Secure Networking - A Company Network Project on Open-Source

Name: Secure Networking - A Company Network Project on Open-Source
Rating: 4.8 (88 reviews)

Build a network project & learn Linux, nftables cluster, NAC, pfSense, pentest, network security, Kali Linux & Wireshark

(88 ratings)

6,362 students

Created by Seyed Farshid Miri, Seyed Farhad Miri

Last updated 11/2022

English

English [Auto]

What you'll learn

Learn network security, open networking & Linux engineering in one tutorial
Building up a company-grade segmented network entirely on Unix-like OSs
Grasp the full picture of the underlying technologies in network security
Project-based learning of firewall clusters on OpenSUSE Linux as well as pfSense
Learn about NAC (802.1X, EAP, EAPoL) using PacketFence to reject or accpet clients on switches
Networking core fundamentals such as Traffic Tagging using VLANs, Trunking, STP, subnetting, LAG, MLAG, etc.
Learn firewall's core functionalities & be able to work with any firewall, no matter what brand
Initial to advanced configuration of Nvidia Cumulus Linux switches
Learn how head & branch offices securely communicate using IPSec site to site VPN
Learn most common network attacks and penetration testing technics
Learn underlying cluster technologies e.g. Keepalived & VRRP on Linux
Practicing network security by segmentation, compartmentalization, & isolation
Learn how to create different VLANs in a company and control their traffic on each other
Setting up Linux based DHCP server to serve IP addresses in different VLANs
Learn network redundency methods e.g. LACP (802.3ad), balance-rr, balance-xor, etc. on Linux, pfSense and Cumulus switch
Learn how to migrate from iptables to nftables
Project-based learning of advanced pfSense firewall features
Project-based learning of packet capture & analysis using Wireshark, TShark, TermShark & TCPDump
Learn about openSUSE, AlpineLinux, Debian, Ubuntu and FreeBSD
Implement IPSec VPN on openSUSE using strongSwan
Configuring openVPN remote access for home office users
Configuring Wireguard remote access for IoT devices (key based authentication)
Learn how to harden SSH logins using two-factor authentication (2FA)
Learn virtualization using VirtualBox and GNS3
Yersinia attack toolkit

Requirements

No prior programming knowledge required
Basic IT & networking skills
A virtualization compatible computer
Internet connection
Passionate curiosity for learning (is a must)

Description

When it comes to open-source, the sky is the limit!

In a nutshell, you will build a company-like network with headquarter and branch office on Unix-like OSs and open-source tools, then try to hack its vulnerabilities.

From switches to endpoints, clustered firewalls, servers incl. Network Access Control, shortly NAC server, jumpers, and anything else are all built on a flavor of Linux OS such as openSUSE, AlpineLinux, Debian, Ubuntu, etc., or a Unix-like OS such as FreeBSD.

Network security should be embedded into the nature of the corporate's network and that is what we learn in this course.

We do not care much about vendors and logos, but practical concepts. For example, we dive into Shell commands, TCP/IP and networking fundamental concepts, and core network security principles using open-source, yet industry-proven products.

We aim to teach you how standard networking concepts are "designed" and are also "applied" in work environments.

Why a pure Linux-based network? Besides the fact that Linux runs the world, if you learn the secure networking using Linux, Unix, and open-source tools, you will feel pretty confident about their commercial equivalents. For example, if you learn network firewalling using iptables and nftables, you won't have any issues with Cisco FirePower, FortiGate, or Juniper firewalls.

As said, we are not into vendors, we are interested in standardized theoretical concepts and practical technics. This method will give you a firm conceptual understanding of underlying technologies and ideas about how finished products like Cisco switches, Fortigate Firewalls, Cisco ISE NAC, HPE Aruba, and so on, actually work behind the scene.

In the end, you will run the most common network attacks using Kali Linux against the network you built yourself.

Your Learning Key-Terms:

Virtualization

GNS3 Lab (with Hyper-V & VirtualBox Integration)

TCP/IP

OSI Model

Network Topologies

IP Subnetting

VLAN

Traffic Tagging

Trunking

NIC Teaming

LAGG (Link Aggregation)

MLAG (Multi-Chassis Link Aggregation)

Bond Modes: Active-Backup, 802.3ad (LACP)

Bridging

Spanning Tree

Inter-VLAN Routing

Routing & ARP Tables

MAC Flood

IEEE 802.1X & MAB (MAC Address Bypass)

Network Access Control (NAC)

PacketFence (Open Source NAC)

Extensible Authentication Protocol (EAP) (EAPoL)

RADIUS (FreeRADIUS)

Linux Open Source Networking

Nvidia Cumulus Linux Switch

openSUSE Linux

Ubuntu Linux

Alpine Linux

Linux Shell Command Line

Firewalls

Netfilter Framework

Packet Filtering

iptables

nftables

Packet Capture Analysis

Wireshark, TShark, Termshark, and TCPDump

Linux Clustering

keepalived

VRRP

ConnTrack

Virtual Private Network (VPN)

OpenVPN

strongSwan IPSec (swanctl)

WireGuard

pfSense Firewall (FreeBSD)

pfSense Cluster

Next-Gen Firewall

Demilitarized Zone (DMZ)

Ethical Hacking Network Attacks and Technics

SSH BruteForce Attack

MITM with Mac Spoofing Attack

MITM with DHCP Spoofing Attack

DOS Attack (POD, SYNFLOOD, BPDUs, CDP)

Yersinia

DHCP Starvation

DNS Spoofing

Offensive Packet Sniffing

ARP spoofing, ARP cache poisoning attack

Network hacking

Cyber security

Network Hardening Solutions

Who this course is for:

Computer Students, learners and enthusiasts
IT administrators
Network engineers
Linux engineers
Cybersecurity specialists
Firewall administrators

Seyed Farshid Miri

Networking and Cyber Security Expert

4.6 Instructor Rating
2,521 Reviews
172,484 Students
4 Courses

Hackerz Exposed is a team of well-trained all seasoned experts who put a too high value on ethical principles. This is the spirit of all the cybersecurity content we create for our audiences.

And all we follow is one single mission:

"Training thousands of ethical hackers to make the world a safer place"

-----------------------------------------------------------------------------

As part of the Hackerz Exposed team, Farshid is an experienced IT, Networking, and security specialist with a demonstrated history of +15 years of work in high-tech scientific research institutes and industrial sectors in Germany and abroad.

Having been an online student for a few years, he understands that students get easily confused with the number of online courses for any computing and IT subject on online platforms. Therefore Farshid tries his bests to design and create the most comprehensive, focused, and thorough courses here on Udemy.

Farshid believes in a hands-on learning approach as everyone learned to ride bikes by doing and falling over and over. Thus, all his courses are designed to teach the foundation and basics, then jump straight into keyboarding, where students will also have the possibility to code-along, do-along.

Taking Farshid's experience in Networking and IT Security will take students to learn complex subjects with confidence and simplification.

Seyed Farhad Miri

Senior Offensive Security Specialist

4.6 Instructor Rating
2,521 Reviews
172,484 Students
4 Courses

Hi there :))

My name is Farhad with over 13 years of experience I have done projects in the fields of :

- Red Teaming (CS4, CALDERA, Empire, C2 Development)

- Blue Teaming (Splunk ES & Threat Hunting App)

- Penetration Testing (Web, Mobile, Network, Vulnerability Assessment, Hardening CIS/DISA)

- Scripting (Python, Golang ,Bash, Powershell, Sleep)

- Capture The Flag Competitions

- Bug Bounty Hunting