EHS - Linux, Macintosh and Mobile Systems

Home Options Certification iClass Store Contact Us

You are here

Saturday, May 25, 2013

Get EHS Certification in Linux, Macintosh and Mobile Systems

EC-Council Conference & Events

Course Description

This certification covers a plethora of offensive security topics ranging from how perimeter defenses work to scanning and attacking the simulated networks. A wide variety of tools, viruses, and malware is presented in this and the other four books, providing a complete understanding of the tactics and tools used by hackers. By gaining a thorough understanding of how hackers operate, an Ethical Hacker will be able to set up strong countermeasures and defensive systems to protect an organization's critical infrastructure and information.

Certificate Info

Who Should Attend
This course will significantly benefit the security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Course Duration
2 days (9:00AM – 5:00PM)

CPE/ECE Qualification
2 ECE Credits awarded for attendance (1 for each 8 hour class day)

Program Cost:
$750 USD

Supplement Cost (Courseware & Certificate exam Access):
$75 USD

Bundle Price:
$799 USD

Getting Started:

Find Training Click HERE:

Corporate Trainers interested in setting up internal company training programs, click here

Included Courseware:
Courseware - Linux, Macintosh and Mobile Systems in Ethical Hacking & Countermeasures

What’s included?
Physical Courseware
1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate

Related Certificates:
Ethical Hacking & Countermeasure Specialist: Attack Phases
Ethical Hacking and Countermeasures: Threats and Defense Mechanisms
Ethical Hacking and Countermeasures: Web Applications and Data Servers
Ethical Hacking and Countermeasures: Secure Network Infrastructures

Course Briefing

1.Linux Hacking
Chapter Brief:
The advent of Linux was the true genesis of the open source movement. Backed by programmers who believed in breaking away from the proprietary movement for the right reasons, Linux made inroads into the corporate world computing.
While Linux has evolved to a robust operating system, the complex structure of Linux paves the way for the security-related threats. Today, several servers around the globe are hosted on the Linux servers. One of the primary reasons behind this is the inherent security offered by the platform. However, today there is as much vulnerability in Linux as in proprietary systems leading to their compromise by attackers.

This module deals with hacking on the Linux Operating System. It explains the basic commands in Linux, Linux file structure, and Linux security and vulnerabilities. It shows the Linux IP chains, Linux Rootkits, and Linux intrusion detection systems. It lists the Linux hacking tools and the security countermeasures.

2.Mac OS X Hacking
Chapter Brief:
Mac OS X is a development platform, bringing a 32-bit and 64-bit architecture and multiprocessor capability to the desktop and server arenas. It provides a productive programming environment in Cocoa, the full power of real UNIX, and a host of open source web, scripting, database, and development technologies. MAC OS X may be hacked using the vulnerabilities in the operating system.
This module explains about Macintosh operating system, vulnerabilities in MAC OS X such as Crafted URL, CoreText Uninitialized Pointer, ImageIO Integer overflow, DirectoryService, iChat UPnP buffer overflow, and how they can be used to hack the OS. The module also discusses viruses and worms that may affect the operating system.

MAC OS X security tools DoorStop X Firewall, Intego NetBarrier, Intego ContentBarrier and Flying Buttress are presented in this module. These security tools and counter measures prevent an attacker from attacking.

3.Hacking Routers, Cable Modems, and Firewalls
Chapter Brief:
Computer networking devices transfer the data from one computer in a network to another.. The network devices include routers, cable modems, firewalls, etc. The attacker may try to hack the network devices to snoop on the information being transferred on the network.
This module introduces the computer networking devices such as Router, modems, and cables and explains how an attacker hacks them. This module explains the different vulnerabilities in the router and how to exploit these vulnerabilities.
After completion of this module, you would have an idea about how to collect the router password by using different password cracking tools. The module also deals with different router attacks, how they occur, and how to prevent them.

