Advanced Topics in Computer Security - Parkland    

Last Modified:
Tuesday, 04-May-2010 09:58:22 CDT

CSC251 Fall 2010 Schedule

First 8 Weeks at a Glance:

Week 1
Aug. 23 		Week 2
Aug 30 		Week 3
Sept 7 (Sept 6, Labor Day) 		Week 4
Sept 13
Week 5
Sept 20 		Week 6
Sept 27 		Week 7
Oct 4 		Week 8
Oct 11

Second 8 Weeks at a Glance

Week 9
Oct 18 		Week 10
Oct 25 		Week 11
Nov 1 		Week 12
Nov 8
Week 13
Nov 15 		Week 14
Nov 22
(Thxgvg begins at 5pm on Nov 24) 		Week 15
Nov 29 		Week 16
Dec 6

Week 1: Aug. 23

Reading and assignment:
For next Time:
  • Be prepared to discuss what you have read about computer security next class period.
    This can be from an e-mail or from something you read on the web
    15 points.
Week 1 -4 Participation
Due by Midnight Sept 20 10 points

| Top | CSC251 Home | Overview |  

Week 2: Aug 30

Reading and assignment:
For next Time:
Exercise 1 RFC 2196 and 1281
Due By Midnight Sept 7 (Sept 6, Labor Day)
You may take this exercise as many times as you wish before that time.

Presentation For Next week: Find your machine or someone elses and perform a security audit on it. You will bring two copys of your report to class next week, one to give me and one to have something to look at during your presentation. You need to be complete, tell what the machine had on it, what it is used for, what utilities you ran what you did to fix the problems etc.
Paper Report 25 points, Oral Report 25 points.
Due at the beginning of Class next week.

Be sure to run MBSA or some such equilavent tool that runs on your machine.

| Top | CSC251 Home | Overview |  

Week 3: Sept 7 (Sept 6, Labor Day)

Reading and assignment:
Quizzes, Homework and Exams:

  • Quiz Next Week at the beginning of class
    study Ch2, RFC 1291 and 2196, Data Ownership Classifications, and your class notes. This quiz will be closed book, written on paper. In the first 25 minutes of class.

| Top | CSC251 Home | Overview |  

Week 4: Sept 13

Reading and Assignment:

Quiz at the Beginning of class
Continued Presentations


Quizzes, Homework and Exams:




Don't forget: Week1-4 Discussion
Due by: Sept 20 at Midnight.

| Top | CSC251 Home | Overview |  

Week 5: Sept 20

Reading and Assignment:

Ch 4 User Management and Security
nmap
Quizzes, Homework and Exams:

nmap scanning:
Get with a partner and scan back and forth against each others machine. You will have to open your firewall for the other machine (do not turn off your firewall). Bring in a minimal report on your activities next week for each group. Be sure to have your web server etc. on so that the nmap scans will find something. 10 points for report and 10 points for classroom discussion next week.


Discussion Board Week 5-8:
Continue Discussion for another 10 points this four week block
Due by: Oct 18 at Midnight.

| Top | CSC251 Home | Overview |  

Week 6: Sept 27


Reading and Assignment:

Reports and discussions from class members on nmap


Lab:


Quizzes, Homework and Exams:

Discussion Board Week 5-8
Continue Discussion for another 10 points
Due by: Oct 18


| Top | CSC251 Home | Overview |  

Week 7: Oct 4

Reading and Assignment:


Vulnerability Scanning
Labs:

Vulnerability Scanning
Decide on a VULNERABILITY scanner to install on your lab machine. Install and configure it. Be sure that you have the current definitions for your scanner. Find a group's machine to scan and scan it. you will bring a report to class in 2 weeks detailing what you did. Each student will bring in a report on what you did and will be required to talk about what you did.

Those of you who do not have a Linux box will install a Windows system and try to find a scanner for it and also open your firewall so that the other Linux boxes in the lab can scan you. I'll go over this in Lab today.
Due: In at the beginning of class the week of Oct 11 50 Points

| Top | CSC251 Home | Overview |  

Week 8: Oct 11

Reading and Assignment:

Continued Nessus installation and use.

Midterm Next Week covering:
Next week we will be taking the test, then going over our machine's vulnerabilities in class.
Quizzes, Homework and Exams:




| Top | CSC251 Home | Overview |  

Week 9: Oct 18

Reading and Assignment:

Exam

-->
Quizzes, Homework and Exams:



Don't forget Week 5-8 discussion board which is due by Oct 18 .

| Top | CSC251 Home | Overview |  

Week 10: Oct 25

Reading and Assignment:

We are going to finish our Nessus reports.

