1 00:00:00,05 --> 00:00:02,05 - [Presenter] Many cyber security solutions 2 00:00:02,05 --> 00:00:05,01 are opensource and free. 3 00:00:05,01 --> 00:00:10,06 Hence, this course makes perfect sense and gets to exist. 4 00:00:10,06 --> 00:00:12,06 Good for us. 5 00:00:12,06 --> 00:00:15,08 And I introduced the most viable 6 00:00:15,08 --> 00:00:20,06 and proven option for each area of cybersecurity challenges. 7 00:00:20,06 --> 00:00:22,08 The cyber security domains I cover 8 00:00:22,08 --> 00:00:27,09 include Firewalls, Packet and Protocol Analysis, 9 00:00:27,09 --> 00:00:33,05 Intrusion Detection and Prevention, or IDS and IPS, 10 00:00:33,05 --> 00:00:39,02 vulnerability assessment, logging and monitoring. 11 00:00:39,02 --> 00:00:43,09 iptables is what Linux uses to control the flow 12 00:00:43,09 --> 00:00:49,06 of data packets in and out of a host or network. 13 00:00:49,06 --> 00:00:52,07 Any firewall implementations in Linux 14 00:00:52,07 --> 00:00:56,01 pretty much builds on iptables. 15 00:00:56,01 --> 00:01:01,02 Knowing iptables is like unlocking the secret code 16 00:01:01,02 --> 00:01:06,01 of controlling network packets in general. 17 00:01:06,01 --> 00:01:10,01 WireShark is one of the most popular packet sniffers 18 00:01:10,01 --> 00:01:13,04 and allows you to intercept (indistinct) packets 19 00:01:13,04 --> 00:01:15,05 and inspect them. 20 00:01:15,05 --> 00:01:17,09 Many organizations use Wireshark 21 00:01:17,09 --> 00:01:21,00 to troubleshoot networking problems, 22 00:01:21,00 --> 00:01:26,03 test software and develop protocols. 23 00:01:26,03 --> 00:01:30,01 I recommend Snort as a great tool to start with 24 00:01:30,01 --> 00:01:34,07 when considering an IDS or IPS solution. 25 00:01:34,07 --> 00:01:39,05 Snort is versatile and can take on packet sniffing, 26 00:01:39,05 --> 00:01:46,05 IDS and IPS tasks, depending on your needs. 27 00:01:46,05 --> 00:01:51,03 Nessus is a vulnerability management system, or VMS. 28 00:01:51,03 --> 00:01:54,09 It comes through systems throughout a network 29 00:01:54,09 --> 00:02:00,03 and identifies weaknesses such as zero day vulnerabilities. 30 00:02:00,03 --> 00:02:04,07 For those of you unfamiliar with the term Zero Day, 31 00:02:04,07 --> 00:02:07,02 it means a security vulnerability 32 00:02:07,02 --> 00:02:13,02 whose fix is not available yet and susceptible to attacks. 33 00:02:13,02 --> 00:02:19,04 Syslog, Syslog-ng and Kiwi are a trio 34 00:02:19,04 --> 00:02:24,01 that is a mainstream way of handling logging and monitoring. 35 00:02:24,01 --> 00:02:27,06 Networking hardware and software generate log files, 36 00:02:27,06 --> 00:02:32,02 which in turn enable engineers to monitor their health 37 00:02:32,02 --> 00:02:36,01 and look for any signs of intrusion. 38 00:02:36,01 --> 00:02:37,01 There are many options 39 00:02:37,01 --> 00:02:40,01 other than what I'm covering in this course, 40 00:02:40,01 --> 00:02:43,05 but you'll get a good feel for what's available in general 41 00:02:43,05 --> 00:02:47,03 by following me, along with the lessons. 42 00:02:47,03 --> 00:02:49,03 Once you get a decent understanding 43 00:02:49,03 --> 00:02:53,05 of what these tools can do in cybersecurity, 44 00:02:53,05 --> 00:02:57,03 migrating to other similar software applications 45 00:02:57,03 --> 00:02:58,09 won't be a problem. 46 00:02:58,09 --> 00:03:01,07 We're lucky that there are so many choices 47 00:03:01,07 --> 00:03:04,06 at our fingertips, and I want you to take full advantage 48 00:03:04,06 --> 00:03:08,00 of these opportunities by exploring them with me.