EHS305 Ethical Hacking & Countermeasure Specialist

Get Certified in Secure Network Infrastructures

EC-Council Conference & Events

Course Description

This certification covers a plethora of offensive security topics ranging from how perimeter defenses work to scanning and attacking the simulated networks. A wide variety of tools, viruses, and malware is presented in this and the other four books, providing a complete understanding of the tactics and tools used by hackers. By gaining a thorough understanding of how hackers operate, a Certified Ethical Hacker will be able to set up strong countermeasures and defensive systems to
protect an organization's critical infrastructure and information.

Certificate Info

Who Should Attend
This course will significantly benefit the security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Course Duration
2 days (9:00AM – 5:00PM)

CPE/ECE Qualification
2 ECE Credits awarded for attendance (1 for each 8 hour class day)

Program Cost:
$750 USD

Supplement Cost (Courseware & Certificate exam Access):
$75 USD

Bundle Price:
$799 USD

Getting Started:

Find Training Click HERE:

Corporate Trainers interested in setting up internal company training programs, click here

Included Courseware:
Purchase EC-Council Certificate Series on Secure Network Infrastructures

What’s included?
Physical Courseware
1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate

Related Certificates:
Ethical Hacking & Countermeasure Specialist: Attack Phases
Ethical Hacking and Countermeasures: Threats and Defense Mechanisms
Ethical Hacking and Countermeasures: Web Applications and Data Servers
Ethical Hacking and Countermeasures: Linux, Macintosh and Mobile Systems

Course Briefing

1.Hacking Wireless Networks
Chapter Brief:
A Wireless LAN (WLAN) is an interconnection of computers over a local area network that exchanges data and other information without the use of cables. As more and more firms adopt wireless networks, the security issue becomes more crucial. Business is at high risk from whackers (wireless hackers) who do not need physical entry into the business network to hack, but can compromise a network with the help of freely available tools.

The module explains about hacking on the wireless networks. It describes about the types of wireless networks and its standards. It explains about the concepts in wireless technology, wireless devices, Wired Equivalent Privacy, and Wi-Fi Protected Access. It briefs the steps to break WEP encryption and attacking WPA encrypted networks. It explains about TKIP and LEAP concepts, the hacking methods, and the tools on Scanning and Sniffing.

2.Physical Security
Chapter Brief:
Physical security includes the measures to protect personnel, critical assets, and systems against deliberate attacks and accidents. It intends to prevent the unauthorized access of information and other assets of a company. Physical security does not just cater to securing systems only, but it also involves securing the entire premises, boundaries, workstations, and any other area that may be unique to a company. It provides an added layer of security for networks, by restricting the access of the network resources.

This module deals with securing of personnel and critical assets from different threats. The module gives introduction to physical security and the factors that affect the physical security. The module shows different authentication and access control devices. It explains about the attacks that are possible in access control. It explains about facility management, housekeeping, physical security attacks, and countermeasures to avoid the attacks.

3.Evading IDS, Firewall and Honeypots
Chapter Brief:
The Intrusion Detection Systems (IDS) and firewalls, honeypots serve various purposes in securing the organization from Internet threats. While the IDS detects any attempts made by an attacker to break into a system, the firewall only allows the authorized users to utilize the network resources and the honeypots are helpful in studying the mode of attacks the attackers use. The attacker will have to somehow come around these security features to remain undetected and not leave any tracks of the attack.

This module deals with how to evade IDS, Firewall, and Honeypots. It explains about the ways to detect an intrusion, detection of attack by IDS, ways to evade IDS, and the tools used to evade IDS. It describes the working of firewalls, types of firewalls, ways of bypassing firewalls, and the tools used to evade firewalls. It introduces Honeypots, the types of Honeypots, the steps to setup honeypot, and the tools for honeypot.

4.Cryptography
Chapter Brief:
Cryptography is defined as a method of transmitting and storing the information such that only the intended individuals can read and process the data. The sensitive information is protected by encrypting the information. The cryptographic attacks circumvent the security of a cryptographic system by finding a weakness in a code, cipher, and cryptographic protocol in the encryption.
This module familiarizes you with cryptography and the different techniques used in cryptography. It explains about the types of cryptosystems and the types of cryptographic algorithms. It discusses about the private and public key cryptography. It explains about the different RSA attacks, Hash Functions, and Encryption. It also briefs about digital signatures and the attacks on digital signatures and explains the attacks on cryptography and the tools used in cryptography.

