The access to this course is restricted to Hakin9 Premium or IT Pack Premium Subscription


Firewall Evasion for InfoSec 

The course will cover techniques used by penetration testers and malicious actors as well as countermeasures for network defenders. In this course students will learn:

  • Firewall and IDS terminology and basic theory.
  • Firewall/IDS evasion and rule mapping techniques using various tools for ingress and firewall/IDS egress evasion.

Certificate of completion, 18 CPE credits

Course is self-paced


What will you learn?

  • Firewall terminology and theory
  • IDS terminology and theory
  • Packet manipulation techniques
  • TCP/IP basics

What skills will you gain?

  • Nmap usage for discovery and evasion
  • Firewalk usage for firewall rule discovery
  • Nchop usage for session splicing

What will you need?

  • Ideal setup is a firewall and IDS.
  • Cisco PIX firewalls for ~40 USD. PIX firewalls are an older technology but workable for this course.
  • The instructor will have a Cisco ASA and PIX i his setup for testing.
  • Linux Virtual Machine with a firewall that can be placed in different configurations.

What should you know before you join?

  • Networking basics
  • Linux basics

Your instructor

IMG_0003Shad Malloy is a Network Security Analyst with a wide range of experience including virtualization, firewalls, SCADA, and enterprise security. Shad has over 16 years of experience as an information technology professional, with 6 years of penetration testing experience. He has worked with commercial and government clients including creation of the penetration testing program for Indian Health Services.

As a Network Security Analyst, Shad evaluates the internal and external security postures of enterprise networks. He surveys the client’s network infrastructure, finding and reporting on exposed or at-risk configurations. After demonstrating how vulnerabilities in the client’s network can be exploited to grant access and/or reveal sensitive data, he educates clients on the best ways to safeguard their environments.

Shad’s research focuses on the development of a Shellshock User-agent scanner and wireless attacks. He received his Bachelors of Computer Information Systems (B.S.) in 2003 from National American University.

Relevant Certifications:

  • Certified Information System Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)
  • Certified Security Analyst (ECSA)
  • Certified Intrusion Prevention Specialist (CIPS)

Course format

The course is self-paced and starts with a month-long session. Four weeks is our estimate for how long it should take a working professional to comfortably finish the course. However, you can go at your own pace: 

  • after the session ends and all materials are on the website you keep access forever - even if you finish the course and get your certificate you can come back and reread and rewatch everything;
  • there is no deadline for finishing the course, if you come back to the final exam in a few months it will still be available;
  • to pass the course there is no need to be present at any set times;

Course Syllabus


Module 1 Firewall, IDS, and Networking Theory


Terminology:

  • Firewall
  • IDS
  • Networking Technology

Module 1 Exercises: 

  • System setup

Module 2 Ingress Firewall Testing


Testing and Mapping Ingress Firewall Rules:

  • Nmap for firewall testing and evasion
  • Firewalk for firewall rule mapping
  • Network protocol usage for testing and evasion (TCP/IP, UDP, ICMP)

Module 2 exercises:

  • Nmap firewall testing
  • Firewalk rule testing

Module 3  Egress Firewall Testing


Evasion of egress firewall rules:

  • Egress firewall discussion
  • Protocol Tunneling
  • VPN Setup

Module 3 exercises:

  • Meterpreter
  • NetCat
  • Proxychains
  • Skullsec DNScat - bonus

Module 4 Packet Manipulation


  • Packet fragmentation  for evasion
  • Packet manipulation for evasion
  • Packet delay for evasion

Module 4 exercises:

  • Nchop session splicing for ingress and egress
  • Python Client/Server for egress

QUESTIONS? 

If you have any questions, please contact our eLearning Manager at [email protected].

(268 views)

Course Reviews

5

5
1 ratings
  • 5 stars1
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0
  1. Great!

    5

    Exactly what I expected!

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023