Internet Training by Russ Haynal
I can help your organization master the Internet's
vast resources, without compromising the security of your organization.
As you make decisions about training priorities... consider
I have taught over 30,000 employees since 1993, and my courses are consistently top-rated by my alumni.
Hidden Universes of Information on the Internet
This popular course enables the researcher/analyst to efficiently find the most useful information located anywhere in the world. Learn about the internet's information spaces, and how to fully search many "Hidden Universes" in the deep web. Tradecraft techniques are embedded throughout the course to minimize information leaked to adversaries/competitors, and to protect mis-attributable accounts. Hidden Universes is an elective course for Intelligence analysts pursuing the ICAAP certification (Intelligence Community Advanced Analysts Program) Many alumni refer to Hidden Universes as "the single best course of their entire career."
If employees are using the Internet in support of their mission, the techniques taught during Hidden Universes will help them be more successful, efficient,
and secure. Hidden Universes is a great course for a wide variety of
specialists: OSINT, SIGINT, SOCMINT, DNI, cybersecurity, counter intelligence,
law enforcement investigators, OPSEC, linguists, competitive intelligence,
business intelligence, market research, due diligence, research and development.
1) Internet Architecture - Every action you take on the Internet involves dozens of resources that may be located throughout the world. This introduction explains essential technologies that enable the entire Internet to function and connect users to content. Topics include; backbone providers, internet exchange points, hosting companies, internet protocol numbers and the domain name system. Internet routing is also described to show the many locations where internet traffic may be intercepted. Students learn that EVERY online "hit" MUST provide a "return address" associated with their own Internet access method. This section prepares students to understand "persona issues"
2) Persona Issues - Do not research adversaries until you fully understand the persona details of your own Internet connection.. This is an essential counter-intelligence topic. Internet users make "footprints" all over the Internet, and are always being monitored! Strengths and weaknesses of various Internet connection methods are discussed (including mis-attributable). By default, web browsers transmit a 1-click history to web servers through several mechanisms such as http_referrer. This can reveal to your targets the SPECIFIC SEARCH TERMS AND METHODS THAT YOU ARE USING TO TRACK THEM DOWN. Most mis-attributable accounts also transmit http_referrer, and therefore leak a 1-click history to your adversaries. Students are shown actual server logs, revealing the second_by_second details that are constantly being recorded on all servers. Students will learn: how to test the persona of their own Internet connections, how to minimize devastating leaks to their research targets, and how to protect the mis-attributable nature of special Internet accounts.
3) Search Tools -
This session will
dramatically increase the productivity of online searches, while minimizing what
is leaked to your adversaries. Many users think
they are "searching the Internet", as they waste a massive amount of time,
looking through 10 hits out of 7.3 million worthless hits from limited search engines such as Google. Search tools can be grouped into various
categories: directories, search engines, and "user pages"/social
media. Learn the strengths and weaknesses for each search tool category, and know when to apply these tools against specific types
of topics. Advanced search engine techniques are exploited such as PDF
searches, the "site:" command, and link analysis.
These techniques can quickly sift search results down to the very best online
resources. Other courses may encourage analysts to "click on Google's cache" in their search
results. This ill-advised technique is suggested as a way to avoid making "live
hits" on a target's web server (and supposedly avoid alerting the target that
you are looking at them). Hidden Universes provides the OPPOSITE (and correct)
advice. The reality that "Google's cache is evil", because it almost
always causes LIVE hits on the target's web server. Several clever methods are
taught to safely access a "text only" version of Google's cache. Search engine ranking algorithms are discussed and how webmasters optimize
their content to dominate the search results. Conversely, discover the
numerous ways that sneaky webmasters can deliberately cause blind spots in all
search engines (and all web scraping tools) so that their content will NEVER
appear in your favorite search tool. Analysts will also learn how to quickly
assess the popularity of a website, and the visitor demographics to that
specific website BEFORE they visit the site. Such demographics help analysts choose the best Internet access
solution for visiting the site, and to
not raise the suspicion of the target webmaster.
4) Specialized Search Tools - Google and Bing search only ~1% of the Internet. Analysts that rely on Google are missing ~99% of the Internet's high quality, detailed content that is "hidden" in specialized databases. This 99% of the Internet's content is completely invisible to tiny surface search engines such as Google, Bing, and other web scraping tools. Discover tens of thousands of specialized search tools, which focus on specific topics and formats. These resources are often referred to as "deep web", "Invisible web", "hidden content". This massive amount of content will ONLY be accessible via the specific site hosting that content. A unique resource (archive.org) is also discussed, along with its OPSEC implications.
