Ethical Hacking: Evading IDS, Firewalls, and Honeypots

- [Malcolm] As a penetration tester, one of your tasks is finding and demonstrating attack vectors. While the major exposure for many businesses is their website and more recently their smartphone-based business systems, there's still a significant risk of direct exposure of systems on the perimeter and internally at network boundaries. This risk will often occur as a result of firewall rules which have been left in after testing or disabled for operational reasons. These are rarely well-considered decisions and they occur far too frequently. I'm Malcolm Shore, and in my career helping advise on and deliver security for governments and businesses, I've seen many examples of weak external and internal perimeter protection. In this course, I'll cover the major devices that are present on corporate perimeters, firewalls, intrusion detection systems, and honeypots. I'll start by explaining the basics of firewall technology and then demonstrate the two main operating system firewalls. We'll then look at Cisco hardware firewall and a firewall we can run in the GNS3 network simulator. I'll take an initial look at web application firewalls and API gateway threat mitigation solutions. We'll then learn about the Cowrie honeypot and how operational security teams use Security Onion for intrusion detection and alerting. If you're keen to learn more about testing the perimeter, then do join me in my LinkedIn Learning Perimeter Defenses course.