CyberCode Academy

CyberCode Academy
  • 0.0 (0)
  • CURSOS
  • CADA DÍA

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.

  1. Course 18 - Evading IDS Firewalls and Honeypots | Episode 2: Configuring a Cisco PIX Firewall to Establish a Secure Enclave

    HACE 13 H

    Course 18 - Evading IDS Firewalls and Honeypots | Episode 2: Configuring a Cisco PIX Firewall to Establish a Secure Enclave

    In this lesson, you’ll learn about: Initializing and Configuring a Cisco PIX Firewall:Physical and software setup: connecting to the RS232 console port via USB-to-serial adapter and using Putty.Navigating the Cisco IOS CLI: moving from basic prompts to privilege mode and the configuration environment (config t).Administrative tasks:Checking existing configurations with show configure.Creating local user accounts and setting privilege levels.Naming and managing interfaces, identifying Ethernet 0 as "outside" (WAN) and Ethernet 1 as "inside" (internal network).Network Architecture and Connectivity:Building a secure subnet (10.0.0.0/24) behind the firewall while connected to a local network (192.168.1.0/24).Key steps:Assign static IP addresses to internal and external interfaces.Configure routing so internal devices can reach the internet.Implement Access Control Lists (ACLs) to allow specific traffic like ICMP (ping).Set up Network Address Translation (NAT) to bridge the secure enclave with the outside network.Verification and Testing:Conduct connectivity tests and use tools like Nmap to confirm that internal devices are protected and only intended services are exposed to the public network.Analogy for Understanding Firewall Setup:Think of the firewall as a secure gatehouse for a private estate: set up the administrative office (console/user access), define roads to the mansion (inside network) vs. the public highway (outside network), and hire a guard (NAT & ACLs) to only let authorized guests through while hiding internal details from outsiders. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    12 min
  2. Course 18 - Evading IDS Firewalls and Honeypots | Episode 1: Firewall Management and Security Testing: From Windows and Linux Configurations

    HACE 1 DÍA

    Course 18 - Evading IDS Firewalls and Honeypots | Episode 1: Firewall Management and Security Testing: From Windows and Linux Configurations

    In this lesson, you’ll learn about: Firewall Fundamentals and Windows Configuration:What a firewall is and how it mediates between network zones using rules based on source/destination addresses and ports.Windows Firewall network profiles: Domain, Private, and Public.Key practices:Application Control: Allow specific programs, block vulnerable protocols like SMB/RPC on public networks.Advanced Rules: Configure IPSec for authenticated/encrypted transmissions; set granular inbound/outbound rules.Logging and Analysis: Use tools to convert large text logs into graphical summaries to detect anomalies.Linux Firewall Management with IPTables:IPTables chains: Input, Forward, and Output.Key practices:Block Traffic: Drop packets by source IP or destination port.Advanced Filtering: Flood protection, limit concurrent SSH sessions, divert unauthorized Telnet traffic to a honeypot.Audit Activity: Monitor dropped packets in system logs for attack analysis.Advanced Rule Management and Verification:Use GUI tools like Firewall Builder for Linux/Cisco (ASA/PIX) platforms to simplify rule creation and detect issues like “rule shadowing.”Verify policies with Port Tester to ensure ports are open or blocked as intended.Analogy for Understanding Firewalls:Think of a firewall as a security team at a gated campus: rules dictate who enters (Input), moves between buildings (Forward), and exits with equipment (Output). Tools like Firewall Builder are blueprints to prevent conflicts, while port testing acts as surprise inspections to catch accidental backdoors.Best Practices:Apply proper configuration, audit logs, verify rules, and ensure security policies are effective across Windows and Linux environments. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    13 min
  3. Course 17 - Computer Network Security Protocols And Techniques | Episode 9: Foundations of VPN Security: The IPsec Protocol Suite

    HACE 2 DÍAS

    Course 17 - Computer Network Security Protocols And Techniques | Episode 9: Foundations of VPN Security: The IPsec Protocol Suite

