O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Learning Path: Network and Cloud Security

Video Description

Prerequisites: strong system administration experience and some familiarity with security

If you share resources across your network or the cloud, you need a firm grasp of all of the security implications. In this Learning Path, you'll get hands-on experience securing your infrastructure while learning about risk assessment and management, sensitive data, computer forensics, penetration testing, and much more. By the end of this course, you'll know how to secure your data and keep it that way.

Table of Contents

  1. Introduction
    1. Introduction 00:01:51
    2. What Will Be Covered 00:02:47
    3. What Is Linux 00:03:51
    4. Distributions 00:04:02
    5. Scratch Versus Binary 00:03:59
    6. Ubuntu Package Management 00:03:19
    7. RedHat Package Management 00:04:41
  2. Booting
    1. The Boot Process 00:03:44
    2. Physical Protections 00:03:28
    3. The Boot Manager - GRUB 00:05:56
    4. Protecting The Boot Manager 00:04:02
    5. xinetd 00:04:14
    6. Runlevels 00:04:33
    7. Setting Default Runlevels 00:04:38
    8. GRUB2 00:03:13
    9. LILO 00:04:50
  3. Services
    1. Service Management 00:02:53
    2. Service Management With RHEL7 00:03:36
    3. TCP Wrappers 00:02:34
    4. Listening Ports 00:05:41
    5. Standard Postfix Configuration 00:06:06
    6. Apache Configuration 00:07:03
    7. Hardening Apache 00:07:12
    8. Virtual Hosts In Apache 00:03:55
    9. DNSSec 00:06:16
    10. MySQL 00:05:13
    11. PostgreSQL 00:04:00
    12. Tomcat 00:05:35
    13. JBoss 00:02:50
    14. mod_security 00:07:04
    15. SSL-TLS And Apache 00:06:32
    16. SPF And Greylisting In Postfix 00:04:12
  4. Logging And Log Management
    1. Syslog 00:05:57
    2. Remote Logging 00:03:51
    3. Reading Log Files 00:05:47
    4. Logwatch 00:06:28
    5. Log Aggregation 00:04:42
    6. utmp And wtmp 00:03:42
  5. Intrusion Detection And Prevention
    1. Anti-Virus 00:03:43
    2. Tripwire 00:07:08
    3. Samhaim 00:03:13
    4. Prelude 00:03:37
    5. AIDE 00:03:39
    6. Snort 00:07:06
    7. Alerting With Snort 00:05:15
    8. Snort Console 00:03:54
    9. Reading Snort Traces With Wireshark 00:02:26
    10. RootKitHunter 00:03:35
  6. Users And Permissions
    1. etc-shadow And etc-passwd Files 00:07:05
    2. Creating Users 00:03:21
    3. Securing Passwords 00:03:28
    4. Cracking Passwords 00:03:19
    5. Alternate User Management 00:03:10
    6. AppArmor 00:03:05
    7. Unix Permissions 00:04:00
    8. SELinux 00:02:51
    9. Modifying SELinux Permissions 00:03:25
    10. Restoring SELinux Permissions 00:02:38
    11. PAM 00:03:15
  7. Utilities
    1. netstat 00:03:58
    2. Process Management – top And ps 00:05:17
    3. Process Management – kill 00:04:08
    4. nmap 00:05:31
    5. OpenVAS 00:05:19
    6. Nexpose 00:05:53
    7. Find 00:03:50
    8. tcpdump 00:04:19
    9. Wireshark 00:05:31
    10. lspci And lsusb 00:02:43
  8. Kernel
    1. Linux Kernel 00:04:31
    2. Kernel Modules 00:04:15
    3. Managing Kernel Parameters 00:03:54
