Workshop's eBook: Inside IDS Systems with SNORT and OSSIM. Learn the principles of intrusion detection process, algorithms used in IDS
Install Snort by yourself and make sure of detecting basic attacks; configure and run open-source Snort and write Snort signatures; configure and run open-source Bro to provide a hybrid traffic analysis framework; use open-source traffic analysis tools to identify signs of an intrusion; write your own rule for detecting concrete signatures in network traffic in SnortIDS or SurricataIDS; test anomaly detection preprocessor for Snort – PHAD; install OSSIM (opensource SIEM) and setup it to collect events. Setup event correlation; write tcpdump filters to selectively examine a particular traffic trait; use the open-source network flow tool SiLK to find network behavior anomalies; use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire.Read More
Workshop's eBook: Exploiting VoIP Systems. Understand the Session Initiation Protocol and Real Time Protocol
Understand the Session Initiation Protocol and Real Time Protocol: This issue will introduce the VoIP world to the reader, with a particular focus on the network protocols used by VoIP systems and the security holes belonging to them. The reader will see both theoretical and practical aspects about VoIP attacks and relatives countermeasures. Several activities will be explained step by step in the following lessons. In particular, after this workshop the reader will be able to: setting up a Private Branch eXchange (PBX) – such as Asterisk – and softphones – such as ZoIPer and X-Lite -, in order to set up a basic VoIP telephone call between two end points; understanding the Session Initiation Protocol (SIP) and Real Time Protocol (RTP). These are the two main network protocol and they’re used by all VoIP systems; knowing about several VoIP attacks and performing some of that.Read More
Workshop's eBook: Journey In The World of The XSS. The mechanics behind Cross-Site Scripting vulnerabilities and attacks.
Dear PenTest Readers, Our special spring edition of PenTest Magazine consists of a compilation of our TOP blog-articles. The subjects …Read More