CS78 Secure Server Installation & Administration

David Morgan
Santa Monica College
see syllabus for email address

Administrativa

Syllabus

Grade reports

Course outline 

Course description


DETER net testbed
  home
  get/use an account
  FAQ
  tutorial
  news report (pbs)

Slide presentations 


General Information

RFC lookup

Remote Unix access with ssh

TCP/IP Pocket Reference Guide

TCP/IP paper - "Intro to the IP Protocols"

Wireshark doc
html   pdf

ntop overview

Sockets: socket programming

Sockets: sample programs
 - letter-upgrader server
 - letter-upgrader's client

Encryption article
(DES, public-key)

filesystem encryption


Linux

Fundamental Unix Commands

vi - the Visual Editor

File permissions

Cryptography

Simplified DES

Diffie-Hellman key exchange
 - one article
 - another article

 

Slide presentations

general considerations

users/processes/resources

Local security:

Bootup & Init

Bootloaders

Passwords

GNUPrivacyGuard (gpg)

Users

Permissions
authorization

Processes

Homemade shell

ProcessUID control

Pluggable Authentication Modules (PAM)

Backup

Centralized logging

Logging: swatch

yum (auto-update)

Network security:
Interfaces & Routes

IP Addresses

tcp protocol

tcpdump

Network services

socket demo

steganography

message digests

cryptography

Japanese Naval Code JN-25

stream and block ciphers

s-des backgrounder

s-des operation example

RSA algorithm

ssh - secure shell

ssh forwarding

sshfs - remote filesystem

stunnel - tunnel w/ssl

nmap port scanner

key exchange

Software security

Tunnels and vpns

vpn architectures

vpn tunnels

OpenVPN

packet filter  firewalls

arp spoofing

Shorewall firewall

packet injection - hping

computer forensics

software security

net statistics - ntop

Apache (web server)

HTTP protocol

BIND (name server)

DNS protocol

dhcpd (address server)

DHCP protocol

ftp

nfs

 

 

processes 

authorization 

process UID control 

password authentication 

cryptography 

message digests 

wireshark 

firewalls 

simplified DES 

RSA algorithm 

GPG encryption/signing

ssh 

key exchange 

arp spoofing  

tunnels & VPNs 

 

SUMMER 2015
Section 4022 6:30p - 9:40p Tuesday and Thursday, Business Building room 263

This Website (http://homepage.smc.edu/morgan_david/cs78/) will be used to communicate with you. Announcements, grade reports, and assignments will be posted here. The site can be viewed from an internet-connected browser anywhere. You are responsible for awareness of the information posted here.

Thank you - for taking this course. It looks like cybersecurity will remain of  relevant interest and concern to us as individuals and society for the indefinite future. You understand it better than 95% of the population. I hope you will be able to use your knowledge to your benefit. (8/13)

Other classes I teach - are known to you from the main website front page. There, you can see the class-specific pages from recent semesters for a fully concrete idea what they are.

CS40 - Operating Systems (3hr credit, next offered Spring 2016)

CS41 - Linux Workstation Administration (3hr credit, next offered Fall 2015)

CS70 - Network Fundamentals and Architecture TCP/IP networking (3hr credit, next offered Fall 2015)

CS75 - Network Protocols further depth and variety beyond CS70 (2hr credit, next offering unscheduled but under discussion for Spring 2016)

I also teach related courses at UCLA Extension including a new one on shells and shell scripting (UCLA's fall quarter, September) and a "linux intermediate" which amounts to system administration topics that go beyond my SMC CS41 curriculum.. They are more costly than those of community college, but are public and available. (8/13)

Grades up-to-date please check - includes the tunnels assignment. Current and complete as of 5pm today. Last call for you to let me know about anomalies/omissions etc while we can still maybe do something about them.  (8/13)

Grades amended - with the several assignments you called to my attention individually in class last night. Also included is the in-class exercise from last night. These are my current best-effort set of grades, all that I have, as of mid-day today Wednesday. Please call other anomalies/omissions etc to my attention today or tomorrow.  (8/12)

Grades - posted. Includes s-des and arpspoof exercises. Please check your grades and call any anomalies to my attention. (8/11)

