Network Security Fundamentals

This page contains course information for students taking the Network Security Fundamentals course, offered in April, 2013 through Merit. This information will be available before and during the course.

This course is designed as a comprehensive learning experience to provide practical solutions for addressing network security issues. The focus will be on studying current attack methodologies, examining your network for vulnerabilities, presenting recommended solutions and best practices for mitigation, and assessing the landscape of available tools and methods used.

• Fundamental Tools
• Network Attacks: Threats and Countermeasures
• Password Strength & Cracking
• Viruses & Worms
• Firewalls & VPNs
• Intrusion Detection
• Network Scanning
• Linux Security & Logging
• Web Security: A Reconnaissance Tool

Course Materials

To Do Before Class

You'll minimize your distractions in class if you prepare your laptop as follows before class begins:

1. Download and install VMware Player, Server, or Fusion.
2. Download the Virtual Lab Environment, and boot it into VMware Player.

Virtual Lab Environment

You will need an IA32 compatible laptop running VMware Player, Server, or Fusion. Please follow the following steps to bring up your virtual lab:

1. Create a new directory for your virtual guest.
   
2. Download the following two files to your new directory (right-click on each and select "Save As"):
   • VLE64.vmx
   SHA1(VLE64.vmx)= 1f9f527ca734b46556948124e4218b05f23db0d8
   • VLE64.vmdk.gz (3 GB)
   SHA1(VLE64.vmdk.gz)= a343365bb636d033d73b93ac937617a3f884a04f


3. Check the hashes of the downloaded files against those shown in Step 2:
   sha1sum VLE64.vmx
   sha1sum VLE64.vmdk.gz
   (On Windows hosts, download the self-extracting File Checksum Integrity Verifier utility into the same directory where you downloaded the virtual guest files, and execute the self-extracting utility. Open a command shell, change to the directory where you downloaded the virtual guest files, and type:
   fciv -sha1 VLE64.vmx
   fciv -sha1 VLE64.vmdk.gz
   to compute the hashes.)


4. Expand VLE64.vmdk.gz using gunzip, included in most Linux, UNIX, and Mac OS X distributions (the expanded file will be about 6.4 GB in size):
   gunzip VLE64.vmdk.gz
   (On Windows hosts, download and install the 7-Zip file archiver utility. Once installed, right-click on the fc.vmdk.gz file and select 7-Zip | Extract Here.)


5. In VMware, open your virtual guest, browse to your new directory and boot the lab environment. If you are asked whether you moved or copied the environment, indicate you copied it. If you are asked if you want to update VMware Tools, you can safely decline.
   (On Windows hosts you can double-click on the VLE64.vmx file to boot the lab environment.)


6. Login to your virtual lab environment's lab account. You will be using this account throughout the course.


7. Change your environment's lab and root account passwords:
   sudo passwd root
   sudo passwd guest


8. Update your environment:
   sudo yum update

It's not necessary to keep your system updated for the purposes of the course, but it is a best security practice. Consequently, you should perform these updates when they won't interfere with your experiments. The first update will consume about 30 minutes or more of elapsed time, after which you should reboot, as it will have installed a new kernel.

For documentation on further configuration of your virtual lab environment, please see Virtual Lab Environment Hints and Tips.

Login and password information for the lab environment will be sent to you under separate cover.

The virtual lab environment has been modified specifically for this course. It may suffer several security vulnerabilities and may not kept up to date with respect to patches. It contains a host firewall configured not to allow most inbound connections as the only line of defense against attacks. While a necessary and valuable component of this course, the lab environment is not recommended for any other use.

More help