Practical Training of Information Security - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Practical Training of Information Security

Description:

Application Security. User Authentication. Network Technology. Encryption. PKI ... W2K Sv IP. Among the things which impressed the students. Password Cracking ... – PowerPoint PPT presentation

Number of Views:53
Avg rating:3.0/5.0
Slides: 10
Provided by: aa287
Category:

less

Transcript and Presenter's Notes

Title: Practical Training of Information Security


1
Practical Training of Information Security
  • Masahito Gotaishi,
  • R D Initiative, Chuo Universty

2
About Us
  • Graduate School of Chuo University
  • Faculty of Science Engineering
  • 8 major subjects including Information and System
    Engineering
  • 5 minor subjects including e-Society
    Information Security in the MS Course
  • Part-time Doctoral Course
  • Launched the Project of Development of the
    Information Security Training System, sponsored
    by the MEXT

3
Necessity of Training
  • Following curriculum is required as the Technical
    Training
  • Threat (ways of unauthorized access)
  • OS Security
  • Network Security
  • Application Security
  • User Authentication
  • Network Technology
  • Encryption
  • PKI

mandatory
4
,,, -but for What ?
  • For the skill of implementing security systems
  • For the skill of Risk Analysis
  • For the skill of Self-Learning

5
Description of our Course
  • Practical Windows security Course
  • 1518 students in each class. 3 classes in 2003
  • 5 day intensive course, with practice
  • Purpose
  • To teach the tools methodology used in the real
    scene of SysAdmin security management.
  • To realize students the actual risk of the
    vulnerabilities and exploits.
  • To give basic training for researching
    discovering new methodologies of attacks and
    defense technology
  • It is one of the new security
    courses, planned in
  • the Development of the
    Information Security
  • Training System, sponsored by
    the MEXT

6
The environment
Windows 2000 Professional (Attack machine)
Windows 2000 Server (Target machine)
VMware Workstation 4.0
W2K Pro IP
W2K Sv IP
Red Hat Linux 9
RedHat IP
7
Among the things which impressed the students
  • Password Cracking
  • Offline dictionary attacks by Cain to work out
    the password from the hash
  • ARP cache poisoning
  • One of the Monkey in the Middle tricks. Most
    people are amazed at the ease of eavesdropping
  • ,,,,,, and various other ways of intrusion
  • including dcom.exe (MS03-026)

8
Follow-up study making use of the graduates'
community
  • Graduates' mailing list
  • Those who finished the course can join the
    graduates' mailing list to exchange various
    information related to security
  • Follow-up study group
  • Other workshops about the particular fields
    including "Buffer Overflow" are held among those
    who want to do

9
Acknowledgement
This work was supported by The Special
Coordination Funds for Promoting Science and
Technology of the Ministry of Education,
Culture, Sports, Science and Technology (MEXT),
Japan.
Write a Comment
User Comments (0)
About PowerShow.com