Test - latter part of class at our final meeting August 13. Closed book. Please bring a scantron form 882. (8/11)

Assignment
read - course outline section 13, reading column
do - course outline section 14's "encrypted filesystems" exercise. This will be done in-class. It results in a file you should submit at the end of the exercise. due in your assignments directory during class 8/11
do - the "primitive roots" assignment in course outline homework section 11. due in your assignments directory end of day Friday 8/14 (8/11)

UCLA data breach(es) (8/9)

Encryption is
"something expressly to allow people to place themselves beyond the law." James Comey, FBI Director, 2014, in opposition to Apple release of encryption implementation that limits availability of the decryption key to the intended decryptor.
"We're only a few generations away from being able to record our entire lives-- in audio and video [body cams for people that aren't policemen]-- and save the data.... Someday not wearing your life recorder may be cause for suspicion." Bruce Schneier, Secrets and Lies, 2004. Someday leaving home without the life recorder will join private phoning as a fugitive attempt to place oneself beyond the law. When will suggestions like these begin to arise? When will they begin to become accepted?
You used gpg to encrypt your data such that the only person who could decrypt it would be the one you intend-- not me, not James Comey. Did you mean expressly to place yourself beyond the law that day? Did you do so? What do you think is your liability, what is your culpability, for what you committed in this class? (8/8)

Don't be happy, worry - an intriguing article I ran across today. The gist:

"...all programs are assumed to be direct representatives of the user, ...fundamentally a mistake. ...software works for those who wrote it, rather than the hapless ones running it.

"There is an urgent problem that users are starting to store very real value on their machines ...and right now, playing whackamole with zero-day exploits is not a good enough security model ...We have to return to the hard question of how do I stop other people from telling my computer what to do without first asking me? 

"...Encryption without secure endpoints isn't going to help very much, and right now, operating system security is the weakest link. ...Ordinary people should be able to store value on their home computers without feeling that they have automatically left the front door open with the keys in the lock. How can we provide people with an equivalent level of protection for their bank accounts or their bitcoin holdings? ...If we cannot trust the users' devices, how can we give them all this access to and power over users' lives?

"The revolution is stalling for ordinary users because they cannot trust their operating systems to protect their private keys and thereby their accounts. What now?"

Sputnik is back - as of this evening. (8/6)

Test - probable, latter half of final class meeting August 13. (8/6)

Remaining topics I wish to cover - encrypted channels (tunnels/vpns), encrypted storage, key exchange. (8/6)

Assignment
do tunnels/VPNs as detailed in course outline section 12
Important: you need to make an adjustment. Our project is known to DETER by the name SMC-CS78. The instructions don't know that, they think it's USCCsci530. Wherever you see the latter in any instruction, substitute the former.  due by end of day Wednesday August 12  (8/6)

New implementation of TLS from Amazon  - oh, and, by the way, QUIT CALLING IT SSL!!! (8/4)

Application security - flaws or exploitable characteristics particular to specific applications. You can optionally reproduce and observe the flaws shown in the lecture slides.
stack overflow demo - the environment suitable for reproducing and playing with it is in the form of a VMware virtual machine. The virtual machine is in the file "Snort on Centos 4.3 minimal-with-gdb.zip". That file can be found in the home directory of user "public" on sputnik. Here are instructions for causing/observing the stack overflow within that environment (they can be expected not to work in other environments). The sample files are in the /root directory, within your virtual machine.

The slides are at the link in the course outline entitled "Software security". 
sign extension bug - the podcast "Anatomy of a Security Mistake" by Steve Gibson. It discusses a bug in a library of code that applies the blowfish block cipher algrorithm to the task of hashing passwords. It was utilized as the tool for doing that in some linux distributions (not fedora). The bug was there since about 1998 until patched in 2011. It substantially weakens the passwords it processes. It was found while trying to crack some passwords with John the Ripper. (8/4)

"With heartbleed, what data do I get," I was asked after class yesterday. You get whatever data is neighbor in RAM to the heartbeat payload. The payload originates from the client; the server does a write/read depositing it in memory then reading it back to boomerang it to the client. But he reads back too much. What data lies adjacent to the payload? Whatever was placed there recently, by whoever placed it. It's a multiprogramming system and we don't know. The data coming back is unpredictable and uncontrollable by the attacker. In the slide below, I used the web form just to be able to get some known-quantity thing into the server's memory. Thereafter, I ran the exploit about 10 times, scrutinizing what came back trying to spot "EAZZZ...ZY2SEE..." The first 9 times it wasn't there, the 10th time, bingo, there it is (below). A real-world web form might have solicited something sensitive, like a credit card number or credential of some kind. Web forms are, after all, how you supply your card number to an online merchant. Not just apache, as here, but any software that uses memory (which doesn't?) may place its data in heartbleed's path. So session and private keys, if any software ever used them, might show up.

Please do not conclude from this slide that I deliberately constructed what you see. I hoped for what you see. I was on a fishing expedition and got lucky, eventually. But those trophy catch photos never tell that the fisherman labored in vain since sunrise before he finally hooked the big one.

"'Come on, fish,' he said. But the fish did not come...'Fish,' he said softly, aloud, 'I'll stay with you until I am dead.'" The Old Man and the Sea, Ernest Hemingway.  (8/4)

Grades - posted. Includes gpg signing exercise (who signed what). (8/4)

Binary-to-text encoding - is why gpg keys are so funny looking! The keys themselves have arbitrary binary content. So you can't print them. Nor use them with protocols that don't handle what you can't print (email). For such problems, there are a number of encoding scheme solutions to map arbitrary binary bytes into a subset of bytes that are all printable. gpg uses one called Radix-64 (almost identical, better known as, base64). From a text or stream, it divides every 3 consecutive bytes (24 bits) into 4 units (6 bits apiece). Printing 8-bit units would require 256 distinct characters whereas printing 6-bit units would require 64. We don't have 256 characters. We have about 100. So while we don't have enough to go around for 256 values, we can accommodate 64 of them: with conversion we can print anything. (8/3)

Authentication without confidentiality - below is one of our slides. What's the stuff in the red box?

Note there is no encryption of the data, the purpose is not to obscure the data but to make certain it came from Fedora. (8/2)

Assignment  
do - put your key file "studentXXkey" for the GPG community exercise into /home/common - do this tonight, now, in class July 30 enables me to set the assignment up so you can proceed to do it. The assignment itself is below, in the 7/28 posting. See assignment and due dates there.
do/finish - the s-des exercise by end of day Sunday August 2
do - arp spoofing as detailed in course outline section 8 by end of day Wednesday August 5 (7/30)

Grades - posted. Includes manual RSA (personal decrypt) and encryption modes. (7/30)

Jet Propulsion Laboratory (JPL) internship opportunity. (7/30)

Three purposes of cryptography - 1) confidentiality, 2) sender authenticity, 3) data integrity. (7/30)

Grades - posted. Includes firewalls and one-time pad. (7/28)

Assignment
read - course outline section 9, reading column
do - the "Part 1 - signing" and "Part 2 - encrypting" activities from course outline section 10, homework column, "GNUPrivacyGuard"
They spring from the activities in section 9, which we will perform in class tonight. That prepares and enables you to do the "Part 1 - signing" and "Part 2 - encrypting" components of section 10's homework.
"Part 1 - signing" result file "signers.txt" due on sputnik end of day Sunday, August 2
"Part 2 - encrypting" - tell me verbally in class Tuesday, August 4 what I encrypted for you, or email it to me earlierl

 DETER experiment on arp spoofing, will be assigned shortly after I have a chance to test it. Then I will post a "green light" plus due date message here.
(7/28)

"Designated student number" assignments:
student01 bell
student02 columbro
student03 cooper
student04 cruz
student05 elyasnik
student06 fowler
student07 geguzis
student08 mcdonald
student09 meullion
student10 morales-arnao
student11 netkin
student12 newbill
student13 postovoit
student14 vandegriff
student15 zakharchenko
student16 zhu
(7/28)

Come 'n get it - your individual encrypted files are in sputnik's /home/common. If your last name is smith, your file is named ciphermessage-smith. Copy it into your home directory and decrypt it. Your tool for that can be the decr script located in /home/public. You can copy that over into your home directory too (or run it in place if you want). The plaintext I encrypted for you was just a single 3-letter combination, all uppercase letters randomly chosen. I made it short so as not take too much processing time. If you did not want to use the decr script, you could take the 3 numbers in your file and decrypt each individually and manually in bc with your private key like we did in class. But the script does that in a loop and is more automatic and labor-saving. You get credit for revealing to me what the 3-letter word is that I encrypted for you. (7/24)

Modified utility programs encr and decr - are now in sputnik's /home/public. I worked on them a little today, so that they would have default values making most of their arguments optional. Their calling conventions are:

encr  <input file>  [<RSA's e>]  [<RSA's n>]  [<output file>]

decr  [<input file>]  [<RSA's d>]  [<RSA's n>]

(arguments in square brackets are optional). If you don't give encr an output file, or don't give decr and input file, by default they will use "ciphermessage". If you don't give encr a public key, or don't give decr a private one, encr uses 1943-and-7031 and decr uses 5783-and-7031 (which match as members of a working pair!). But if you want to supply your own filename or keys please do, per the calling conventions. (7/24)

Upcoming assignment - "GNUPrivacyGuard" link in course outline section 9. Preview it. (7/23)

Assignment
read - course outline section 10, reading column
do - RSA
course outline sections 10 and 11, homework column, we will do "RSA encryption 2" in class. It produces a file named "outfile". In class, put that in your assignments directory on the server. Then, the "Using RSA" assignment follows on to that. It is described in section 11. I will produce "ciphermessage-<yourname>" files for you individually, leave them all in the server's /home/common for you to pick up. You will decrypt your message. You will report to me in class next Tuesday July 28 what it was (or email it sooner). (7/23)

Assignment
read - material about encryption modes from course outline section 9
do - encryption modes homework in course outline section 9 due on sputnik end-of-day Wednesday 7/29
(10/10)

Manual brute force solution by Nathan Cooper below. (7/21)

Grades - posted. Includes password work (hashcat screenshot and Mandylion spreadsheet) and message digests.. (7/20)

Topical security-related reading for you - 
 Crypto-gram Newsletter
 KrebsonSecurity and many more listed under his "Blogroll" down the right column (7/17)

SonicWALL is a product in the security appliance category. Yoni Netkin in our class has one and we talked about it after class last night. To add practical real-world touch  he offered to bring it in. He wants me to show and talk about it. I want him to be the one to do that. He will bring it Tuesday and we can decide what to do. I may take it home to look at it before Thursday and talk about it then. I don't want to spend time at the expense of other topics so if we talk about it the talk has to be planned and focused.  If any of you have particular experience with a SonicWALL or other such device, and any suggestions, I'm open. (7/17)

Interesting list of privacy tools. (7/17)

Assignment 
read - material about one-time pad from course outline section 7
do - one-time pad homework in course outline section 7 due on sputnik end-of-day Sunday 7/26 (7/16)

Assignment 
do - the DETER firewall construction experiment given in the course outline, section 7. 
We have DETER machines formally reserved, as a class, for you to do this experiment during certain days. You must do the assignment between Wednesday 7/15 through Wednesday 7/22 inclusive.
 - due on sputnik end-of-day Friday 7/24
(7/14) 

Midterm exam - this course has no midterm exam. Plough your energy into the homework assignments. The homework is the thing. (7/14)

Manual brute force password attack for you to perform-
I chose a password and hashed it using md5. The hashed password (no salt) is:

0d149b90e7394297301c90191ae775f0

My password is one of the English language's thirty-seven 2-letter words, which are:

ad ah am an as at aw ax ay
be by do go ha he hi if in is
it me my no of oh on or ow
ox pi so to uh um up us we

it's in lowercase. What is my password?

Get a program that calculates md5 sums ("md5sum" command in linux, google for one in Windows, I like HashCalc). Be a brute force algorithm, by doing what it would do. Student who reveals/explains at the next class meeting gets my never ending admiration. Sometimes I grade on admiration. 

By the way, how much easier did confining passwords to English make the brute force cracking job? You have thirty-seven possible passwords to work through. With how many would you have been faced if all 2-letter combinations, English or not, randomly, had been allowed? (7/14)
here's a solution (7/21)

Grades - posted. Includes DETER road test. (7/14)

Keys Under Doormats - paper published Tuesday by co-authors including the highest technical minds in computer security on the risks of mandating backdoors in encryption products. (7/10)

Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy - Senate judiciary's Wednesday committee hearing.concerning mandating backdoors in encryption products. (7/10)

DETER ns-file fixed - with apologies to those of you who got the "bad" version I believe that the link to it now gives you the good one. (7/10)

Grades - posted. Includes uid.txt process experiment but not DETER road test. (7/9)

Assignment 5 - see Course outline topic 5, homework column. (Yes, no assignment 4 has been given.) (9/26)
files called for by this homework due on sputnik by end-of-day next Friday 7/17. (7/9)

You should use a virtual machine as platform for upcoming password cracking assignment - it's in a file named kali-2015.zip. I've put copies in two places.
 1. in /home/public on sputnik.smc.edu (located at SMC), from where you can retrieve it with scp via command line or filezilla utility.
 2. in /home/public on unexgate.dmorgan.us (located at UCLA), from where you can retrieve it in exactly the same way.
The file is 3GB in size. Please obtain it, and get it up and running in VMware. Pre-read the assignment.
Do this before our next class on Thursday.
Another platform option
- I have kali linux on an 8GB bootable USB, from last year. Its copy of hashcat proved broken as had the copy on my virtual machine. The same fix remedied it. If you bring an 8GB or larger USB flash drive to class I will bring mine and can make copies. I 'm sure hashcat works there, and pretty sure that the homework exercise also does (no reason why not though I did not repeat the exercise on my bootable USB drive). Bring your USB drive if you want a copy of mine on which to do the password cracking assignment.
When you log in to the kali linux virtual machine, do so as root. That account uses the same password as we use for the class laptops, c$l@bLinuX.
You're going to do stuff similar to what's shown in this youtube video. (7/8)

A common business decision - make ($3239) or buy ($5599-$18499) ? (7/8)

USB devices come in different classes-- storage, keyboard, microphone etc. The thing that differentiates them is software that they contain. The devices are reprogrammable; this software can be subverted. The vulnerability dubbed "Bad USB" was announced by researchers in 2014." (7/7)

Happy Independence Day - keep secure (from 1962 junior high school US history teacher Mrs. Mary Mareneck) (7/4)

yubikey device - comes from yubico. Google established a business relationship with yubico last fall for implementing 2-factor authentication using yubikeys. It uses a particular yubico product called Fido U2F security key. The FIDO ("fast identity online") alliance is an industry group promoting 2-factor authentication. (7/1)

DETER accounts were created - an advisory email message should be generated to each of you informing you of your account credentials and requiring you to make a minor change in your profile. It should be self-explanatory. The message will go to your smc email account. (7/2)

Remote unix accounts have been created - see the link below entitled "Remote Unix system account." Note the telephone-number derived password. Test your ability to log in. (6/30)

Grades - for the first (trivial, and minor) assignment have been posted. Please see the link at left entitled "Grade reports." (6/30)

Assignment 3  
read from textbook
 a - chapter 6 "Filesystems and Security"
 b - pp. 600-610 in the section of Chapter 19 "Defending Accounts" entitled " Administrative Techniques for Conventional Passwords."
 c - pp 850-61 about processes and the ps command that reports on them; read this at a scan level, not to learn the detail in the tables and figures but the concepts in the narrative
read additional resources
 the link at left entitled "File permissions"
 the link at left entitled "Remote Unix access with ssh"
 listen - to the recorded lecture about user accounts; if you took CS41 you have heard this material and need not listen to it again. It is at the link below entitled "A narrated lecture about user accounts"
do - the DETER familiarization activity in course outline section 4's "Homework" column. Due to be completed, on DETER, by end-of-day Wednesday 7/8. (6/30)

Assignment 2 - su, suid, sudo and process UID control
perform the exercise in the course outline section 3's "Homework" column. Due on sputnik end-of-day Sunday 7/5. (6/30)
If you are/were unable to fully perform the exercise in class June 30 as a basis for answering the questions and turning in the assignment, use this file. It contains the process listing from having performed the exercise, and from it you can construct the answers. (7/2)