5) Country-Specific Content - Thousands of country-specific resources are presented such as; country-focused search tools, news resources, phone books and language translators. Learn how domain names are allocated from each individual country. Most countries sell their domain names to anybody with a credit card (.uk, .ru, .pk may be no different than .com, .net) This session is essential for analysts who focus on specific countries.
6) Review / Summary - All course topics are reviewed. A tour of thought-provoking sites is included to shock, scare and motivate the audience into mastering the online future.
Optional Topics - These topics may also be incorporated into the Hidden Universes course, if appropriate for your audience.
Source Evaluation - Discover the source of online content. Strengths and weakness of whois are described for determining the owner of domain names and IP Numbers. Traceroute is also described including how to interpret results (router naming conventions, airport codes, asymmetric routing, speed of light = distance, etc) Analysts will become more proficient in interpreting traceroute results. Autonomous System numbers (ASN's) and ASN mapping tools may also be covered.
Country-Specific Infrastructure - Learn how entire continents and countries are interconnected. Learn about Internet exchange points, peering vs transit, major backbone providers, local ISPs, telecom carriers, underwater fiber optic cables, satellite connections and data centers. This session is useful for analysts who are interested in such infrastructure, and will be quite helpful for analysts trying to interpret traceroutes.
Course Style: Hidden Universes may be taught in either a lecture/demo mode, or as a hands-on course. The lecture /demo mode can be either 1-day or 2-days long depending on the depth and quantity of the topics you want covered. The hands-on course can be either 2-days or 3-days long. In the hands-on version, each student chooses their own specific topic to research, using the many search techniques presented throughout the entire course. If there are "restrictions" on how the student Internet accounts may be used, research topics can similarly be "restricted" to "acceptable" topic areas.
Cyber Security and Privacy for Internet Users
The Internet is a hostile environment. Studies
have shown that careless/untrained employees cause most security breaches. Investments in security solutions
are worthless, if you do not train the users. All the
"best practices" and specific precautions are covered for Internet users to
protect their organization/computers from attacks, and to help ensure their
privacy. Students will advance beyond "security awareness" to "security
knowledge". This course is also extremely valuable from a
Note: This session is intended for Internet users - It is NOT a system administrator course.
1) Introduction to cyber security and privacy - You are constantly under attack. See how bad it really is. Updates on the biggest cyber attacks, current issues, latest security statistics, information about identity theft. See why the OPM breach was a game-changer.
2) Internet Access - Types of Internet access at work (attributable, mis-attributable, anonymizers, etc) and the usage policies associated with each. Types of Internet access at home (cable, fiber, wireless) and the security risks associated with each. Persona issues will be discussed in detail for each type of access (work or home). Tradecraft methods are discussed to help minimize the chances of a mis-attributable account from becoming "recognized". (The Persona Issues section from Hidden Universes can be included here with additional details)
3) Firewalls -The strengths and weaknesses of firewalls at work and home. Methods for testing your computerís security (e.g. port scanners) How to interpret the firewall's alerts and logs.
4) Viruses - Methods of transport and how to protect against them. See the importance of keeping your anti-virus software up to date.
5) Web Surfing Issues: Java, Active X risks; cookies, third party cookies, flash cookies, web bugs; web site log analyzers, browser settings, Privacy policies, encrypted pages, online registrations, forbidden sites.
6) Email Issues and other Online Applications: Email is the most frequently used method of attacking organizations. Employees must understand the techniques of phishing, spear phishing, whaling, embedded gifs, spam, scams, hoaxes, viruses and attachments. See the risks associated with running other applications such as chat, IM, file sharing, online gaming, media streaming and peer-peer applications.
7) Social Media: Risks associated with authoring online content such as LinkedIn, Facebook, email, personal web pages, shared photos.
8) User actions: Important steps to increase your systems' security and privacy: installing operating system updates, use of passwords, virtual machines, local file encryption, parental control options, offline storage.
9) Future Issues: biometric identification, legislative trends, security of other online devices (smart phones, home appliances, Internet of things), data mining.
Course Style: This 1-day course is usually taught in a lecture/demo mode using my laptop. Versions of this seminar have been presented to various clients during National Cyber Security Awareness month.
Customized Training / Presentation
The courses as defined above are very popular and highly rated. However, if your organization has unique requirements - Let's talk. I can easily change the combination and duration of the topics above to create a customized class, conference, seminar, executive briefing, etc. I can create additional topics as needed. I have also created entire courses for clients who had an ongoing need for the course. Here are two example courses that I developed for specific clients. There is typically no charge for creating or customizing a course.
I look forward to helping your Internet users become more successful in accomplishing their very important missions.
Contact me at 703-729-1757 or Russ 'at' navigators.com