DoS Attacks
Read Ch 12 Attacks and Intrusion Detections.

--> Lab: File Integrity Checking using md5sum
Due at the BEGINNING of class on Mar 30. 15 points

Quizzes, Homework and Exams:


Week 9-12 discussion due by Nov 15 .

| Top | CSC251 Home | Overview |  

Week 11: Nov 1


Trojan Horses and root kits


Sun Tzu and The Art of War.
Chapter 12 - Attacks and Intrusion Detection
We will be installing the BackOrifice root kit and checking it's operation in class. We will pick it up next week again since we ran out of time.
Quizzes, Homework and Exams:


Discussion Board week 8-12.
Due by: Nov 15 at midnight.

| Top | CSC251 Home | Overview |  

Week 12: Nov 8

Reading and Assignment:




spam not your yummy meat product Spam®
whois Querying a whois server


Procmail at Wikipedia

SMTP at Wikipedia

Identd or AUTH at Wikipedia
AUTH Lab a little known service

The short story to Test a Relay

procmail at procmail.org
The Apache SpamAssassin Project


Spamassassin GTUBE. The string on this web page will guarantee that you are getting a spam if you place it in the body of an e-mail.
Labs:


Forge an e-mail in class for 15 points

Today in class you will be deploying BackOrifice again and will be required to snarf my password as I login through putty to the server.

Next week I will be showing you how to run spamassassin and filtering your e-mail.


F or next week::


Exercise:e-mail sendmail and whois
Due by: Nov 22
(Thxgvg begins at 5pm on Nov 24)

Exercise:Encryption and Authentication.
Due by: Nov 22
(Thxgvg begins at 5pm on Nov 24)
-->

| Top | CSC251 Home | Overview |  

Week 13: Nov 15

Reading and Assignment:

Spamassassin and Procmail: See week above.

Intrusion Detection tripwire

Quizzes, Homework and Exams:



Final Discussion board of the semester.

Homework: Configure spamassassin and procmail and your e-mail client on shaula so that it finds a spam and moves it into the spam folder. You will show me that you can open an e-mail folder using your e-mail client to view your spams. 25 points. Due at the beginning of class next week.

Quiz at the beginning of class next week. You will change your procmail rules to add a line that filters a mail on shaula based on a word that I give you and you will be able to view that e-mail in your e-mail client. 25 points.



50 Point Homework Install and configure open source tripwire on your systems. You should show me the following: That you made installed (Version 2.4 or higher) and configured it to check the system daily in a cron job and make a change to the system files that it uses and show that the output finds a change in your system. . Bring your results in the week after next week. You MUST prove that each team member participated in this assignment. This will also require a 1-2 page paper to be turned in for each team.


| Top | CSC251 Home | Overview |  

Week 14: Nov 22
(Thxgvg begins at 5pm on Nov 24)

Reading and Assignment:

Password Cracking: John The Ripper, Lophtcrack etc.


Quizzes, Homework and Exams:


Another 10 point participation week for the Discussion Board.

Next week in the first 5 minutes of class those who did not successfully run procmail, their mail client and spamassassin get a second chance for half credit.

25 Point Homework Go on the web and find a password cracking tool and install it and run it on your machine. Bring your results in for next week. Be prepared to show me a password that you cracked. Those of you who do not have a Linux box will work with another student. You should make a phantom user who has no shell and make an easy password for it to crack. Also try to crack something a little harder. Bring in a short page explaining what you did and the passwords that you cracked.

| Top | CSC251 Home | Overview |  

Week 15: Nov 29

Reading and Assignment:

Student Presentations on Tripwire

Snort (CSC271)


Bring in your password cracking stuff next week



Making your own certificate authority.
For next week:


Another 10 point participation week for the Discussion Board for Week 12-16
Due by Midnight Dec 13 .

Make your own certificate and certificate authority . You will show me your secure page in class for the final exam 200 points.

The Final for CSC271 is to give me the snort report during the final time 200 points.

| Top | CSC251 Home |  

Week 16: Dec 6

Reading and Assignment:

Bring in your password cracking stuff

Review For Final
Quizzes, Homework and Exams:


Don't forget the week 12-16 participation for the Discussion Board.

| Top | CSC251 Home |  

Finals Week Finals Schedule

| Top | Valid HTML 4.01! Valid CSS!