Take your first steps into testing client defenses. Learn about firewalls, network simulation using GNS3, special-purpose perimeter devices, and intrusion response techniques.
- [Malcolm] As a penetration tester, one of your tasks is finding and demonstrating attack vectors. While the major exposure for many businesses is their website and more recently their smartphone-based business systems, there's still a significant risk of direct exposure of systems on the perimeter and internally at network boundaries. This risk will often occur as a result of firewall rules which have been left in after testing or disabled for operational reasons. These are rarely well-considered decisions and they occur far too frequently. I'm Malcolm Shore, and in my career helping advise on and deliver security for governments and businesses, I've seen many examples of weak external and internal perimeter protection. In this course, I'll cover the major devices that are present on corporate perimeters, firewalls, intrusion detection systems, and honeypots. I'll start by explaining the basics of firewall technology and then demonstrate the two main operating system firewalls. We'll then look at Cisco hardware firewall and a firewall we can run in the GNS3 network simulator. I'll take an initial look at web application firewalls and API gateway threat mitigation solutions. We'll then learn about the Cowrie honeypot and how operational security teams use Security Onion for intrusion detection and alerting. If you're keen to learn more about testing the perimeter, then do join me in my LinkedIn Learning Perimeter Defenses course.
Note: The topics covered in this course are drawn from the Evading IDS, Firewalls, and Honeypots competency in the Certified Ethical Hacker (CEH) body of knowledge.
- Applying the basics of the Windows Firewall
- Using advanced features in the Windows Firewall
- Reviewing firewall logs
- Linux iptables
- Setting up an iptables firewall
- Managing rules with Firewall Builder
- Setting up a Cisco PIX firewall
- Installing GNS3
- How web application firewalls protect web servers
- Protecting API services with the WSO2 gateway
- Running the Cowrie honeypot
- Detecting intrusions with Security Onion