Differences between revisions 10 and 32 (spanning 22 versions)
Revision 10 as of 2009-04-12 23:05:18
Size: 1969
Editor: 24-183-238-75
Comment:
Revision 32 as of 2011-01-09 16:33:51
Size: 2042
Editor: 71-88-174-166
Comment:
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
== CPTR 427 Network Security Class == = CPTR 427 Network Security Class Wiki =
Line 6: Line 6:
== Labs == This page contains information about Network Security CPTR 427. For assignments see the [[http://eclassbeta.southern.edu/moodle|Eclass website]]. For past class check the bottom of this page for links.
Line 8: Line 8:
'''SSL and code signing lab''':

Hints: To get a code signing template to show up on the web page, you need to add it to the templates. Just go into the CA and right click templates and select new.... DO NOT ADD your site to the trusted sites list in windows. This will cause you problems. If at first you don't succeed, close it all and restart IE. 		 * [[NetworkSecurity/Syllabus|Syllabus Winter 2011]]
 * [[NetworkSecurity/Schedule|Schedule Winter 2011]]
Line 13: Line 12:
'''Windows NTFS/Share Permissions Lab''' '''what you should already know''': Take a look at [[NetworkSecurity/Prerequisites]].
Line 15: Line 14:
''RSAT'' (Remote Server Administration Tools) has replaced (somewhat) the Support Tools. At any rate you can get them here:
   * [[http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en]]
   * [[attachment:Scriptomatic2.exe]]
   * [[attachment:Windows6.0-KB941314-x86_en-US.msu]]
   * [[attachment:rktools.exe]]		 '''Topics and resources '''
Line 21: Line 16:
''xcacls'' has been replaced by ''Icacls'' in Vista and Windows 2008.

== Using WebScarab with WebGoat ==

  1. Start up WebScarab. It may be in basic mode.
     a. If it is, Go to Tools->Use Full Interface.
     a. Restart WebScarab.
  1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.
  1. Check Use proxy server and set address to localhost port 8008.
  1. Click OK and OK.
  1. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).
  1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)		    * [[NetworkSecurity/Lab]]
   * [[NetworkSecurity/Tools]]
   * [[NetworkSecurity/Hacking]]
   * [[NetworkSecurity/Encryption]]
   * [[NetworkSecurity/FireWall]]
   * [[http://facultyfp.salisbury.edu/despickler/personal/CryptTools.asp|Cryptotools]]
   * [[http://www.backtrack-linux.org/|Backtrack Penetration Testing]]
   * In the past we have used [[NetworkSecurity/WebScarab|Web scarab]]
   * [[http://www.securitywizardry.com/radar.htm|A nice dashboard]]
   * [[http://osvdb.org/|Open Source Vulnerability Database]]
Line 35: Line 28:
= Often Discussed Topics = == Books Used in this Class ==
Line 37: Line 30:
   * IpSec
----
CategoryHomepage		 '''Required Books'''

   * [[http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf | Snort Manual]] (Free)
   * The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323
      * Each student must read this New York Times Best Seller.
      * Cryptography will be studied in conjunction with the assigned chapters.
   * Network Security Essentials 4th Ed. ISBN: 0-13-610805-9
      * The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book
      * Applications of theory are partially covered from this book (Kerberos, X.509, IPSec)
      * Dr. A will do all the lecturing on these topics.
   * Labs will be given from handouts. Topics will be take from [[NetworkSecurity/Lab]]




'''Recommended Book(s)'''

   * Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7

Past Year Class Pages.

   * Cptr427Winter2010

CPTR 427 Network Security Class Wiki

This page contains information about Network Security CPTR 427. For assignments see the Eclass website. For past class check the bottom of this page for links.

what you should already know: Take a look at NetworkSecurity/Prerequisites.

Topics and resources

Books Used in this Class

Required Books

  • Snort Manual (Free)

  • The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323
    • Each student must read this New York Times Best Seller.
    • Cryptography will be studied in conjunction with the assigned chapters.
  • Network Security Essentials 4th Ed. ISBN: 0-13-610805-9
    • The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book
    • Applications of theory are partially covered from this book (Kerberos, X.509, IPSec)
    • Dr. A will do all the lecturing on these topics.

  • Labs will be given from handouts. Topics will be take from NetworkSecurity/Lab

Recommended Book(s)

  • Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7

Past Year Class Pages.

NetworkSecurity (last edited 2024-01-07 18:12:17 by scot)