Bruce Schneier is speaking in Tel Aviv today. I hope he brought a clean shirt. (6/24)

Steve Gibson has another website crammed with good security information, in particular his weekly podcast Security Now. (6/24)

Passwords we assigned tonight while setting up our scratch laptop:

where created? where stored? which password? what value?
in Setup motherboard
ROM chip
administrator/setup passadmi
in Setup motherboard
ROM chip
system passsyst
in Setup motherboard
ROM chip
hard disk passdisk
in Anaconda
installer
within
bootloader
bootloader passgrub
 in Anaconda
installer
within disk
partitions
disk encryption passphr1

(6/23)

A narrated lecture about user accounts 

Assignment 1 - see/do the homework column of section 1 of the course outline (6/23)

Practicum - a couple of the better students from my Spring semester classes are now taking this one and expressed specific interest in practice as opposed to theory. Specifically, "I run a server and I want to learn what I need to do to it to give it better security." This course has a rich curriculum, but it isn't primarily a vocational how-to. However I think it would be fun to spend a little time on the side taking a virgin machine, installing an OS on it from scratch with security considerations in mind, and in following weeks, as we study them, looking at some of the things we could do to harden it. It will be unstructured. I have an available laptop and will install Fedora 17 on it as demonstration. (Things that may come up: setup passwords, bootloader password, disk encryption, streamlined service set, firewall, 2-factor authentication, TPM.)

First-day administrative information you will need to know:

Procedures for using class laptops

A Remote Unix system account will be created for you.

Distributing files from sputnik to the class as a whole,  publicly - the above file transfer discussion describes file movement to and from your own home directory, exclusive to you. Sometimes I will want to have someplace to put a file so everybody can get to it and download it. When I do that, here's how to download them.

Using ssh (secure shell). ssh is an important tool you will use for interacting with remote computers. For that you will need an ssh client. There are a number of ssh client alternatives.

Running linux at home.

Slides available online - for most if not all slides I will show in class. Links to them can be found in the "Slides" column of the course outline.

Textbook - Practical Unix & Internet Security, 3rd Edition; Simson Garfinkel, Gene Spafford, Alan Schwartz, O'Reilly & Associates, 2003, ISBN 0596003234.
A student pointed out to me a commercial, electronic option for obtaining the textbook. I don't specifically recommend it but want to offer it to your attention. See
http://my.safaribooksonline.com/0596003234
and
http://my.safaribooksonline.com/?portal=oreilly

Opportunity - I'm happy to tell you that as a class we have the fortunate invitation to use a network testbed facility operated by USC/ISI called DETER. I will request individual DETER accounts for you; when they are created you will get an email message with info and credentials. In class I will describe DETER and how we will use it. This will come some weeks into the semester. In the meantime, you can explore the links under the heading "DETER net testbed" at left if you like.

DETER assignments - there will probably be 4:
  - firewalls
  - arp spoofing
  - computer forensics
  - tunnels & VPNs

Introductory - this class, this website
Thank you for your interest in this class and its subject matter. Computer security is current, evolving, important, and fascinating.

This is a traditional on-ground class. I plan to use several supplementary, online vehicles to deliver it:

- a static website
- recorded, narrated slide presentation lectures
- virtual machines, local and/or remote
- the DETER network testbed

More information about these will follow. As for what's on this website, there is more material on it than we will necessarily use. In particular the assignments shown at right are not specifically assigned to you merely due to their presence there. When I want you to perform one of them, you can be sure I will post an  explicit instruction here, formally assigning exactly what I want you to do, simlar to the one I already posted above.

The primary "home" of the course is this website. Assignments and announcements will be posted here. I suggest you check regularly.

Operating system platform for studying computer security - doesn't matter! Security is operating-system-agnostic. Individual operating systems have their particular security characteristics and vulnerabilities but broad security concerns and topics span platforms and devices. For example, password strength and cracking are the same no matter where a password might be implemented. The implementation of a password system will differ between two OS's but a strong or weak password is strong or weak everywhere, intrinsically. Having said that, I am knowledgeable about linux and will tend to use it as the primary operating system environment where work in this class will be done. There will be some use of Windows. Knowledge of linux will be a big help to you, however exercises are usually designed to give you the commands you are supposed to run, in order to reveal whatever lesson I'm trying to convey. So, you don't have to know linux commands deeply because I'm going to give you the ones you need when you need them.

