Beginner's Guide to Hacking and Practical Network Security

This is a beginner's workshop to give some handson experience of a "hacker" as well as practical
network security and server security at beginners level. No network administrator qualification is
required. The material is currently used for beginner undergraduate course with 13-16 meetings @
2-3 hours each. It is also available as e-learning module on moodle server.

In general, this workshop will be divided into two major objectives, namely, (1) handson experience
how hacker works, and (2) obtain a practical overview on how to secure servers from cyber attacks.
Ubuntu Server is used as an example. To confine the attack in a safe environment, the participant
will be guided to set up a penetration lab equipped with a simple telnet server, SquirrelMail,
webmail, samba server and most importantly Damn Vulnerable Web App (DVWA). Footprinting
technique is performed using common applications like nmap, whois, dig, or vulnerability scan
using the Grabber. Sniffing uses wireshark and tcpdump. WiFi penetration techniques uses
combination of reaver, airmon-ng, airodump-ng, aireplay, aircrack-ng. Password attack will be
attempted using the hydra and ophcrack. Finally, to break a database, nmap and sqlmap will be
used.

Once the participants introduced to some attack methods in the Internet, it would be easier to
appreciate why we need to do security. 20 server tips will be practiced. It is followed by firewall
configuration using iptables for some scenarios. Practical e-mail postfix server is done using using
MailScanner. For secure remote login and file transfer, the participant will get some experience to
install ssh, how to run a command remotely using ssh, forwarding X display via ssh, and also secure
copy. Virtual Private Network (VPN) can simply be built using pptp server, if time permits we may
also use more complex openvpn. To secure web appication, the participants will get some handson
on Apache web application firewall ModSecurity. To perform host security, tripwire and dd will be
used. Finally, installation and operational Intrusion Detection System using snort will be performed.

Equipments:
• Local Area Network
• WiFi Access Point
• Ubuntu Server (can be run on VirtualBox)
• Laptop
• USB with kali linux operating system
• or CDROM with kali linux operating system

e-Learning Module:
• http://cyberlearning.web.id/moodle/course/view.php?id=115 (moodle e-learning open source
on network securty {id}).

Resources on network security:

Mostly is written in Wiki and in Indonesian Language {id}

• http://tldp.org/HOWTO/html_single/Security-HOWTO/ - a good reference on security

howto.
• http://opensource.telkomspeedy.com/wiki/index.php/Peta_Teknologi_Network_Security –
map of network security technology {id}.
 • http://opensource.telkomspeedy.com/wiki/index.php/20_Linux_Server_Hardening_Security
_Tips – 20 Linux Server hardening security tips {id}.
• http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_MailScanner – install of
mailscanner {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Mini_Howto_iptables_untuk_Firewall
– mini howto for firewall using iptables {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Ssh – ssh for remote login and other
remote applications {id}
• http://opensource.telkomspeedy.com/wiki/index.php/VPN – VPN {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_PPTP – VPN using PPTP
{id}
• http://opensource.telkomspeedy.com/wiki/index.php/ModSecurity – Apache ModSecurity as
Web Application Firewall {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Tripwire – Tripwire for host intrusion
detection system {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Dd – dd for backup harddisk image
{id}
• http://opensource.telkomspeedy.com/wiki/index.php/SNORT:_Install_SNORT_untuk_BAR
NYARD2 – installation of snort with barnyard2 for network intrusion detection system {id}

Resources on hacking:
Mostly is written in Wiki and in Indonesian Language {id}

• http://opensource.telkomspeedy.com/wiki/index.php/Kali_Linux – preparing Kali Linux.

• http://opensource.telkomspeedy.com/wiki/index.php/Pentest – collection of URL for
preparing a penetration lab.
• http://opensource.telkomspeedy.com/wiki/index.php/Squirrelmail – preparing webmail
squirrelmail for penetration lab {id}.
• http://opensource.telkomspeedy.com/wiki/index.php/DVWA – preparing Damn Vulnerable
Web App {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Nmap – foot printing using nmap {id}.
• http://opensource.telkomspeedy.com/wiki/index.php/Menggunakan_whois – foot printing
using whois {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Kali_Linux:_Scan_Vulnerability_meng
gunakan_Grabber – scanning web vulnerablity using grabber.
• http://opensource.telkomspeedy.com/wiki/index.php/Wireshark – sniffing using wireshark
{id}
• http://opensource.telkomspeedy.com/wiki/index.php/Tcpdump – sniffing using tcpdump
{id}
• http://opensource.telkomspeedy.com/wiki/index.php/Wireless_Hacking – collection of
articles on wireless hacking {id}.
• http://opensource.telkomspeedy.com/wiki/index.php/Hydra – password attacked using hydra
{id}.
• http://opensource.telkomspeedy.com/wiki/index.php/SQLMap:_Contoh_SQL_Injection_ke_
DVWA – do sql injection attack using sqlmap {id}
• http://opensource.telkomspeedy.com/wiki/index.php/Nmap:_enumeration_smb_share –
enumerate samba share using nmap {id}.