The Ethical Hacker Network - CPTE Module 4: External/DMZ

Home

Calendar

Certifications

Latest Additions

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 39 guests and 2 members online

EH-Net Donations
Enter Amount: $

Google Ads

EH-Net News Feeds
Latest Additions

Book Recommendations

You are here: Home

Forum

Ethical Hacking Discussions and Related Certifications

Network Pen Testing

CPTE - Certified Pen Testing Expert

CPTE - Official Course Modules v1

CPTE Module 4: External/DMZ

Ethical Hacker Community Forums

December 01, 2008, 07:42:58 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/

Home

Help

Calendar

Ethical Hacker Community Forums > Ethical Hacking Discussions and Related Certifications > Network Pen Testing > CPTE - Certified Pen Testing Expert > CPTE - Official Course Modules v1 (Moderator: don) > CPTE Module 4: External/DMZ

Pages: [1] Go Down

« previous next »

	Author	Topic: CPTE Module 4: External/DMZ (Read 1448 times)
0 Members and 1 Guest are viewing this topic.

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 2380

Editor-In-Chief

CPTE Module 4: External/DMZ

« on: May 25, 2006, 11:13:25 AM »

The first point of contact with a target network will predominantly be through the De-Militarized Zone. This whole section is dedicated to the exploits that apply to this part of the Attack Surface. It is sub-sectioned into:

- DNS/Mail/Web/VPN Servers
- Database Mining-SQL Injection

Database Mining is the process of attacking a database server through the front end. In this section, we open up a network through a SQL server web interface running on a web server inside the DMZ.

Laboratory: Students will be thrust into an online banking environment and will successfully exploit the database front-end to bypass authorization, elevate account privileges, transfer money and manipulate cookies by employing an advanced ‘SQL Injection’ technique known as ‘Blind SQL Injection’. Other attack methods will include VPN IPSEC PSK cracking, circumventing DNS, Mail and Web servers using the latest techniques.

Source:
http://www.mile2.com/Certified_Pen_Testing_Expert_CPTE.html

Don


	Logged

CISSP, MCSE, CEH, Security+ SME

Pages: [1] Go Up

« previous next »

Jump to:

Page created in 0.04 seconds with 25 queries.

Sponsors

Polls

During the most recent election, I:

	Chose a paper ballot.
	Trusted the machines.
	Didn't care, just voted.
	Didn't have a choice. It was paper.
	Didn't have a choice. It was electronic.
	Didn't vote.

Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!

Recent Forum Topics

Other : LZMA Decompression Help (0) by blueback00
Programming : not static? (7) by RoNNie_13
Calendar Of Events : BOSS Conference 2009 (0) by don
Calendar Of Events : CSI SX 2009 (0) by don
Calendar Of Events : Security OPUS Spring 2009 (0) by don
Calendar Of Events : CanSecWest 2009 (0) by don
Calendar Of Events : Carolinacon 2009 (0) by don
Calendar Of Events : Black Hat USA 2009 (0) by don
Calendar Of Events : Black Hat Europe 2009 (0) by don
Calendar Of Events : Black Hat DC 2009 (0) by don
Calendar Of Events : Cyber Warfare 2009 (0) by don
Calendar Of Events : White Hat Ball 2009 (0) by don
Calendar Of Events : RSA Conference 2009 (0) by don
Calendar Of Events : SOURCE Boston 2009 (0) by don
Calendar Of Events : Notacon 6 (0) by don
Calendar Of Events : ShmooCon 2009 (0) by don
Calendar Of Events : SANS Pen Testing Summit 2009 (0) by don
Calendar Of Events : SANS 2009 (0) by don
Calendar Of Events : SANS Security West 2009 (0) by don
Calendar Of Events : SANS CDI 2008 (0) by don
Forensics : The Julie Amero Case: A Dangerous Farce (0) by don
Other : Early Details of Vista, Server 2008 SP2 Due in April (0) by don
Career Central : 7 Tips for Career Growth in Tight Times (0) by don
Other : Do we or Dont we... (7) by pseud0
Special Events : Pen Testing Perfect Storm Webcast Series: Part 2 - Teaser (6) by don
News from the Outside World : Would you trade your privacy for a smartphone? (5) by jason
Hardware : Key Duplication from Photos (5) by jason
Career Central : Confused about future (8) by Artful Dodger
Tools : Cain & Abel v4.9.24 Released (1) by RoleReversal
CEH - Certified Ethical Hacker : MSS from EC-Council? (13) by shednik
Book Reviews : Network Intrusion Alert (1) by don
Hardware : Lenovo Introduces Remote Disable Feature for Laptops (16) by jason
Wireless : Jamming by babycam (6) by jason
Other : What kind of lab, machines you have for your security testing? (6) by MadmanTM
Wireless : help wid wifi !!!! (1) by jason
Malware : Military Bans Removable Media (10) by ChrisG
Network Pen Testing : Metasploit Question (4) by ethicalhack3r
Other : SANS CDI (1) by jason
Hardware : Recommendations for IDS Hardware (1) by jason
News Items and General Discussion About EH-Net : Happy Turkey Day 2008 (5) by BillV

Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com

technorati fave

Privacy Notice
for TDCC & All Properties

Joomla! is Free Software released under the GNU/GPL License.

Support EH-Net by Buying all of your Amazon items using the search bar above. Try CBT Nuggets Free!

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.

Try CBT Nuggets Free!