Who is doing project under a professor. In our
university from next year a new course on NETWORKING is going to be
started. My task is to design "lab experiments" for that course.

Can you please suggest few experimental ideas, that will help a newbie
in Networking field.

Note: "Network Security" is also included.

Three things that students are not getting in network courses that are 
CRITICAL to the real world:
    1) Low level understanding of protocols
    2) Routing
    3) Packet filtering

Some tools I would recommend as absolute requirements for the course:
    wireshark
    nmap
    traceroute
    ping
    arping
    hping
    dsniff
    gobbler
    ettercap
    hunt
    yersina
    firewalk
    iptables
    snort (if you get into IDS)
    quagga (for routing)


If you get into protocol errors / DOS:
    jolt
    land
    nestea
    smurf
    fraggle

Hope this helps!

Jon Kibler
-- 
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault