Differences between revisions 2 and 12 (spanning 10 versions)
Revision 2 as of 2009-03-12 21:28:47
Size: 495
Editor: host-216-249-121-234
Comment:
Revision 12 as of 2009-11-03 22:00:51
Size: 1184
Editor: 24-183-238-75
Comment:
Deletions are marked like this. Additions are marked like this.
Line 6: Line 6:
== Labs == Below is a list of subpages for NetworkSecurity
Line 8: Line 8:
'''SSL and code signing lab''':    * NetworkSecurity/Lab
Line 10: Line 10:
Hints: To get a code signing template to show up on the web page, you need to add it to the templates. Just go into the CA and right click templates and select new.... DO NOT ADD your site to the trusted sites list in windows. This will cause you problems. If at first you don't succeed, close it all and restart IE. == Using WebScarab with WebGoat ==
Line 12: Line 12:
  1. Start up WebScarab. It may be in basic mode.
     a. If it is, Go to Tools->Use Full Interface.
     a. Restart WebScarab.
  1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.
  1. Check Use proxy server and set address to localhost port 8008.
  1. Click OK and OK.
  1. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).
  1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)


= Often Discussed Topics =

   * IpSec

CPTR 427 Network Security Class

Below is a list of subpages for NetworkSecurity

  • NetworkSecurity/Lab

Using WebScarab with WebGoat

  1. Start up WebScarab. It may be in basic mode.

    1. If it is, Go to Tools->Use Full Interface.

    2. Restart WebScarab.

  2. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.

  3. Check Use proxy server and set address to localhost port 8008.
  4. Click OK and OK.
  5. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).

  6. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)

Often Discussed Topics


CategoryHomepage

NetworkSecurity (last edited 2024-01-07 18:12:17 by scot)