Week 1 | Network Penetration Testing

{loadposition adposition4}


I am really excited to be teaching this class. For a long time, I wanted to learn about network penetration and recently I got the opportunity to learn more about it. I was absolutely amazed and scared at how effective exploits can be on insecure networks, computer systems, and software.

{loadposition adposition5}In this class we will learn how to secure computer networks and clients from attack by learning the tools and tactics employed by computer attackers. The purpose of penetration testing is to learn first hand the various types of exploits and attacks used by hackers by using those same exploits in a testing environment and applying defensive measures to secure the network and defend against those attacks.

I hope you have the same eye opening experience I had learning about penetration testing and the practice of computer exploitation.

Class Materials

In this class we will use a specially designed security distribution of Linux to learn about computer exploitation and defense. You will need to download the BackTrack 4 operating system which you can download at: http://www.backtrack-linux.org/downloads/  . You can download either an .iso file which you will need to burn as a disc image or you can download a VMware image of the operating system which you can install as a virtual machine through the VMware Player in Windows. If you decide to use the VMware image you will need to download the free version of VMware Player as well, you can download it here: http://downloads.vmware.com/d/info/desktop_downloads/vmware_player/3_0

You will also have access to the Sheridan College Security Lab where you can practice network penetration attacks and defense. The lab is available for online students through VPN access 

Class Schedule and Policies

This class is offered either as Self Directed Learning-SDL, or Online. SDL students are required to be in the Lab – GMB133, a minimum of 2.5 hours per week you will log your hours in the lab. Here are some important questions you will want answered:

  • When can I come to the Lab?{loadposition adposition6}
    I am in the GMB133 class/lab over 30 hours per week, for my exact lab times click on Lab/Classroom Hours.
  • Can I work in the Lab when you are not there?
    Yes, if the door is open you are welcome to come in and work. If the door is locked try coming into the lab through GMB130 the Flex Lab. The Flex Lab opens Mon-Sat at 9am and is open late Tuesday until 9pm.
  • Can I work with BackTrack in the lab?.
    Yes, we can install BackTrack on lab computers and we have a special testing environment to practice the security labs.
  • What if I am an online student, and I can’t work in the Sheridan College Security Lab?
    If you are an online student you will be able to work in the security lab by using a VPN connection to connect into the lab from home. 
  • When should I come to class (SDL students only)?
    Remember SDL students are required to be working in the lab 2.5 hours per week. It is up to you to decide exactly what your schedule will be. For this class, I will be giving specially designed presentations on Thursday nights from 6 to 9pm. You do not want to miss these presentations if at all possible. They will be run by me and Steve B.
  • How can I assure that I will be successful?
    The students that show up regularly, week by week, both online by logging in to DansCourses and in person by coming to the lab are the ones that will be successful. The class will not be finished unless you sit down and create a schedule of times that you will work on the class and its assignments.

  • Is there a syllabus?
    The syllabus outlines the course, please download it and save it for your records: To be posted …
  • How will I turn in assignments?
    All assignments will be turned in as email attachments todan.alberghetti@gmail.com  
    • How will I be graded?
      You will be graded on a point system based on weekly assignments and projects. 
    • I am really interested in obtaining a security certification what certification and further course of study do you recommend?
      I recommend the OSCP certification through Offensive Security the makers of BackTrack. The Pentesting with BackTrack Online is an excellent course of study for those interested in an in depth study of the topic. Go here for more information: http://www.offensive-security.com/information-security-certifications/

{loadposition adposition9}

Week 1 Overview

This week you will need to get set up with tools and resources that you will need in order to be successful.

Week 1 Assignment – Install and configure BackTrack4 and OpenVPN

  1.  Install BackTrack4 – As I outlined above you will need an install of BackTrack4 to make the class easier. It is possible to install all of the necessary tools that the BackTrack4 operating system offers into any distribution of Linux. However it would be easier to install BackTrack4 as a virtual machine in the VMware player or in VirtualBox. I myself have a laptop install of BackTrack4 and also a VM that I can use on my Windows 7 computer too.
  2. Verify and Configure OpenVPN – OpenVPN is installed by default in BackTrack4, however you will need to configure it in order to connect to the lab from home. I will send you a username and password as well as the OpenVPN configuration file settings.
  3. Install and Configure Various Services – We will be using various services during the class. You will need to install, configure and know how to start and stop these services. I will post further instructions related to this during the week.
  4. Remote into Your Practice Lab Victim/Client – Everyone in the class will be given access to a computer to use as a practice target for various exploits and attacks. I will be giving you the ip address, username and password of the client assigned to you.

This assignment is finished when you have emailed me screenshots that prove the steps above have been accomplished.

{loadposition adposition8}


Author: Dan

Dan teaches computer networking and security classes at Central Oregon Community College.

Leave a Reply

Your email address will not be published.