Topics
|
|
Link to Lecture Page
|
Introduction to the Course
|
|
1 |
Introduction & expectations that apply to all of my courses:
- Once you've had one course with me you'll know what I expect in every other course, but make sure you view this first!
|
|
Introduction to Dr. Craiger's courses
|
|
2 |
Syllabus contents and class details to CET4663:
- These are the gritty details of the course. Please make sure to read the syllabus thoroughly and follow along with this lecture.
|
|
|
|
3 |
- How to create a virtual machine and install Linux Mint within the 'VM.' This lecture explains how to install and use VMWare on your host machine. What a COOL thing it is to be able to run multiple operating systems, even multiple NETWORKS on your desktop!
|
|
Installing Linux Mint in VMWare
|
Introduction to Computer and Network Security
|
|
1 |
Introduction to computer and network security:
- Why it's important, security problems, types of 'attacks,' CIANA.
|
|
Introduction to Computer and Network Security
|
|
2 |
Risk analysis:
- Defining assets in a risk analysis, identifying threats and the likelihood of the threats occurring, identifying the consequences of a threat occurring, and vulnerabilities that increase risk.
- Also covers common safeguards to reduce the impact of threats, securing equipment/data, and incident response (should be included in security policy).
|
|
Risk Analysis
|
|
3 |
Legal aspects of computer security
- Guest lecturer Prof. Mark Pollit (FBI-retired) discusses laws related to computer and network security.
|
|
Laws |
Authentication
|
|
1 |
Authentication and auditing:
- Types of authentication, detailed explanation of password hashing, examples of bad password choices, password cracking methods, and coverage of password security on Unix and Windows systems.
|
|
Authentication and auditing |
|
2 |
Password auditing:
- Review of Unix password security, differences in hashing algorithms, reasons for conducting a password audit, extensive coverage of John the Ripper software, and an overview of rainbow tables.
|
|
Password auditing |
|
3
|
Rainbow tables:
- Extended coverage of rainbow tables and Ophcrack software.
|
|
Password Auditing with Rainbow Tables
|
|
|
Assignment 1 (Due date in dropbox, Sept 25)
|
|
|
Network Signature Analysis
|
|
1 |
Review of TCP/IP: (2 videos)
- TCP/IP fundamentals, the OSI model, TCP vs UDP, application protocols, IP addressing, NAT, and an overview of proxy servers.
|
|
Review of TCP/IP |
|
2 |
Network signature analysis:
- Signature analysis, brief introduction to the Snort IDS, analysis of ICMP packet capture, common TCP/UDP ports, network baselining, the TCP 3-way handshake, and review of TCP flags.
|
|
Identifying Network Signatures from Packet Captures |
|
3 |
Network signature analysis example:
|
|
ARP Spoofing |
|
|
Assignment 2 (Due date in dropbox: Oct 9)
|
|
|
Firewalls
|
|
|
|
1 |
Introduction to Firewalls (2 videos):
- An explanation of firewalls, types of firewalls, stateless vs stateful filtering, placement of firewalls within a network, examples of firewall rules, and the importance of having an established security policy.
|
|
Introduction to Firewalls |
|
|
Firewalls with iptables
- In this lecture I discuss using iptables
|
|
iptables |
|
3 |
Creating a host-only network in VMWare:
- Create a network in VMWare for a host-only network (i.e., not connected to the Internet, great for running security and forensics sensitive experiments).
|
|
Creating a host-only network |
|
4 |
Firewall Assignment Setup
- Here I walk you through how to setup your VM for the firewall assignment.
|
|
Setup for Firewall Assignment
|
|
|
Assignment 3 (Due date in dropbox: Oct 30)
|
|
|
Intrusion Detection
|
|
1 |
Introduction to Intrusion Detection:
- Types of IDS's, overview and usage of the Snort IDS, Snort modes and various run options.
|
|
Introduction to Intrusion Detection |
|
2 |
Implementing Intrusion Detection:
Implementing a network security policy using SNORT.
|
|
Implementing Intrusion Detection |
|
3 |
Installing and Testing SNORT:
- Installing and testing SNORT.
|
|
Installing and Testing SNORT IDS
|
|
4 |
SNORT Rules:
- How to create SNORT rules based on a security policy.
|
|
Creating SNORT Rules
|
|
|
Assignment 4 (due April 17, 2015)
|
|
|
Cryptography |
|
1 |
Introduction to Cryptography:
- Explanation of symmetric (single key) and asymmetric (public/private key) encryption, GnuPG (GPG) basics.
|
|
Intro to Crypto |
|
2 |
Using GPG:
- Using GPG to implement cryptographic functions.
|
|
Using GPG |
|
|
Assignment 5 (due May 4, 2015)
|
|
|
|
Comments (0)
You don't have permission to comment on this page.