Sign in to follow this  
Followers 0
fox_91

Could anyone offer any suggestions

6 posts in this topic

Hey guys, I am currently working on some research / Thesis at a small university. I am working with the teacher that teaches the current network security course, and we are trying to work on a new course that would be more lab oriented and possibly end with a small wargame of sorts. I have done some research using about 5 or 6 books trying to compile a decent list of topics / possible labs to maybe pursue further. I was wondering if anyone would be willing to take a look at my preliminary list and offer some input on the topics and how they look overall. This list was just made by me ona quick pass, trying to seperate into 3 levels so theres really no method to the maddness yet.

I see the bullets didn't work quite right... I will work on fixing those in a bit, so if it hurts the eyes it should get better soon :-)

Prelim

Basic

  • Social networking (Simon, 2002)
    • Info Gathering Public Information (Network Security – A practical Approach) (Harrington, 2005)

    • Whois
    • Nslookup
    • Dig (unix)
    • Host (unix)

    [*]Port sniffing /Packet sniffing

    • ID Open ports with grc.com – shields up (Security + guide to Network Security) (Ciampa, 2004)
    • ID processes using ports (netstat –ano) (Security + guide to Network Security) (Ciampa, 2004)
    • Disable Nonessential systems (105(Security + guide to Network Security) (Ciampa, 2004)

    [*]

    [*]Proxies / basic network attacks

    [*]DoS

    [

    • DDoS – Distributed DoS (zombies)

    [*]Buffer overflows (Security + guide to Network Security) (Ciampa, 2004)

    • How overflows happen

    [*]MAC Spoofing

    [*]Access control list (Authentication) (Security + guide to Network Security) (Ciampa, 2004)

    • Inherited rights
    • Role based ACL
    • Discretionary AC
    • Mandatory AC

    [*]Network

    • Switch/hub, router, server, clients, AP
    • Firewalls

    • Types (Network Security – A practical Approach) (Harrington, 2005)

    [*]Packet filtering

    [*]Stateful

    [*]Application proxy

    [*]Wireless security

    • Types (A,B,G,N)
    • Security Types (WEP, WPA, WPA2)

    • How works
    • How cracked

    [*] Password Cracking (Computer Security and Vuln Testing) (Basta & Halton, 2008)

    • Hybridization
    • Brute Force
    • Observation

    • Key logging
    • SE
    • Sniffing

    • Apps

    • Cain and Able
    • Crack
    • J ohn the Ripper

Intermediate

  • System Vulnerabilities
    • Email
    • Web
    • OS

    • Windows
    • Linux

    [*] Risk assessment

    • Auditing IS

    [*] Disaster Recovery

    • Backups (Network Security – A practical Approach) (Harrington, 2005)

    • Plan
    • Media type

    • Tape
    • Dvd
    • HD
    • Internet

    • Location

    • In-house
    • Outsource
    • Hot site

    • Power protection (Network Security – A practical Approach) (Harrington, 2005)

    [*] Encryption

    [*] IDS

    • Host Based
    • Network Based (Network Security A Practical Approach) (Harrington, 2005)

    [*]Hacking Scanning tools (Computer security and Pen Testing) (Basta & Halton, 2008)

    • How scanning works
    • Types of scans

    • TCP scanning
    • Half Open Scanning
    • UDP Scanning
    • IP Scanning
    • Ping Scanning
    • Stealth Scanning

    [*]

    [*] TCP Packets / Headers

    [*] TCP/IP Vuln (Computer security and Pen Testing) (Basta & Halton, 2008)

    [*] Spoofing ((Network Security A Practical Approach) (Harrington, 2005)

    [*] IP Headers

    [*] SMTP Vuln (Network Security and Pen Testing) (Basta & Halton, 2008)

    [*] Web Vulns (Network Security and Pen Testing) (Basta & Halton, 2008)

    [*] Proxies (Network Security and Pen Testing) (Basta & Halton, 2008)

    • How proxies work
    • Types of attacks thru proxies

    • Buffer overflow
    • DoS
    • Session Hijacking
    • Why use proxies

    [*] Hide identity

    [*] Sniffing (Computer security and Pen Testing) (Basta & Halton, 2008)

    • Components

    • Hardware
    • Capture Driver
    • Buffer
    • Decoder
    • Packet Analysis

    • Placement
    • Role of sniffer
    • Apps

    • Wireshark (Etheral)
    • TcpDump

As you can see the list is kinda long atm, some of the topics are lecture, and some will be hands on labs.

Any thoughts would be great

Edited by fox_91
0

Share this post


Link to post
Share on other sites

Wow, thats a very indepth course, when i was at college we had nothing like this.

How long is this course designed to be taught in? The only thing i would object to is

some topics might not be covered in great depth.

Ninja

0

Share this post


Link to post
Share on other sites

When your done taking those courses, can I have your notes? ;) That'd be fun to take as an online audit course.

//afterthought

Any plans on setting up isolated networks of computers to demonstrate the various lessons? Maybe give a hands on feel for how things are actually done and what they have to go through to recover and then block it from happening again. Maybe a little machine-language programming, cause most times one wouldn't have the source code, One has just the 'problem' itself. Know how the kernel protects itself and how things can find a way to 'slip' by. A low level understading of computers in general.

Edited by PurpleJesus
0

Share this post


Link to post
Share on other sites

Yup, I totally agree with PurpleJesus.

Low level programming knowledge would be a must.

Something i found helped me a lot at college was Operating System Concepts.

The class was an entire overview how pieces of an OS fit together and work.

Really helped me to understand the inherent flaws in the nature of operating systems.

Ninja

0

Share this post


Link to post
Share on other sites

Depending on what level class this is, and the interest of the students, you could try to get into the CCDC. CCDC is the Collegiate Cyber Defense Competition, information available at this link, CyberWATCH CCDC. A group of students from my school competes in this and I have heard great things about it. You can also google it and find some pretty cool articles on InformIT about how the Red Team went above and beyond as the "hackers."

0

Share this post


Link to post
Share on other sites

Sorry I didn't get back to you guys, topic was dead for a few days and i kinda forgot i posted it lol.... anyways, the course was going to be maybe 2 semesters. The students at my school would have basic programming, but i don't know how much programming we would do in this particualr course. The hope was that they would build the networks isolated, and then we would test some of the topics on the separated networks. As for the contest, i don't know if there would be enough intrest at the school, since we are so small and don't have a ton of students. At the least something like that wouldn't happen until the course ran a little bit.

I have been working more on the topics and hopefully when i get some more details worked out I will keep you guys up to date... especially since I am sure someone here might be able to offer some good incite on some topics.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0