A Laboratory Based Course on Internet Security - PowerPoint PPT Presentation

1 / 42
About This Presentation
Title:

A Laboratory Based Course on Internet Security

Description:

Download a rootkit and install. Install and discover back doors. White-Hat Security Tools. ... The Ethics of Hacking. ... with the tools to create mischief. ... – PowerPoint PPT presentation

Number of Views:41
Avg rating:3.0/5.0
Slides: 43
Provided by: Prabhake5
Learn more at: http://cecs.wright.edu
Category:

less

Transcript and Presenter's Notes

Title: A Laboratory Based Course on Internet Security


1
A Laboratory Based Course on Internet Security
  • Prabhaker Mateti
  • Wright State University
  • Dayton, OH 45435
  • NSF DUE-9951380

2
Goals
  • Awareness of Security Issues
  • Teach security improvement techniques
  • Explain how exploitable errors have been made in
    the development of software.
  • Raise the level of ethics awareness
  • Bring attention to legal issues

3
Assumptions in the Course Design
  • Beliefs?
  • Lab-oriented?
  • Whole course or Distributed into
  • Required or Elective?
  • 10 weeks or 15?

4
The course needs to be lab-oriented.
  • I hear and I think. I see and I remember.
    I do and I know.
  • -- Confucius

5
Should be a course by itself.
  • Integrating security concepts into other courses
    is very difficult.
  • Easier to propose and implement an entire course
    that is new.

6
Should be a Required Course.
  • Security exploits have become way too-common.
  • Can motivate why Software Development should be a
    more rigorous discipline.
  • Many security topics synthesize what is learned
    in several disparate and un-integrated courses.

7
Can only be an Elective Course.
  • Most BS Degree Requirements are too full of core
    and required courses.
  • Required Courses cannot be downgraded to
    Electives.
  • Cannot even re-work n required courses into m
    required courses, m lt n.
  • Is it a discipline ?

8
Term or Semester Course
  • Both must be accommodated Term 10, semester
    15 weeks
  • At WSU

9
Course Logistics
  • Lectures on topic one per week
  • Lectures on experiment one per week
  • Lab experiments one per week
  • First week, only lectures. (May be second week
    too.)

10
Currently Available Material
  • Books
  • Websites
  • Courses elsewhere

11
Books on Security
  • Many books, gt 500
  • Academic text books, in the tens.
  • Garfinkel and Spafford 1996/2003, Practical UNIX
    Internet Security, O'Reilly.
  • Rubin 2001, White-hat Security Arsenal, Addison
    Wesley.
  • Stallings 1998, Cryptography and Network
    Security, Prentice Hall.
  • Bishop 2003, Computer Security, Addison Wesley.

12
Amazon.com book search results(2003/02/19,
1900 PST)
Network security 714
Internet security 910
Computer security 2673
System security 1328
Homeland security 45
Security 32000
13
Web Sites
  • There is an oceanic amount of material on
    network security available over the Internet.
    -- A Web Page.
  • How do we define a Security Web Site?
  • 1000 web sites

14
A Few Chosen Security Websites
  • www.incidents.org
  • www.cert.org
  • www.cerias.purdue.edu
  • www.securityfocus.com
  • lwn.net/security
  • www.microsoft.com/security
  • www.phrack.com

15
Courses Elsewhere
  • Many commercial courses.
  • Academic courses
  • Mostly graduate level
  • Focused on cryptography
  • Principles and concepts only
  • Projects, not Lab Experiments
  • E.g., theory.lcs.mit.edu/rivest/
    crypto-security.html
  • Thirty-six Centers of Academic Excellence in
    Information Assurance Education sponsored by NSA
    www.nsa.gov/isso/programs/nietp/ newspg1.htm

16
What We Developed
  • About 30 lectures, 75 minutes each.
  • About 25 lab experiments, 2 hours each
  • Security Lab setup details.
  • Collected articles on Ethics and Legal Issues.
  • Past exams, and links to code.
  • A support website, with the above.
  • At WSU, introduced a new course, CEG 429
    Internet Security.

