Ethical Hacking: Evading IDS, Firewalls, and Honeypots

Take your first steps into testing client defenses. Learn about firewalls, network simulation using GNS3, special-purpose perimeter devices, and intrusion response techniques.

Introduction

• Finding weaknesses in the perimeter
• What you should know
• Course disclaimer

1. Firewalls

• Understanding Firewalls
• Apply the basics of the Windows firewall
• Use advanced features in the Windows Firewall
• Review firewall logs
• Understand Linux IPTables
• Set up an IPTables firewall
• Manage rules with Firewall Builder
• Port testing

2. Hardware Firewalls

• Set up a Cisco PIX firewall
• Create a secure enclave

3. Network Simulation Using GNS3

• Install GNS3
• Obtain network device images
• Set up a network
• Simulate the ASA firewall
• Integrate Kali into GNS3

4. Special Purpose Perimeter Devices

• Understand Web Application Firewalls
• Protect API services with the WSO2 gateway
• Understand honeypots
• Run the Cowrie honeypot

5. Protection from Intrusion

• Intrusion response techniques
• xListing sites
• Snort rules
• Detect intrusions with Security Onion
• Extend IDS with reputation
• EINSTEIN

6. Evasion Techniques

• Evading antivirus detection
• Exotic scanning with Nmap
• Obfuscating payloads with msfvenom
• Hiding payloads in benign files
• Custom packaging of software
• Fileless attacks with PowerShell
• Hiding with the cloak of invisibility
• Embedding malware in an alternate data stream
• Tunneling through DNS with iodine
• Checking for oversight

Conclusion

• Next steps