|breadth and spectrum of the field
operating systems' resource access controls as a foundation
|Read Schneier (approx 400 pages,
narrative, easy reading)
1 - review class website, esp. the links entitled "Syllabus" and "Course
do -steganography - use s-tools in Windows to create an image file containing an embedded text file. Get s-tools here. Be guided closely but not completely by the instructions at the link entitled "steganography" in the assignments column of the main web page. Assuming your name is John Smith (substitute your own real name), please name your files
In the txt file, put the sentence, naming you, like "my name is John Smith". The image file itself should be sunset.bmp, produced from sunset.bmp. Embed the text file into the image file, using password "password" and encryption algorithm IDEA. email to me the resultant file attached to a message entitled "steganography" (I will use an email filter based on that title, if you name it something else I won't get it). Email it to my private email address, not my SMC address. You get credit if I can extract your text file and read your name. (In the assignment as written up at the "steganography" link, ignore the 2nd portion about covert channels. The assignment was written for use in a slightly different setting. Follow it in terms of its step-by-step for using s-tools but not in terms of the assignment administration. Those just described here are the ones that apply for this class. In particular ignore the questions at the end. The assignment can be done on your Windows machine, or on my delivered VMware Windows virtual one you installed in Assignment 1. Be aware that some anti-malware tools may dislike s-tools. If yours does, turn it off if you are not uncomfortable doing so. You have every right to be and it's wholly your call. Else, use the VM.)
|read from textbook
a - chapter 6 "Filesystems and Security"
b - pp. 600-610 in the section of Chapter 19 "Defending Accounts" entitled " Administrative Techniques for Conventional Passwords."
c - pp 850-61 about processes and the ps command that reports on them; read this at a scan level, not to learn the detail in the tables and figures but the concepts in the narrative
read additional resources
the link at left entitled "File permissions"
the link at left entitled "Remote Unix access with ssh"
su, suid, sudo and process UID control
perform the exercise at the link entitled "version 1 - local" under the heading "ProcessUID control" at left. You can do it on your fedora 7 VMware virtual machine.
getting the needed files - the assignment asks you to acquire 2 files. They are available in the /home/public directory on sputnik.smc.edu. Use the method described here.
submit - When you are finished, answer the 3 questions at the end. Submit your answers following these preparation and submittal instructions (you will use scp to deposit your answer file in your "assignments" subdirectory on sputnik). Please name your file "uid.txt". I will grade these using an automated script, so the format of the answer is critical to intelligibility.
read from additional (non-textbook) sources
a - the link entitled "File permissions" at left
b - Part 1 and part2 of an article from IBM about passwords. Don't worry about the parts where specific code examples are analyzed (unless particularly interested). Note the article's suggestion to utilize dice for composing passwords in order to achieve "a completely random distribution of passwords of a given length." Randomness is a virtue, and dice achieve it better than any computer.
c - a discussion of the importance of randomness for producing "perfect passwords" at Gibson Research Corporation.
visit - sites for a couple of password safes, products where you put a password on your collection of passwords.
podcast discussion about LastPass
road-test your DETER account by doing the exercise at
You need send me nothing for this, I can see as a DETER administrator. We'll use DETER more seriously later. This is just to get you familiar with it first.
message digests (hashing)
| read - article about Linked-In
password leak implications
read - from textbook, chapter 7 "Cryptography Basics"
listen to this discussion about message digests (cryptographic hashes). It's is a 34 minute conversation, of which you can skip the last 14 minutes for our purposes. Just listen to the first 20 minutes.
perform - the "message digests" exercise.
It asks you to acquire a file called "makebigfiles." It resides on the server, in /home/public/. Do this assignment while logged in to your account on sputnik.smc.edu, in your home directory (there, you could get the file just by a local copy operation). Don't delete the files created while performing the assignment. I will look for them in your home directory later to evaluate you.
perform - the hashcat version of the above "Cracking passwords" exercise. Use the kali-linux virtual machine found in file kali-2015.zip. There are copies of it in /home/public on both sputnik.smc.edu and unexgate.dmorgan.us. Please retrieve it with scp via command line or filezilla utility. Use it under VMware. When unzipped, kali-2015.zip yields a subdirectory named "kali-2015" in which are all the files VMware needs. Bring up kali linux in VMware. kali linux has hashcat pre-installed.