    4. Kernel Builds 00:05:11
    5. Kernel Config 00:02:49
    6. Viewing Kernel Config From Running Kernel 00:03:34
  9. Firewalls
    1. iptables 00:01:22
    2. NAT With iptables 00:04:36
    3. iptables Tables 00:02:14
    4. Matching On Protocol 00:04:09
    5. Rate limiting 00:02:52
    6. New Versus Established Versus Related 00:03:51
    7. Targets 00:02:20
    8. iptables Logs 00:02:47
    9. iptables With Multiple Interfaces 00:02:57
    10. Firewalld 00:02:56
    11. Zones And Services 00:02:35
    12. Matching On Owner 00:03:06
    13. ufw 00:02:53
    14. gufw 00:02:12
  10. Conclusion
    1. What We Covered 00:02:29
    2. What Comes Next 00:02:28
    3. Wrap-Up 00:00:33
  11. Introduction To Cloud Services
    1. Introduction And About The Author 00:03:33
    2. Service Models 00:08:56
    3. Service And Deployment Models 00:08:42
    4. Deployment Models Summary 00:05:01
    5. Deployment Models And Benefits 00:10:48
    6. Distributed Processing - The Reverse Cloud 00:07:15
    7. Building Internal Cloud Hardware 00:08:36
    8. Building Internal Cloud Software 00:04:16
    9. Using An External Cloud 00:07:42
  12. Securing The Infrastructure
    1. Introduction 00:08:51
    2. Framework 00:08:03
    3. Policy Samples 00:09:07
    4. Risk Management Introduction 00:05:43
    5. Risk Assessment 00:06:51
    6. Risk Management 00:08:48
    7. Security Program And CIA 00:06:54
    8. CIA 00:14:41
    9. Types Of Security 00:09:41
    10. Sensitive Data 00:09:01
    11. Data Classification 00:06:31
    12. AAA 00:08:15
    13. Bastion Host - Part 1 00:06:49
    14. Bastion Host - Part 2 00:08:27
    15. Configuration Control 00:05:03
    16. Security Training - Part 1 00:07:37
    17. Security Training - Part 2 00:08:18
    18. User Provisioning 00:10:46
    19. Monitoring And Incident Response 00:06:51
    20. Incident Response Process 00:06:46
  13. Preparing For Cloud Use
    1. Introduction And Framework For Governance 00:08:33
    2. Planning For Cloud Use 00:08:08
    3. Planning For Cloud Use - Readiness Tool 00:11:49
    4. Security Controls 00:11:53
    5. Enterprise Connect Zone 00:06:58
    6. Web App Security 00:11:38
    7. Security As A Service 00:07:00
    8. Security Controls Summary 00:08:06
    9. Due Diligence On The CSP 00:06:37
  14. The Cloud Services Agreement
    1. Required Services 00:09:04
    2. NDA, Access And Compliance 00:06:08
    3. Data Protection And Redundancy 00:07:25
    4. Data Fault Tolerance And Redundancy 00:06:06
    5. System Fault Tolerance And Redundancy 00:06:55
    6. Connectivity Fault Tolerance And Redundancy 00:08:14
    7. Notification And Penalties 00:06:43
    8. CSP Prudent Management 00:06:39
    9. Monitoring The CSP 00:04:34
  15. Staying Secure In The Cloud
    1. Cautious Implementation 00:06:43
    2. Inspections - Monitoring And Metrics 00:07:25
    3. Incident Response And Key Escrow 00:05:16
    4. Agreement Monitoring And Enforcement 00:05:58
  16. Wrap Up
    1. Course Review 00:04:26
  17. Introduction
    1. What Is Forensics? 00:04:09
    2. Professions Needing Forensics 00:07:29
    3. What You Should Expect From This Video 00:04:13
