mailing list archives
Re: Few interesting topics in Network Security please.
From: "Matt Lakin" <honswlos () gmail com>
Date: Mon, 28 Apr 2008 23:17:41 +0000
I would definitely recommend installing and using Wireshark to get a good low level understanding of network traffic.
Have the class monitor the wire while sending/receiving different kinds of traffic (ICMP, SNMP, DNS, WINS, RPC, WWW,
ARP, SMTP, STP, EIGRP, etc) to see how different protocols look on the wire. After some basic network analysis, have
them fire up Cain&Abel and do some password sniffing, ARP poisoning, etc, with Wireshark open. Also show how ARP
poisoning can be used to sniff switched networks or for MITM attacks, and have them initiate a MITM attack to view an
encrypted SSL session (using fake certificates).
Nmap is a must also, and use a tool like Metasploit (via a livecd like BackTrack or Auditor) to illustrate how to use
the information gleaned from Nmap to exploit a remote (and vulnerable) machine. This would also be a good time to show
students lists like Bugtraq to find exploitable vulnerabilities
If you're looking for more security tools to mess around with, sectools.org has a great list of a wide range of tools.
From: Jon Kibler <Jon.Kibler () aset com>
Date: Mon, 28 Apr 2008 10:24:25
To:KishoreKumar Bairi <prf.kishorekumar () gmail com>
Cc:security-basics () securityfocus com
Subject: Re: Few interesting topics in Network Security please.
KishoreKumar Bairi wrote:
I am a student. Who is doing project under a professor. In our
university from next year a new course on NETWORKING is going to be
started. My task is to design "lab experiments" for that course.
Can you please suggest few experimental ideas, that will help a newbie
in Networking field.
Note: "Network Security" is also included.
Three things that students are not getting in network courses that are
CRITICAL to the real world:
1) Low level understanding of protocols
3) Packet filtering
Some tools I would recommend as absolute requirements for the course:
snort (if you get into IDS)
quagga (for routing)
If you get into protocol errors / DOS:
Hope this helps!
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
Re: Few interesting topics in Network Security please. Wes Deviers (Apr 28)
RE: Few interesting topics in Network Security please. Sergio Castro (Apr 28)