Course Outline

Chapter 1: Hacking Wireless Networks

Introduction to Hacking Wireless Networks

o Wireless Networking

o Wired Network vs. Wireless Network

o Effects of Wireless Attacks on Business

o Types of Wireless Network

Wireless Standards

o Wireless Standard: 802.11a

o Wireless Standard: 802.11b – “WiFi”

o Wireless Standard: 802.11g

o Wireless Standard: 802.11i

o Wireless Standard: 802.11n

o Wireless Standard:802.15 (Bluetooth)

o Wireless Standard:802.16 (WiMax)

WiMax Featured Companies
WiMax Equipment Vendors

Wireless Concepts

o Related Technology and Carrier Networks

o SSID

o Is the SSID a Secret

o Authentication and Association

o Authentication Modes

o The 802.1X Authentication Process

o 802.11 Specific Vulnerabilities

o Authentication and (Dis)Association Attacks

o MAC Sniffing and AP Spoofing

Wireless Devices

o Antennas

o Cantenna

o Wireless Access Points

o Beacon Frames

o Phone Jammers

Phone Jamming Devices

Wired Equivalent Privacy (WEP)

o WEP Issues

o WEP - Authentication Phase

o WEP - Shared Key Authentication

o WEP - Association Phase

o WEP Flaws

o Breaking WEP Encryption

o Steps to Break WEP Encryption

WPA

o What is WPA

o WPA Vulnerabilities

o WEP. WPA. and WPA2

o Wi-Fi Protected Access 2 (WPA2)

o Attacking WPA Encrypted Networks

o Evil Twin: Attack

TKIP and LEAP

o Temporal Key Integrity Protocol (TKIP)

Working of TKIP
Changing WEP to TKIP

o LEAP: The Lightweight Extensible Authentication Protocol

o LEAP Attacks

o LEAP Attack Tool: ASLEAP

Working of ASLEAP

Hacking Methods

o Techniques to Detect Open Wireless Networks

o Steps for Hacking Wireless Networks

Step 1: Find Networks to Attack
Step 2: Choose the Network to Attack
Step 3: Analyzing the Network
Step 4: Sniffing the Network
Step 4-1: Sniffing Wireless Data

o Step 5: Cracking the WEP Key

o Super Bluetooth Hack

o Man-in-the-Middle Attack (MITM)

o Denial-of-Service Attacks

o Hijacking and Modifying a Wireless Network

Cracking WEP

o Automated WEP Crackers

o Pad-Collection Attacks

o XOR Encryption

o Stream Cipher

Rogue Access Points
Scanning Tools
Sniffing Tools
Wireless Security Tools

Chapter 2: Physical Security

Introduction to Physical Security

o Physical Security

o Physical Security Challenges

Authentications and Access Controls

o Authentication Mechanisms

o Smart Cards

o Security Token

o Keys and Locks

o Biometric Identification Techniques

o Biometric Hacking Tool: Biologger

o Biometrics Authentication

o Types of Biometrics Authentication

· Fingerprint-based Identification

· Hand Geometry-based Identification

· Retina Scanning

· Afghan Woman Recognized After 17 Years

· Face Recognition

· Face Code: Webcam Based Biometrics Authentication System

· TEMPEST

· Mantrap

Attacks against Access Controls

o Authentication Mechanism Challenges: Biometrics

o Faking Fingerprints

Facility Management

o Locks

o Lock Picking

o Lock Picking Tools

Housekeeping

o Housekeeping Procedures

o HVAC (Heating. Ventilating. and Air conditioning) Considerations

o Fire Prevention

Auditing Fire Prevention Preparedness
Fire Prevention Requirements
Safeguards

Physical Security Attacks

o Challenges in Ensuring Physical Security

o Spyware Technologies

o Spying Devices

o Wiretapping

o Remote Access

o Laptop Theft

o Laptop Security Tools

o Laptop Tracker - XTool Computer Tracker

o Tools to Locate Stolen Laptops

o Stop's Unique. Tamper-proof Patented Plate

o Tool: TrueCrypt

o Laptop Security Countermeasures

Physical Security Checklist

o Company’s Surroundings

o Gates

o Security Guards

o Premises

o CCTV Cameras

o Reception

o Server

o Server Room

o Workstation Area

o Wireless Access Points

o Other Equipment

o FAX Security

· Procedures Governing FAX Security: Sending

· Procedures Governing FAX Security: Receiving

· Procedures Governing FAX Security: Storing

o Security Checklist

o Access Control

o Biometric Devices

o Computer Equipment Maintenance

Policies and Procedures

o Facility Management Procedures

o Physical Security Policies

o Environmental Policy

o Air Conditioning Policy

Chapter 3: Evading IDS, Firewalls, and Honeypots

Introduction to Evading IDS, Firewalls, and Honeypots
Introduction to Intrusion Detection Systems
Intrusion Detection Systems (IDS)

o IDS Placement

o Ways to Detect an Intrusion

o Types of Intrusion Detection Systems

o Network Intrusion Detection System (NIDS)

o NIDS Evasion Technique

o System Integrity Verifiers (SIV)

o Indications of Intrusion

o General Indications of System Intrusions

o General Indications of File System Intrusions

o General Indications of Network Intrusions

o Intrusion Detection Tools

· Snort Console

§ Testing Snort

§ Configuring Snort (snort.conf)