17
Overview of Course Contents
  • Depth v Breadth
  • Choice of Topics
  • Design of Experiments
  • CEG429 week-by-week

18
Depth v Breadth
  • Discuss current security breaches and protection
    measures ? breadth.
  • Conduct experiments knowledgeably ? depth.

19
Internet Security
  • Trojan Horses, Viruses and Worms
  • Privacy and Authentication
  • TCP/IP exploits
  • Firewalls
  • Cryptography
  • Secure Config of Personal Machines
  • Buffer Overflow and Other Bug Exploitation
  • Writing Bug-free and Secure Software
  • Secure e-Commerce Transactions
  • Ethics and Legal Issues

20
(No Transcript)
21
Typical Article on our Website
  • Title
  • Summary
  • Educational Objectives
  • Background Information
  • Pre-Lab and Suggested Preparation
  • Procedures
  • Appendix A Acronyms
  • Appendix B Further Reading Links
  • Appendix C Notes to TAs
  • Procedures
  • Step 1, 2,
  • Achievement Test
  • Concluding Activities
  • Demo
  • Witness Report
  • Lab cleanup
  • Report on the Experiment

22
Lab Experiments Developed
  1. Experience serious nuisance.
  2. Viruses, Worms, and Trojans.
  3. Boot from power up to login
  4. System Administration.
  5. Password Cracking Tools.

23
Lab Experiments Developed
  1. One-time passwords, and secure shell.
  2. Privacy Enhancing Tools.
  3. Securely configure a Linux PC.
  4. Fortification of a System.
  5. Build a hardened kernel.
  6. Setup a router.
  7. Install and Run a network sniffer.

24
Lab Experiments Developed
  1. Hijack an on-going telnet session.
  2. User authentication and spoofing.
  3. DNS spoof.
  4. Download a rootkit and install.
  5. Install and discover back doors
  6. White-Hat Security Tools.

25
Lab Experiments Developed
  1. Buffer Overflow Exploits.
  2. Packet Filter Firewall.
  3. Probing For Weaknesses.
  4. Denial-of-Service Attacks.
  5. Design Weaknesses of TCP.
  6. Security Audit.
  7. IPv6-enabled kernel, and tools.

26
(No Transcript)
27
Ethics
  • Sign on to our Ethics Statement
  • The Ethics of Hacking. A discourse by "Dissident"
    www.attrition.org/modify/texts/hacking_texts/hace
    thic.txt
  • The Hackers Ethic. The six tenets from Steven
    Levy, "Heroes of the Computer Revolution".
    project.cyberpunk.ru/idb/hacker_ethics.html
  • OSU Ethics Website. www.cgrg.ohio-state.edu/Astro
    labe
  • Codes of Ethics from ACMIEEE.
  • www.onlineethics.org
  • www.ethics.org

28
Ethics Statement
  • In this course I am learning network and computer
    security principles.  It is a 10-week long
    course, with a prerequisite of general
    understanding of operating systems and computer
    networks.  I realize that this learning is just a
    beginning. 
  • I  assure the instructor, the University, and the
    world that I am a caring, responsible, and
    principled person.  I will  help create a better
    world.  Never will I engage in activity that
    deprives others in order to benefit from it.
  • The techniques and links that I am exposed to are
    for educational purposes only.  As a power user
    of computers and future network or systems
    administrator, I must be familiar with the tools
    that may be used to bring a network down.   A may
    engage in a legitimate form of hacking, or more
    precisely, ethical hacking, as a consultant who
    performs security audits.  This is the driving
    force in learning the past attack techniques.
  • I will not directly provide anyone with the tools
    to create mischief.   Nor shall I pass my
    knowledge to others without verifying that they
    also subscribe to the principles apparent in this
    statement.
  • I will not engage in or condone any form of
    illegal activity including unauthorized
    break-ins, cracking, or denial of service
    attacks.
  • ___________________________    _____________
    ______________________Name of the student
    Signature and Date

29
Internet Security Lab Setup
  • PCs, NICs, Switches, Cables
  • Each PC with 2 NICs
  • Physically Isolatable
  • Private Network
  • Linux-based Firewall-cum-Router

