SEC830

From CDOT Wiki
Revision as of 09:08, 15 January 2009 by Selmys (talk | contribs) (Weekly Outline)
Jump to: navigation, search

Note! This information is under revision.

SEC830 - Security Issues

Professor

SYA810 is taught by John Selmys (Winter 2009)

Weekly Outline

See the [Winter 2009 SEC830 Weekly Schedule] for specific dates and topics.

Nes: This is the [old SEC830], from Jan 2007. NOTE: It will be updated this semester.

Subject Description

When the Internet became a public medium in 1992, every connected computer became an instant target for "crackers". This subject deals with operating system security including networking issues, wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, access control lists, public key infrastructure, system logging, authentication schemes and intrusion detection and prevention.

Credit Status

1 credit in the LUX program.

Prerequisites

SYA710

Specific Outcomes

Upon successful completion of this subject students should be able to:

  • install and use encryption software
  • maintain user accounts and passwords
  • implement and use public key infrastructures
  • identify and disable unused system services
  • audit the security of a Linux system
  • enable and use wrappers and proxies
  • maintain file permissions and access control lists
  • implement and maintain manditory access controls
  • setup, maintain and monitor system logs
  • configure a Linux firewall
  • setup intrusion prevention and detection systems
  • monitor and restrict logins
  • install, configure and administrate authentication schemes

Topic Outline

  • Overview of Unix Security - 5%
    • common vulnerabilities and attacks
    • security policies
  • User Responsibilities - 15%
    • users, groups and passwords
    • permissions (including suid/sgid)
    • files and directories
    • encryption
    • access control lists (ACLs)
  • System Security - 15%
    • backups
    • monitoring accounts
    • system logs
    • privileged access
  • Network Security - 20%
    • trusted hosts
    • securing network services
    • firewalls
    • network file systems (NFS CIFS)
    • wireless security
  • The Secure Shell (SSH) - 10%
    • Installation and Configuration
  • Pluggable Authentication Modules (PAM) - 10%
    • Installation, Configuration, Administration
  • Security Tools - 15%
    • Tripwire, Crack, Satan, Saint
    • Root kits
    • Tiger, COPS
    • Sniffers (tcpdump, sniffit, kismet)
    • Port Scanning using nmap
  • Intrusion Prevention - 10%
    • AppArmor
    • SELinux

Modes Of Instruction

  • 2 hours interactive lecture per week, and 2 hours lab time per week

Prescribed Text

  • Hack Notes: Linux and Unix Security Portable Reference by Nitesh Dhanjani; ISBN 0-07-222786-9 published by McGraw-Hill/Osborne

Reference Material

  • Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
  • UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
  • Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8

Supplies

  • None

Promotion Policy

To obtain a credit in this subject, a student must:

  • Achieve a grade of 55% or better on the final exam
  • Satisfactorily complete all assignments
  • Achieve a weighted average of 55% or better for the tests and final exam
  • Achieve a grade of 55% or better on the overall course

Modes of Evaluation

  • 02% Quiz #1
  • 03% Quiz #2
  • 10% Labs
  • 10% Assignment #1
  • 15% Assignment #2
  • 30% Final Exam
  • 30% Midterm Test