    In this lesson, you’ll learn about: The fundamentals of VPNs and IPsecKey management and Security Associations (SA)IPsec protocols: AH vs. ESPOperational modes: Transport vs. Tunnel1. VPNs and IPsec Fundamentals A VPN (Virtual Private Network) creates a secure, logical tunnel over the public internet, allowing private communication without costly dedicated lines.IPsec (Internet Protocol Security) operates at the network layer and supports both IPv4 and IPv6.Security services provided by IPsec include:Access Control – Only authorized users can send/receive dataData Origin Authentication – Verify the source of the packetIntegrity Protection – Ensure data hasn’t been tampered withConfidentiality – Encrypt the packet contentsAnti-Replay – Detect and discard duplicated or malicious packets2. IPsec Framework and Key Management Encryption algorithms: DES, 3DES, AES for confidentialityIntegrity algorithms: MD5, SHA to create digital signatures (MACs)Key exchange: Diffie-Hellman ensures a shared secret is established securely3. Security Associations (SA) and IKE An SA is a unidirectional logical connection, identified by:SPI (Security Parameter Index)Destination IP addressBidirectional communication requires two SAs.IKE (Internet Key Exchange) establishes SAs and manages keys:IKE Phase 1: Creates a secure management tunnel (authenticates parties, negotiates algorithms, performs Diffie-Hellman exchange)IKE Phase 2: Sets up the actual data tunnel (negotiates AH/ESP and operational mode)IKEv2 is the modern version, supporting NAT traversal and keep-alive, and is widely used in 5G networks.4. IPsec Protocols: AH vs. ESPProtocolSecurity ProvidedNotesAH (Authentication Header)Integrity & authenticationDoes not encrypt; ignores changing IP header fields like TTLESP (Encapsulating Security Payload)Integrity, authentication, encryptionPreferred protocol for most VPNs and mandatory for 5G 5. Operational Modes: Transport vs. Tunnel Transport Mode: Only the payload is encrypted; original IP header is visibleTunnel Mode: Entire original IP packet (header + payload) is encrypted inside a new IP packetMost common setup: Tunnel Mode + ESP (encrypts everything and ensures privacy)Analogy: Transport Mode: Transparent envelope with coded letter inside – address is visible, content protectedTunnel Mode: Envelope inside an opaque crate – both content and sender/receiver are hidden You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    13 min
  4. Course 17 - Computer Network Security Protocols And Techniques | Episode 8: TLS/SSL Foundations: From Conceptual "Toy" Models to Actual

    HACE 3 DÍAS

    Course 17 - Computer Network Security Protocols And Techniques | Episode 8: TLS/SSL Foundations: From Conceptual "Toy" Models to Actual

    In this lesson, you’ll learn about: The purpose and security objectives of TLS/SSLHow a simplified "Toy TLS" model illustrates key conceptsHow actual TLS works, including handshake, key derivation, and record protocolsThe role of cipher suites and secure data transfer1. Core Security Services of TLS/SSL TLS (Transport Layer Security) is designed to protect communications over insecure networks. Its four main security services are: Authentication – Verify the identities of client and server using digital certificates.Encryption – Protect data from being read by unauthorized parties.Integrity Protection – Detect any changes or tampering of transmitted data.Replay Attack Prevention – Stop attackers from resending valid data to repeat actions (like fraudulent payments).2. Toy TLS: A Conceptual Model The "Toy TLS" model is a simplified way to understand TLS: Handshake & Key Derivation Step 1: Client (Alice) and server (Bob) authenticate each other with certificates.Step 2: They exchange a master secret and nonces (random numbers).Step 3: From the master secret, four keys are derived:Two for encryption (one per direction)Two for MAC (Message Authentication Code) to verify integritySecure Data Transfer Data is divided into records (frames).Each record includes:Length header – defines boundaries between data and MACMAC – ensures integrity and prevents tamperingAdvanced Protections Sequence numbers prevent reordering attacks.Type field in MAC prevents truncation attacks, where an attacker might cut off messages prematurely.3. Actual TLS Implementation Cipher Suites TLS uses cipher suites to define:Public key algorithm (e.g., RSA)Symmetric encryption algorithm (e.g., AES, RC4)Hash algorithm for MAC (e.g., SHA-256)Client proposes supported suites; server chooses the strongest mutually supported one.Four-Step Handshake Negotiate security capabilitiesServer authenticates itself to the clientOptional client authenticationFinalization – premaster secret and session keys are derived using exchanged random numbersRecord Protocol Ensures secure data transfer by:Fragmenting the messageCompressing the dataAppending a MACEncrypting the recordAdding a TLS header (content type, version, length) before sending over TCPAnalogy Handshake: Like a secure diplomatic meeting where participants check IDs, agree on a secret language, and synchronize watches.Record Protocol: The actual conversation, where each sentence is translated, numbered, and sealed so the listener can verify order and integrity. You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    14 min
  5. Course 17 - Computer Network Security Protocols And Techniques | Episode 7: Understanding Pretty Good Privacy (PGP) for Secure Email

