Know Your Enemy

a hacker´s approach

Duration: 3 Days

Requirements: Basic network know-how

Description:

Well founded knowledge about motivation & methods of potential hackers is absolutely mandatory to be able to run a secure network.
This seminar shows you how to learn from hackers and to develop new defense-strategies.
This is the only way to your implement sufficient and up to date protection-measures in your individual environment. Digital forensic helps you to identify attackers. Honeypots and log analysis are used to achieve the necessary know-how.

Content:

  • The concept of: "Know Your Enemy"
  • Potential antagonists
  • Attacking tools
  • Rootkits and other traces
  • Practice an Attack
  • Building of a „real“ Honeypots: installation, configuration, additional tools (keylogger), Open Source Tools (honeyd), commercial Software (Specter, Manhunt)
  • DMZ design for Honeypots incl. Firewall- & Router rules.
  • Logging and auditing concepts
  • Logfileanalysis: manual analysis, commercial tools, Open Source tools Open Source tools for logfile analysis (logsurfer)
  • Archiving logfiles: legal requirements and Best Practices
  • Forensic Analysis: basics, tools (Open Source and commercial products)
  • Practicing Forensic Analysis

Maximum number of participants: 8

Current workshops
on request

TROOPERS11 - March 2011
TROOPERS11 takes place from 14-18. March 2011 at Heidelberg. Mark your calendars now and sign up for the official TROOPERS newsletter to stay up-to-date. [More]
Security Testing
Testing IT security is one of the core competences of ERNW. Many of our customers get their IT infrastructure and (Web) applications checked on a regular basis. This may either be done on a very technical level in terms of penetration testing or in a more formal way in terms of general security audits, during which we verify the IT Security Compliance of your company compared to best practices according to ISO17799/ISO27001 ... [More]
Research & Technology-Evaluation
Research is the foundation of our Know-How leadership. The objections of this work is to unveil security flaws and vulnerabilities in protocols, technologies and products. Some findings derive from design-flaws, some from poor implementation on a technical level.... [More]