Course Code : IR392
Time Hours : Semester 3, 6h (course) + 12h (Labs) = 18h
Time Periods : not available yet
Lecturer : Osman Salem, Assistant Professor (osman.salem[at]mi.parisdescartes.fr)
This course aims to present advanced approaches for network intrusion detection and prevention. It emphasizes on used tools for enumeration, intrusion and defense techniques. The objective is to provide theoretical and practical experiences in network security, intrusion detection, and network auditing to understand the impact of vulnerability, and the utility of the existing hardening methods on the security of the system.
- Basic notions : Footprinting, Scanning, Enumeration
- The 5 steps of successful attack
- MITM attack. (Lab : ARP poisoning, ETTERCAP, DSSNIFF, SSLSTRIP)
- Network vulnerability scanner (Lab : NESSUS)
- Intrusion Detection/Prevention System (Lab : IDS/IPS with SNORT)
- WIFI Security : WEP/WPA/WPA2. (Lab : Cracking WEP key with Backtrack).
- VoIP Security, SIP vulnerability. (Lab : Asterisk, SIPdump and SIPCrack)
- Other security tools in practice : John the ripper, DoS attacks tools (Inviteflood and SYNflood), DNS redirection, Whois, Sam Spades, dig, nmap, OpenSSH, honeyd.
- Network Security : Private Communication in a Public World, Autors : Charlie Kaufman, Radia Perlman, Mike Speciner, Prentice Hall Press, 2002.
- Hacking Exposed, Autors : Stuart McClure, Joel Scambray et George Kurtz