    HACE 4 DÍAS

    Course 17 - Computer Network Security Protocols And Techniques | Episode 7: Understanding Pretty Good Privacy (PGP) for Secure Email

    In this lesson, you’ll learn about: What PGP is and where it operates in the network stackHow PGP secures email confidentiality and authenticityThe three-part structure of a PGP-secured messageHow session keys, public keys, and digital signatures work togetherThe cryptographic algorithms supported by PGPIntroduction Pretty Good Privacy (PGP) is an application-layer security protocol designed to protect email communications. It combines symmetric encryption, public key cryptography, and digital signatures to ensure that messages remain confidential, authentic, and tamper-proof during transmission. How PGP Secures an Email PGP divides a protected email into three main components, each serving a specific security purpose. Part One: Session Key Protection Contains the session key and the symmetric encryption algorithm usedThe session key is a temporary, randomly generated keyThis entire part is encrypted using the recipient’s public keyEnsures that only the intended recipient can recover the session keyPart Two: Encrypted Content and Digital Signature Contains the actual email messageThe message is encrypted using the session keyIncludes a digital signature created by:Hashing the message to produce a digestEncrypting the digest with the sender’s private keyProvides:Integrity (message was not altered)Authentication (message truly came from the sender)Non-repudiationAlso specifies the hashing and encryption algorithms usedPart Three: PGP Header Contains protocol-related metadataHelps the recipient’s PGP software correctly process the messageCryptographic Algorithms Supported by PGP PGP is flexible and supports multiple cryptographic standards: Public Key Algorithms:RSADSSHash Functions:MD5SHA-1RIPEMDSymmetric Encryption Algorithms:AESTriple DES (3DES)Key Takeaways PGP operates at the application layerUses hybrid encryption for efficiency and securityPublic keys protect the session key, not the message directlyDigital signatures ensure authenticity and integrityWidely used for secure email communication You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    11 min
  6. Course 17 - Computer Network Security Protocols And Techniques | Episode 6: The Evolution of End Point Authentication: Securing Identities

    HACE 5 DÍAS

    Course 17 - Computer Network Security Protocols And Techniques | Episode 6: The Evolution of End Point Authentication: Securing Identities

