|
Size: 1109
Comment:
|
Size: 1879
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| == CPTR 427 Network Security Class == | = CPTR 427 Network Security Class Wiki = This page contains resources for Network Security CPTR 427. For assignments see the [[https://www.southern.edu/moodle2|Eclass website]]. For information on '''what you should already know''', take a look at [[NetworkSecurity/Prerequisites]]. ==Topics and resources== * [[NetworkSecurity/Lab]] * [[NetworkSecurity/Tools]] * [[NetworkSecurity/Hacking]] * [[NetworkSecurity/Encryption]] * [[NetworkSecurity/FireWall]] * [[http://facultyfp.salisbury.edu/despickler/personal/CryptTools.asp|Cryptotools]] * [[http://www.backtrack-linux.org/|Backtrack Penetration Testing]] * In the past we have used [[NetworkSecurity/WebScarab|Web scarab]] * [[http://www.securitywizardry.com/radar.htm|A nice dashboard]] * [[http://osvdb.org/|Open Source Vulnerability Database]] |
| Line 7: | Line 23: |
| == Books Used in this Class == | |
| Line 8: | Line 25: |
| == Using WebScarab with WebGoat == | '''Required Books''' |
| Line 10: | Line 27: |
| 1. Start up WebScarab. It may be in basic mode. a. If it is, Go to Tools->Use Full Interface. a. Restart WebScarab. 1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings. 1. Check Use proxy server and set address to localhost port 8008. 1. Click OK and OK. 1. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both). 1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.) |
* [[http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf | Snort Manual]] (Free) * The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323 * Each student must read this New York Times Best Seller. * Cryptography will be studied in conjunction with the assigned chapters. * Network Security Essentials 4th Ed. ISBN: 0-13-610805-9 * The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book * Applications of theory are partially covered from this book (Kerberos, X.509, IPSec) * Dr. A will do all the lecturing on these topics. * Labs will be given from handouts. Topics will be take from [[NetworkSecurity/Lab]] |
| Line 19: | Line 37: |
| '''Recommended Book(s)''' | |
| Line 20: | Line 39: |
| = Often Discussed Topics = | * Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7 |
| Line 22: | Line 41: |
| * IpSec ---- CategoryHomepage |
== Past Year Class Pages == * Cptr427Winter2010 |
CPTR 427 Network Security Class Wiki
This page contains resources for Network Security CPTR 427. For assignments see the Eclass website. For information on what you should already know, take a look at NetworkSecurity/Prerequisites.
==Topics and resources==
In the past we have used Web scarab
Books Used in this Class
Required Books
Snort Manual (Free)
- The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323
- Each student must read this New York Times Best Seller.
- Cryptography will be studied in conjunction with the assigned chapters.
- Network Security Essentials 4th Ed. ISBN: 0-13-610805-9
- The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book
- Applications of theory are partially covered from this book (Kerberos, X.509, IPSec)
- Dr. A will do all the lecturing on these topics.
Labs will be given from handouts. Topics will be take from NetworkSecurity/Lab
Recommended Book(s)
- Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7