capstone presentation ethical hacking labs msisa program – dan garfield
TRANSCRIPT
Capstone PresentationEthical Hacking Labs
MSISA Program – Dan Garfield
Overview
• About Dan Garfield The Earlier Days The Latter Days Training Clients Certifications Consulting Clients
• About the Project Background of the Project Tools of the Trade Hacking Lab Exercises The Need for New Exercises Near Term Expansion Plans Lab Development Process Source of Lab Tools Lab Environment Course Delivery Package
About Dan Garfield
The Earlier Days
• Invented ground breaking synchronization technology for music applications Patented technology Designed and marketed 22 related products
between 1982 and 1988 Touring musician, synthesist, and technologist
between 1987 and 1997
The Latter Days
• Entered information technology field in 1997 Director of Networks 1999 – 2000 at The
Renaissance Center outside of Nashville, TN IT infrastructure and security training and
consulting 2000 to present Current course deliveries include CISSP, CEH,
SCNP, Cisco firewalls, and all courses in the Cisco CCNA and CCNP programs
National and international course deliveries include US, Canada, Mexico, Germany, England, Italy, and Turkey
Training ClientsUniversity College – London, UKUniversity of Leeds – Leeds, UKUniversity of Miami – Miami, FLUniversity of Idaho – Moscow, IDUniversity of Texas – Houston, TXSt Edwards University – Austin, TXUniversity of Texas Pan America – Edinburg, TXLakehead University – Thunder Bay, ON, Canada University of Alberta – Edmonton, AB, CanadaLethbridge College – Lethbridge, AB, CanadaUniversity of Toronto – Toronto, ON, CanadaTexas A&M University – Bryan, TXUniversity of British Columbia – Vancouver, BC, CanadaUniversity of Ohio Corporate Education Center –
Columbus, OH
Vigilar – Atlanta, GAThe Training Camp – Poconos, WVIntense School – Ft Lauderdale, FLNew Horizons – various locationsAscolta – Glendale, CAGlobal Knowledge – various locationsElement K – various locationsGeek Cruises – Caribbean cruise ship course delivery
JP Morgan/Chase headquarters – NYCWells Fargo – San Francisco, CACharles Schwab – San Francisco, CAMetavante – Milwaukee, WIWachovia – Greenville, SC
Chrysler – Detroit, MIBilginc – Istanbul, TurkeyWalMart headquarters – Bentonville, ARNeil Corporation – Hammond, LACache Creek Casino – Brooks, CA
Fort Pendleton – Calabasas, CAQuantico Marine Corp Base – Quantico, VAMarine Corp Base – Kaneohe, HIBeale Air Force Base – CAUS Rangers – Fort Benning, GAUS Naval Station – Norfolk, VAUS Army, Fort Dix – New Hanover, NJUS Air Force Academy – Colorado Springs, CO
NASA – Stennis Space Center, MSLockheed Martin – Herndon, VaGeneral Dynamics – Scottsdale, AZAllen-Bradley – San Diego, CA Jacobs Corp – Huntsville, AL
Dade County IT – Miami, FLNew Orleans IT – New Orleans, LACounty power company – Spokane, WA Michigan state government – Lansing, MIRochester School District – Rochester, NYUnited Nations – Brindisi, ItalyCACI – Washington, DC Department of Justice, US Marshals Service –
Greensboro, NC
Certifications
Certified Ethical Hacker (CEH)
EC Council Security Analyst (ECSA)
Computer Hacking Forensic Investigator (CHFI)
Certified Wireless Security Professional (CWSP)
EC Council Disaster Recovery Professional (EDRP)
GIAC Certified ISO-17799 Specialist (G7799)
Certified Information Systems Security Professional (CISSP)
Cisco Certified Network Professional (CCNP)
Certified Penetration Testing Engineer (CPTE)
Certified Digital Forensics Examiner (CDFE)
Security Certified Network Professional (SCNP)
Certified HIPAA Professional (CHP)
Certified HIPAA Security Specialist (CHSS)
Microsoft Certified Systems Engineer (MCSE)
Certified Technical Trainer (CTT+)
CompTIA: Hardware (A+)
CompTIA: Networking (Network+)
CompTIA: Project Management (Project+)
Sun Certified Java Associate (SCJA)
CIW Site Designer (CIWSD)
CIW Database Specialist (CIWDS)
INFOSEC Professional
Consulting ClientsPresidio Financial (portfolio management) - San Francisco, CA Parental Stress Services (social services) - Oakland, CA Cache Creek Casino (gaming) - Brooks, CAMurphy Pearson Brown & Feeney (law firm) - San Francisco, CAApplied Biosystems (biotechnology) - Foster City, CAKLA-Tencor (semiconductor yield specialists) - Milpitas, CAAlameda Community College District (education) - Oakland, CANorthwest Open Access Network, NOANET (regional ISP) - Portland, ORBerkeley Public Library (community services) - Berkeley, CA King County (government) - Seattle, WAModesto Irrigation District, Modesto CA (public utilities)ArthroCare, (health care industry) - Sunnyvale, CA Fibrogen (biotechnology) - South San Francisco, CA Funtigo (media sharing service) - San Francisco, CA Embarcadero Systems Corp (transportation supply chain management) -
Alameda, CA
About the Project
Background of the Project
• The need for information systems security Pervasive reliance upon critical systems
demands protection of these systems Vulnerability assessment, penetration testing,
and remediation of weaknesses comprise an important aspect of information security
