Differences between revisions 14 and 71 (spanning 57 versions)

CPTR 427 Network Security Class Wiki

This page contains resources for Network Security CPTR 427. For assignments etc. see the Eclass website. For information on what you should already know, take a look at NetworkSecurity/Prerequisites.

Topics, Resources and Ideas for the future

/NetworkSecurityEssentials4 notes from the book used in 2013.
/Lab
- Nebuala, a nice beginner hacking tutorial
- Metasploit course - free
/Tools
CompTIA Academic Marketplace
/Programs
/Spam
/FireWall
/Topics
/SageIdeas
Cryptotools from AMS/MAA conference 2011 by Dr. Don Spickler.
Backtrack Penetration Testing
Two proxy tools that allow editing and observing http(s) are Web scarab and Paros Proxy - there is also some nice proxies specifically for firefox.
A nice dashboard
Open Source Vulnerability Database
National Vulnerability Database
http://exploit-db.com/ Once upon a time there was a site called Milw0rm.com and it was great! But the maintainer passed away and eventually it was taken over by http://exploit-db.com/.
Back in the stone age (relatively speaking of course) Dr. A took a course called Csce877.

Materials Used in this Class

Recommended AdditionalReading

DES Hints

http://www.cs.bham.ac.uk/research/projects/lemsys/DES/DESPage.jsp

Past Year Class Pages

/Cptr427Winter2010

-  ⇤ ← Revision 14 as of 2009-11-03 22:02:00 → 
  Size: 1188
  Editor: 24-183-238-75
  Comment:
+   ← Revision 71 as of 2017-11-29 00:30:50 → ⇥
  Size: 2319
  Editor: scot
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 4:
-== CPTR 427 Network Security Class ==
+= CPTR 427 Network Security Class Wiki =
{{http://imgs.xkcd.com/comics/cryptography.png}}
-Line 6:
+Line 7:
-Below is a list of subpages for NetworkSecurity
+This page contains resources for Network Security CPTR 427. For assignments etc. see the [[https://eclass.e.southern.edu|Eclass website]].  For information on '''what you should already know''', take a look at [[NetworkSecurity/Prerequisites]].
-Line 8:
+Line 9:
-   * [[NetworkSecurity/Lab]]
+== Topics, Resources and Ideas for the future ==
 * /NetworkSecurityEssentials4 notes from the book used in 2013.
 * [[/Lab]]
   * [[/Nebula|Nebuala, a nice beginner hacking tutorial]]
   * [[https://www.offensive-security.com/metasploit-unleashed/|Metasploit course - free]]
 * [[/Tools]]
 * [[http://academic.comptiastore.com/|CompTIA Academic Marketplace]]
 * [[/Programs]]
 * [[/Spam]]
 * /FireWall
 * [[/Topics]]
 * /SageIdeas
 * [[http://facultyfp.salisbury.edu/despickler/personal/CryptTools.asp|Cryptotools]] from AMS/MAA conference 2011 by Dr. Don Spickler.
 * [[http://www.backtrack-linux.org/|Backtrack Penetration Testing]]
 * Two proxy tools that allow editing and observing http(s) are [[NetworkSecurity/WebScarab|Web scarab]] and [[http://www.parosproxy.org/|Paros Proxy]] - there is also some nice proxies specifically for firefox.
 * [[http://www.securitywizardry.com/radar.htm|A nice dashboard]]
 * [[http://osvdb.org/|Open Source Vulnerability Database]]
 * [[http://web.nvd.nist.gov/view/vuln/search?execution=e2s1|National Vulnerability Database]]
 * [[http://exploit-db.com/]] Once upon a time there was a site called Milw0rm.com and it was great! But the maintainer passed away and eventually it was taken over by http://exploit-db.com/.
 * Back in the stone age (relatively speaking of course) Dr. A took a course called [[Csce877]].
-Line 10:
+Line 30:
-== Using WebScarab with WebGoat ==
+== Materials Used in this Class ==
'''Recommended AdditionalReading'''
-Line 12:
+Line 33:
-. Start up WebScarab.  It may be in basic mode.  
     a. If it is, Go to Tools->Use Full Interface.  
     a. Restart WebScarab.  
  1. Fire up IE and go to Tools->Internet Options->Connections->LAN settings.  
  1. Check Use proxy server and set address to localhost port 8008.  
  1. Click OK and OK.  
  1. On WebScarab go to Proxy->Manual Edit.  Check Intercept Requests.  Select GET and POST (using the CTRL key to select both).  
  1. In IE go to http://localhost./WebGoat/attack. (notice the dot after localhost, it is required to apply proxy settings on localhost.)  WebScarab should already start intercepting.  The lessons should work after that.  I was able to do a command injection following the steps in the solution.  I have now put the proxy settings back to the way they were and shut down WebGoat (for security reasons, not sure if that was necessary but I did it.)
+ * [[http://www.snort.org/assets/125/snort_manual-2_8_5_1.pdf|Snort Manual]] (Free)
 * [[http://ofps.oreilly.com/titles/9781449320317/ch_Security.html|MVC 4 Security, Authentication and Authorization]]
 * [[http://www.tomsitpro.com/articles/information-security-certifications,2-205.html|Security Certifications]]
-Line 21:
+Line 37:
+== DES Hints ==
-Line 22:
+Line 39:
-= Often Discussed Topics =
+ * http://www.cs.bham.ac.uk/research/projects/lemsys/DES/DESPage.jsp
-Line 24:
+Line 41:
-   * IpSec
----
CategoryHomepage
+== Past Year Class Pages ==
 * /Cptr427Winter2010

Diff for "NetworkSecurity"

CPTR 427 Network Security Class Wiki

Topics, Resources and Ideas for the future

Materials Used in this Class

DES Hints

Past Year Class Pages