This exercise has several parts. Do them all. When finished,
maximize your command window and dump the file hashcat.pot to the screen with
|Pluggable Authentication Modules (PAM)|
read - the write-up at "Simplified
listen - to the two audio clips (see the icon)
"1. SDES - Simplified DES" and "3. SDES Mangler
Function." Optionally, also hear
"8. Cipher Block Chaining."
do - the assignment at link entitled "S-DES algorithm". The assignment asks you to perform the S-DES algorithm on paper and turn in the paper. Do not turn in any paper, but please do perform the assignment on paper nonetheless. I have created some multiple-choice questions about your solution, and posted them as >>>your assignment here<<<. Submit your answers to those questions following these preparation and submittal instructions (you will use sftp to deposit your answer file in your "assignments" subdirectory on sputnik). Please name your file "sdes.txt". I will grade these using an automated script, so the format of the answer is critical to intelligibility.
|read - this article about one-time pad (perfect, unbreakable) encryption||
packet filter firewalls
stream and block ciphers (stream)
arp spoofing (a man-in-the-middle attack)
read - from textbook chapters 11 and 12. Chapter 11 "TCP/IP Networks" should come in large measure as review to you. Chapter 12 "Securing TCP and UDP Services" is long, and covers a range of security considerations. Some of them are general but many are specific to particular services. The latter part of the chapter devotes a page or two to each of a dozen common services, describing it and its own unique security related characteristics. Read these chapters over the course of the next 3 or 4 weeks. They relate loosely to the network related class lectures and activities (e.g., firewalls and arp spoofing)
read - an explanation of arp spoofing
rfc defining arp protocol
home page, ettercap project
Arp spoofing (DETER)
You need to make a couple of
adjustments. Our project is known
to DETER by the name SMC-CS78. The instructions don't know that, they
think it's USCCsci530. Wherever you see the latter in any instruction,
substitute the former (e.g., where told to execute:
The questions for you to answer are the following, which are the same ones found at the end of the exercise in non-multiple-choice form, recast into multiple-choice form.
1. ARP poisoning of node4 from node1
4. Imagine you run a web hosting company. The manager at one of your clients, a medium
sized business, calls you in alarm and reports the apparent defacement of his website
running on your host machine. Images on the site have all been replaced with various
hacker images like the laughing skull. He heard about it from several of his employees,
then saw it with his own eyes on their terminals. His website has fallen victim to the same
mischief as the one on our node4. What is your course of action?
Submit your answers to the preceding 4 questions following these preparation and submittal instructions (you will use ftp to deposit your answer file in your "assignments" subdirectory on sputnik). Please name your file "arpspoof.txt". I will grade these using an automated script, so the format of the answer is critical to intelligibility.
stream and block ciphers (block)
listen to Security Now podcast episode
#183 "Modes of Encryption" from 50:45 to 1:18:07
| do the assignment entitled "GNUPrivacyGuard". There are no questions to answer and
nothing to turn in. But importantly this will familiarize you with
how GPG works. You will need that familiarity to apply GPG in doing the
upcoming follow-on assignment (GPG, community).
do the portion of the "GPG,
community" assignment in the paragraph entitled "Preliminary task: sign and circulate/upload/publicize a copy of the gettysburg
do - encryption modes
RSA encryption 2
RSA public-key algorithm
read the section entitled "RSA: The Most Used Asymmetric Algorithm" in "Asymmetric Cryptography" (http://www.informit.com/articles/article.aspx?p=102212&seqNum=4)
listen to this discussion about Diffie-Hellman key exchange.. The conversation is 37 minutes. The first 14 minutes concerns Diffie-Hellman. The rest is about public-key cryptography. Listen to the Diffie-Hellman segment. Optionally, to the rest.
|do the portion of the "GPG,
community" assignment in the paragraph entitled "Part
1 - signing".
In the server's /home/common ("common" account's password given in class) your signed copies of the gettysburg address have been or will shortly be renamed, per the assignment. You can now proceed to figure out who signed each one and submit "signers.txt". The students who signed these files have all published their public keys to us (by putting them in /home/common where they are at our disposal).
do the portion of the "GPG,
community" assignment in the paragraph entitled "Part
2 - encrypting".