    4. What You Should Know 00:06:31
    5. What You Will Learn 00:04:23
  18. Legal Issues
    1. Chain Of Custody 00:05:46
    2. Evidence Acquisition 00:07:28
    3. Validating Data Under Linux 00:06:57
    4. Validating Data Under Windows 00:04:41
    5. Expert Witness 00:07:15
    6. Ethics For Experts 00:08:14
    7. Evidence Storage 00:06:33
    8. Rules Of Evidence 00:07:16
  19. Investigations
    1. Differences With Legal Investigations 00:06:41
    2. Reasons For Corporate Investigations 00:06:10
    3. Preparing For An Investigation 00:04:50
    4. Forensic Workstation 00:08:42
    5. EnCase 00:04:46
    6. FTK 00:10:37
    7. Coroners Toolkit 00:04:17
    8. ProDiscover Basic 00:07:37
    9. Audit Policies 00:07:52
    10. Reporting 00:10:12
    11. UNIX Tools 00:12:36
    12. Sleuth Kit 00:09:17
    13. DEFT Linux 00:07:09
  20. Operating Systems
    1. Windows Family 00:09:08
    2. Mac OS X 00:10:32
    3. Linux 00:09:14
    4. Other Types Of Operating Systems 00:04:50
    5. Boot Processes 00:07:37
    6. File Systems: Windows-Based 00:09:29
    7. File Systems: Linux 00:09:35
    8. File Systems: Mac OS 00:07:01
    9. File Systems: CD 00:04:45
    10. RAID 00:06:34
    11. Autostarting 00:07:58
    12. Executable Types And Structure: Windows 00:06:50
    13. Executable Types And Structure: Unix-Based 00:10:24
    14. Disk Partitions 00:07:16
  21. Image Acquisition
    1. Image Formats 00:04:11
    2. Image Acquisitions Under Linux 00:06:21
    3. Image Acquisitions Under Windows 00:05:45
    4. Volatile Information 00:11:25
    5. Data Recovery 00:06:45
    6. Hard Drives 00:05:55
  22. Network Acquisitions
    1. OSI Reference Model 00:07:58
    2. TCP/IP 00:08:29
    3. Network Attacks 00:07:57
    4. Reasons For Network Acquisitions 00:07:45
    5. Man In The Middle Attacks 00:07:31
    6. Capturing Traffic 00:09:09
    7. NetworkMiner 00:06:55
    8. Other Network Tools 00:08:57
    9. Wireless Networking 00:07:41
    10. Wireless Tools 00:11:58
    11. Firewalls And Their Uses 00:09:48
    12. Intrusion Detection Systems 00:06:58
  23. Data Spaces
    1. Alternate Data Streams 00:08:29
    2. Deleted Files 00:07:21
    3. Hidden Partitions 00:04:20
    4. Slack Space And Swap File 00:09:50
    5. Registry 00:11:47
    6. Virtual Memory 00:08:58
    7. System Recovery Checkpoints: Windows 00:03:14
    8. Audit Logs And Settings 00:09:03
  24. Data Recovery
    1. Graphics Files 00:09:26
    2. E-Mail 00:08:17
    3. Internet: Cache, Cookies, Etc. 00:09:54
    4. Metadata 00:10:27
    5. Log Files 00:06:43
    6. Steganography 00:03:50
    7. Steganography Techniques: Images And Video 00:05:33
    8. Steganography Techniques: Audio And Documents 00:05:24
    9. Steganalysis 00:07:32
    10. Compression 00:05:44
  25. Virtual Machines
    1. Virtual Machines 00:12:44
    2. Checkpoints 00:05:25
    3. Data Formats 00:06:34
    4. Hypervisors 00:05:04
  26. Mobile Forensics
    1. IOS 00:04:56
    2. Android 00:07:27
    3. Symbian OS 00:03:25
    4. Tools 00:07:51
    5. Memory Considerations 00:04:08
    6. SIM Cards 00:03:25
