Laboratory Based Courses on Laboratory Based Courses on Internet SecurityInternet Security
Prabhaker MatetiWright State University
Dayton, OH 45435
NSF DUE-9951380
GoalsGoals
Teach security improvement techniques Explain how exploitable errors have
been made in the development of software.
Raise the level of ethics awareness Bring attention to legal issues
Term or Semester CourseTerm or Semester Course
Ten or 15 weeks Lectures on topic one per week Lectures on experiment one per week Lab experiments one per week
Currently Available MaterialCurrently Available Material
“There is an oceanic amount of material on network security available over the Internet.”
-- A Web Page. COAST http://www.cerias.purdue.edu/coast/ Ronald Rivest,
theory.lcs.mit.edu/~rivest/crypto-security.html Avi Rubin,
www.cs.nyu.edu/~rubin/courses.html …
Text Books on SecurityText Books on Security
Many text books, > 100 Chapman and Zwicky 1995 Cheswick and Bellovin 1994 Cobb 1996 Garfinkel and Spafford 1996 Kaufman et al. 1995 Stein 1997 Stallings 2000
Lab Courses on Internet Security/ [email protected]
7
What We Are DevelopingWhat We Are Developing
About 30 lectures, 75 minutes each About 15 lab experiments, 2 hours each A Support web site
Lab Courses on Internet Security/ [email protected]
8
Contents of a Lab HandoutContents of a Lab Handout
Title Summary Educational Objectives Background Information Pre-Lab and Suggested
Preparation Procedures Appendix A: Acronyms
Procedures– Step 1, 2, …– Report on the
Experiment– Demo– Achievement Test – Concluding Activities
Notes to TAs Appendix B: Further
Reading Links
Lab Courses on Internet Security/ [email protected]
9
Lab Experiments being DevelopedLab Experiments being Developed
Experience Serious Nuisance Trojan Horses, Viruses and Worms Experience Selected PC Viruses Password Cracking Privacy and Authentication of a User Proper Conf of Security for Personal Machines Security Fortification for Personal Machines
Lab Courses on Internet Security/ [email protected]
10
Lab Experiments being DevelopedLab Experiments being Developed
Virtual Private Networks Buffer Overflow and Other Bug Exploitation Probing a Host for Weakness Security Software Tools Setting Up a Linux PC as a Packet Filtering
Router Hostile Applets in Java and ActiveX Commercial Products
Setting the Lab upSetting the Lab up
Lab– Operating Systems and Internet Security– 26 PC s (PIII 450MHz, 128 MB RAM, 13 GB
HDD)– 8 Fast Ethernet Switches
Operating Systems– Linux 2.2.10– Windows NT 4 sp 6– Windows 98 SR2
IP Filtering Router FirewallIP Filtering Router Firewall
All the lab PCs are on 192.168.*.*Internet connections are through
the FirewallIP masquerading
CEG 499: Internet SecurityCEG 499: Internet Security
Computer System SecurityTCP/IP exploitsFirewallsSecure e-Commerce TransactionsEthics and Legal Issues
CEG 499: Internet Security/CEG 499: Internet Security/ System Security System Security
Booting sequencePasswordsUser privilegesFile Permissions
Setting the Lab up/Setting the Lab up/Security SoftwareSecurity Software
Secure ShellSniffing ProgramsFirewall Kits
Lab Courses on Internet Security/ [email protected]
16
Current Status Current Status March 2000March 2000
Internet Security Lab CEG 499 Internet Security
(Winter 2000) Short Course Labs Developed Support Web Site
Lab Courses on Internet Security/ [email protected]
17
Internet Security LabInternet Security Lab
429 Russ Engineering Center, WSUNovember 1999; In continuous use
since26 PCs in the lab for students' use,
and one web server, one router + file server, and one PC for re-configuration experimentation.
Lab Courses on Internet Security/ [email protected]
18
Internet Security Lab Internet Security Lab contdcontd
All the PCs are on a private LAN One Fast Ethernet switch for connecting
a group of 4 PCs. Each PC is loaded with
– Linux 2.2 kernel (Caldera OpenLinux 2.3)– Windows NT with service pack 6, – Windows 98.
The NT loader boot menu into one these OS.
Lab Courses on Internet Security/ [email protected]
19
CEG 499 Internet Security CEG 499 Internet Security (Winter 2000)(Winter 2000)
Computer System Security (2 weeks) TCP/IP exploits (2) Firewalls (2) Secure e-Commerce Trans. (2) Ethics and Legal Issues (1) Guest Lecture from Mead, Inc.
Lab Courses on Internet Security/ [email protected]
20
Short Courses ScheduledShort Courses Scheduled
NAECON www.NAECON.orgAFCEA INFOTEC 2000
http://www.txdirect.net/afcea/ backgrnd/ backgrnd.htm
Lab Courses on Internet Security/ [email protected]
21
Labs DevelopedLabs Developed
Will develop 15 lab experimentsFinished 5, need refinementsTo Do: 10
Lab Courses on Internet Security/ [email protected]
22
Support Web SiteSupport Web Site
Notes to InstructorsLab MaintenanceCollection of Tools (src)Lecture Notes, and SlidesLab Handouts
Lab Courses on Internet Security/ [email protected]
23
Lab MaintenanceLab Maintenance
Reload OS images periodicallyForgotten passwords, etc.
Lab Courses on Internet Security/ [email protected]
24
LinksLinks
CEG 499 Home Pagewww.cs.wright.edu/~pmateti/Courses/499
OSIS Lab Home Pagewww.cs.wright.edu/~pmateti/OSIS
Support Web Sitewww.cs.wright.edu/~pmateti/InternetSecurity/