This introductory lab has students scanning a small network subnet using nmap to identify live hosts and open ports. Targets include three virtual machines: a web server, a vulnerable Samba server, and an FTP server, as well as other open network ports. It teaches Linux utilities for reconnaissance and scanning such as whois, ifconfig, and nmap with various command-line switches.

This introductory lab has students learn how to use both symmetric and asymmetric encryption at the Linux command line. This exercise includes an encryption primer and an introduction to symmetric encryption using the Linux utility ccrpyt. It also has students use the Linux gpg utility to create a public/private key pair, as well as encrypt and decrypt a file using public-key cryptography.

This introductory lab has students using simple command injection to attempt to gain unauthorized access to data on an intentionally vulnerable web server. The lab document includes a brief primer on command injection and an introduction to DVWA and its command injection tab so students can use command injection to answer a series of lab questions.

This introductory lab has students using simple SQL injection to attempt to gain unauthorized access to data on an intentionally vulnerable web server. The lab document includes a brief SQL primer so that students understand enough to exploit simple SQL injection attacks, followed by an introduction to DVWA and its SQL Injection page for testing injection techniques.

This Beginner Plus level lab exercise introduction to Linux host-based network security consists of two parts. It will provide some hands-on layered defense experience with hardening a LAMP (Linux, Apache, MySQL, PHP) server by examining what ports, IPs and services are exposed to the network, and work on addressing and securing the outstanding network security issues layer by layer.