TCP/IP review
Brief overview of the relevant headers.
Hands on: Download software for course, use analyser to capture passwords on the wire.
Security review
Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response.
Hands on: Use a port scanning tool, use a “hacking” tool.
Firewalls
Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses.
Hands on: Set up a firewall and prevent attacks.
NAT
NAT and PAT, Why use NAT, NAT-ALG, RSIP.
Encryption
Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures.
Hands on: Run a password-cracking program.
Authentication
Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS.
Hands on: Using certificates.
VPNs and IPSec
Review of LAIT I routing, reading routing tables.
Hands on: Setting up a routed network.
Web client and server security
Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts.
Hands on: Browser security.
VPNs and IPSec
What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.