|
Size: 1188
Comment:
|
Size: 2238
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| == CPTR 427 Network Security Class == | = CPTR 427 Network Security Class Wiki = |
| Line 6: | Line 6: |
| Below is a list of subpages for NetworkSecurity | * [[attachment:CPTR427_2011_Syllabus.pdf|2011 Syllabus]] * [[attachment:CPTR427_2011_Schedule.pdf|2011 Schedule]] |
| Line 8: | Line 9: |
| This page contains resources for Network Security CPTR 427. For assignments etc. see the [[https://www.southern.edu/moodle2|Eclass website]]. For information on '''what you should already know''', take a look at [[NetworkSecurity/Prerequisites]]. == Topics and resources == * NetworkSecurityEssentials4 notes not from lectures or discussions |
|
| Line 9: | Line 16: |
== Using WebScarab with WebGoat == 1. Start up WebScarab. It may be in basic mode. a. If it is, Go to Tools->Use Full Interface. a. Restart WebScarab. 1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings. 1. Check Use proxy server and set address to localhost port 8008. 1. Click OK and OK. 1. On WebScarab go to Proxy->Manual Edit. Check Intercept Requests. Select GET and POST (using the CTRL key to select both). 1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.) WebScarab should already start intercepting. The lessons should work after that. I was able to do a command injection following the steps in the solution. I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.) |
* [[NetworkSecurity/Tools]] * [[NetworkSecurity/Hacking]] * [[NetworkSecurity/Encryption]] * [[NetworkSecurity/FireWall]] * [[http://facultyfp.salisbury.edu/despickler/personal/CryptTools.asp|Cryptotools]] from AMS/MAA conference 2011 by Dr. Don Spickler. * [[http://www.backtrack-linux.org/|Backtrack Penetration Testing]] * Two proxy tools that allow editing and observing http(s) are [[NetworkSecurity/WebScarab|Web scarab]] and [[http://www.parosproxy.org/|Paros Proxy]] * [[http://www.securitywizardry.com/radar.htm|A nice dashboard]] * [[http://osvdb.org/|Open Source Vulnerability Database]] |
| Line 22: | Line 27: |
| = Often Discussed Topics = | == Books Used in this Class == |
| Line 24: | Line 29: |
| * IpSec ---- CategoryHomepage |
'''Required Books''' * [[http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf | Snort Manual]] (Free) * The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323 * Each student must read this New York Times Best Seller. * Cryptography will be studied in conjunction with the assigned chapters. * Network Security Essentials 4th Ed. ISBN: 0-13-610805-9 NetworkSecurityEssentials4 * The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book * Applications of theory are partially covered from this book (Kerberos, X.509, IPSec) * Dr. A will do all the lecturing on these topics. * Labs will be given from handouts. Topics will be take from [[NetworkSecurity/Lab]] '''Recommended Book(s)''' * Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7 == Past Year Class Pages == * Cptr427Winter2010 |
CPTR 427 Network Security Class Wiki
This page contains resources for Network Security CPTR 427. For assignments etc. see the Eclass website. For information on what you should already know, take a look at NetworkSecurity/Prerequisites.
Topics and resources
NetworkSecurityEssentials4 notes not from lectures or discussions
Cryptotools from AMS/MAA conference 2011 by Dr. Don Spickler.
Two proxy tools that allow editing and observing http(s) are Web scarab and Paros Proxy
Books Used in this Class
Required Books
Snort Manual (Free)
- The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography ISBN: 0385495323
- Each student must read this New York Times Best Seller.
- Cryptography will be studied in conjunction with the assigned chapters.
Network Security Essentials 4th Ed. ISBN: 0-13-610805-9 NetworkSecurityEssentials4
- The theory of cryptography (Symmetric, Public-key, Key-management, Hash and MAC) are covered from this book
- Applications of theory are partially covered from this book (Kerberos, X.509, IPSec)
- Dr. A will do all the lecturing on these topics.
Labs will be given from handouts. Topics will be take from NetworkSecurity/Lab
Recommended Book(s)
- Snort IDS and IPS Toolkit ISBN-10: 1-59749-099-7