Home page logo

basics logo Security Basics mailing list archives

Re: Few interesting topics in Network Security please.
From: "Matt Lakin" <honswlos () gmail com>
Date: Mon, 28 Apr 2008 23:17:41 +0000

I would definitely recommend installing and using Wireshark to get a good low level understanding of network traffic.  
Have the class monitor the wire while sending/receiving different kinds of traffic (ICMP, SNMP, DNS, WINS, RPC, WWW, 
ARP, SMTP, STP, EIGRP, etc) to see how different protocols look on the wire.  After some basic network analysis, have 
them fire up Cain&Abel and do some password sniffing, ARP poisoning, etc, with Wireshark open.  Also show how ARP 
poisoning can be used to sniff switched networks or for MITM attacks, and have them initiate a MITM attack to view an 
encrypted SSL session (using fake certificates).  

Nmap is a must also, and use a tool like Metasploit (via a livecd like BackTrack or Auditor) to illustrate how to use 
the information gleaned from Nmap to exploit a remote (and vulnerable) machine.  This would also be a good time to show 
students lists like Bugtraq to find exploitable vulnerabilities

If you're looking for more security tools to mess around with, sectools.org has a great list of a wide range of tools.

-----Original Message-----
From: Jon Kibler <Jon.Kibler () aset com>

Date: Mon, 28 Apr 2008 10:24:25 
To:KishoreKumar Bairi <prf.kishorekumar () gmail com>
Cc:security-basics () securityfocus com
Subject: Re: Few interesting topics in Network Security please.

KishoreKumar Bairi wrote:
Hi all,

I am a student. Who is doing project under a professor. In our
university from next year a new course on NETWORKING is going to be
started. My task is to design "lab experiments" for that course.

Can you please suggest few experimental ideas, that will help a newbie
in Networking field.

Note: "Network Security" is also included.

Three things that students are not getting in network courses that are 
CRITICAL to the real world:
    1) Low level understanding of protocols
    2) Routing
    3) Packet filtering

Some tools I would recommend as absolute requirements for the course:
    snort (if you get into IDS)
    quagga (for routing)

If you get into protocol errors / DOS:

Hope this helps!

Jon Kibler
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]