SEC830
Note! This information is under revision.
Contents
SEC830 - Security Issues
Professor
SYA810 is taught by John Selmys (Winter 2009)
Weekly Outline
See the [Winter 2009 SEC830 Weekly Schedule] for specific dates and topics.
Nes: This is the [old SEC830], from Jan 2007. NOTE: It will be updated this semester.
Subject Description
When the Internet became a public medium in 1992, every connected computer became an instant target for "crackers". This subject deals with operating system security including networking issues, wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, access control lists, public key infrastructure, system logging, authentication schemes and intrusion detection and prevention.
Credit Status
1 credit in the LUX program.
Prerequisites
SYA710
Specific Outcomes
Upon successful completion of this subject students should be able to:
* install and use encryption software * maintain user accounts and passwords * implement and use public key infrastructures * identify and disable unused system services * audit the security of a Linux system * enable and use wrappers and proxies * maintain file permissions and access control lists * implement and maintain manditory access controls * setup, maintain and monitor system logs * configure a Linux firewall * setup intrusion prevention and detection systems * monitor and restrict logins * install, configure and administrate authentication schemes
Topic Outline
- Overview of Unix Security - 5%
- common vulnerabilities and attacks
- security policies
- User Responsibilities - 15%
- users, groups and passwords
- permissions (including suid/sgid)
- files and directories
- encryption
- access control lists (ACLs)
- System Security - 15%
- backups
- monitoring accounts
- system logs
- privileged access
- Network Security - 20%
- trusted hosts
- securing network services
- firewalls
- network file systems (NFS CIFS)
- wireless security
- The Secure Shell (SSH) - 10%
- Installation and Configuration
- Pluggable Authentication Modules (PAM) - 10%
- Installation, Configuration, Administration
- Security Tools - 15%
- Tripwire, Crack, Satan, Saint
- Root kits
- Tiger, COPS
- Sniffers (tcpdump, sniffit, kismet)
- Port Scanning using nmap
- Intrusion Prevention - 10%
- AppArmor
- SELinux
Modes Of Instruction
- 2 hours interactive lecture per week, and 2 hours lab time per week
Prescribed Text
- Hack Notes: Linux and Unix Security Portable Reference by Nitesh Dhanjani; ISBN 0-07-222786-9 published by McGraw-Hill/Osborne
Reference Material
- Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
- UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
- Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8
Supplies
- None
Promotion Policy
To obtain a credit in this subject, a student must:
- Achieve a grade of 55% or better on the final exam
- Satisfactorily complete all assignments
- Achieve a weighted average of 55% or better for the tests and final exam
- Achieve a grade of 55% or better on the overall course
Modes of Evaluation
- 30% Assignments/Labs
- 40% Final Exam
- 30% Midterm Test