TCOM 562

1
TCOM 562 Network Security Fundamentals

• Fall 04
• Jerry Martin
• gmartin_at_gmu.edu

2
General Information

• Text book Hackproofing Your Network
• Course is overview
• Lectures attendance is important because I
  dont believe in reading slides, slide bullets
  are talking points E-mail is preferred method of
  communication and is mandatory method for
  homework submission
• Assignments
• Case Studies (3)
• Due approximately once a month (9/20, 10/12,
  11/8)
• Limited to 1 page, single spaced, if over 1½
  pages, lose 1 point

3
General Information

• Topics for each assignment are a specific best
  commercial practice
• Format 1st paragraph describe best practice
• 2nd paragraph discuss benefits
• 3rd paragraph discuss disadvantages
• 4th paragraph discuss ease of
  implementation, likelihood of acceptance
• Must be own words, no right or wrong answers
• Late submissions get no points
• All submissions are by e-mail

4
General Information

• Research Paper
• 7 10 pages, double spaced
• Select a topic from one of the weeks and submit
  for approval NLT 11 Oct
• Due 6 Dec, submit via e-mail
• Ensure sources are properly cited (e.g.
  Turabian), no more than 40 can be verbatim text
• Dont just describe topic, use analytical
  thinking
• Late submissions get no points

5
General Information

• Tests
• Midterm 25 Oct, Final 20 Dec
• Format
• 40 multiple choice, T/F 4 short answer questions
• Exam is 2 hours, NO lecture after test
• Grading
• Case studies (15) 5 points each
• Paper (15) 30 points
• Midterm (35) 100 points
• Comprehensive Final (35) 100 points

6
General Information

• Flow for course
• Common taxonomy, definition of terms
• National policy and concerns
• Threats
• Defensive tools and measures
• Continuity of operations/attack recovery
• Legal and privacy issues and challenges

7
THE WAY IT WAS THEN
8
AND SO IT GROWS
NOW? COLOR THE WORLD BLUE
9
INTERNET..INFORMATION SUPER HIGHWAY A NETWORK
OF NETWORKS ONE OF THE MOST VALUABLE RESOURCES
OF THE INFORMATION AGE PROVIDES ACCESS TO USER
NETWORKS RUNS WITHOUT SINGLE ENTITY IN CHARGE
10
TODAYS NETWORK ENVIRONMENTInterconnectivity
Packet Switch
File Server
LANs
Bridge
Other Networks
Router
Gateway
Internet
Hosts
11
A Common Language

• Terms key to entire course, use them extensively
• For orderly examination, divided into four
  general categories
• E environment
• G government
• U underground
• M miscellaneous
• Then look at Sandia Labs incident processing flow

12
A Common Language

• Environment
• /8 /16 /24 /32
• Root
• ix
• Internet v4
• Internet v6
• Dark fiber
• GSRs
• ISPs/Tier 1s

13
A Common Language

• Government
• PCIPB
• OCS
• DHS (www.dhs.gov)
• IAIP
• NCSD
• NIPC
• FedCIRC
• NCS
• DoJ/CCIPS (www.doj.gov/ccips)
• ECTF

14
A Common Language

• More government
• CERT-CC (www.cert.org)
• CIP
• HSC
• PDD 63/HSPD-7
• CWIN
• JTF-GNO

15
Understanding the Culture

• News Stories
• Defacement Mirrors
• Hacker Magazines (phrack, 2600)
• Hacker-oriented Internet Sites
• Internet Relay Chat
• Non-Profit and Commercial Computer Security
  Companies
• Hacking Conferences (Cons)

The internet is our playground, its our side of
the tracks. When you step into it, claim your own
corner of cyberspace, and put up your house...
Dont expect not to arouse our curiosity. -
United Loan Gunmen
16
A Common Language

• Underground
• Hacker
• Cracker
• Blackhat
• Miscreant
• Script kiddie
• Click kiddie
• Nicks
• Idents

17
A Common Language

• Underground continued.
• Eblish
• L33t
• Hax0r
• Pax0r
• 0day
• 0wned
• Malware
• Pop a box
• Phish

18
HPVAC
HACKING PHREAKING VIRI ANARCHY CARDING/CELLULAR
19
A Common Language

• Still more underground mayhem
• DDoS
• Sploits
• Vulns
• Bot/botnet/botherd
• Bounce
• Proxy
• Post docs
• Zombie/soldier

20
A Common Language

• And now the rest
• White hat
• Gray hat
• Paypal
• Cuckoos Egg
• Listserves
• ISACs
• CCV
• PGP
• Fingerprint
• Net flows

21
A Common Language

• More miscellaneous
• ARIN
• RIPE
• APNIC
• ICANN
• IANA
• FIRST
• NANOG
• Bugtraq
• RFCs
• Out of band