1 / 32

CmpSci 515 (591s)

CmpSci 515 (591s). Introduction to Computer and Network Security Jake Cunningham jake@nic.umass.edu Brian Neil Levine brian@cs.umass.edu Chris Misra crispy@nic.umass.edu Tuesday/Thursday 11:15-12:30pm LGRC room A339. Overview of Today’s Lecture. Course mechanics Course overview

hedy
Download Presentation

CmpSci 515 (591s)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CmpSci 515 (591s) Introduction to Computer and Network Security Jake Cunningham jake@nic.umass.edu Brian Neil Levine brian@cs.umass.edu Chris Misra crispy@nic.umass.edu Tuesday/Thursday 11:15-12:30pm LGRC room A339

  2. Overview of Today’s Lecture • Course mechanics • Course overview • Course policies and legalities • The ethics of computer security

  3. Course Mechanics • Prerequisites: CS 377 and CS 453 • Familiarity with • Operating system concepts • Unix • Understanding of TCP/IP protocols • Grading • 60% labs and homeworks • 20% midterm exam • 20% final exam • Class participation can change your grade for better or worse.

  4. Brian’s Office Hours • Mondays and Tuesdays 2:30-3:30pm • Room 346 in the Computer Science Bldg. • Email is the best way to reach me. • My office number is 577-0238.

  5. Class Objectives An introduction to concepts in • Computer Security and Network Security To understand vulnerabilities, threats, and counter measures present in computer and network systems. • Practical experience with the systems and tools involved.

  6. Class Objectives • We want to train you to be a computer and network security experts. • This class is the basis for a security community at UMass. • This class is discussion oriented (3 instructors!) and a forum for all current security topics. • Please post related articles you may find to the mailing list.

  7. The Security Lab • Our course has a special room in the LGRC-Tower for our exclusive use. • Equipment is thanks to • a 3-year NSF Combined Research-Curriculum Development (CRCD) grant (18 PCs) • a CAIDA equipment grant for Internet Education Labs (cisco 7100 Routers) • Help from OIT!

  8. Texts • White Hat Security by Avi Rubin • Avi is giving a talk Thursday at 4pm room 150. Attend! • You probably want to keep handy whatever text you used for your network class. • There are plenty of resources online (e.g., Kurose & Ross).

  9. Computer Security Ethics Fundamental security definitions Review of Unix administration and tools. Basic cryptography Buffer overflows Securing unix systems Vulnerability taxonomy Sniffing/Snorting (monitoring) Incident Handling ARP Attacks and Session Hijack Firewalling More Crypto Kerberos PKI/SSL/VPN etc Wireless DNS Rootkits/Virus/Worms DOS/DDOS (Jake) Nimda Intrusion Detection Systems More Snorting Course Topics

  10. Assignments • There will be a number of practical lab exercises on security. • One class presentation. • Assignments are due on the date specified at the beginning of class. • No late homeworks will be accepted. • If you need extra time, ask. • If you have special needs, tell me now!

  11. Bugtraq Presentation • Each student must make a 5-10 minute presentation once during the semester. • For the presentation, you will read the bugtraq mailing list for the prior week. http://www.securityfocus.com/ • At the end of the week, you will present the most important item from the list.

  12. Academic Honesty • All work must be your own. • Cheaters are harmful to honest students in the class and other living things. • You can discuss readings, and explain concepts to each other, but you can’t just give away answers, or write-up assignments together, etc. • Complete lab exercises on your own. • Lab assistance is ok when the assignment is a given, obvious task. Credit your helper. • Cheating equals failure.

  13. Honor Code • Assignments for this class include tasks normally prohibited by the acceptable use policy at UMass, and tasks prohibited by law on outside systems. • Accordingly, enrolling in this class requires your participation in an honor code. • Please read and sign the handout. • In order to have the most open educational environment possible, we trust you • with our most dear and precious resources; • to protect us from evil; • not to need a second chance.

  14. Why are you taking this course? • As part of the class, we will teach you how exploits work so that you may learn how to defend against them. • Think about the objective of this class hard. • We are teaching you to become knowledgeable security experts. • There is no love or respect for hackers in this community. • Be respected.

  15. Aspire • People who are respected most are those • who are knowledgeable enough to understand all of a system’s strengths and weaknesses; • that understand systems well enough to set up secure environments; • who can write new tools for securing existing systems • who can design new services that are secure and robust. • As we’ll see, it takes no expertise to execute an attack; but securing a system takes real knowledge.

