Advanced Topics in Computer Security - Parkland    

Last Modified:
Wednesday, 09-Jul-2008 13:45:13 CDT

CSC251 Fall 2008 Schedule

First 8 Weeks at a Glance:

Day 1
Aug, 18 		Day 2
Aug, 25 		Day 3
Sept, 2 (Sept, 1 - Labor Day) 		Day 4
Sept, 8
Day 5
Sept, 15 		Day 6
Sept, 22 		Day 7
Sept, 29 		Day 8
Oct, 6

Second 8 Days at a Glance

Day 9
Oct, 13 		Day 10
Oct, 20 		Day 11
Oct, 27 		Day 12
Nov, 3
Day 13
Nov, 10 		Day 14
Nov, 17 		Day 15
Nov, 24
Thanksgiving Vacation begins Nov. 26 at 5pm
Last day to Withdraw Nov 26. 		Day 16
Dec, 1

Day 1: Aug, 18

Reading and assignment:
For next Time:
  • Read Ch 2
  • Subscribe to a Security Newsletter
  • Surf the web for a security web site and post the url to our Angel bulletin board with a small blurb on what it is all about. 10 Points.
    Due by Sept, 2 (Sept, 1 - Labor Day) at Midnight.
  • Be prepared to discuss what you have read about computer security on Monday for 10 points.
Exercise 1 RFC 2196 and 1281
Due By Midnight Sept, 2 (Sept, 1 - Labor Day)
You may take this exercise as many times as you wish before that time.

Day 1 and 2 Participation
Due by Midnight Sept, 2 (Sept, 1 - Labor Day) 10 points

| Top | CSC251 Home | Overview |  

Day 2: Aug, 25

Reading and assignment:
For next Time:
Presentation For Next week: Find your machine or someone elses and perform a security audit on it. You will bring two copys of your report to class next week, one to give me and one to have something to look at during your presentation. You need to be complete, tell what the machine had on it, what it is used for, what utilities you ran what you did to fix the problems etc.
Paper Report 25 points, Oral Report 25 points.
Due at the beginning of Class next Monday June 9.

Be sure to run MBSA or some such equilavent tool that runs on your machine.

Exercise 2 Regan Book Ch 2
Due By Midnight Sept, 8
You may take this exercise as many times as you wish before that time.

| Top | CSC251 Home | Overview |  

Day 3: Sept, 2 (Sept, 1 - Labor Day)

Reading and assignment: nmap
Quizzes, Homework and Exams:

Day 3 and 4 Participation
Due by Midnight Sept, 15
10 points

Exercise 3 - nmap
Due by Midnight Sept, 15

Lab - nmap: Due at the beginning of class on Sept, 8 show me 15 nmap commands in your history that you have ran against hosts between 216.125.253.5-25

Lab - file integrity using md5sum: Due at the beginning of class on Sept, 8 show me 10 md5sum commands in your history. Be sure top read the web page on md5sum and practice file integrity using md5sum.

| Top | CSC251 Home | Overview |  

Day 4: Sept, 8

Reading and Assignment:


User Management and Security Student presentations on securing a machine of your choice.

Quizzes, Homework and Exams:


Exercise 2 portscanning using nmap
You may take Exercise 2 as many times as you wish before Sept, 22 at Midnight.

Don't forget: Day3/4 Discussion
Due by: Sept, 15 at Midnight.

| Top | CSC251 Home | Overview |  

Day 5: Sept, 15

Reading and Assignment:

Vulnerability Scanning
Quizzes, Homework and Exams:

Vulnerability Scanning:
Get with a Partner in Class, decide on a VULNERABILITY scanner to install on your lab machine. Install and configure it. Be sure that you have the current definitions for your scanner. Find a group's machine to scan and scan it. you will bring a report to class next week detailing what you did. Each student will bring in a report on what you did and will be required to talk about what you did.
50 points.
Due: In at the beginning of class Sept, 29

Discussion Board Day 5,6 & 7:
Continue Discussion for another 10 points this week
Due by: Oct, 6 at Midnight.

| Top | CSC251 Home | Overview |  

Day 6: Sept, 22


Reading and Assignment:

FTC Official ID Theft Victim's Web Site.
Nessus Scan Results
Nessus Scanning Your Network
nmap the Network port MAPping scanner (Review)
Securing Your Hosts

Reports and discussions from class members on security vulnerability scanning
spam not your yummy meat product Spam®
whois Querying a whois server

Quizzes, Homework and Exams:



| Top | CSC251 Home | Overview |  

Day 7: Sept, 29

Reading and Assignment:

Presentations on Vulnerability Scanning and Beginning of SPAM material.
More on reading headers, handling e-mail and SMTP

Re-allocated Networks www.illini-hockey.com in class demo
e-mail, sendmail and spam Lecture

Testing a Relay
The short story to Test a Relay
Quizzes, Homework and Exams:
You will forge an e-mail to your account on shaula. You will then show up next Tuesday and show me the e-mail that you forged and it's headers.

| Top | CSC251 Home | Overview |  

Day 8: Oct, 6

Reading and Assignment:

Look at the spam material on week 7. You will be presenting your Nessus Scan results on Wednesday.

