Note: Learning about ethical hacking for perimeter defenses is part of the Evading IDS, Firewalls, and Honeypots competency from the Certified Ethical Hacker (CEH) body of knowledge.
- Understanding firewalls
- Applying the basics of the Windows Firewall
- Using advanced features in the Windows Firewall
- Reviewing firewall logs
- Understanding Linux iptables
- Setting up an iptables firewall
- Managing rules with Firewall Builder
- Setting up a Cisco PIX firewall
- Creating a secure enclave
- Installing GNS3
- Understanding web application firewalls
- Protecting API services with the WSO2 gateway
- Running the Cowrie honeypot
- Detecting intrusions with Security Onion
Skill Level Intermediate
- I'm Malcolm Shore, and in my career helping advise on and deliver security for governments and businesses, I've seen many examples of weak external and internal perimeter protection. In this course, I'll explain the technology used for perimeter defense, the risks when deploying technology at the perimeter, and the tools available to test perimeter defenses. I'll cover the major devices that are present on corporate perimeters. These include firewalls and honeypots. I'll start by explaining the basics of firewall technology and then demonstrate the two main operating system firewalls.
I'll take a look at web application firewalls and API Gateway Threat Mitigation solutions. We'll learn about the Cowrie Honeypot, and we'll learn how operational security teams use Security Onion for intrusion detection and alerting. When you've finished this course, you'll be well-prepared to take your first steps into testing client defenses. Now, let's get started with Perimeter Defenses.