do the assignment at the link entitled "RSA encryption 2". Perform it on your server account or on your linux VM. When asked to choose 2 prime numbers, make sure you choose them large enough that their product is no less than 100. The assignment produces a file named "outfile". Please submit it to me by placing it in your "assignments" subdirectory on the server. Retain the values you generated for keys in this exercise (e.g., don't delete outfile) because I will ask you to use these keys again in a follow-on assignment. (I plan to encrypt something for you with the public key you give me in "outfile", then expect you to decrypt it. You'll need your matching private key to manage that, so retain it. Doing this assignment accomplishes the first 3 steps of the follow-on assignment, which is "Using RSA"
do the assignment at the link entitled "Primitive roots"
|ssh - secure shell|
Stack buffer overflow:
Hackin9 magazine article Overflowing the stack on Linux x86 by Piotr Sobolewski
GNU debugger (gdb) documentation
a bug in a library of code called crypt_blowfish. It applies the blowfish block cipher algorithm to the task of hashing passwords. It was utilized as the tool for doing that in some linux distributions (not fedora). The bug was there since about 1998 until patched in 2011. It substantially weakens the passwords it processes. It was found while trying to crack some passwords with John the Ripper.
do the assignment at the link entitled "Primitive roots"
do the assignment at the link entitled "Using RSA", using your private key to decrypt a message from me. Of the 8-item list at the beginning of the assignment, you accomplished the first 3 steps last week when you performed "RSA encryption 2". You generated a key pair. Then you published your public key to me when you put your "outfile" containing it within my reach in your assignments directory. I have since or will shortly perform step 4, encrypting a random string with your public key. All my random strings are 3-character uppercase-alpha strings.
The assignment calls upon you to get
optionally explore - the stack overflow demonstrated in class - the environment suitable for reproducing and playing with it is in the form of a VMware virtual machine. The virtual machine is in the file "Snort on Centos 4.3 minimal-with-gdb.zip". That file can be found in the home directory of user "public" on sputnik. Here are instructions for causing/observing the stack overflow within that environment (they can be expected not to work in other environments). The sample files are in the /root directory, within your virtual machine.
(review, reinforcement of above 4 topics gpg, rsa, ssh, diffie-hellman)
Application security (stack overflow, representing the category)
"IP in IP tunneling" "IP encapsulation within IP"
"Getting Started with ssh”
free clients for Windows
DETER "Tunnels and vpns" assignment
The instructions were written for a different class. They largely apply with a couple of exceptions.
First exception: do not use the network specification files offered within the instructions. Rather, use one adapted for this class. There are two of them. The first sets up Fedora machines within DETER, the second Ubuntu.
DETER has relatively more available machines able to run Ubuntu. That means when DETER is under heavy use you'll have a better chance of swapping in your experiment if you use the Ubuntu version. On the other hand, the Fedora version is tried-and-true and the Ubuntu one is brand new Nov 2012. I suggest you use the Ubuntu one, contact me if you observe fundamental problems, and use the Fedora version as fallback. DETER is particularly busy right now (mid-November 2012).
Here are the 2 ns files:
Second exception: our project is known to DETER by the name SMC-CS78. The instructions don't know that, they think it's USCCsci530. Wherever you see the latter in any instruction, substitute the former.
With those two caveats, here are the instructions to follow:
Tunnels and vpns (DETER)
You need not answer the questions found at the end of the assignment. I will grade you by 1) observing the presence of evidence on DETER that you did the assignment, and 2) screenshots you turn in. However, as a self-measurement, read the questions and see whether you think you understood their points or not.
What to turn in:
When you reach the point early in the assignment where you have opened 5 terminal windows connected to your 5 experiment nodes, print out a screenshot of it that looks like the one in the instructions.
When you reach the point in the assignment section about OpenVPN "Scenario 1: routed tunnel, unencrypted," print out a pair of screenshots showing the tunnel endpoint connection dialogs, just like what you see in the instructions.
Send me the two screenshots as email attachments.
|peruse article on digital forensics for an overview||Computer forensics (DETER)||computer forensics|
|write-up entitled "filesystem
encryption." It has 4 links at the bottom. Read them too (
except for the last one, concerning FreeOTFE).
article on the Truecrypt vacuum
listen to this discussion about Truecrypt.
You can skip over the initial 14-minute conversational chit-chat and start
listening at the beginning of the description of the Truecrypt product.
view - the slides entitled "sshfs - remote filesystem." What relation does the ssh file system bear to encrypted filesystems? to encryption?
do the assignment at the link entitled "truecrypt". Where asked to get files, obtain them from the home directory of user "public" on sputnik.. You are supposed to submit to me a file you create, and to send me information about a file of mine. Do so by sending me a single email message. Make your file an attachment, and include the required information within the message. Make sure the message title is "Assignment 13 Truecrypt". I will use an email message filter that finds such messages and that's what I will grade. If you title your message differently your assignment may get lost. Send your message to email@example.com (not to my smc.edu address please).
|backup onto an encrypted filesystem|