§ Snort Rules

§ Set up Snort to Log to the Event Logs and to Run as a Service

§ Using EventTriggers.exe for Eventlog Notifications

o Steps to Perform after an IDS Detects an Attack

o Evading IDS Systems

o Ways to Evade IDS

Intrusion Prevention Systems (IPS)
Firewall

o What is a Firewall

o What does a Firewall do

o Packet Filtering

o What can't a Firewall do

o How does a Firewall Work

o Hardware Firewall

o Software Firewall

o Types of Firewalls

Packet Filtering Firewall
IP Packet Filtering Firewall
Circuit-Level Gateway
TCP Packet Filtering Firewall
Application-Level Firewall
Application Packet Filtering Firewall
Stateful Multilayer Inspection Firewall

o Firewall Countermeasures

o Firewall Identification

o Firewalking

o Banner Grabbing

o Breaching Firewalls

o Bypassing a Firewall Using HTTP Tunnel

o Placing Backdoors through Firewalls

o Hiding behind a Covert Channel: LOKI

Honeypot

o What is a Honeypot

o The Honeynet Project

o Types of Honeypots

o Advantages and Disadvantages of a Honeypot

o Where to Place a Honeypot

o Honeypots

o How to Set Up a Honey Pot

o Honeypot-SPECTER

o Honeypot - honeyd

o Honeypot – KFSensor

o Sebek

o Google Hack Honeypot (GHH)

o Physical and Virtual Honeypots

Security Responses to Hacking Attacks
Tools

o Tripwire (www.tripwire.com)

o Tool: NCovert

o ACK Tunneling

o Tools to Breach Firewalls

o Common Tool for Testing Firewall and IDS

Tomahawk
RedSeal Network Advisor
IDS Testing Tool – Traffic IQ Gateway
IDS Tool: EMERALD
IDS Tool: BlackICE
BlackICE: Screenshot
IDS Tool: Next-Generation Intrusion Detection Expert System (NIDES)
IDS Tool: SecureHost
IDS Tool: Snare
IDS Testing Tool: Traffic IQ Professional
IDS Testing Tool: TCPOpera
Atelier Web Firewall Tester

Chapter 4: Cryptography

Introduction to Cryptography

o Cryptography: Introduction

o Symmetric and Asymmetric Key Cryptosystems

o Algorithms and Security

o Types of Cryptography Algorithms

o A Hybrid Cryptographic Scheme: Example

§ Private Key Cryptography

o Data Encryption Standard (DES)

o DES Challenge III. II. I

o AES (RIJNDAEL)

o Related-key Cryptanalysis of the Full AES-192 and AES-256

o RC4. RC5. RC6. Blowfish

o RC5

Public-key Cryptography

o The DSA and related signature schemes

o RSA (Rivest Shamir Adleman)

o Example of RSA Algorithm

o The RSA Signature Scheme

o Possible Attack on RSA Signatures: Integer Factorization

o RSA Attacks

o RSA Challenge

o Elliptic Curve Cryptography (ECC)

o ECC and RSA Key Comparison

o Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS Systems

Digital Signature

o Digital Signature Algorithm Validation System (DSAVS)

o Digital Signature Assurance Methodology

o Digital Signature Assurance Reference Model

o Digital Signed Record

o Entrust: Securing Digital Identities and Information

o Attacks on Digital Signatures

Meet-in-the-Middle Attack
Rabin Public-key Signature Scheme
Algebraic Attacks on the Crypto-1 Stream Cipher in MiFare

o Message Digest Functions

o One-way Bash Functions

o MD5

o MD5: Timeline

o SHA (Secure Hash Algorithm)

o distributed.net

o Server-Gated Cryptography (SGC)

Encryption

o SSL (Secure Sockets Layer)

o Secure Shell (SSH)

o Disk Encryption

o Encryption-Breaking Initiatives

§ Cryptographic Attacks

o Brute-Force Attack

o Code Breaking: Methodologies

o Cryptography Attacks

o The Full Cost of Cryptanalytic Attacks

o Types of Attacks on Signature Schemes

o Magic Lantern

o WEPCrack: Screenshot

o Cracking S/MIME Encryption Using Idle CPU Time

o Attacking and defending the McEliece cryptosystem

Cryptographic Tools

o PGP

o Cryptomathic Authenticator

o Cryptographic Algorithm Validation Program (CAVP)

o Cryptographic Module Testing

o Cleversafe Grid Builder

o PGP (Pretty Good Privacy)

o CypherCalc

o Command Line Scriptor

o CryptoHeaven

Microsoft Cryptography Tools

Page Options