30
OSIS Operating Systems and Internet Security Lab
  • Room 429, Russ Engineering Center, WSU
  • In continuous use since November 1999
  • 26 PCs in the lab for students' use, and one web
    server, one router, one file server, and one PC
    for re-configuration experimentation.
  • Shared Lab
  • Operating Systems Courses, CEG 433,434
  • Distributed Computing Courses, CEG 730,830
  • Multiple Operating Systems

31
OSIS Operating Systems andInternet Security Lab
  • 1999
  • Lab
  • 26 PC s (PIII 450MHz, 128 MB RAM, 13 GB HDD)
  • 8 Fast Ethernet Switches
  • Operating Systems
  • Caldera Open Linux 2.3
  • Kernel 2.2.10
  • Windows NT 4
  • Windows 98 SR2
  • 2003
  • Lab
  • 26 upgraded PC s (2PIII 450MHz, 512 MB RAM, 13
    GB HDD)
  • 8 Fast Ethernet Switches
  • Operating Systems
  • Mandrake Linux 8.2/9.0
  • Linux 2.4.x
  • Windows XP
  • Windows 98 SR2

32
OSIS Operating Systems andInternet Security Lab
  • All the PCs are on a private LAN
  • One Fast Ethernet switch for each a group of 4-6
    PCs.
  • Each PC is loaded with
  • Linux Mandrake 8.2/9.0
  • Windows XP
  • Windows 98.
  • Boot into one of these via ntldr

33
osis111.cs.wright.edu
  • All the lab PCs 192.168..
  • router.osis.cs.wright.edu 192.168.17.111
  • osis111.cs.wright.edu 130.108.17.111
  • IP Filtering Router Firewall
  • All Internet connections are through the Firewall
  • IP masquerading

34
Security Software
  • Secure Shell, PGP,
  • Firewall Kits
  • Tools
  • Top 50 Security Tools survey from www.nmap.org
  • http//www.packetfactory.net
  • nmap, SAINT,
  • tcpdump, ethereal, snort,
  • Password cracking
  • Tcpwrapper

35
Lab Maintenance
  • Individual student logins.
  • Students need to be superusers.
  • Reload OS images periodically.
  • Update packages.
  • Forgotten passwords, etc.
  • Students files are not archived.

36
Cloning the OS Images
  • Setup a Golden Client.
  • Several cloning tools exist
  • Symantec Ghost
  • Open source SystemImager
  • Open source UDPcast
  • None of the above deal (well) with multiple file
    volumes from multiple OS.
  • Takes about 45 minutes for 26 PCs
  • Individualize Each PC
  • Hostname
  • IP address
  • Ssh host keys

37
Teaching Experience
  • Lectures must be updated to keep up with software
    patched with the latest.
  • Most students take the course in their (semi-)
    final term.
  • Cannot find knowledgeable TAs.

38
Learning Experience
  • Considerable amount of wow effect.
  • We really learned a lot!
  • Prerequisite
  • Computer Networking, CEG 402 Wrong?
  • Operating Systems, CEG 433 Right?

39
Goals Achieved
  • Awareness of Security Issues
  • Teach security improvement techniques
  • Explain how exploitable errors have been made in
    the development of software.
  • Raise the level of ethics awareness
  • Bring attention to legal issues
  • Taught Yes, Learned Yes, Believe In it may be.

40
By-Products Students are
  • More at ease with real hardware and real software
    not a black box any more.
  • Amazed at the Open Source movement, but do not
    understand.

41
If I may urge you
  • Introduce a course like this into your
    curriculum.
  • Peer-Review the articles on our web site.

42
Links
  • CEG 429 Home Pagewww.cs.wright.edu/pmateti/Cours
    es/429 local-link
  • OSIS Lab Home Pagewww.cs.wright.edu/pmateti/OSIS
    local-link
  • Support Web Sitewww.cs.wright.edu/pmateti/Intern
    etSecurity/ local-link
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A Laboratory Based Course on Internet Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!