Enter a short description of the course.
The most recent cyber-attack that we read about in the world press recently shows a serious network vulnerability combined with system flaws. The flaw inside the Windows distributions, i.e. SMBv1, fixed by Microsoft in March 2017, is a common protocol distributed in Windows XP, Windows 7 and Windows 10. But, although the fixed solution was implemented by Microsoft, the counterpart is dependent on enterprises updating their systems before the attack had been spawned. This kind of vulnerability opens the door to the enemy, even if the network is well protected.
Nowadays, we are faced with multiple massive attacks in networks happening in the future. Network defensive strategies depend on policy rules and technology, but in the same proportional measure, they depend on the human factor and our security skills – and not only when it comes to ransomware. This course will show you how to detect and analyze malicious traffic, and how to better defend your network.
The course is self-paced
Launch: June 26th 2017
18 CPE credits
What will you learn?
You will learn to read a pcap file in an analytical perspective that will help you detect malicious traffic and defend your network.
What will you need?
You just need to download the virtual laboratory provided by the instructor.
What should you know before you join?
You need know basic information about network connections.
Software used in course
We will use Kali Linux, Kali Linux 2017.1, Windows 10, and Debian Server. All machines (64 bits) will be provided by the instructor in VirtualBox, as well as a live target website.
Programming languages used in course:
Basic HTML, Python
Paulo Henrique Pereira, PhD
Born in São Paulo, Brazil. He has a PhD in the area of analytical induction. Researcher at the University Nove de Julho (UNINOVE) in the area of forensics and security (penetration testing). Works with forensic analysis and reverse engineering of malware. In his spare time, he splits his time between the practice of fly fishing in the rivers that cut through the mountains and programming languages C and Python.
Module 1: Network under attack – how to discover the flaws
This module covers the network attack using Kali Linux tools. What we want in this module is to understand the architecture of an attack and not provide an attack against people or enterprises.
- Lab: Kali Linux performing a network attack.
Module 2: Malware stochastic models in network
Malware can diffuse in diverse ways in a network environment and/or use the vulnerabilities in this network, in the system or in the human side to infect all nodes. In this module, we will learn how that happens and how we can use it to our advantage.
- Lab: Using Python to analyze the malware’s propagation models.
Module 3: Identifying, analyzing and dissecting a packet
This module covers how a network packet can reveal evidences of an attack. We need to dissect the packet (pcap file) and search for this evidence.
- Use Kali Linux tools to capture a packet file
- Use tcpdump and Wireshark to read the network traffic.
- Use the Python scripts to find evidence in the network traffic
Module 4: Defensive strategies to apply in the network (using Linux).
In this module, we will analyze the the defensive strategies we should apply in the network.
- Lab: Kali Linux tools and rules to protect the network.
- Basic: HOSMER, C. Passive Python Network Mapping. Massachusetts, 2015
- Advanced: KARYOTIS, V. and KHOUZANI, M.H.R. Malware Diffusion Models for Modern Complex Networks. London: Morgan Kauffman, 2016.
- The course is self-paced – you can visit the training whenever you want and your content will be there.
- Once you’re in, you keep access forever, even when you finish the course.
- There are no deadlines, except for the ones you set for yourself.
- We designed the course so that a diligent student will need about 18 hours of work to complete the training.
- Your time will be filled with reading, videos, and exercises.