COMP08146 2018 Infrastructure Security Testing

General Details

Full Title
Infrastructure Security Testing
Transcript Title
Infrastructure Security Testin
Code
COMP08146
Attendance
N/A %
Subject Area
COMP - Computing
Department
COEL - Computing & Electronic Eng
Level
08 - NFQ Level 8
Credit
05 - 05 Credits
Duration
Semester
Fee
Start Term
2018 - Full Academic Year 2018-19
End Term
9999 - The End of Time
Author(s)
Diane O'Brien, John Weir, Shaun McBrearty
Programme Membership
SG_KNCLD_K08 201800 Level 8 Honours Degree Add-on in Computing in Computer Networks and Cloud Infrastructure SG_KCNCI_K08 201800 Bachelor of Science (Honours) in Computing in Computer Networks and Cloud Infrastructure SG_KSECU_E08 201800 Certificate in Secure IT and Deep/Machine Learning SG_KNCLD_E08 201900 Certificate in Computing in Computer Networks and Cloud Infrastructure SG_KCMPU_H08 201900 Bachelor of Science (Honours) in Computing SG_KNCLD_H08 201900 Bachelor of Science (Honours) in Computing in Computer Networks and Cloud Infrastructure
Description

The aim of this module is to provide learners with the skills to simulate malicious attacks against network infrastructure from a black-hat hacker perspective using industry standard ethical-hacking tools.

Learning Outcomes

On completion of this module the learner will/should be able to;

1.

Ascertain the structure and configuration of a local area network (LAN) using network mapping tools.

2.

Simulate attacks on network infrastructure from a black-hat hacker perspective using industry standard ethical hacking tools.

3.

Evaluate automated testing tool results with respect to business impact and false positives.

4.

Compose Exploits and Countermeasures in response to Vulnerabilities identified.

Teaching and Learning Strategies

Delivery of the module will comprise a one-hour lecture and a two-hour practical session.

The one-hour lecture will be used to introduce key concepts concepts relating to penetration testing of computer infrastructure. These concepts will later be applied practically in the subsequent two-hour practical session.

Additionally, flipped-learning and inquiry based learning will be used where appropriate.

Module Assessment Strategies

Continuous Assessment for the module comprises two in-class assessments. The first assessment is focussed on hacking server/desktop infrastructure, while the second assessment is focussed on hacking network infrastructure (Routers, Switches, Firewalls, etc.).

Repeat Assessments

Repeat exam and/or Continuous Assessment.

Indicative Syllabus

1) Ascertain the structure and configuration of a local area network (LAN) using network mapping tools.

  • Utilise Industry Standard Network Mapping Tools.
  • Documenting Findings.
  • Countermeasures.

2) Simulate attacks on network infrastructure from a black-hathacker perspective using industry standard ethical hacking tools.

  • Obtaining Authorisation to Test.
  • Specifying Scope of Activities.
  • Hacking Windows (Desktop OS/Server OS)
  • Hacking UNIX/Linux (Desktop OS/Server OS)
  • Hacking Remote Connectivity/VOIP.
  • Hacking Network Infrastructure (Routers, Switches, Wireless Access Points).
  • Physical Device Security.
  • Unauthenticated Attacks.
  • Authenticated Attacks.
  • Privilege Escalation.
  • Documenting Findings.

3) Evaluate automated testing tool results with respect to business impact and false positives.

  • Utilise Industry Standard Ethical Hacking/Penetration Testing Tools.
  • Risk Analysis and Prioritisation.
  • Identification of False Positives.

4) Compose Exploits and Countermeasures in response to Vulnerabilities identified.

  • Utilise Industry Standard Exploit Framework.
  • Evaluate Potential Countermeasures.

Coursework & Assessment Breakdown

End of Semester / Year Formal Exam
100 %

Coursework Assessment

Title Type Form Percent Week Learning Outcomes Assessed
1 Server/Desktop Infrastructure Hacking Continuous Assessment Assessment 30 % Week 6 1,2,3,4
2 Network Infrastructure Hacking Continuous Assessment Assessment 20 % Week 11 1,2,3,4
             

End of Semester / Year Assessment

Title Type Form Percent Week Learning Outcomes Assessed
1 Final Exam Final Exam Closed Book Exam 50 % End of Semester 1,2,3,4
             
             

Full Time Mode Workload


Type Location Description Hours Frequency Avg Workload
Lecture Computer Laboratory Lecture 1 Weekly 1.00
Laboratory Practical Computer Laboratory Practical 2 Weekly 2.00
Independent Learning Not Specified Independent Learning 4 Weekly 4.00
Total Full Time Average Weekly Learner Contact Time 3.00 Hours

Online Learning Mode Workload


Type Location Description Hours Frequency Avg Workload
Online Lecture Distance Learning Suite Lecture 1.5 Weekly 1.50
Directed Learning Not Specified Directed Learning 1.12 Weekly 1.12
Independent Learning Not Specified Independent 4.5 Weekly 4.50
Total Online Learning Average Weekly Learner Contact Time 2.62 Hours

Required & Recommended Book List

Recommended Reading
2015-01-09 Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition McGraw-Hill Education

Cutting-edge techniques for finding and fixing critical security flaws

Fortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 12 new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Fourth Edition explains the enemys current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-deploy testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, and cyber law are thoroughly covered in this state-of-the-art resource.