    In this lesson, you’ll learn about: What end point authentication is and why it mattersWhy early authentication methods failedHow replay attacks and spoofing workThe role of nonces in proving “liveness”Why public keys alone are not enoughHow digital certificates solve Man-in-the-Middle attacksIntroduction End point authentication is the process by which one entity proves its identity to another over a network. This lesson traces the evolution of authentication mechanisms, showing how each weak design led to stronger and more secure solutions used on today’s internet. 1. Early Authentication Methods and Their Failures Simple Identification & IP-Based Authentication An entity simply claims an identity, orIdentity is inferred from the source IP addressProblem: Attackers can easily spoof IP addressesResult: No real proof of identityPasswords and Encrypted Passwords Users authenticate by sending a password (plain or encrypted)Problem: Vulnerable to replay attacksAn attacker records the authentication packetThe same packet is resent later to gain accessEncryption does not prevent replay2. Nonces and Challenge–Response Authentication What Is a Nonce? A random number used only onceEnsures the communicating party is “live”How It Works Bob sends a nonce to AliceAlice encrypts the nonce using a shared secret keyBob decrypts and verifies the responseStrengths Prevents replay attacksProves the entity is actively respondingLimitations Requires a pre-shared secret keyNot scalable for large networks or the internet3. Public Key Authentication and Its Weakness Why Public Keys Were Introduced Removes the need for pre-shared secretsAnyone can encrypt data using a public keyThe Major Flaw: Man-in-the-Middle (MITM) An attacker intercepts the communicationSubstitutes their own public keyAlice and Bob each think they are talking directlyAttacker reads and modifies all trafficKey Insight Public key cryptography alone does not authenticate identity4. The Final Solution: Digital Certificates What Digital Certificates Solve Bind a public key to a verified identityPrevent attackers from substituting keys unnoticedRole of Certification Authorities (CAs) Verify identitiesIssue digital certificatesSign certificates using their private keyWhy This Stops MITM Attacks An attacker cannot forge a valid certificateAny key substitution attempt is detectedTrust is anchored in the CA5. Real-World Impact This model is the foundation of HTTPSModern browsers automatically verify certificatesEnd point authentication is now built into everyday internet useKey Takeaways Identity claims and IP-based authentication are insecurePasswords alone are vulnerable to replay attacksNonces add freshness but require shared secretsPublic keys enable scalability but are MITM-proneDigital certificates are the only robust solutionTrusted third parties are essential for secure authentication You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    14 min
  7. Course 17 - Computer Network Security Protocols And Techniques | Episode 5: Digital Trust and Integrity: Hash Functions and Certification

    HACE 6 DÍAS

    Course 17 - Computer Network Security Protocols And Techniques | Episode 5: Digital Trust and Integrity: Hash Functions and Certification

    In this lesson, you’ll learn about: How data integrity is ensured using cryptographic hash functionsHow MD5 and SHA-1 generate fixed-length message digestsWhy encryption alone does not guarantee identityHow Certification Authorities (CAs) authenticate identities and prevent impersonationIntroduction This lesson explains how secure digital communication relies on two critical pillars beyond encryption: integrity verification and identity authentication. It focuses on the role of hash functions in detecting data tampering and the role of Certification Authorities in establishing trust between communicating parties. 1. Data Integrity with Hash Functions Hash functions transform data of any size into a fixed-length output, known as a message digest. Even a one-bit change in the original message results in a completely different hash value. Key Properties of Hash Functions Fixed-size output regardless of input sizeOne-way (computationally infeasible to reverse)Highly sensitive to input changesEfficient to computeMD5 (Message Digest 5) Produces a 128-bit hash valueProcesses data through multiple internal transformation roundsDesigned to make it infeasible to reconstruct the original message from the digestUseful historically for integrity checks, though no longer considered secure against collisionsSHA-1 (Secure Hash Algorithm 1) Produces a 160-bit hash valueStandardized by NISTDivides input into 512-bit blocksEach block is processed sequentiallyThe output of one round becomes part of the input to the nextMore robust than MD5, but now considered cryptographically weak for modern security needsWhy Hash Functions Matter Detect unauthorized changes to dataEnsure files and messages arrive unalteredUsed in digital signatures, password storage, and integrity verification2. Identity Authentication with Certification Authorities (CAs) Encryption protects confidentiality, but it does not prove who sent the message. Without authentication, attackers can impersonate legitimate users. The Problem: Impersonation An attacker can: Claim to be someone elseSend their own public key while pretending it belongs to a trusted entityTrick the recipient into trusting malicious communicationThe Solution: Certification Authorities Certification Authorities are trusted third parties that verify identities and bind them to cryptographic keys. What a CA Does Verifies the identity of an individual or organizationBinds that identity to a public keyIssues a digital certificateSigns the certificate using the CA’s private keyHow Certificates Are Used The recipient verifies the certificate using the CA’s public keyThe sender’s authentic public key is extracted from the certificateThis ensures:The message truly came from the claimed senderThe message was not altered in transitHow Integrity and Authentication Work Together Hash functions detect message modificationDigital certificates confirm sender identityCombined, they prevent:TamperingSpoofingMan-in-the-Middle attacksKey Takeaways Hash functions ensure data integrity, not identityMD5 and SHA-1 produce fixed-length digests from variable-length inputEncryption alone cannot prevent impersonationCertification Authorities establish trust by binding identities to public keysSecure communication requires integrity + authentication + encryption You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    11 min
  8. Course 17 - Computer Network Security Protocols And Techniques | Episode 4: Asymmetric Cryptography: RSA, Diffie-Hellman