4.Hacking Mobile Phones, PDAs, and Handheld Devices
Chapter Brief:
With individuals and organizations increasingly reliant on the handheld devices for communication and business, the threat to these devices only grows. Mobile malware has seen pandemic increase in the recent years. The malware is aimed at sabotage and financial gain. These attacks finally can lead to denial of mobile resources, data theft or destruction, and fraud.
This module discusses about hacking various types of mobile devices such as BlackBerry, PDA, iPod, and iPhone. This module also talks about the operating systems used in mobile phones.

This module explains about the threats to mobile devices, vulnerabilities in the mobile devices, and attacks against mobile devices. It also introduces PDA security tools which are used to prevent mobile attacks.

5.Bluetooth Hacking
Chapter Brief:
Bluetooth is one of the applications that help the cell phone users share/ send the information from one cell phone to the other irrespective of the service provider. It is a feature that is getting popular and being widely used by every common man in their routine. As it is widely used, the vulnerabilities in it are exploited to attack the device.

The module “Bluetooth Hacking” explains about the different ways that a Bluetooth device can be hacked and the security measures to prevent the devices from being hacked. It explains the different techniques that can be used to attack Bluetooth devices (Example: Bluejacking, BlueSpam, BlueSnarfing, BlueBug Attack, Blueprinting and more). It lists the tools that are used to hack the Bluetooth devices. This module discusses the worms and viruses that can be used to infect the Bluetooth devices.

6.RFID Hacking
Chapter Brief:
Radio Frequency Identification (RFID) is a system that transmits the identity of an object using radio waves. The identity of the objects is stored and retrieved using RFID tags and transponders. It transmits the identity of the objects in the form of a unique serial number with the help of radio waves.

This module describes RFID technology, the different components of RFID and their collisions, RFID risks such as Business Process Risk, Business Intelligence Risk, Privacy Risk and Externality Risk, privacy issues of RFID. This module discusses RFID security and privacy threats and how to protect against RFID attacks. Writing a simple but powerful RFID virus and worm are showcased in this module. The module also discusses the vulnerabilities in RFID-enabled credit cards and RFID security controls.

7.Hacking USB Devices
Chapter Brief:
Universal Serial Bus (USB) flash drives are removable and rewritable devices. These devices can be connected or disconnected if the system is running as they are pluggable.
This module discusses about USB devices and how they affect privacy. The module discusses electrical and software attacks, USB Attack on Windows, viruses, and worms which spread through USB devices. The tools that help in hacking USB devices are discussed. The module also talks about tools such as MyUSBonly, USBDeview, USB-Blocker, USB CopyNotify, USB File Guard, and Advanced USB Port Monitor that help to protect privacy and lists countermeasures to prevent the devices from being hacked.

Course Outline

Chapter 1: Linux Hacking

Case Example

§ Common Terminology

o Introduction to Linux Hacking

o Linux Distributions

o Linux Basics

o Linux LiveCDs

o Files and Directories

o File System

o Linux Basic Commands

o Linux Networking Commands

o Directories in Linux

Linux Kernel

o Installing. Configuring. and Compiling Linux Kernel

o How to Install a Kernel Patch

Compiling Programs in Linux

o GNU Compiler Collection (GCC) Compiler

o GCC Commands

o Make Files

o Make Install Command

Linux Vulnerabilities
Linux Security

o chrooting

· Limitations of chrooting

Linux Vulnerabilities

o Linux Kernel BER Decoding Remote Buffer Overflow Vulnerability

o Why Is Linux Hacked?

GRUB Bootloader

o How to Hack Root Password in Linux

§ LILO Bootloader

o Steps to Hack Root Password in Linux

Linux Hacking Tools

o Scanning Networks

o Tool: Nessus

o Port Scan Detection Tools

o Password Cracking in Linux

o Tool: John the Ripper

o Firewall in Linux: IPTables

· How IPTables Works

o Netfilter

o IPTables Command

o Basic Linux Operating System Defense

o Tcpdump

o Hping2

Linux Loadable Kernel Modules
Tool: Chkrootkit
Linux Security Tools

o Linux Tools: Application Security

o Advanced Intrusion Detection Environment (AIDE)

o EnGarde Secure Linux

o EnGarde Secure Linux: Secure Shell Configuration

o EnGarde Secure Linux: Attack Graph

o AppArmor

o Strobe

o Encryption

o Log and Traffic Monitors

o Linux Security Auditing Tool (LSAT)

