.

Course Review: Advanced Network Defense: ShowMeCon 2014

<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 622

Joined: Sat Apr 17, 2010 12:12 pm

Post Sat May 03, 2014 7:57 am

Course Review: Advanced Network Defense: ShowMeCon 2014

As you all maybe aware, I won a free seat in the ShowMeCon 2014 trainings and Security Conference. This is my first hacker con, and i'd like to thank the folks here at EthicalHacker.net and Hacker University who I believe are sponsor of the con.

The class I chose to take for the trainings was Advanced Network Defense. The course is taught by Kevin Cardwell, Lead Security Instructor with Secure Ninja, and a veteran security pro. (https://secureninja.com/team/kevin-cardwell.html) Because of work requirements, I did have to arrive late in the first day so I did miss some of the first day, but I still wanted to give a day-by-day review. I've also learned that we will be engaging in a CTF, which if i'm not mistaken, our portion will be the defense team... :-\

1st day is network defense basics, covered basic concepts risk, traditional security concepts and their effectiveness, policy. Good news is that there are some good labs throughout, and the level is appropriate for someone who is new to the field, I think introducing people to tools such as wireshark while using them for an appropriate purpose, like showing the weaknesses of clear text protocols like ftp, as well as mentioning why the traditional security model has weaknesses, but is not dead as some have stated.

A word of advice, when you show up to a training course, make sure you have a good base setup, for most courses you are going to want a pc with a virtualization platform (VMware, or alternative) and plenty of HDD space, and you figure you may want to have some OS's ready to go, but our instructor provided us some.

One thing to keep in mind here, at least for me, when it comes to administration of security fundamentals, some times you will not be in a position to write the security policy, or dictate the infrastructure. When you are working as an adviser, or an assessor, you have a position from which to make suggestions to improve security. When you are an employee in a network defense position, sometimes you can just make the suggestions which will fall on deaf ears. :)
sectestanalysis.blogspot.com/‎
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 622

Joined: Sat Apr 17, 2010 12:12 pm

Post Mon May 05, 2014 5:08 am

Re: Course Review: Advanced Network Defense: ShowMeCon 2014

Day 2 he showed us shodan and how we could see what available publicly. We also saw the different protocols that can be used for ping, traceroute and mentioned that if you can use http for protocols like that, you can bypass filters. We also did some hacking and vulnerability assessment labs to see how we were vulnerable, and to verify exploitability. One thing I liked was that the instructor would have us exploit it, then put in a countermeasure, and validate whether it was still possible to exploit it. Similar to the way things were done in the QEH class by Security University, for an obvious reason, he designed the course... :D

We also did a bit of vulnerability scanning and went into managing vulnerabilities using OVAL and CVSS, and crafting packets to end the day.


Day 3 we are doing labs. We start off the day with a router lab showing that by default a router can somewhat protect a network, and later we will show that when we put access lists on the router, and open holes, we increase our attack surface. We also talked about increasing the security of network devices and protocols, hardening windows and unix/linux. We talk a bit about Web site vulnerabilities, xss, web application firewalls, and more ways to implement secure network architecture. We also talked about host based security, and confirmed that pretty much, on the free side, there is not much out there except EMET, but EMET does alright, when it is deployed, and is told to protect your applications. But of course we are encouraged to test that... Actually the instructor played a video in which he did so, compromised a box using an ie based vulnerability, then turned on emet, and saw how emet handled it. I'm sure i'm missing quite a bit in my review but thats how it is. I wanted to provide a review of the course and overall I think it was good. I also am starting to think about the advanced training that the instructor is helping to design, surprise the EC-Council CAST. I didn't expect much, but it sounds like it will be significantly lab based, so I expect good things, whenever it launches.

I don't know if I will be providing a day-by-day analysis of the con as well as the training, but I will certainly probably drop a note in here, and answer any questions.
sectestanalysis.blogspot.com/‎
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 622

Joined: Sat Apr 17, 2010 12:12 pm

Post Tue May 06, 2014 3:17 pm

Re: Course Review: Advanced Network Defense: ShowMeCon 2014

Just a quick tidbit about the conference. It was pretty amazing. It was my first con, so walking around and talking to people, and realizing, Oh this guy is IronGeek, or this guy is a hacker for Hollywood, or whatever the case may be is pretty awesome.

Because of my work schedule I decided to only attend the first day of the con, but what a day. We started off by visting the numerous vendors who had raffles for prizes. Then we went into the con itself, starting off with a discussion of Hollywood, and how insecure it really is, also covering some interesting legal loopholes...

We then went into a presentation of getting data without penetration, what data is available online without hacking. Very good presentation.

Then there was a presentation that I think was about making weapons from items you could get through a security checkpoint... no comment, but it was only a demonstration of the mindset of a hacker, and a reminder to think outside the box. By this time I was trying my hand at the CTF. As expected, I did not perform too well, I do defense so offensive attacks are not what I know. But I did get into one of the network switches that I later found out we were not targeting... they probably should have specified what range was hackable...

Anyway, it identified a weakness, hopefully I can build up my lab in the coming weeks and juggle attack, defense, and school.

I'm a little burnt out right now, but I want to thank Don, and the folks at Perimeter Security/Hacker University again for this opportunity.
sectestanalysis.blogspot.com/‎

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software