  27. Malware Forensics
    1. Malware Forensics 00:04:34
    2. Static Malware Analysis 00:08:41
    3. Dynamic Malware Analysis 00:08:38
  28. About Me
    1. About Me 00:02:58
  29. Getting Started
    1. Introduction To Reversing 00:07:20
    2. About The Author 00:03:28
    3. Ethical Considerations 00:01:57
    4. Reversing Tools - Part 1 00:05:35
    5. Reversing Tools - Part 2 00:04:32
    6. Reversing Tools - Part 3 00:03:10
    7. Reversing Tools - Part 4 00:03:34
    8. Reversing Tools - Part 5 00:04:42
    9. Reversing Tools - Part 6 00:04:35
  30. Reversing Compiled Windows Applications
    1. Vulnerabilities - Part 1 00:05:27
    2. Vulnerabilities - Part 2 00:05:43
    3. Vulnerabilities - Part 3 00:04:22
    4. Using Fuzzing - Part 1 00:05:41
    5. Using Fuzzing - Part 2 00:05:52
    6. Using Fuzzing - Part 3 00:06:53
    7. Using Fuzzing - Part 4 00:06:22
    8. Just Enough Assembly - Part 1 00:06:56
    9. Just Enough Assembly - Part 2 00:06:56
    10. Just Enough Assembly - Part 3 00:03:52
    11. Stack Overflows - Part 1 00:06:08
    12. Stack Overflows - Part 2 00:06:09
    13. Stack Overflows - Part 3 00:07:57
    14. Heap Overflows - Part 1 00:04:47
    15. Heap Overflows - Part 2 00:05:50
    16. Heap Overflows - Part 3 00:03:12
    17. Heap Overflows - Part 4 00:05:42
    18. Format String Bugs - Part 1 00:06:43
    19. Format String Bugs - Part 2 00:07:26
    20. Format String Bugs - Part 3 00:07:03
    21. Format String Bugs - Part 4 00:04:14
    22. Section Overflows 00:06:49
    23. Windows Kernel Flaws 00:03:33
    24. Decompilers 00:06:53
    25. Automation - Part 1 00:05:53
    26. Automation - Part 2 00:05:47
  31. Reversing Compiled OS X Applications
    1. Where Are The Vulnerabilities? 00:02:28
    2. Locating Stack Overflows 00:03:32
    3. Heap Overflows 00:06:06
  32. Reversing Compiled Linux Applications
    1. Where Are The Vulnerabilities? 00:05:04
    2. Linux Stack Overflows - Part 1 00:04:31
    3. Linux Stack Overflows - Part 2 00:06:58
    4. Linux Stack Overflows - Part 3 00:06:23
    5. Linux Stack Overflows - Part 4 00:05:56
    6. Linux Stack Overflows - Part 5 00:07:06
    7. Linux Heap Overflows - Part 1 00:05:26
    8. Linux Heap Overflows - Part 2 00:06:48
    9. Linux Heap Overflows - Part 3 00:05:46
    10. Linux Heap Overflows - Part 4 00:05:05
    11. Linux Kernel Flaws - Part 1 00:05:37
    12. Linux Kernel Flaws - Part 2 00:02:45
  33. Reversing Android Applications
    1. Introduction To Android And ARM 00:04:48
    2. Android Applications 00:03:26
  34. Finding Other Vulnerabilities
    1. Web Site Vulnerabilities 00:05:41
    2. Database Vulnerabilities 00:05:05
  35. Simple Exploits
    1. Going From Vulnerability To Exploit 00:02:49
    2. A Simple Exploit Script 00:05:50
    3. Creating A Metasploit Module For An Exploit - Part 1 00:04:41
    4. Creating A Metasploit Module For An Exploit - Part 2 00:06:38
    5. Creating A Metasploit Module For An Exploit - Part 3 00:07:14
  36. Exploit Payloads
    1. Shellcode - Part 1 00:05:54
    2. Shellcode - Part 2 00:04:58
    3. Shellcode - Part 3 00:07:06
