Internet Security: A Hands-on Approach

Name: Internet Security: A Hands-on Approach
Rating: 4.8 (1084 reviews)

Network security, attacks on ARP, TCP/IP, DNS, & BGP protocols; Sniffing/Spoofing; Firewall; VPN; How the Internet works

Created byWenliang Du

Last updated 8/2023

English

What you'll learn

Study classic network attacks and gain in-depth understandings of their technical details
Study how the Internet and the TCP/IP protocols work
Understand the security problems in the design and implementation of the TCP/IP protocols
Master the fundamental attack (ethical hacking) and defense skills in network security
Gain hands-on experiences through 11 labs (SEED Labs) developed by the instructor
Implement Firewall, VPN, sniffer, spoofing, and various network security tools using C or Python

Course content

11 sections • 113 lectures • 19h 26m total length

Course Overview (Part I)13:56
Engage in hands-on labs and lab setup to grasp tcp/ip fundamentals, and explore attacks like session hijacking and Heartbleed while learning defenses with firewalls and vpn.
Course Overview (Part II)11:39
Lab Exercises and Setup7:20
Network Basics: IP Addresses13:45
NAT and Summary9:04

Introduction2:50
Socket Programming and Sending Packets9:47
Receiving Packets10:16
Explore how the IP layer routes incoming packets to the correct UDP or TCP transport, binds servers to ports, and uses sockets and recvfrom to deliver data to applications.
Packet Sniffing12:10
Sniffing Using PCAP14:15
Sniffing Using Scapy14:23
Packet Spoofing18:12
Explore packet spoofing by using raw sockets to bypass the OS network stack, construct complete IP and UDP headers in a zeroed buffer, and send a forged packet.
Packet Spoofing Using Scapy15:55
Scapy v.s. C15:44
Byte Order12:49
Summary and Lab Exercise2:59
Lab Exercise0:12

Introduction2:17
Explore the data link layer, mac layer, and layer 2 concepts, including ethernet headers and arp mapping, and examine arp cache poisoning and man-in-the-middle attacks.
The MAC Layer13:12
The ARP Protocol16:43
Learn how the arp protocol resolves ip to mac addresses by broadcasting requests and receiving unicast replies, and how its cache speeds lookups.
ARP Cache Poisoning Attacks16:56
Man-In-The-Middle Attacks Using ARP Cache Poisoning16:11
MITM Attack Demo8:06
Question, Countermeasure, and Summary5:04
Lab Exercise0:16

Introduction4:39
The IP Protocol17:31
IP Fragmentation18:58
Explore IP fragmentation and MTU limits from Ethernet 46 to 1500 bytes, including ID, offset, and fragmentation flags. See a hands-on demo constructing and reassembling fragments with UDP payload.
Problem: Attacks Using IP Fragmentation5:37
Solution: Attacks Using IP Fragmentation13:24
Explore attacks using IP fragmentation, including ping-of-death, teardrop, and overlapping fragments, showing how fragmented packets can trigger memory corruption and a denial-of-service attack in kernels.
Routing15:50
Spoofing Prevention on Routers10:16
The ICMP Protocol10:39
Explains the icmp protocol at the ip layer, including icmp header fields, echo request/reply, time exceeded due to TTL or fragmentation, and destination unreachable codes.
ICMP Redirect Attack11:42
Smurf Attack and Other ICMP Attacks9:33
Explore ICMP based attacks, including the smurf amplification via directed broadcast and spoofed source IP, plus ICMP flooding and botnets for denial of service.
Summary2:38
Explore the network layer with ip and icmp protocols, ip fragmentation, routing tables and reverse path filtering, plus icmp attacks like redirect and smurf and bgp routing basics.
Lab Exercise0:06

Introduction2:55
TCP Overview17:43
Explore why we need tcp beyond ip and udp, and how tcp provides a reliable, ordered, flow-controlled virtual connection with congestion control.
Send and Receive Buffers13:47
Sequence Number, Flow and Congestion Control17:06
SYN Flooding Attack20:57
TCP Reset Attack11:07
TCP Session Hijacking15:19
How Reverse Shell Works19:29
Redirecting IO to TCP Connection7:13
Creating Reverse Shell11:59
The Mitnick Attack22:45
The Mitnick Attack Demo7:55
Watch a hands-on demonstration of the Mitnick attack, including configuring trust with .rhosts, spoofing syn packets, ARP cache manipulation, and backdoor rlogin access.
Countermeasures and Summary5:24
Lab Exercise0:28

