Internet Security & Firewalls

Course Objectives
The 'Internet Security & Firewalls' course focuses on major Internet security issues. It provides attendees with practical, hands-on experience of significant insecurities associated with Internet based systems as well as in-depth knowledge of how to reduce and manage the inherent insecurities.

By undertaking the course, attendees will learn how to:

# Detect Internet based attacks
# Apply vulnerabilty scanners
# Stop migrating worms and Trojan Horse infiltration
# Write safe Common Gateway Interface (CGI) scripts
# Use Secure Sockets Layer (SSL) encryption and authentication protocol
# Utilise digital certificates and Public Key Infrastructure (PKI) facilities
# Configure firewalls to provide solid defense against intrusions and attacks
# Develop security policies and procedures to achieve high level of protection

Who Should Attend

This training course is suitable for all who are interested in Internet security and related issues. It will be of special benefit to those who are either involved or are planning to get involved in deployment of Internet and Intranet based systems.

Assumed Knowledge

Course delegates should have experience in use of the Internet and World Wide Web.

Course Outline

1. Internet Technology Base

* Open System Interconnections
* TCP/IP Communications
* Multi-Tier Client-Server System Architectures
* Domain Name System (DNS) Addressing
* Intranet & Virtual Private Network (VPN) Interfacing
* Common Gateway Interface (CGI) Script Executions
* Web Based Dynamic Content Delivery

2. Prevailing Internet Insecurities

* Snooping
* Spoofing
* Denial-of-Service Attacks
* Buffer Overflows
* Eavesdropping
* Impersonation
* Data Tampering
* Password Cracking
* Backdoor Trojan Infiltration
* Migrating Worms & Viruses
* 'Cookies' & Privacy Implication
* Web Forms & Data Manipulation
* Dangerous Browser Helper Applications and Plug-Ins
* Hostile Web Page Active Contents: JavaScript, Java, ActiveX

3. Detecting Internet Attacks

* Port Scanning
* System Probing
* Anomalous Access Identification
* Paranoid Domain Name System Checking
* System Digital Fingerprinting
* Network Monitors
* Log File Analysis

4. Internet Security Procedures & Management

* Vulnerability Scanners
* Access Control - Authentication & Authorization
* Symmetric & Public-Key Encryption Usage
* Secure Sockets Layer (SSL) Protocol Application
* Public Key Infrastructure (PKI) - Certification Authorities and Trust Hierarchy
* Choosing & Deploying Digital Certificates for Secure Data Transactions
* Controlling Digitally Signed Software
* Role of Personal Certificates
* Setting Browser Security Controls
* Security Review
* Security Policies

5. Internet Firewall Protection

* Firewall Deployment
* Packet Filtering Routers
* Circuit Level Proxies
* Application Level Gateways
* Network Address Translation
* Stateful Inspection
* Content Filtering
* Firewall Tunnelling
* Firewall Configuration
* Developing & Testing Firewall Rule Base
* Firewall Administration

6. Internet Security Trends

* New Services
* New Hacker Tools
* Success Factors