120 likes | 248 Views
Developing Hands-on Activities for Computer and Network Security Courses. Dr. Wayne Summers Columbus State University Columbus, GA summers_wayne@colstate.edu http://csc.colstate.edu/summers. Dr. Wayne Summers Columbus State University. Introduction . Types of classroom exercises
E N D
Developing Hands-on Activities for Computer and Network Security Courses Dr. Wayne Summers Columbus State University Columbus, GA summers_wayne@colstate.edu http://csc.colstate.edu/summers Dr. Wayne Summers Columbus State University
Introduction • Types of classroom exercises • Lab Activities • Homework Activities • Concerns • Student agreements Dr. Wayne Summers Columbus State University
Lab Assignments • Information Gathering (Footprinting) • Network Sniffing • Vulnerability Scanning • Setting up pgp accounts • Password Cracking • Social Engineering • “War Games” (Penetration teams) • Installing Firewalls Dr. Wayne Summers Columbus State University
Information Gathering (Footprinting) In this assignment you will be responsible for gathering information about a network. It is the first and easiest way for hackers to obtain information about networks. Most of the information is easy to get and legal in most countries. • Use Whois, Nslookup, Open source public information to find out as much as you can about the network hacker.edu (minimally you should identify the domains, the IP addresses classes and IP addresses of servers as well as the administrator’s contact information) • Use ping to identify which hosts are online • Select one server and use Netbrute or NMAP to identify which ports are available for intrusion Dr. Wayne Summers Columbus State University
“War Games” (Penetration teams) • Part 1: "Break" into one of the computers in SH109 and retrieve the file stored in temp. You may use any "tool" to crack the computer, but the tools may only be used in SH109 and you may NOT connect any of the computers to the outside network (LAN or Internet). • Part 2: Secure one of the computers in SH109. Describe the techniques that you used to secure the system. • Part 3: "Break" into one of the other teams' computers in SH109. Describe how you broke in and describe what you found. Dr. Wayne Summers Columbus State University
Homework Assignments • We need to isolate the CS department network from the rest of the campus network. Some of the reasons are to improve the performance of both parts of the network as well as improve the security of within our CS network. We have discussed the possibility of setting up a firewall / proxy server to facilitate this separation of the network. • Discuss the advantages and disadvantages of setting up a firewall and / or proxy server. • Are there any alternative solutions. • Describe the specifications of a firewall / proxy server for our CS Department. Dr. Wayne Summers Columbus State University
Installing Firewalls • Select one of the firewall programs from the provided list. • Install the firewall • Discuss the firewall installation and what steps are necessary to “fine-tune” the firewall • After one week, analyze the logs of the firewall and describe what you found. • Install a different firewall from the list and repeat steps 3 and 4. • Compare the two firewalls. Dr. Wayne Summers Columbus State University
Homework Assignments • With one other of your classmates, write up a draft of a Computer Security Policy Document for the computer lab in LH2. You should use Appendix D (pp. 371-374) as a model, but also look at sample policy documents on the web. You may also use any of the software tools available for generating computer security policy documents. Dr. Wayne Summers Columbus State University
Discussion Assignments • Discuss your views on Government Policies and Regulations concerning computer security including the U.S. government's policy of regulating encryption algorithms. • "In September 1998, the Electronic Disturbance Theater, a group of activists that practices politically driven cyber civil-disobedience, launched an attack aimed at disabling a Pentagon Web site by flooding it with requests. The Pentagon responded by redirecting the requests to a Java applet programmed to issue a counteroffensive. The applet flooded the browsers used to launch the attack with graphics and messages, causing them to crash. The incident raises issues all user organizations will soon have to grapple with, if they haven't already. When you detect a break-in, should you launch a counterattack in order to protect your network? Is law enforcement capable of stopping cybercrime and can it be trusted to keep investigations quiet? If not, don't corporations have a right to defend themselves?" Striking back Corporate vigilantes go on the offensive to hunt down hackers. by Winn Schwartau Network World, 01/11/99 Dr. Wayne Summers Columbus State University
Discussion Assignments • Discuss the Rainbow books. When we talk about NT being C2 compliant, what is meant and how important is it. • What is necessary to make NT C2 complaint? • Discuss C2 compliance for other network operating systems. NT C2 Security Evaluations Dr. Wayne Summers Columbus State University
Computer Security Class Student Agreement • I understand that I am taking a class that will teach me computer access techniques that can be used to break in to, damage or otherwise alter ("hack") computer systems. I also understand that it is the purpose of the class that this knowledge be used to protect information resources and not to compromise or destroy them or otherwise break any laws or disrupt educational, commercial or other activities. Any access to a system without the administrator/owners permission is illegal. • The following actions are clearly not ethical: • Breaking into a computer system without the permission of the owner or administrator of that computer system. • Doing anything that substantially interferes with other user's access to computer-based services (i. e., denial of service attacks). • Accessing computer-based information without appropriate authorization. • Accessing any computer-based service without appropriate authorization. • Unauthorized monitoring of electronic communication. • I agree that I will not damage, disrupt or access any computer systems or other students work during this class. I also understand that I will be expected to work with other students to test security, but I agree that it will always be done with their knowledge. I addition I will not destroy or damage their work and will let them know what I have accessed on their system. I will cease accessing their system when asked. • I understand that if I can not accept these terms, I can drop the class with no academic penalty. Once accepted, their violation entitles the class administrator to administer disciplinary consequences if I fail to abide by these agreements. Dr. Wayne Summers Columbus State University
Where to Get More Information • http://csc.colstate.edu/summers/Research/NetworkSecurity/outline.htm (workshop) • http://csc.colstate.edu/summers/NOTES/CS459/ (old) • http://csc.colstate.edu/summers/NOTES/6126/ (new) • http://e-security.tamu.edu/courses/info489/ (click on labs) summers_wayne@colstate.edu Dr. Wayne Summers Columbus State University