Difference between revisions of "SEC830"
(→Subject Description) |
|||
(11 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
= SEC830 - Security Issues = | = SEC830 - Security Issues = | ||
Line 7: | Line 5: | ||
SYA810 is taught by [[User:Selmys|John Selmys]] (Winter 2009) | SYA810 is taught by [[User:Selmys|John Selmys]] (Winter 2009) | ||
− | == | + | == External Links == |
+ | |||
+ | See the [http://cs.senecac.on.ca/~selmys/subjects/sec830-091/sec830-plan-091.html Winter 2009 SEC830 Weekly Schedule] for specific dates and topics. | ||
+ | |||
+ | For up to date notes, see [http://cs.senecac.on.ca/~selmys/subjects/sec830-091/index.html John's winter 2009 SEC830 page on CS] | ||
+ | |||
+ | This is the [http://cs.senecac.on.ca/~selmys/subjects/sec830-071/index.html old SEC830], from Jan 2007. NOTE: It will be updated this semester. | ||
− | + | Here's a good article about [http://blogs.gurulabs.com/aaron/2008/10/shadowed-passwords.html passwords and encryption] on Linux. | |
− | + | == Lab Notes == | |
+ | |||
+ | Here's the place to put notes dealing with our labs. For example, problems we ran into and their solutions; things we discovered; weird results, etc. etc. (But please, NOT the answers to the questions before the due dates.) | ||
+ | |||
+ | [[ 2009_SEC830_LAB01 | Lab #1 ]] | ||
+ | |||
+ | [[ 2009_SEC830_LAB02 | Lab #2 ]] | ||
+ | |||
+ | [[ 2009_SEC830_LAB03 | Lab #3 ]] | ||
+ | |||
+ | [[ 2009_SEC830_LAB04 | Lab #4 ]] | ||
+ | |||
+ | [[ 2009_SEC830_LAB05 | Lab #5 ]] | ||
== Subject Description == | == Subject Description == | ||
Line 29: | Line 45: | ||
Upon successful completion of this subject students should be able to: | Upon successful completion of this subject students should be able to: | ||
− | + | * install and use encryption software | |
− | + | * maintain user accounts and passwords | |
− | + | * implement and use public key infrastructures | |
− | + | * identify and disable unused system services | |
− | + | * audit the security of a Linux system | |
− | + | * enable and use wrappers and proxies | |
− | + | * maintain file permissions and access control lists | |
− | + | * implement and maintain manditory access controls | |
− | + | * setup, maintain and monitor system logs | |
− | + | * configure a Linux firewall | |
− | + | * setup intrusion prevention and detection systems | |
− | + | * monitor and restrict logins | |
− | + | * install, configure and administrate authentication schemes | |
=== Topic Outline === | === Topic Outline === | ||
Line 57: | Line 73: | ||
* System Security - 15% | * System Security - 15% | ||
− | |||
** monitoring accounts | ** monitoring accounts | ||
** system logs | ** system logs | ||
Line 64: | Line 79: | ||
* Network Security - 20% | * Network Security - 20% | ||
** trusted hosts | ** trusted hosts | ||
+ | ** TCP wrppers | ||
** securing network services | ** securing network services | ||
** firewalls | ** firewalls | ||
− | |||
− | |||
* The Secure Shell (SSH) - 10% | * The Secure Shell (SSH) - 10% | ||
− | ** | + | ** installation, configuration and use |
* Pluggable Authentication Modules (PAM) - 10% | * Pluggable Authentication Modules (PAM) - 10% | ||
− | ** | + | ** installation, configuration, administration |
* Security Tools - 15% | * Security Tools - 15% | ||
− | ** | + | ** tripwire, crack, satan, saint |
− | ** | + | ** tiger, COPS |
− | + | ** sniffers (tcpdump, sniffit, kismet) | |
− | ** | + | ** port Scanning using nmap |
− | ** | ||
− | * | + | * Mandatory Access Controls - 10% |
− | |||
** SELinux | ** SELinux | ||
Line 92: | Line 104: | ||
=== Prescribed Text === | === Prescribed Text === | ||
− | * | + | * None: Web links to relevant information will be given during the semester. |
=== Reference Material === | === Reference Material === | ||
Line 114: | Line 126: | ||
=== Modes of Evaluation === | === Modes of Evaluation === | ||
− | * | + | |
− | * | + | * 02% Quiz #1 |
+ | * 03% Quiz #2 | ||
+ | * 10% Labs | ||
+ | * 10% Assignment #1 | ||
+ | * 15% Assignment #2 | ||
+ | * 30% Final Exam | ||
* 30% Midterm Test | * 30% Midterm Test |
Latest revision as of 22:42, 22 January 2009
Contents
SEC830 - Security Issues
Professor
SYA810 is taught by John Selmys (Winter 2009)
External Links
See the Winter 2009 SEC830 Weekly Schedule for specific dates and topics.
For up to date notes, see John's winter 2009 SEC830 page on CS
This is the old SEC830, from Jan 2007. NOTE: It will be updated this semester.
Here's a good article about passwords and encryption on Linux.
Lab Notes
Here's the place to put notes dealing with our labs. For example, problems we ran into and their solutions; things we discovered; weird results, etc. etc. (But please, NOT the answers to the questions before the due dates.)
Subject Description
When the Internet became a public medium in 1992, every connected computer became an instant target for "crackers". This subject deals with operating system security including networking issues, wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, access control lists, public key infrastructure, system logging, authentication schemes and intrusion detection and prevention.
Credit Status
1 credit in the LUX program.
Prerequisites
SYA710
Specific Outcomes
Upon successful completion of this subject students should be able to:
- install and use encryption software
- maintain user accounts and passwords
- implement and use public key infrastructures
- identify and disable unused system services
- audit the security of a Linux system
- enable and use wrappers and proxies
- maintain file permissions and access control lists
- implement and maintain manditory access controls
- setup, maintain and monitor system logs
- configure a Linux firewall
- setup intrusion prevention and detection systems
- monitor and restrict logins
- install, configure and administrate authentication schemes
Topic Outline
- Overview of Unix Security - 5%
- common vulnerabilities and attacks
- security policies
- User Responsibilities - 15%
- users, groups and passwords
- permissions (including suid/sgid)
- files and directories
- encryption
- access control lists (ACLs)
- System Security - 15%
- monitoring accounts
- system logs
- privileged access
- Network Security - 20%
- trusted hosts
- TCP wrppers
- securing network services
- firewalls
- The Secure Shell (SSH) - 10%
- installation, configuration and use
- Pluggable Authentication Modules (PAM) - 10%
- installation, configuration, administration
- Security Tools - 15%
- tripwire, crack, satan, saint
- tiger, COPS
- sniffers (tcpdump, sniffit, kismet)
- port Scanning using nmap
- Mandatory Access Controls - 10%
- SELinux
Modes Of Instruction
- 2 hours interactive lecture per week, and 2 hours lab time per week
Prescribed Text
- None: Web links to relevant information will be given during the semester.
Reference Material
- Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
- UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
- Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8
Supplies
- None
Promotion Policy
To obtain a credit in this subject, a student must:
- Achieve a grade of 55% or better on the final exam
- Satisfactorily complete all assignments
- Achieve a weighted average of 55% or better for the tests and final exam
- Achieve a grade of 55% or better on the overall course
Modes of Evaluation
- 02% Quiz #1
- 03% Quiz #2
- 10% Labs
- 10% Assignment #1
- 15% Assignment #2
- 30% Final Exam
- 30% Midterm Test