The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription
Firewall Evasion for InfoSec
The course will cover techniques used by penetration testers and malicious actors as well as countermeasures for network defenders. In this course students will learn:
- Firewall and IDS terminology and basic theory.
- Firewall/IDS evasion and rule mapping techniques using various tools for ingress and firewall/IDS egress evasion.
Certificate of completion, 18 CPE credits
Course is self-paced
What will you learn?
- Firewall terminology and theory
- IDS terminology and theory
- Packet manipulation techniques
- TCP/IP basics
What skills will you gain?
- Nmap usage for discovery and evasion
- Firewalk usage for firewall rule discovery
- Nchop usage for session splicing
What will you need?
- Ideal setup is a firewall and IDS.
- Cisco PIX firewalls for ~40 USD. PIX firewalls are an older technology but workable for this course.
- The instructor will have a Cisco ASA and PIX i his setup for testing.
- Linux Virtual Machine with a firewall that can be placed in different configurations.
What should you know before you join?
- Networking basics
- Linux basics
Shad Malloy is a Network Security Analyst with a wide range of experience including virtualization, firewalls, SCADA, and enterprise security. Shad has over 16 years of experience as an information technology professional, with 6 years of penetration testing experience. He has worked with commercial and government clients including creation of the penetration testing program for Indian Health Services.
As a Network Security Analyst, Shad evaluates the internal and external security postures of enterprise networks. He surveys the client’s network infrastructure, finding and reporting on exposed or at-risk configurations. After demonstrating how vulnerabilities in the client’s network can be exploited to grant access and/or reveal sensitive data, he educates clients on the best ways to safeguard their environments.
Shad’s research focuses on the development of a Shellshock User-agent scanner and wireless attacks. He received his Bachelors of Computer Information Systems (B.S.) in 2003 from National American University.
- Certified Information System Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Certified Security Analyst (ECSA)
- Certified Intrusion Prevention Specialist (CIPS)
The course is self-paced and starts with a month-long session. Four weeks is our estimate for how long it should take a working professional to comfortably finish the course. However, you can go at your own pace:
- after the session ends and all materials are on the website you keep access forever - even if you finish the course and get your certificate you can come back and reread and rewatch everything;
- there is no deadline for finishing the course, if you come back to the final exam in a few months it will still be available;
- to pass the course there is no need to be present at any set times;
Module 1 Firewall, IDS, and Networking Theory
- Networking Technology
Module 1 Exercises:
- System setup
Module 2 Ingress Firewall Testing
Testing and Mapping Ingress Firewall Rules:
- Nmap for firewall testing and evasion
- Firewalk for firewall rule mapping
- Network protocol usage for testing and evasion (TCP/IP, UDP, ICMP)
Module 2 exercises:
- Nmap firewall testing
- Firewalk rule testing
Module 3 Egress Firewall Testing
Evasion of egress firewall rules:
- Egress firewall discussion
- Protocol Tunneling
- VPN Setup
Module 3 exercises:
- Skullsec DNScat - bonus
Module 4 Packet Manipulation
- Packet fragmentation for evasion
- Packet manipulation for evasion
- Packet delay for evasion
Module 4 exercises:
- Nchop session splicing for ingress and egress
- Python Client/Server for egress
If you have any questions, please contact our eLearning Manager at [email protected].