• It takes one to know one The ethical hacker defends information
systems by understanding and applying the same tools and techniques used by system attackers to discover exploitable vulnerabilities
Tools of the Trade• Historical exploits
Found in typical instructional materials and courses
Useful for illustrating concepts in a training environment
• Cutting edge exploits What the professionals are actually using Rarely exposed in traditional training
• Defense and attack perspectives differ Detailed attack knowledge requirement is less Hardening systems is often more procedural
than technical
Hacking Lab Exercises
• An essential adjunct to training lectures• Tool categories include
footprinting scanning enumeration system hacking trojans sniffers password crackers vulnerability scanners
The Need for New Exercises• Labs provided with some ethical hacking
courses can be inadequate Insufficient testing prior to publication Outdated tools Vague instructions
• Attack target variety Older unpatched operating system targets are
useful for demonstrating concepts Students are usually interested in seeing
exploits against more recent operating systems, such as Server 2008 and Windows 7
Near Term Expansion Plans• Current lab set will be expanded to include
Hydra password cracker Nessus vulnerability scanner More variety of use for netcat and hping Deeper exploration of Backtrack tools Cutting edge use of the Metasploit project
• Metasploit autopwn Automates use of all exploits against a target
• Backtrack fast track Automates already automated Metasploit
autopwn to the level of point and click – extremely powerful
Lab Development Process
• Ethical hacking lab development based on Extensive reading about the subject Seven years course delivery experience Testing each lab step-by-step to ensure accuracy Student knowledge contributions
• classes comprised of students with varying backgrounds, skill levels, and areas of expertise
• every course delivery yields new knowledge for the instructor
Source of Lab Tools• Most freely available from the internet• Vendor demo versions good for duration of the
class• Built into operating systems• From operating system resource kits• Dozens of hacking tools pre-installed on
Backtrack The Backtrack project is a bootable Linux-based
OS that can be launched from • CD-ROM• VMware virtual machine
Lab Environment• Operating systems based in preconfigured
VMware virtual machines automatically adapt to available PC hardware VMware allows multiple operating systems to
exist simultaneously on a single PC Some course deliveries require students to bring
their own laptop PC loaded with VMware• VMware virtual machines and lab tools loaded onsite• Reduces training space expense and setup time
Current operating systems include Windows 2000, Windows Server 2003, XP Professional, and Backtrack
Course Delivery Package
• Textbook a variety of vendor courseware or
commercial texts can be used
• Lab tools CD-ROM includes all tools used in the lab exercises organized to match flow of the course can be installed to PCs ahead of class by
training center or on first day of class
• Outline of PowerPoint presentation PDF file providing the presentation in
outline form
Course Delivery Package• Provision of VMware VMs
Can be installed ahead of class by the training center
Can also be installed on first day of class when students bring their own laptops
• Lab exercise manual Presently includes over 100 lab exercises Each exercise includes an introductory
paragraph explaining application of the tool Content evolves over time as better tools and
techniques supplant older material
About the MSISA Program
• Bachelors program was mostly a review of topics studied ten years ago.
• Masters program has been a perfect fit with information security areas already in practice.
• Ethical hacking and computer forensics were already known and essentially comprised a review.
About the MSISA Program
• ISO 27001/27002 information security management system information was new and has been integrated into my classes.
• Wireless security coverage greatly expanded my depth of knowledge in that arena and is used to extend ethical hacking and CISSP course deliveries.
About the MSISA Program
• Cyberlaw brought much greater depth to my knowledge of the subject, which was mostly related to previous deliveries of CISSP.
• Leadership and Professionalism studies were new to me and have provided great objective insight into the dynamics of people management.
• The Critical Thinking component of the bachelors program at WGU also provided new information that has been an integrated part of my thought processes ever since.
About the MSISA Program
• My overall perspective on system security has been widened as a result of the WGU masters program in information security and assurance.
• The information gained from the program has ongoing application in the security and infrastructure training courses that I deliver as well as in thinking the big picture in consulting projects.
Discussion