    4. Shellcode - Part 4 00:03:48
  37. Making Exploits Harder To Detect
    1. Encoding Shellcode - Part 1 00:05:16
    2. Encoding Shellcode - Part 2 00:06:03
  38. Web Exploitation
    1. Web Exploits In Metasploit 00:04:30
  39. ARM Exploitation
    1. Android Exploits In Metasploit 00:03:46
  40. Future Directions
    1. Wrap Up And Suggestions For Further Study 00:05:52
  41. Introduction
    1. Introduction And About The Author 00:01:34
    2. What We Will Cover 00:03:13
    3. System Requirements 00:04:40
    4. Legal Issues 00:02:38
    5. Penetration Testing 00:02:32
  42. 802.11
    1. 802.11 Basics 00:04:17
    2. Frequencies 00:06:09
    3. Access Points 00:03:41
    4. Ad-Hoc Versus Infrastructure Mode 00:02:40
    5. Wireless Modes - ABGN 00:04:19
    6. SSID, ESSID And BSSID 00:04:00
    7. MAC Address 00:04:30
    8. Associations 00:02:45
    9. Beaconing And Broadcasting 00:02:45
    10. Access Point Basics 00:05:08
    11. Enterprise Networks 00:03:48
    12. WiFi In Windows 00:03:20
    13. WiFi In Mac OS 00:02:41
    14. WiFi In Linux 00:03:52
  43. Securing Your Wireless Network
    1. Authentication 00:01:26
    2. 802.1X 00:04:01
    3. Radius 00:03:27
    4. Encryption 00:04:00
    5. WEP 00:03:20
    6. WPA 00:04:07
    7. WPA2 00:03:40
    8. WPS 00:01:55
    9. EAP 00:04:03
    10. Hiding Your Network 00:03:17
    11. Filtering 00:03:01
    12. Network Segmentation 00:04:19
    13. Default Configurations 00:03:17
  44. Wireless Attack Tools
    1. Built-In Tools 00:04:54
    2. Kali Linux 00:03:22
    3. Kismet 00:02:50
    4. Aircrack-Ng 00:04:03
    5. WiFi Explorer 00:04:08
    6. Wireshark 00:05:34
    7. Wireless Attack Toolkit 00:04:14
    8. NetStumbler 00:03:03
    9. Ettercap 00:04:10
    10. Dsniff 00:04:23
    11. Airpwn 00:04:04
    12. Aireplay-Ng 00:02:18
    13. Fern 00:03:28
    14. WiFi Tap 00:03:04
    15. Cowpatty 00:03:41
    16. WiFi-Honey 00:02:35
  45. Wireless Attacks
    1. Using Wireshark 00:03:06
    2. Capturing Network Packets 00:04:21
    3. Monitor Mode 00:03:19
    4. Investigating Packets 00:04:42
    5. Filtering 00:04:34
    6. Radio Traffic 00:05:10
    7. War Driving 00:02:37
    8. Frame Injection 00:02:52
    9. RADIUS Replay 00:02:56
    10. SSL Stripping 00:03:15
    11. De-Authentication 00:03:10
    12. Airodump 00:02:57
    13. Fake Authentication 00:02:26
  46. Access Point Attacks
    1. Replay Attacks 00:03:10
    2. Cracking WEP - Part 1 00:02:38
    3. Cracking WEP - Part 2 00:02:02
    4. Cracking WPA 00:02:06
    5. Rogue Access Points 00:03:16
    6. Man In The Middle Attacks 00:02:15
    7. MAC Changes 00:04:12
  47. Bluetooth
    1. Bluetooth Overview 00:04:21
    2. Bluetooth Authentication 00:06:20
    3. Bluetooth Profiles 00:03:33
    4. Bluesnarfer 00:03:52
    5. Blueranger 00:02:51
    6. BT Scanner 00:03:26
    7. Protecting Bluetooth 00:03:42
    8. Other Tools 00:02:44
  48. Other Wireless
    1. WiMax 00:03:40
    2. Near Field Communication 00:04:54
    3. ZigBee 00:02:44
    4. RFID 00:05:40
  49. Conclusion
    1. What Have We Covered 00:02:21
    2. Next Steps 00:03:42
    3. Conclusion 00:00:49