Differences between revisions 12 and 56 (spanning 44 versions)
Revision 12 as of 2009-11-03 22:00:51
Size: 1184
Editor: 24-183-238-75
Comment:
Revision 56 as of 2011-04-21 00:03:44
Size: 1552
Editor: 24-151-193-255
Comment:
Deletions are marked like this. Additions are marked like this.
Line 4: Line 4:
== CPTR 427 Network Security Class == = CPTR 427 Network Security Class Wiki =
Line 6: Line 6:
Below is a list of subpages for NetworkSecurity  * [[attachment:CPTR427_2011_Syllabus.pdf|2011 Syllabus]]
 * [[attachment:CPTR427_2011_Schedule.pdf|2011 Schedule]]
Line 8: Line 9:
   * NetworkSecurity/Lab This page contains resources for Network Security CPTR 427. For assignments etc. see the [[https://www.southern.edu/moodle2|Eclass website]].
For information on '''what you should already know''', take a look at [[NetworkSecurity/Prerequisites]].
Line 10: Line 12:
== Using WebScarab with WebGoat == == Topics and resources ==
Line 12: Line 14:
  1. Start up WebScarab. It may be in basic mode.
     a. If it is, Go to Tools->Use Full Interface.
     a. Restart WebScarab.
  1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.
  1. Check Use proxy server and set address to localhost port 8008.
  1. Click OK and OK.
  1. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both).
  1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)
   * /NetworkSecurityEssentials4 notes from the book used in 2011.
   * [[/Lab]]
   * [[/Tools]]
   * [[/Programs]]
   * [[/Hacking]]
   * [[/Encryption]]
   * [[/Spam]]
   * [[/FireWall]]
   * [[http://facultyfp.salisbury.edu/despickler/personal/CryptTools.asp|Cryptotools]] from AMS/MAA conference 2011 by Dr. Don Spickler.
   * [[http://www.backtrack-linux.org/|Backtrack Penetration Testing]]
   * Two proxy tools that allow editing and observing http(s) are [[NetworkSecurity/WebScarab|Web scarab]] and [[http://www.parosproxy.org/|Paros Proxy]] - there is also some nice proxies specifically for firefox.
   * [[http://www.securitywizardry.com/radar.htm|A nice dashboard]]
   * [[http://osvdb.org/|Open Source Vulnerability Database]]
   * Back in the stone age Dr. A took a course called [[Csce877]].
Line 22: Line 30:
= Often Discussed Topics = == Books Used in this Class ==
Line 24: Line 32:
   * IpSec
----
CategoryHomepage
'''Recommended Additional Books'''

   * [[http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf | Snort Manual]] (Free)

== Past Year Class Pages ==

   * /Cptr427Winter2010

CPTR 427 Network Security Class Wiki

This page contains resources for Network Security CPTR 427. For assignments etc. see the Eclass website. For information on what you should already know, take a look at NetworkSecurity/Prerequisites.

Topics and resources

Books Used in this Class

Recommended Additional Books

Past Year Class Pages

NetworkSecurity (last edited 2024-01-07 18:12:17 by scot)