Threats - Network Vulnerabilities
The "Security+ Threats - Network Vulnerabilities" module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Network Footprinting, Packet Sniffing, MitM with ARP Spoofing, Denial of Service, Anti-Phishing Toolbar.
The Security+ Threats - Network Vulnerabilities module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Network Footprinting
- Packet Sniffing
- MitM with ARP Spoofing
- Denial of Service
- Anti-Phishing Toolbar
Exercise 1 - Network Footprinting
In this lab, you will practise attack strategies such as footprinting, spoofing, and Denial of Service.
A network scan is usually the first step in an attempt to penetrate security (or indeed to establish what needs defending). Footprinting establishes the topology and protocols deployed on the network while fingerprinting determines the services and other configuration details of a target host.
One of the most popular scanning tools in nmap. This is a command-line program operated using scripts. A GUI version (Zenmap) can perform several very useful pre-configured scans though.
Exercise 2 - Packet Sniffing
Another critical information gathering tool is a protocol analyzer. This tool captures unicast packets sent to the host and broadcast packets on the same subnet. The most widely used is WireShark, which is bundled with Kali Linux.
Exercise 3 - MitM with ARP Spoofing
As an attacker, you may be more interested in finding out what information a different host on the network is receiving and possibly to modify the transmissions between two hosts - a Man in the Middle (MitM) attack. Ettercap is one of the most widely used tools for launching MitM attacks. On a local network, one of the most powerful techniques is ARP spoofing.
Exercise 4 - Denial of Service
The last major class of attack is Denial of Service (DoS). There are any number of ways to prevent a server from responding to clients. We could have used Ettercap to simply discard any packets from client or server for instance.
Flood type attacks really depend on overwhelming the victim system with superior bandwidth, which itself depends on compromising thousands or even millions of "zombie" PCs in a "botnet". This exercise just illustrates how simple it is to craft the sort of malformed packets that can be used to try to flood a server.
Exercise 5 - Anti-Phishing Toolbar
In this exercise, you will learn the following in this course:
- Anti-Phishing Toolbar: Netcraft
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.