o Linux Security Countermeasures

Best Practices

o Steps for Hardening Linux

o Issues with Open Source Linux

o Linux Security Checklist

Chapter 2: Mac OS X Hacking

Case Example
Introduction to Mac OS X Hacking
Introduction to Mac OS
Vulnerabilities in MAC OS

o MAC OS X Vulnerabilities and Solution Statistics

o Apple QuickTime Buffer Overflow Vulnerability

o Apple Mac OS X Pixlet Video Handling Remote Code Execution Vulnerability

o Heap-based Buffer Overflow Vulnerability in ColorSync Profile

o Apple ImageIO EXIF Metadata Buffer Overflow Vulnerability

o Apple Mac OS X MobileMe Session Hijack Vulnerability

o Apple Mac OS X AppleTalk Kernel Buffer Overflow Vulnerability

o Apple Mac OS X Remote Apple Events Out of Bounds Memory Access Security Vulnerability

o Crafted URL Vulnerability

o CoreText Uninitialized Pointer Vulnerability

o ImageIO Integer overflow Vulnerability

o DirectoryService Vulnerability

o iChat UPnP Buffer Overflow Vulnerability

o ImageIO Memory Corruption Vulnerability

o Code Execution Vulnerability

o UFS Filesystem Integer Overflow Vulnerability

o Kernel "fpathconf()" System call Vulnerability

o UserNotificationCenter Privilege Escalation Vulnerability

o Other Vulnerabilities in MAC

o How a Malformed Installer Package Can Crack Mac OS X

Demonstrated Damage
Worms, Viruses, and Trojans in MAC OS X

o MAC OS X Threats

o Trojan:

o OSX/Jahlav-C

o OSX/iWorkS-A

o OSX.Trojan.iServices.A

o Worm:

o OSX/Tored.A

o OSX/Leap-A

o Inqtana.A: F-Secure Worm on OS X

o Preventive Measures for OSX Inqtana.A

o Viruses in MAC: Macro Viruses

o Antivirus Applications in Mac OS X

Mac OS X Security Tools

o DoorStop X Firewall

o Intego NetBarrier

o Intego ContentBarrier

o Flying Buttress

Countermeasures

Chapter 3: Hacking Routers, Cable Modems, and Firewalls

Introduction to Hacking Routers, Cable Modems, and Firewalls
Routers
Cable Characteristics: Networking Cables

o Types of Twisted Pair Cable

o Types of Coaxial Cables

o Types of Fiber Optic Cables

o Cable Modems

Media Connectors
Concentrators
Repeaters and Hubs
Modems
Multiplexers
Gateways
Patch Panel
Switch

Firewalls

o Security Features of Firewall

o Software and Hardware Firewall

o Difference between Hardware and Software Firewalls

o Types of Firewalls:

· IP Packet Filters

· Circuit Level Gateway

· Application Level Firewalls

· Stateful Multilayer Inspection Firewall

o Network Security Software

Types of Router Attacks
Router Attack Topology

Denial of Service (DoS) Attacks
Packet “Mistreating” Attacks
Routing Table Poisoning
Flooding
Hit-and-run Attacks vs. Persistent Attacks

Tools
Yersinia for HSRP, CDP, and Other Layer 2 Attacks
Cisco Torch
Cracking the Enable Password
Tool:

o John the Ripper

o Cain and Abel

Chapter 4: Hacking Mobile Phones, PDAs, and Handheld Devices

Introduction to Hacking Mobile Phones, PDAs, and Handheld Devices
Types of Handheld Devices
Common Operating Systems in Handheld Devices
Threats to Mobile Devices
Vulnerabilities in Handheld Devices
Vulnerabilities in Different Mobile Phones
Malware

o Symbos_Locknut.B

Spyware

o SymbOS/Htool-SMSSender.A.intd

o SymbOS/MultiDropper.CG

o Warm: SYMBOS_CABIR.A

o Worm: Symb/Cabir-A

o Trojan:

o SymbOS.Sendtool.A

o SMS.Python.Flocker

o Best Practices Against Malware

Hacking Handheld Devices
Personal Digital Assistant (PDA)

o PDA Security Issues

o ActiveSync Attacks

o HotSync Attack

o PDA Virus: Brador

o PDA Security Tools: TigerSuite PDA

o PDA Security Tools:

· SecuBox for Pocket PC

· SecuWipe for Pocket PC

· Trend Micro Mobile Security

· avast! PDA Edition

o Cellcrypt

o Security Policies for PDAs

o PDA Attack Countermeasures

Defending Handheld Devices
iPod

o Misuse of iPod

o Jailbreaking

o Tool for Jailbreaking:

· iDemocracy

· iActivator

Chapter 5: Bluetooth Hacking

Introduction to Bluetooth
Bluetooth Security Issues
Bluetooth Attacks

o Bluejacking

· Steps for Bluejacking in Mobile Phones

o Bluesniff

o BlueSpam

o BlueSnarfing

o BlueBug Attack

o Bluestab (Denial-of-Service Attack)

o Blueprinting

o Bluesmacking - The Ping of Death

o Bluecasting

o BlueDump Attack

o BlueBump

o Bluechop

o Bluetooone

o BlueSniper

o BTVoiceBugging Attack

o Short Pairing Code Attacks

o Man-in-the-Middle Attack

o OnLine PIN Cracking Attack

o BTKeylogging Attack

o Fuzzing Attacks

Bluetooth Hacking Tools
Viruses and Worms
Bluetooth Security Tools

o Bluesnarfer

o BTCrawler

o Bluediving

o TBEAR - Transient Bluetooth Environment auditor

o BTBrowser

o BTCrack

o BTScanner

o Hidattack

o BlueAlert and BlueFish

o Proximity

o HaraldScan

o BlueWatch

Other BT Hacking Tools
Countermeasures

Chapter 6: RFID Hacking

Case Example
Introduction to RFID Hacking
RFID (Radio Frequency Identification)
RFID Frequency Bands
Components of RFID Systems
A Simple RFID System
Working of an RFID
Challenges in RFID Deployment
Steps for RFID Deployment
RFID Applications
RFID Collisions
RFID Risks

o Business Process Risk

o Business Intelligence Risk

o Privacy Risk

o Externality Risk

RFID and Privacy Issues
RFID Security and Privacy Threats
Countermeasures Used to Avoid RFID Attacks
RFID Security and Privacy Threats

o Sniffing

o Tracking

o Spoofing

o Replay Attacks

o Denial-of-service

o Generic Attack

o Virus Attacks

How to Write an RFID Virus
How to Write an RFID Worm
RFID Malware

o Defenses Against RFID Malware

RFID Exploits
Vulnerabilities in RFID-Enabled Credit Cards
RFD Hacking Tool
RFID Security Controls

o Management Controls

o Operational Controls

o Technical Controls

RFID Security

Chapter 7: Hacking USB Devices

Case Example
Introduction to Hacking USB Devices
Introduction to USB Devices
USB Attacks

o Electrical Attack

o Software Attack

o USB Attack on Windows

Viruses and Worms
Virus:

o W32/Madang-Fam

o VBS/Repvblik-A

Worm:

o W32/Hasnot-A

o W32/Uisgon-A

o W32/Fujacks-AK

o W32/Fujacks-E

o W32/Dzan-C

o W32/SillyFD-AA

o W32/SillyFDC-BK

o W32/SillyFDC-W

o W32/LiarVB-A

o W32/Hairy-A

o W32/QQRob-ADN

o W32/VBAut-B

o W32/Tiotua-G

o HTTP W32.Drom

o W32/VB-DWC

o W32/Bdoor-AEE

o Mal/Conficker-A

Hacking Tools

o USBSecure Professional

o MyUSBonly

o USBDeview

o USB Blocker

o USB CopyNotify

o Remora USB File Guard

o Advanced USB Port Monitor

o Folder Password Expert USB

o USBlyzer

o USB PC Lock Pro

o Virus Chaser USB

o uHook Personal

Countermeasures

Page Options