Professional Documents
Culture Documents
Lectures:
Tuesdays 6:10-9:50pm Engineering, Computer Science, & Technology Bldg. Room A309 & C245
Instructor:
Edmund Gean
Phone: (323) 343-4395
Email:
egean@calstatela.edu
This course exposes students to various techniques related to defending your computers and networks.
Topics covered include Denial-Of-Service attacks, packet analyzers, host-based intrusion detection, firewalls,
and VPN. Lab exercises and projects will be included to foster greater understanding in this field.
Course Goals: At the end of the course, students will be able to:
-perform a security assessment of an organizations network via penetration test and identify vulnerabilities
-harden MS Windows and Unix operating systems
-install intrusion detection systems, firewalls, and VPNs
Prerequisites: CS447 (computer networks) or CS470 (computer networking protocols)
http://www.calstatela.edu/faculty/egean/cs447/cs447%20syllabus.htm
http://www.calstatela.edu/faculty/egean/cs447/lecture-notes-sybex2014/
Required textbook:
Topics:
Denial-Of-Service attacks & hacker techniques
Port scanning, penetration, and vulnerability testing
packet analyzers and sniffers
host and network-based intrusion detection
firewalls, packet filters, and access control lists
securing Unix and Window systems
authentication, authorization, and accounting
data integrity checking & encryption schemes
Projects:
Students will gain practical experience through the following lab projects
- scan a network to locate machines and open ports
- find vulnerabilities on machines
- configure firewall & setup VPN
- setup network-based intrusion detection system
Grading policy: Overall grade will be comprised of the following components
- attendance
10%
- lab assignments
30%
- final exam
60%
A 90-100; B 80-89; C 65-79; D 50-64; F 0-49
Extra Credit (15pts): take & pass Ciscos CCNA Security Exam ( 210-260 IINS Implementing Cisco Network Security)
http://www.cisco.com/web/learning/certifications/associate/ccna_security/index.html
http://proquest.safaribooksonline.com/book/certification/ccna/9780134077857
Academic Integrity: Cheating will not be tolerated. Cheating on any assignment or exam will be taken seriously. All parties
involved will receive a grade of F for the course and be reported to the Academic Senate
Lecture
Lab Project
-security lab network topology
-sign up for lab seating
-lab computer login accounts and passwords
Port scanning
Install nmap (or nmapfe) (http://nmap.org) port scanner onto your laptop or
home computer and perform a TCP port scan and a UDP port scan of another
computer. Submit reports generated by nmap (or Zenmap) containing list of
open TCP & UDP ports. Also submit output of netstat na command on
computer that was scanned. Be sure to temporarily turn off any host-based
firewall software if needed so that outputs of nmap and netstat na indicate
the same number of open ports.
Firewall
Place one computer on the outside interface and a server on inside interface of
a Cisco firewall. Configure the firewall to block outside users from initiating
any connection to the inside server except through TCP port 445. Turn on
logging and submit copy of firewall config file and output of show logging as
evidence that firewall is blocking all conversations initiated from outside except
for file share. You may need to create a network share on the server and
mount the shared folder from the client computer
http://web.calstatela.edu/faculty/egean/cs581/cisco-asa5505-firewall/
IPSec VPN
Setup a site-to-site IPSec VPN tunnel between your Cisco router and your
Cisco ASA firewall. Submit (i) the configuration files used on the two Cisco
devices and (ii) evidence that the IPSec tunnel works via output of debug
ipsec, show crypto isakmp sa, and show crypto ipsec sa on both Cisco ASA
firewall and on Cisco router.
http://web.calstatela.edu/faculty/egean/cs581/cisco-asa5505-firewall/IPsecvpn-example-Cisco-ASA-to-Router.pdf
10
TBA
11
AAA
Configure your Cisco router to use AAA for user authentication via a
TACACS+ or RADIUS server (such as Clearbox) that you installed on your
computer. Submit the configuration files used on the Cisco router. Submit
screenshots of decoded packet capture of TACACS+ or RADIUS packets as
evidence that AAA authentication works whenever you telnet to your router.