Advanced in Network Security

Course Code : IR392

Time Hours : Semester 3, 6h (course) + 12h (Labs) = 18h

Time Periods : not available yet

Lecturer : Osman Salem, Assistant Professor (osman.salem[at]mi.parisdescartes.fr)

A voir dans cette page

Objective

This course aims to present advanced approaches for network intrusion detection and prevention. It emphasizes on used tools for enumeration, intrusion and defense techniques. The objective is to provide theoretical and practical experiences in network security, intrusion detection, and network auditing to understand the impact of vulnerability, and the utility of the existing hardening methods on the security of the system.

Contents

  • Basic notions : Footprinting, Scanning, Enumeration
  • The 5 steps of successful attack
  • MITM attack. (Lab : ARP poisoning, ETTERCAP, DSSNIFF, SSLSTRIP)
  • Network vulnerability scanner (Lab : NESSUS)
  • Intrusion Detection/Prevention System (Lab : IDS/IPS with SNORT)
  • WIFI Security : WEP/WPA/WPA2. (Lab : Cracking WEP key with Backtrack).
  • VoIP Security, SIP vulnerability. (Lab : Asterisk, SIPdump and SIPCrack)
  • Other security tools in practice : John the ripper, DoS attacks tools (Inviteflood and SYNflood), DNS redirection, Whois, Sam Spades, dig, nmap, OpenSSH, honeyd.

References

  • Network Security : Private Communication in a Public World, Autors : Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall Press, 2002.
  • Hacking Exposed, Autors : Stuart McClure, Joel Scambray et George Kurtz