  16. The Security Lab Hub Server Hub Hub

  17. The Security Lab • Those PCs are the only machines you can use to complete lab exercises in this class. • In the labs, we will execute attacks on common vulnerabilities and then setup counter measures. • Running these exploits elsewhere on campus or anywhere violates our honor code. • Downloading these tools elsewhere violates our honor code. (Counter measures are obviously ok. Analysis tools probably are a fine line sometimes.) • If you want to try out a tool or exploit, we’ll install it in the lab.

  18. Accounts in the Lab • All machines are shared, there is no way to save files other than to a floppy. • All labs are designed to take about three hours and can usually be saved on a floppy. • Some labs are destructive and require a re-install of the OS. (Accidents are ok too!) • Never expect your work to remain on your machine when you return. • Having a root account is a privileged role: don’t steal other’s work. • Just because administrators can read your mail doesn’t make it ethical to do so.

  19. The Setup • To run exercises, we will provide you with a disk imageof a complete operating system. • Normally, you will launch an attack from your partition, and attack the partition of another computer. • Or something similar. • For example...

  20. For example Bogus DNS entry • In a DNS cache poisoning lab, you will place bogus DNS entries into the cache of another machine. • You will then setup a defense on the Victim. • When you are done, re-install the victim’s OS clean from the server for another student to try. Victim Your machine

  21. More rules • Don’t break into the server or violate any of its systems. • Exploits are only to be run against the lab machines. • You aren’t to allow anyone outside the class into the security lab. • You aren’t to assist anyone outside the class with violating the acceptable use agreement.

  22. How did we secure the server? • The server is the only computer that can connect to the outside world. • The server is normally connected to the lab and firewalled. None of you have accounts on the server. • One ethernet card connects either to the lab or the campus. The campus cable runs to a locked closet and the cable must be attached to the campus network by hand. • When we do this, we could run the computer from a “live” CD-rom. The file system will be mounted read-only.

  23. Is this important? • Why study computer security? • Perhaps the threat of bugs or unintended error a greater concern? • Does the security of a system or service pose a limitation that should concern us? • Is there possible harm or risks to be aware of when dealing computers? • Is there a danger in teaching exploits?

  24. Security Threats are Rising in Number • The number of computer security vulnerabilities reported to CERT each year is growing too.

  25. Security Threats are Rising in Number • The number of computer security incidents reported to CERT each year is growing incredibly. • http://www.cert.org/stats/cert_stats.html

  26. Why study computer security? • (1) Computer security is fundamental to individual privacy. • Many of us keep personal data on our accounts: emails, bookmarks, coursework. • Many of us use the network to send personal data or retrieve personal data. • Many remote computers keep personal data for us: financial data and accounts, medical history. • We want to protect these resources.

  27. Why study computer security? • (2) Our society is increasingly reliant on the proper operation of computer systems and integrity of their data. • Financial and commercial operations, medical operations, meteorological, government, social welfare, and so on. (not to mention the Internet itself.) • The protection of these systems is as vital as our dependence on the services they provide. • An understanding to their limitations is vital. • Exploited systems have resulted in people’s deaths. (Unavailable forecasts have caused a ship at sea to be lost.)

  28. Ethics • So far, we’ve been talking mostly about the legalities of the course; limits on what you can do. • Let’s talk about the ethics of our subject and our of profession; limits on what we should do. • The study of ethics provides us with a framework for judgments we must make within our profession. • As a computer scientists, the study and teaching of computer security is an ethical responsibility.

  29. What are our responsibilities? • The ACM code of ethics instructs us to • “1.1 ...design systems that will be used in socially responsibly ways, will meet social needs, and will avoid harmful effects to health and welfare. • “2.5 Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks. • “2.7 Improve public understanding of computing and its consequences... Including the impacts of computer systems and their limitations.”

  30. What are our responsibilities • And as users, the ACM code of ethics instructs us to: • 1.2 Avoid harm to others. • 1.3 Be honest and trustworthy. • 1.7 Respect the privacy of others. • 1.8 Honor confidentiality. • 2.3 Know and respect existing laws pertaining to professional work. • 2.8 Access computing and communication resources only when authorized to do so.

  31. IEEE Code of Ethics • Similarly, the IEEE instructs us • to accept responsibility in making engineering decisions consistent with the safety, health and welfare of the public, and to disclose promptly factors that might endanger the public or the environment; • to improve the understanding of technology, its appropriate application, and potential consequences;

  32. Consider your actions • Our actions as citizens are governed by legalities. • The study of ethics provides us with a framework for judgments we must make within our profession. • Our code of ethics is what holds us together as a profession; it’s what we profess. • Our actions as computer professionals must uphold our common ethics.

More Related