    8 ENE

    Course 17 - Computer Network Security Protocols And Techniques | Episode 4: Asymmetric Cryptography: RSA, Diffie-Hellman

    In this lesson, you’ll learn about: What asymmetric (public key) cryptography is and why it is neededHow the RSA algorithm works and where it is used in practiceHow Diffie-Hellman enables secure key exchange over public networksWhy asymmetric cryptography is vulnerable without authenticationIntroduction This lesson provides an in-depth explanation of asymmetric key cryptography, focusing on RSA and Diffie-Hellman. These algorithms solve a fundamental problem in network security: how to communicate securely over an insecure channel, such as the internet, without sharing secrets in advance. Asymmetric Cryptography Overview Asymmetric cryptography uses two mathematically related keys: Public key: Shared with everyonePrivate key: Kept secret by the ownerWhat is encrypted with one key can only be decrypted with the other. This model enables secure communication, authentication, and key exchange at scale. 1. RSA (Rivest–Shamir–Adleman) RSA is a general-purpose asymmetric encryption algorithm based on the computational difficulty of factoring very large numbers. Key Generation Two large prime numbers are selected: P and QThese are multiplied to produce n = P × QA public key is created: (n, e)A private key is created: (n, d)Knowing n does not make it feasible to derive d without factoring nEncryption and Decryption The sender converts the message into a number MEncryption is performed using the public key:C = M^e mod nThe receiver decrypts using the private key:M = C^d mod nOnly the private key holder can reverse the operation. Practical Use of RSA RSA operations are slow and computationally expensiveIt is not used to encrypt large dataInstead, RSA is commonly used to:Securely exchange a symmetric session keyAuthenticate servers and usersThe exchanged symmetric key is then used with fast algorithms like AES2. Diffie-Hellman Key Exchange Diffie-Hellman is not an encryption algorithm; it is a key exchange protocol. Purpose Allows two parties to generate a shared symmetric keyNo prior secret is requiredThe shared key is never transmitted over the networkHow It Works Two public values are agreed upon:A large prime number PA generator GEach party chooses a private value:Alice chooses XBob chooses YPublic values are exchanged:Alice sends G^X mod PBob sends G^Y mod PBoth compute the same shared secret:G^(XY) mod PEven though all exchanged values are public, the shared secret remains secure. Key Properties Secure against passive eavesdroppingEnables perfect forward secrecy when used correctlyWidely used in secure protocols such as TLS3. Man-in-the-Middle (MITM) Vulnerability Both RSA and Diffie-Hellman are mathematically secure, but they are vulnerable at the protocol level if identities are not verified. The Attack An attacker intercepts the key exchangeEstablishes one secret key with AliceEstablishes a different secret key with BobRelays messages between both sides while decrypting and re-encrypting themBoth parties believe they are communicating securely, but the attacker sees everything. The Solution Authentication is mandatoryIdentity verification must occur before or during key exchangeCommon solutions include:Digital certificatesTrusted certificate authoritiesSigned public keysWithout authentication, encryption alone does not guarantee security. Key Takeaways Asymmetric cryptography solves the secure key distribution problemRSA relies on the difficulty of factoring large numbersRSA is mainly used for key exchange and authentication, not bulk data encryptionDiffie-Hellman enables secure key exchange without sharing secretsBoth systems are vulnerable to MITM attacks without authenticationSecure systems always combine encryption + authentication You can listen and download our episodes for free on more than 10 different platforms: https://linktr.ee/cybercode_academy

    14 min
Ver todo (118)

Acerca de

Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity. 🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time. From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning. Study anywhere, anytime — and level up your skills with CyberCode Academy. 🚀 Learn. Code. Secure.

Información

  • Creador
    CyberCode Academy
  • Años de actividad
    2025 - 2026
  • Episodios
    118
  • Clasificación
    Apto
  • Copyright
    © Copyright CyberCode Academy
  • Mostrar sitio web
    CyberCode Academy