Hello, in this module we continue our discussion of encryption and we look at some practical applications of it. We start off by looking at VPN’s or virtual private networks and see how you can use them to create secure communications using public networks such as the Internet. We than briefly look at the problem of key management and finish our discussion with a look at PGP or Pretty Good Privacy, which is an application that allows you to encrypt files and send encrypted email.

This is the second of two of the most important classes we have the privilege to teach as part of the SANS Security Essentials course. In the first course, we went on a quick tour of some of the important issues and concepts in the field of cryptography. We saw that encryption is real, it is crucial, it is a foundation of so much that happens in the world around us today --and, most of it in a manner that is completely transparent to us.

Hello, welcome to Introduction to Encryption I. This is one of the most important classes we have the privilege to teach as part of the SANS’ Security Essentials course. Encryption is real, it is crucial, it is a foundation of so much that happens. I guess you know that one of the SANS mottos is, “Never teach anything in a class the student can’t use at work the next day.” One of our goals in this course is to help you be aware of how cryptography is used in our world.

Most of us have a problem. We are under attack. At this very moment, our internet-connected computer systems are being subjected to a surprising number of probes, penetration attempts, and other malicious attention. In this talk, we will discuss the types of attacks that are being used against our computers, and how to defend against these attacks.

Hello, welcome to Routing Fundamentals. Just like it is important to understand how networks operate in order to secure them, it is also critical to understand how routers and routing work in order to have a secure network. What allows people from all over the world to communicate and what allows the Internet to function is routers. Routers are responsible for determining the path and sending traffic from source to destination.

In this module, IP Behavior, we are going to take a look at how to analyze TCP/IP information and how one would actually go about pulling it off the wire and looking for patterns. The key point when it comes to security is, “Knowledge is power and ignorance is deadly.” Not understanding what is occurring on your network can be very dangerous from a security standpoint because if you do not understand what is occurring, then how can you determine whether it is good or bad?

In this module we are going to cover various aspects of IP. We are going to start by looking at one of the most common protocol stacks: The OSI protocol stack and look at how communications is broken down into seven core areas. We are then going to compare the seven layer OSI stack with the TCP/IP protocol stack. Then, we are going to cover numbering systems and see how to translate between decimal and binary.

Hello. Welcome to Network Fundamentals. Over the next several modules we are going to look at various aspects of networking and how computers connect over a network. Understanding the key issues of networking is critical to being able to secure a network. The basic question comes down to if you do not understand how a network operates, how are you going to be able to secure it? In this module, we are going to cover some of the fundamental principles of networking that you will need to understand in order to build a secure network....

Hello. With everything that is occurring on the Internet and all of the articles that have been written, web security is a very exciting area. Most attacks that are publicized are either directly or indirectly web-based attacks. Every company and person seems to have a web site, yet most web sites are not designed or built properly from a security standpoint.

"Warfare" can be broadly defined as "the waging of armed conflict against an enemy." In this module we will consider what warfare means in the context of today's information systems and networks. We will see that the fundamental principles of warfare known for thousands of years are still relevant on today's new battleground.

Hello. The material we are going to cover this next hour is central to understanding the theory and practice of information security. This is a foundational course, developed for the SANS Security Essentials program. When you complete this course there will be a quiz available from the SANS web page to help reinforce the material and ensure your mastery of it.

This module will address password security. Although user names and passwords are a familiar technology, most people are not aware of the inherent weaknesses in many of the different passwordbased authentication schemes in use today. These weaknesses are important to understand since many networks would be compromised if passwords on just a few key machines (such as firewalls, DNS servers, or Windows domain controllers) were known to an attacker.

Now that we know the tools and the primary concepts, this part of the course is designed to help you pull everything together. This section is especially important if you need to present security proposals to management. Your next slide, titled Risk Management – Where do I Start presents the roadmap we showed you almost at the beginning of the course. We will bet you have a much clearer idea of how to analyze risks and establish a security infrastructure at this point. Let’s go take a look at the roadmap!...

I never cease to be amazed by the fact that you can’t take a class in Information Security without being told to do this or that in accordance with “your security policy”, but nobody ever explains what the policy is let alone how to write or evaluate it. That is why we undertook this research and education project into basic security policy. We hope you will find this module useful and that you will participate in its evolution. Consensus is a powerful tool. We need the ideas and criticisms from the information security community in order to make this The Roadmap for usable, effective policy....

Welcome, let’s take a minute and revisit what we have learned so far. We started out with an example attack and then focused on one tool that would have given a lot of bang for the buck, a firewall. If you reflect back carefully on the firewalls and ways to avoid firewalls then you realize we introduced the concepts of threats and countermeasures. We covered the history of the threat as far back as 1995 to the most recent type of attacks.

I never cease to be amazed by the fact that you can’t take a class in Information Security without being told to do this or that in accordance with “your security policy”, but nobody ever explains what the policy is, let alone how to write or evaluate it.

In our next section we are going to introduce network-based intrusion detection. The detect engine in this case is either a firewall, a personal firewall, or an intrusion detection system. All of these work quite well. We will begin with a single attack, just to see how one might work and how we might detect it. Then we will explore the range of tools and show you how you can get in the game with a very low investment, possibly even free.

Welcome. As we begin day 2, or the second major set of courses in Security Essentials, the focus will be on defense in depth. This is a term that was coined by the Department of Defense and is a crucially important concept in information assurance. The topics that we are going to cover areshown below.

Host-based intrusion detection could also be called host-specific intrusion detection, in that its primary purpose is to detect suspicious activity or known attack patterns on the specific host it is installed on. Some host-based intrusion detection systems (HIDS) have a number of host detectors reporting to a central management console that can flag alerts, centralize logs, and update the host detectors’ policies. Other HIDS are stand-alone.

If attackers are going to take advantage of vulnerabilities, it makes sense that we need to find them before they do. System, network, and telephone vulnerability scanning tools are a powerful method of doing this. Lets take a look at another Internet threat. This is the threat introduced by users who download and run utilities that are designed to share and search for files across the Internet. Examples are the programs Napster, Gnutella, and more recently Scour. In the next two slides we’ll examine Gnutella, its function, and the dangers it introduces....