Scribd Logo
Carica

Benvenuto in Scribd!

  • Cs 581 Syllabus

    Caricato da

    ehaunter
    97 visualizzazioni3 pagine
    hacking and countermeasures information security defense against network attacks

    Titolo originale

    cs581syllabus

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    hacking and countermeasures information security defense against network attacks

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    97 visualizzazioni3 pagine

    Cs 581 Syllabus

    Caricato da

    ehaunter
    hacking and countermeasures information security defense against network attacks

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 3

    CS581 Computer & Network Security (Fall 2014)

    Lectures: Wednesdays 6:10-9:50pm Engineering, Computer Science, & Technology Bldg. Room A210 & C245

    Instructor: Edmund Gean Email: egean@calstatela.edu
    Phone: (323) 343-4395 Office: Library North B18

    Office Hours: Wednesdays 5:00-6 pm Library North B18

    Description: This course exposes students to various techniques related to defending your computers and networks.
    Topics covered include Denial-Of-Service attacks, packet analyzers, host-based intrusion detection, firewalls,
    and VPN. Lab exercises and projects will be included to foster greater understanding in this field.

    Course Goals: At the end of the course, students will be able to:

    -perform a security assessment of an organizations network via penetration test and identify vulnerabilities
    -harden MS Windows and Unix operating systems
    -install intrusion detection systems, firewalls, and VPNs

    Prerequisites: CS447 (computer networks) or CS470 (computer networking protocols)
    http://www.calstatela.edu/faculty/egean/cs447/cs447%20syllabus.htm
    http://www.calstatela.edu/faculty/egean/cs447/lecture-notes-sybex2011/

    Required textbook: Counter Hack Reloaded by Ed Skoudis (lecture notes available online at
    http://www.calstatela.edu/faculty/egean/cs581/lecture-notes )
    Recommended textbooks: Network Security Principles and Practices by Saadat Malik (lecture notes online)
    (http://www.calstatela.edu/faculty/egean/cs581/network-security-principles-and-practices.pdf )
    Network Security Technologies and Solutions by Yusuf Bhaiji
    (http://www.calstatela.edu/faculty/egean/cs581/Network_Security_Technologies_and_Solutions.pdf )

    References: Free packet capture and decode software at http://www.wireshark.org/
    Free ebooks at http://mimas.calstatela.edu/login?url=http://proquest.safaribooksonline.com/
    Documentation of Cisco equipment at http://www.cisco.com

    Topics:
    Denial-Of-Service attacks & hacker techniques
    Port scanning, penetration, and vulnerability testing
    packet analyzers and sniffers
    host and network-based intrusion detection
    firewalls, packet filters, and access control lists
    securing Unix and Window systems
    authentication, authorization, and accounting
    data integrity checking & encryption schemes

    Projects:
    Students will gain practical experience through the following lab projects
    - scan a network to locate machines and open ports
    - find vulnerabilities on machines
    - configure firewall & setup VPN
    - setup network-based intrusion detection system

    Grading policy: Overall grade will be comprised of the following components
    - lab assignments 35%
    - final exam 65%

    A 90-100
    B 80-89
    C 65-79
    D 50-64
    F 0-49

    Academi c Integrity: Cheating will not be tolerated. Cheating on any assignment or exam will be taken seriously. All parties
    involved will receive a grade of F for the course and be reported to the Academic Senate
    CS581 Reading and Lab Project Assignments


    Week Lecture Lab Project
    1 Chapters 1,2 (Counter Hack)
    Introduction
    Network Overview


    2 Chapters 3,4,6 (Counter Hack)
    Unix Overview
    Windows NT/2000 Overview
    Scanning (eg nmap, Nessus)
    Port scanning
    Install nmap (or nmapfe) (http://nmap.org) port scanner onto your laptop or
    home computer and perform a TCP port scan and a UDP port scan of another
    computer. Submit reports generated by nmap (or Zenmap) containing list of
    open TCP & UDP ports. Also submit output of netstat na command on
    computer that was scanned. Be sure to temporarily turn off any host-based
    firewall software if needed so that outputs of nmap and netstat na indicate
    the same number of open ports.
    3 Chapter 5,7 (Counter Hack)
    Reconnaissance
    Gaining Access via
    application/OS attacks
    Penetration and Vulnerability testing
    Install a network-based vulnerability scanner Nessus (www.nessus.org) onto
    your computer and perform a vulnerability scan of another. Submit vulnerability
    report of services that pose medium or high security risk. Be sure to
    temporarily turn off any host-based firewall software if needed to get
    meaningful output.
    4 Chapters 5-8 (Malik)
    Secure Switching
    NAT
    PIX firewall
    Firewall
    Place one computer on the outside interface and a server on inside interface of
    a Cisco Pix firewall. Configure the firewall to block outside users from initiating
    any connection to the inside server except through UDP port 69 (tftp). Turn on
    logging and submit copy of firewall config file and output of show logging as
    evidence that firewall is blocking all conversations initiated from outside except
    for tftp. You may need to download from the Internet a free tftp server.
    http://www.cisco.com/en/US/docs/security/pix/pix63/quick/guide/63_501qk.html
    http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/index.htm
    5 Chapter 8,9 (Counter Hack)
    Gaining access via network
    attacks
    Denial-of-Service attacks

    6 Chapters 10, & 13 (Malik)
    VPN
    IPSEC
    IPSec VPN
    Setup a site-to-site IPSec VPN tunnel between your Cisco router and your
    Cisco PIX firewall. Submit (i) the configuration files used on the two Cisco
    devices and (ii) evidence that the IPSec tunnel works via output of debug
    ipsec, show crypto isakmp sa, and show crypto ipsec sa on both Cisco PIX
    firewall and on Cisco router
    7 Chapters 9, 14, & 15 (Malik)
    IOS firewall
    Network Intrusion Detection
    Network intrusion detection system
    Install Snort (http://www.snort.org) onto your computer. Simulate two different
    network attacks against your computer. Turn in a listing of two different alerts
    that the snort IDS detected and submit printout of the two signature definitions
    Snort used from its signature definition files to detect the two types of attack.
    8 Chapters 16-18 (Malik)
    AAA
    TACACS+
    RADIUS
    AAA
    Configure your Cisco router to use AAA for user authentication via a
    TACACS+or RADIUS server (such as Clearbox) that you installed on your
    computer. Submit the configuration files used on the Cisco router. Submit
    screenshots of decoded packet capture of TACACS+or RADIUS packets as
    evidence that AAA authentication works whenever you telnet to your router.
    9 Chapter 10 (Counter Hack)
    Maintaining Access

    Exploit code generation
    Create an exploit using Metasploit that can be successfully used against a
    vulnerability (install a vulnerable application if needed) on your computer using
    tools provided at http://www.metasploit.com/framework/ . Which vulnerability
    was exploited? Which server port number was vulnerable?
    Provide evidence that this exploit was successful via screenshots, packet
    captures, and output of netstat a
    10 Chapter 11 (Counter Hack)
    Covering Tracks and Hiding

    11 Final Exam (Dec 10, 2014)

    Potrebbero piacerti anche