This introductory lab has students using simple SQL injection to attempt to gain unauthorized access to data on an intentionally vulnerable web server. The lab document includes a brief SQL primer so that students understand enough to exploit simple SQL injection attacks, followed by an introduction to DVWA and its SQL Injection page for testing injection techniques.

This Beginner Plus level lab exercise introduction to Linux host-based network security consists of two parts. It will provide some hands-on layered defense experience with hardening a LAMP (Linux, Apache, MySQL, PHP) server by examining what ports, IPs and services are exposed to the network, and work on addressing and securing the outstanding network security issues layer by layer.