Categories of security to be studied
The one that gets the headlines is network security. The way I look at it, there are 4 areas:

- local security
- network security
- application security
- routine maintenance - prevention, detection, recovery

An example of local security is physical access-- whether a machine sits behind locked doors or not. Another is password strength. Those are considerations independent of the network, if any. An example of application security is a flaw in code, for example a stack overflow opportunity due to the way the code is written. This permits some side-effect behavior/result unintended by the programmer, classically a way to gain the privileges of the root/administrator/supervisor/superuser found in most operating systems. That's a shortcoming of the application. This problem too, like physical security or password strength, is unrelated to the network, if any. And "routine maintenance" practices to detect or prevent problems (security hardening, anti-virus software), detect them (intrusion detection, disk analysis), and recover from them (backup regimens, log analysis), are not specific to networks either. The network attacks in the news are dramatic and sexy, but though computer security encompasses concern for network security, my point is that it goes well beyond it. For a list of specific topics under these categories see the link entitled "Course description" under the Administrativa heading at upper left.

The class plan is to devote some initial time to some introductory concepts and "review" of important local security foundations having to do with resource/file access control-- users, processes, permissions. These are aspects of system administration (if you took my linux class at SMC this is in part review). But they are security aspects of the operating system environment. Indeed user authentication and resulting file access control are a cornerstone of system security. We simply could not omit them from a security class. Thereafter we'll cover some foundations of networking as we need to know them. After that comes all the other stuff. The "Course description" and the links on this page give you pretty good hints what we'll study.

I may post certain lectures, which I expect you to listen to. They consist of narrated powerpoint slides. You need an up-to-date browser and Flash installed. The lectures are fairly heavy, multi-megabyte files. Be patient while they load. If you have a dial-up connection go listen to them elsewhere (e.g., SMC computer lab would do). After they load they will play. You must click to advance slide-to-slide.

My assumptions about you -
the formal prerequisite is that you took CS70, my SMC class about computer networking. If not, but you have alternative exposure to the concept of network frames/packets and computer addressing you will probably be OK. In particular, I will take that in consideration and make grading allowance in that case should you let me know that you are uncertain about your networking background and tell me a little bit about it. For my email address please see the "Syllabus" link at upper left. In general, this is a relatively advanced course. Somebody who chooses to take it probably doesn't do so casually, and knows a fair bit about computers already or wouldn't be interested. I assume you are generally a technically inclined and experienced person.

My assumptions about your equipment-
I assume you have access to a Windows machine on which you are free to install software. You need access to a linux machine but I'm going to give you that virtually and/or remotely. Windows won't be used extensively but some of the exercises I want to assign do use it. Again, if you don't have a Windows machine please let me know.

Thanks for coming. I think we'll have fun.

 


Eniac - 1946

 

Did you get the 'L'?
 1969


Assignments/due
these are available but not specifically assigned merely due to their presence here

using ftp

try your VM

permissions

Disabling users

ProcessUID control
 version 1 - local
 version 2 - via ssh

wireshark

PAM

BIOS and bootloader passwords

Cracking passwords
with Crack

Cracking passwords
with John the Ripper

Cracking passwords
John the Ripper (2)

Cracking passwords
with hashcat

least-need principle

steganography

ifconfig/route  

ssh key setup

ssh file access

ssh lab

port forwarding

secure remote gui

remote backup

remote  logging

nmap scanner

yum and rpm

tcpdump/wireshark  

capture browse session  

message digests

encryption modes

S-DES algorithm

one-time pad

Primitive roots

RSA encryption

RSA encryption 2
(in-class)

Using RSA

GNUPrivacyGuard

GPG, community

stunnel

apache via stunnel

firewall construction
 - native iptables
- via webmin tool

firewall construction (DETER)

Bastille - hardening

firewall

filesystem encryption
- cryptoloop
- truecrypt

chroot

MAC spoofing

Arp spoofing (DETER)

Computer forensics (DETER)

Tunnels and vpns (DETER)