Introduction3:22
DNS Zone Hirarchy8:44
The DNS Query Process13:23
DNS Root Servers9:32
Experiment Setup20:16
Constructing DNS Packets13:14
Overview of the Attack Surface6:51
Examine the DNS attack surface along the full query path from the local host and /etc/hosts to the local DNS server and upstream roots, highlighting spoofing and cache risks.
Local Cache Poisoning Attack16:08
The Kaminsky Attack21:07
Demo of the Kaminsky Attack8:46
Fake Response Attack19:48
Explore how fake DNS responses can poison caches and hijack domains, and how the authority and additional sections, plus glue records, influence caching and circular dependencies.
DNS Rebinding Attack25:52
Reverse DNS Lookup and Attacks11:44
Learn how reverse dns lookup operates with the dns hierarchy from root to a domain's nameserver via in-addr.arpa, and why attackers can misuse the resulting name for access control.
Denial of Service Attacks on DNS9:19
Summary2:51
Explore how DNS works, its hierarchy and query process, set up DNS servers and zones in labs, and examine cache poisoning, Kaminsky attack, DNS rebinding, and crypto-based countermeasures.
Lab Exercises0:21

Introduction2:53
Why VPN, an Analogy, and Tunelling15:02
IP Tunneling6:58
TUN/TAP Virtual Interface11:25
Create TUN/TAP Interface (Part 1)13:52
Create tun/tap interfaces using python and c, configure ip addresses with ip commands, and inspect packets with scapy and wireshark in a practical demo.
Create TUN/TAP Interface (Part 2)4:49
Explore tun and tap interfaces; tun links to layer 3 ip, tap to layer 2 ethernet, exposing layer-2 traffic and ethernet headers for virtual lan and bridged networks.
Going to Private Network14:37
At the VPN Server8:38
How Packets Return15:25
Review of How VPN Works8:14
A Case Study10:36
Bypassing Firewall Using VPN8:34
Summary and Lab Exercises3:17
Lab Exercise0:08

Introduction4:49
High-Level Picture8:56
Autonomous Systems and Peering13:19
How BGP Works14:26
Path Selection8:58
IBGP and IGP6:18
Overlapping Routes12:37
IP Anycast10:42
Explore IP anycast, where the same IP prefix is announced from global locations to balance load via BGP, directing UDP DNS requests to the nearest server.
BGP Tools and Utilities11:04
BGP Attacks16:47
Case Studies of BGP Attacks14:00
Explore real-world BGP attack case studies, including Pakistan’s YouTube hijack and Turkey’s DNS hijack, and observe how misconfigurations redirect global traffic and prompt rapid fixes.
Summary2:49
Lab Exercise (New)0:23

Requirements

Have basic programming background
Understand basic operating system concepts, such as process, memory, kernel etc.

Description

From Morris worm to Mitnick attack; from Mafia boy to Kaminsky attack; from Pakistan's hijacking of YouTube to Syria's shutting down of its own Internet. These are so many attacks on the Internet. If you want to learn how the Internet works, how it can be attached, and more importantly, how you can defend against these attacks, then this course is for you.

In this course, we systematically study each layer of the TCP/IP protocols, discuss the vulnerabilities in its design and implementation, and demonstrate how to exploit the vulnerabilities in attacks. Many classic attacks are covered in this course, with great technical details. The course won't just teach you the high-level concepts and theories; it would dive into the low-level technical details and fundamentals, so you can fully understand how exactly things work.

The course emphasizes hands-on learning. For each attack covered, students not only learn how the attack works in theory, they also learn how to actually conduct the attack, in a contained virtual machine environment. The hands-on exercises developed by the instructor are called SEED labs, and they are being used by over 1000 institutes worldwide. The course is based on the textbook written by the instructor. The book, titled "Computer & Internet Security: A Hands-on Approach, 2nd Edition", has been adopted by over 210 universities and colleges worldwide.

Who this course is for:

Anybody who is interested in ethical hacking
Anybody who is interested in learning how the Internet works
Anybody who is interested in learning how the Internet can be attacked
Students who are interested in learning the theories and practices in the field of network security
Graduate and upper-division undergraduate students in computer science, computer engineering, and IT-related fields

Internet Security: A Hands-on Approach

What you'll learn

Explore related topics

Course content

Course Overview, Lab Setup, and Network Basics5 lectures • 56min

Packet Sniffing and Spoofing12 lectures • 2hr 10min

The MAC Layer and Attacks8 lectures • 1hr 19min

Network Layer: IP, ICMP and Attacks12 lectures • 2hr 1min

The UDP Protocol and Attacks5 lectures • 44min

The TCP Protocol and Attacks14 lectures • 2hr 54min

DNS and Attacks16 lectures • 3hr 11min

Virtual Private Network14 lectures • 2hr 4min

Firewall11 lectures • 1hr 47min

BGP and Attacks13 lectures • 2hr 5min

Requirements

Description

Who this course is for: