Advanced Linux/Unix: Security
David Morgan
U. C. L. A. Extension - X417.29F

Administrativa

Syllabus

Course outline 

 

WInter 2017
Wednesdays 6:30pm-10:00pm
UCLA Extension, LeConte Building, Rm 215

 

 

Thank you for taking the class. You are the best students ever. (3/14)

Activities for tonight
- discussion of the 4 multiple choice questions asked by the DETER "arp spoofing" assignment in course outline section 8
- slides about kerberos authetication protocol (see pp. 29-33 of this pdf)
- slides about GNU Privacy Guard (GPG) in course outline section 9
- in-class GPG exercise
- DETER exercise on firewalls in class
- barebones concept of certificates and related exercise  (3/14)

Firewalls lecture is here. (3/7)

Activities for tonight
- slides about key exchange in course outline section 10
- slides about GNU Privacy Guard (GPG) in course outline section 9
- in-class GPG exercise
- swap in DETER tunnels experiment and make sure apache can be installed on its "node4"
- possibly, slides about firewalls in course outline section 7 (2/28)

Homework and reading for coming week -
- do the DETER "Tunnels and  vpns" assignment in course outline section  12 homework column. You should do it as a member of DETER's SMC-CS78 project, rather than UCLALin project. You will need to install Apache on the server node (node4) as follows:
  apt-get update
  apt-get install apache2
  service apache2 status
  netstat -pant
- do the "primitive roots" assignment in course outline section 10
- next week intend to talk about firewalls. Read and listen to the relevant material in course outline section 10's Reading column. (2/28)


Activities for tonight
- intrusion detection
- slides about intrusion detection and Snort
- exercise about Snort
- exercise about aide (Advanced Intrusion Detection Environment).
- sign you up to the SMC-CS78 project on DETER, to enable the DETER homework below.
- do a preliminary run the DETER homework experiment, for familiarity and to check that things work.  (2/21)

Homework and reading for coming week -
- do the DETER "Tunnels and  vpns" assignment in course outline section  12 homework column. You should do it as a member of DETER's SMC-CS78 project, rather than UCLALin project. You may need to install Apache on the server node.
- next week 2/21 - intend to talk about intrusion detection and snort. Preview the material about it.
- Bishop has a good chapter on Intrusion Detection (chapter 22). Scan it.
- next week 2/18 intend to talk about key distribution and Diffie-Hellman key exchange, and GPG implementation of public/private key technology. Read and listen to the relevant material in course outline section 10's Reading column. (2/21)

 

Homework and reading for coming week -
- encryption modes (to eliminate patterns appearing within ciphertext). see section 9 of the course outline.
  1 scan the Wikipedia article at the link entitled "block cipher modes of operation."
  2 listed to the related podcast at the link entitled "episode #183."
  3 read Bishop Chapter 10 "Cipher Techniques" pp 145-153 on stream and block ciphers
  do the homework, submitted to the server, at the link entitled "encryption modes" in section 9's homework column. 
- next week 2/21 - intend to talk about intrusion detection and snort. Preview the material about it. (2/14)

Activities for tonight -
- slides about tunnels and VPNs. See course outline section 12. 
- exercises concerning all the 2 vulnerabilities whose exercises we did not do last week (we did the C sign extension exercise, but not the stack overflow nor heartbleed ones) (2/14)

Advanced Intrusion Detection System (aide) - man pages for aide and for its config file aide.conf. (2/14)

Activities for tonight -
- discussion of S-DES, a simplification of the DES block cipher algorithm
- slides about "application security," that is, particular vulnerabilities in individual programs stemming from intended side effects of their code. The slides are in course outline section 11.
- exercises concerning all 3 of the vulnerabilities discussed in the slides (2/7)

Homework and reading for coming week -
course outline section 6 reading (read) and podcast (listen) about S-DES (block cipher example) if not done already
course outline section 6 S-DES homework exercise if not done already
- answer the questions at the end of the exercises, turn the results in on paper next week
- next week 2/14 - intend to talk about tunnels and VPNs. See course outline section 12 and the reading shown there. (2/7)

Activities for tonight -
- exercise to crack passwords using hashcat, found at the link entitled "Cracking passwords" with hashcat in the course outline's section 5. Answer the questions there, in class, and tell the instructor.

Slides about Schneier's Secrets and Lies  (1/31)

Homework and reading for coming week -
course outline section 5 message digest exercise
course outline section 6 reading (read) and podcast (listen) about S-DES (block cipher example)
course outline section 6 S-DES homework exercise (1/31)

Activities for tonight -
- passwords and password cracking, described in slides found under "Passwords" link in the course outline's ection 5
- exercise to crack passwords using hashcat, found at the link entitled "Cracking passwords" with hashcat in the course outline's section 5. Answer the questions there, in class, and tell the instructor.

- possible discussion of PAM (pluggable authentication modules)

Slides about Schneier's Secrets and Lies  (1/24)

Homework and reading for coming week -
Bishop book, chapter 11, "Authentication"
Course outline, readings in sections 4 and 5 about passwords
listen to the podcast at the link in course outline section 5 entitled "message digests (cryptographic hashes)". (1/24)

Activities for tonight -
- covert channels, described in "steganography" slides in course outline
- demonstration of a covert channel

- RSA encryption algorithm, described in slides found under "Cryptography and Key Management" link on the USC website.
- exercise to operate the RSA algorithm manually in centos2014.zip's virtual machine, described in instructions found under "Cryptography and Key Management" link on the USC website.

Slides about Schneier's Secrets and Lies  (1/17)

Homework and reading for coming week -
Bishop book, chapter 8, "Basic Cryptography"
Course outline, readings in sections 5 and 6 (1/17)

Obtain virtual machines - here are 4 virtual machines in zip files located on unexgate.dmorgan.us, and their sizes in bytes:

/home/public/f19-heartbleeder.zip 485379435
/home/public/Snort on Centos 4.3 minimal-gdb-VMware10.zip  767479639
/home/public/centos2014.zip 1461625407
/home/public/kali-2015.zip 3919368726

Here is a readme file that describes how to use them. You can transfer them to your desired device per the instructions at the link below entitled "Remote Unix system." (1/17)

Exercises using the virtual machines, or DETER:

Cryptography & Key Mgmt
Authentication
Authorization
Application swcurity
Packet sniffing
Firewalls (DETER)
Intrusion detection
Arp spoofing (DETER)
Tunnels and vpns (DETER)
Computer forensics (DETER)

You can find links to the exercise instructions for each of these in the left column of this USC  website. (1/17)

"Not Outrageous" department - "...No computer is safe. I donít care what they say.Ē Donald Trump on December 31, in regard to confidentiality of communication over computer networks. Not outrageous because we don't have something like this that could make it "safe":

 

(1/10)

A Remote Unix system will be available for your use.

Using ssh (secure shell). ssh is an important tool you will use for interacting with remote computers. For that you will need an ssh client. There are a number of ssh client alternatives.