CONTENTS

• Access Control & OS
  1. Tutorial Overview
  2. Windows Lab Procedures
  3. Unix 's File System
  5. SOLARIS
  6. SOLARIS Lab Procedures
• Apache SSL
  1. Tutorial Overview
  2. Installing Components
  3. Creating a Certificate
  4. Configuring Apache SSL
• Authenticode
  1. Tutorial Overview
  2. Installing .NET Framework SDK
  3. Signing a File
  4. Verifying a Signature
• Common Criteria Methodology
  1. Tutorial Overview
  2. General Evaluation Guidelines
  3. Evaluation of Functional Requirements TOE
  4. Questions
  5. References
• Cryptography with C#
  1. Tutorial Overview
  2. C# .NET Framework Examples
  3. Message Authentication
  4. Digital Signatures
  5. Exercises
  6. Resources
• Cryptographic Libraries
  1. Tutorial Overview
  2. OpnelSSL's Toolkit
  3. Java Cryptography Extension
  4. Exercises
  5. Resources
• Firewall Access Control Lists
  1. Tutorial Overview
  2. Technical Details
  3. Telnet and FTP
  4. Lab Report
• Firewall Configurations & Attacks
  1. Tutorial Overview
  2. Attacking Without a Firewall
  3. Filter an IP Address
  4. Filter TCP Traffic
  5. Misconfigured Firewall Examples
  6. Exercises
• Forensics
  1. Tutorial Overview
  2. Exercises
  3. Hidden Data
  4. Steganography
  5. Viewing IE Cache
  6. Installation Instructions
• IIS & Server 2003
  1. Tutorial Overview
  2. Installing Components
  3. Create a Certificate Request
  4. Submit a Certificate Request
  5. Installing a Certificate
  6. Secure Certificate Services
  7. Secure the Server
  8. Secure IIS
• IPSec and VPN Tunnel
  1. Tutorial Overview
  2. Technical Details
  3. VPN Tunnel Parameters
  4. Lab Report
• Java Code Signing
  1. Tutorial Overview
  2. Installing Java & Signing a File
  3. Verifying a Signature
• Network Protocol Analyzers
  1. Tutorial Overview
  2. TCPDump
  3. Ethereal
  4. Sniffer Distributed System
  5. Telnet Session
• PKI
  1. Tutorial Overview
  2. Installing Thunderbird
  3. Installing GPG and Enigmail
  4. Create and Use Key Pairs
• Secure Cookies
  1. Tutorial Overview
  2. Installing Components
  3. Creating a Secure Cookie
• Three Tier

Exercises.  You can do the following exercises either in laboratory in the Windows 2000 Professional machines, or re-create the exercise environment in any other Windows 2000 environment of your choice. Instructions are provided in Part IV: Appendix.

1.  Port Redirection .  The purpose of this lab is to demonstrate how an attacker could exploit a machine and obtain access to a server with a filtered port by piping another unfiltered port. Because of sophisticated Trojans, it could be hard for a virus detection program to detect the problem. Because of that, a port scanner/listener must be used to determine if/what ports are actively carrying traffic.

2.  Scenario.  Imagine that an IT department has an FTP server on an IBM server that they use to share source code between other departments within the organization in various locations throughout the US on the same LAN/WAN. By default, the information security department blocks certain known ports from being exposed to the internet through a firewall. Some of these ports include the well known 21, 23, 80, 8080, etc.

A user logs onto this IBM server with Windows 2000 through Windows Remote Desktop Connection and accidentally downloads a Trojan that is meant to get access to and FTP server. However, if port 21 is blocked through the Firewall, how could the attacker connect to the FTP server? There is a very simple technique known as port redirection. Port redirection is a sophisticated way of bypassing port filtering, firewalls, and IPSEC.

1.  Login to a Windows machine in the lab.

a.  Username: Administrator

b.  Password: (no password)

2.  Get the FTP server running

a.  Double Click the link “Start FTP Server” to open the FTP Server configuration tool.

b.  Click the START button on the top left of the FTP Server configuration panel.

3.  Confirm that the FTP server is running on port 21.

a.  Double Click the link “View Ports” to run a windows terminal showing the various ports being used.

b.  Which port is the FTP Server running on?

c.  Do not close the terminal. This terminal will be referred to later as “FPORT terminal.”

4.  Redirect the network traffic on port 21 to port 30 (or any arbitrary port number).

a.  Double Click on the link “Redirect FTP port to 30” to open a windows terminal.

b.  Enter command: ipconfig

c.  What is the IP address of the computer?

d.  Enter command: fpipe –l 30 –s 30 –r 21 –v <ip-address>

e.  Do not close the terminal. This terminal will be referred to later as “FPIPE terminal.” f. 

f.  Check the FPORT terminal by entering command: fport

g.  What port is the executable “fpipe” running on?

5.   Start a ftp-client session and connect to the server (Assume that port 21 is blocked)

a.  Click on Start in the Windows machine and then Run. Type cmd and Enter key. Now you have a new Windows terminal.

b.  At the prompt enter command: ftp

c.  If you are connected, check the FPIPE terminal. What is the response.

d.  Enter command: open

e.  At the “to” prompt, type: <ip-address>30

f.  At the “username” prompt, enter: anonymous

g.  At the “password” prompt, enter: (no password, just press Enter)

h.  Type command: dir

i.  Check the FPIPE terminal. What is the response?

6.   What sort of security problems can occur due to port redirection?

7.  Can port redirection be used for any useful purpose?

8.  Close all open windows.

Browse Pages << | < | 1 2 3 4 5 6 | > | >>