Detailed syllabus:
List of experiments to be conducted in lab:
1. Perform Port scanning with NMAP
2. Perform an experiment on active and passive fingerprinting using XPROBE2 and NMAP.
3. Demonstrate how to provide secure data storage, secure data transmission and for creating digital signatures (GnuPG).
4. Perform an experiment to demonstrate how to sniff for router traffic using WIRESHARK.
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options.
7. Network enumeration through port scanning, SYN flooding
8. Intrusion detection using SNORT IDS
9. Find vulnerabilities of target system through Nessus vulnerability Scanner
10. Perform anonymity through e-mail spoofing and bombing using PHP. Subsequently detect these attacks through analyzing the e-mail header.
11. Generating password hashes using OpenSSL
12. Develop secure coding practices to handle Code Injection Vulnerabilities such as SQL Injection, PHP Injection and Command Injection

Monitor and evaluate audit logs and set administrative alerts

Detect, identify, resolve and document network intrusions

Able to detect privilege escalation, remote control, keyloggers, rootkits

Deploy, implement and test IDS security plan.
• Identify which TCP and UDP services are running, listening, or established on the network (port scan)
• Able to create IDS sensors and attach them to network (snort)

Rafeeq Rehman, Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID, Prentice Hall

Jack Koziol, Intrusion Detection with Snort, SAMS Publishing

Laura Chappell, Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide, Laura Chappell University