Scribd Logo
Upload

Welcome to Scribd!

  • CS581 Computer & Network Security (Spring 2016)

    Uploaded by

    permasa
    34 views3 pages
    cs581 - course syllabus

    Original Title

    cs581syllabus

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    cs581 - course syllabus

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    34 views3 pages

    CS581 Computer & Network Security (Spring 2016)

    Uploaded by

    permasa
    cs581 - course syllabus

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    CS581 Computer & Network Security (Spring 2016)

    Lectures:

    Tuesdays 6:10-9:50pm Engineering, Computer Science, & Technology Bldg. Room A309 & C245

    Instructor:

    Edmund Gean
    Phone: (323) 343-4395

    Email:

    egean@calstatela.edu

    Office Hours: ECST C245 Tuesdays 5:30-6 pm and after lecture.


    Description:

    This course exposes students to various techniques related to defending your computers and networks.
    Topics covered include Denial-Of-Service attacks, packet analyzers, host-based intrusion detection, firewalls,
    and VPN. Lab exercises and projects will be included to foster greater understanding in this field.

    Course Goals: At the end of the course, students will be able to:
    -perform a security assessment of an organizations network via penetration test and identify vulnerabilities
    -harden MS Windows and Unix operating systems
    -install intrusion detection systems, firewalls, and VPNs
    Prerequisites: CS447 (computer networks) or CS470 (computer networking protocols)
    http://www.calstatela.edu/faculty/egean/cs447/cs447%20syllabus.htm
    http://www.calstatela.edu/faculty/egean/cs447/lecture-notes-sybex2014/
    Required textbook:

    Counter Hack Reloaded by Ed Skoudis (lecture notes available online at


    http://www.calstatela.edu/faculty/egean/cs581/lecture-notes )
    Recommended textbooks:
    Network Security Principles and Practices by Saadat Malik (lecture notes online)
    (http://www.calstatela.edu/faculty/egean/cs581/network-security-principles-and-practices.pdf )
    Network Security Technologies and Solutions by Yusuf Bhaiji
    (http://www.calstatela.edu/faculty/egean/cs581/Network_Security_Technologies_and_Solutions.pdf )
    References:

    Free packet capture and decode software at http://www.wireshark.org/


    Free ebooks at http://mimas.calstatela.edu/login?url=http://proquest.safaribooksonline.com/
    Documentation of Cisco equipment at http://www.cisco.com

    Topics:
    Denial-Of-Service attacks & hacker techniques
    Port scanning, penetration, and vulnerability testing
    packet analyzers and sniffers
    host and network-based intrusion detection
    firewalls, packet filters, and access control lists
    securing Unix and Window systems
    authentication, authorization, and accounting
    data integrity checking & encryption schemes
    Projects:
    Students will gain practical experience through the following lab projects
    - scan a network to locate machines and open ports
    - find vulnerabilities on machines
    - configure firewall & setup VPN
    - setup network-based intrusion detection system
    Grading policy: Overall grade will be comprised of the following components
    - attendance
    10%
    - lab assignments
    30%
    - final exam
    60%
    A 90-100; B 80-89; C 65-79; D 50-64; F 0-49
    Extra Credit (15pts): take & pass Ciscos CCNA Security Exam ( 210-260 IINS Implementing Cisco Network Security)
    http://www.cisco.com/web/learning/certifications/associate/ccna_security/index.html
    http://proquest.safaribooksonline.com/book/certification/ccna/9780134077857
    Academic Integrity: Cheating will not be tolerated. Cheating on any assignment or exam will be taken seriously. All parties
    involved will receive a grade of F for the course and be reported to the Academic Senate

    CS581 Reading and Lab Project Assignments


    Week

    Lecture

    Chapters 1,2 (Counter Hack)


    Introduction
    Network Overview

    Chapters 3,4,6 (Counter Hack)


    Unix Overview
    Windows NT/2000 Overview
    Scanning (eg nmap, Nessus)

    Chapter 5,7 (Counter Hack)


    Reconnaissance
    Gaining Access via
    application/OS attacks

    Chapters 5-8 (Malik)


    Secure Switching
    NAT
    Cisco ASA firewall

    Chapter 10,11 (Counter Hack)


    Maintaining Access
    Covering Tracks and Hiding

    Chapters 10, & 13 (Malik)


    VPN
    IPSEC

    Lab Project
    -security lab network topology
    -sign up for lab seating
    -lab computer login accounts and passwords
    Port scanning
    Install nmap (or nmapfe) (http://nmap.org) port scanner onto your laptop or
    home computer and perform a TCP port scan and a UDP port scan of another
    computer. Submit reports generated by nmap (or Zenmap) containing list of
    open TCP & UDP ports. Also submit output of netstat na command on
    computer that was scanned. Be sure to temporarily turn off any host-based
    firewall software if needed so that outputs of nmap and netstat na indicate
    the same number of open ports.

    Penetration and Vulnerability testing


    Install a network-based vulnerability scanner Nessus (www.nessus.org) onto
    your computer and perform a vulnerability scan of another computer. Submit
    vulnerability report of services that pose medium or high security risk. Be sure
    to temporarily turn off any host-based firewall software if needed to get
    meaningful output.

    Firewall
    Place one computer on the outside interface and a server on inside interface of
    a Cisco firewall. Configure the firewall to block outside users from initiating
    any connection to the inside server except through TCP port 445. Turn on
    logging and submit copy of firewall config file and output of show logging as
    evidence that firewall is blocking all conversations initiated from outside except
    for file share. You may need to create a network share on the server and
    mount the shared folder from the client computer
    http://web.calstatela.edu/faculty/egean/cs581/cisco-asa5505-firewall/

    IPSec VPN

    Setup a site-to-site IPSec VPN tunnel between your Cisco router and your
    Cisco ASA firewall. Submit (i) the configuration files used on the two Cisco
    devices and (ii) evidence that the IPSec tunnel works via output of debug
    ipsec, show crypto isakmp sa, and show crypto ipsec sa on both Cisco ASA
    firewall and on Cisco router.
    http://web.calstatela.edu/faculty/egean/cs581/cisco-asa5505-firewall/IPsecvpn-example-Cisco-ASA-to-Router.pdf

    Chapter 8,9 (Counter Hack)


    Gaining access via network
    attacks
    Denial-of-Service attacks
    Network intrusion detection system
    Install Snort (http://www.snort.org) onto your computer. Simulate two different
    network attacks against your computer. Turn in a listing of two different alerts
    that the snort IDS detected and submit printout of the two signature definitions
    Snort used from its signature definition files to detect the two types of attack.

    Chapters 9, 14, & 15 (Malik)


    IOS firewall
    Network Intrusion Detection

    Chapters 16-18 (Malik)


    AAA
    TACACS+
    RADIUS

    10

    TBA

    11

    Final Exam (June 7, 2016) 7:30pm

    AAA
    Configure your Cisco router to use AAA for user authentication via a
    TACACS+ or RADIUS server (such as Clearbox) that you installed on your
    computer. Submit the configuration files used on the Cisco router. Submit
    screenshots of decoded packet capture of TACACS+ or RADIUS packets as
    evidence that AAA authentication works whenever you telnet to your router.

    You might also like