Exam Next week (Wednesday) covering all material so far.

Read pp. 335-340 in the book about SMTP and PGP

Procmail at Wikipedia

SMTP at Wikipedia

Identd or AUTH at Wikipedia
AUTH Lab a little known service

The short story to Test a Relay

procmail at procmail.org
The Apache SpamAssassin Project


Spamassassin GTUBE. The string on this web page will guarantee that you are getting a spam if you place it in the body of an e-mail.
Quizzes, Homework and Exams:


You will forge an e-mail to your account on shaula. You will then show up next Monday and show me the e-mail that you forged and it's headers.

Exercise on e-mail You may take this Exercise as many times as you wish before:
Midnight Oct, 27 .

| Top | CSC251 Home | Overview |  

Day 9: Oct, 13

Reading and Assignment:

Exam - Next week Covers everything so far.

We are doing the SPAM material and spamassassin this week. See week 8 above.

Quizzes, Homework and Exams:

The Midterm will be next on Wednesday.

For Next Wednesday 50 point assignment - install spamassasin and configure procmail (already installed) on your account at shaula and prove to me that it is filtering mail. I will be correcting this in class next week. You may need to schedule time to meet with me for help.

Don't forget Day 8/9/10 discussion board which is due by Oct, 27 .

| Top | CSC251 Home | Overview |  

Day 10: Oct, 20

Reading and Assignment:

Midterm On Wednesday

DoS Attacks
Read Ch 12 Attacks and Intrusion Detections.

Denial of Service Attacks
Fluffy Bunny Cracks SourceForge and the Apache Project
Apache dot org Replies
Top 10 attacks

Quizzes, Homework and Exams:

Exercise 5 DOS Attacks:
Exercise 5 is on angel.parkland.edu and is available til midnight Nov, 3

| Top | CSC251 Home | Overview |  

Day 11: Oct, 27


Trojan Horses and root kits

Mikdterm

Sun Tzu and The Art of War.
Chapter 12 - Attacks and Intrusion Detection
We will be installing the BackOrifice root kit and checking it's operation in class.
Quizzes, Homework and Exams:


Another 10 point participation week for the Discussion Board.
Due by: July 15 at midnight.

| Top | CSC251 Home | Overview |  

Day 12: Nov, 3

Reading and Assignment:

We will Continue with the Backorifice Lab today.


Cryptography: The Basics

Read Ch 5. Encryption and authentication.
Introduction to Cryptography
Screen Shots for TLS

Labs:

F or next week::

Snort HowTo

Bleeding Edge Snort

For next Wednesday: 50 point assignment - With a partner, install snort and configure it, including using it with the OpenSource Community Rules and Alerts in IDS mode. You and your partner will prepare a 1-2 page paper on it.

Exercise 6:Encryption and Authentication.
Due by: Nov, 17

| Top | CSC251 Home | Overview |  

Day 13: Nov, 10

Reading and Assignment:

Intrusion Detection tripwire

Quizzes, Homework and Exams:


Continue with your intrusion detection and the conversation about it in the discussion board. You will turn in your report NEXT week and be prepared to discuss your IDS next week.

25 Point Homework Install and configure open source tripwire on your systems. You should show me the following: That you made installed (Version 2.4 or higher) and configured it to check the system daily in a cron job and make a change to the system files that it uses and show that the output finds a change in your system. . Bring your results in on Wednesday July 15. You MUST prove that each team member participated in this assignment.


| Top | CSC251 Home | Overview |  

Day 14: Nov, 17

Reading and Assignment:

Student discussion of arpwatch and snort


Quizzes, Homework and Exams:


Another 10 point participation week for the Discussion Board.

10 Point Homework Go on the web and find a password cracking tool and install it and run it on your machine. Bring your results in for next week. Make a post for the points. There is a special Discussion phorum. Due by Mhidniguht May 2.

| Top | CSC251 Home | Overview |  

Day 15: Nov, 24
Thanksgiving Vacation begins Nov. 26 at 5pm
Last day to Withdraw Nov 26.

Reading and Assignment:

Final Exam During Class Time. That is the last thing for this class.

For next week:


Another 10 point participation week for the Discussion Board for Day 15-6.
Due by Midnight Dec 8 .

You will either make your own certificate and certificate authority, or you will deploy a password cracking program on your system. You will bring a 1 page report to class next time and be prepared to talk about what you did. Those of you who do a certificate authority you should show me your secure page in class. 25 points.

| Top | CSC251 Home |  

Day 16: Dec, 1

Reading and Assignment:

Review For Final
Quizzes, Homework and Exams:


Don't forget the week 15/16 participation for the Discussion Board.

| Top | CSC251 Home |  

Finals Day Finals week is Dec, 8-12

| Top | Valid HTML 4.01! Valid CSS!