Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Harder Targets > Introduce Firewalls - Pg. 341

Training·Chapter14 341 students who had already gained access to the box, but that couldn't always be helped. This experience can also happen in the real world. Require Research to Accomplish the Task A key portion of the class consisted of the students detecting the vulnerability using the scan, and then going out on the internet to research the vulnerability. We encouraged them to read about who discovered the vulnerability, what the problem actually was, how it was repaired, and how the exploit worked. Wherever possible we encouraged them to test the vulnerability against a test server, with sniffers in place so that they would see each step of the exploit in action. Introduce Firewalls During the capture-the-flag scenario we also brought firewalls into the environment. Up to this point the students hadn't had to contend with a firewall's effects on their testing. Firewalls blocked access to ports that they were accustomed to using such as FTP, Telnet, and SSH. In addition, they had to understand the effects that egress filtering would have on their attempts to create connections back to their "attack"