  • Build and launch spoofing exploits with Ettercap and Evilgrade
  • Induce error conditions and crash software using fuzzers
  • Hack Cisco routers, switches, and network hardware
  • Use advanced reverse engineering to exploit Windows and Linux software
  • Bypass Windows Access Control and memory protection schemes
  • Scan for flaws in Web applications using Fiddler and the x5 plugin
  • Learn the use-after-free technique used in recent zero days
  • Bypass Web authentication via MySQL type conversion and MD5 injection attacks
  • Inject your shellcode into a browser's memory using the latest Heap Spray techniques
  • Hijack Web browsers with Metasploit and the BeEF Injection Framework
  • Neutralize ransomware before it takes control of your desktop
  • Dissect Android malware with JEB and DAD decompilers
  • Find one-day vulnerabilities with binary diffing

Recommended Reading
2012-07-23 Hacking Exposed 7: Network Security Secrets and Solutions McGraw-Hill Education

The latest tactics for thwarting digital attacks

Our new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hackers mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats. --Brett Wahlin, CSO, Sony Network Entertainment

Stop taking punches--lets change the game; its time for a paradigm shift in the way we secure our networks, and Hacking Exposed 7 is the playbook for bringing pain to our adversaries. --Shawn Henry, former Executive Assistant Director, FBI

Bolster your systems security and defeat the tools and tactics of cyber-criminals with expert advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hackers latest devious methods and illustrate field-tested remedies. Find out how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, and fortify UNIX networks. Hacking Exposed 7: Network Security Secrets & Solutions contains all-new visual maps and a comprehensive countermeasures cookbook.

  • Obstruct APTs and web-based meta-exploits
  • Defend against UNIX-based root access and buffer overflow hacks
  • Block SQL injection, spear phishing, and embedded-code attacks
  • Detect and terminate rootkits, Trojans, bots, worms, and malware
  • Lock down remote access using smartcards and hardware tokens
  • Protect 802.11 WLANs with multilayered encryption and gateways
  • Plug holes in VoIP, social networking, cloud, and Web 2.0 services
  • Learn about the latest iPhone and Android attacks and how to protect yourself

Recommended Reading
2016-12-08 Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking Syngress

Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking provides readers with a deeper understanding of the hacking threats that exist with mobile phones, laptops, routers, and navigation systems. In addition, applications for Bluetooth and near field communication (NFC) technology continue to multiply, with athletic shoes, heart rate monitors, fitness sensors, cameras, printers, headsets, fitness trackers, household appliances, and the number and types of wireless devices all continuing to increase dramatically.

The book demonstrates a variety of ways that these vulnerabilities can beand have beenexploited, and how the unfortunate consequences of such exploitations can be mitigated through the responsible use of technology.

  • Explains how the wireless access points in common, everyday devices can expose us to hacks and threats
  • Teaches how wireless access points can be hacked, also providing the techniques necessary to protect and defend data
  • Presents concrete examples and real-world guidance on how to protect against wireless access point attacks

Recommended Reading
2016-06-28 Kali Linux: Windows Penetration Testing Packt Publishing

Kali Linux: a complete pentesting toolkit facilitating smooth backtracking for working hackers

About This Book

  • Conduct network testing, surveillance, pen testing and forensics on MS Windows using Kali Linux
  • Footprint, monitor, and audit your network and investigate any ongoing infestations
  • Customize Kali Linux with this professional guide so it becomes your pen testing toolkit

Who This Book Is For

If you are a working ethical hacker who is looking to expand the offensive skillset with a thorough understanding of Kali Linux, then this is the book for you. Prior knowledge about Linux operating systems and the BASH terminal emulator along with Windows desktop and command line would be highly beneficial.

What You Will Learn

  • Set up Kali Linux for pen testing
  • Map and enumerate your Windows network
  • Exploit several common Windows network vulnerabilities
  • Attack and defeat password schemes on Windows
  • Debug and reverse-engineer Windows programs
  • Recover lost files, investigate successful hacks and discover hidden data in innocent-looking files
  • Catch and hold admin rights on the network, and maintain backdoors on the network after your initial testing is done

In Detail

Microsoft Windows is one of the two most common OS and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, forensics tools and not the OS.

This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. First, you are introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities to be able to exploit a system remotely. Next, you will prove that the vulnerabilities you have found are real and exploitable. You will learn to use tools in seven categories of exploitation tools. Further, you perform web access exploits using tools like websploit and more. Security is only as strong as the weakest link in the chain. Passwords are often that weak link. Thus, you learn about password attacks that can be used in concert with other approaches to break into and own a network. Moreover, you come to terms with network sniffing, which helps you understand which users are using services you can exploit, and IP spoofing, which can be used to poison a system's DNS cache. Once you gain access to a machine or network, maintaining access is important.

Thus, you not only learn penetrating in the machine you also learn Windows privileges escalations. With easy to follow step-by-step instructions and support images, you will be able to quickly pen test your system and network.

Style and approach

This book is a hands-on guide for Kali Linux pen testing. This book will provide all the practical knowledge needed to test your network's security using a proven hacker's methodology. The book uses easy-to-understand yet professional language for explaining concepts.

Module Resources

Journal Resources

---

URL Resources

---

Other Resources

---

Additional Information

---