"Internet Security" Home Page

Objectives: This course is a hand-on study of the threats to computer systems connected in a network and/or to the Internet. The objectives are:

To understand how crackers find a system,

To understand how crackers find vulnerabilities in that system,

To understand how vulnerability in the system is used to compromise the system.

To achieve this, we look at the various tools to attack and defend a system as well as tools to detect and analyze intrusions.

Outcomes: At the end of the course a student should be able to:

Explain the step-by-step approach used by many computer attackers

Describe strategies and demonstrate tools for each type of attack

Explain computer attack vectors and how you can stop them

Look for Application-level vulnerabilities, attacks, and defenses.

Use this page to receive current class information and as an extended reference that points to relevant information on the web.

Class Documents

• Course description
• Schedule (FYI schedule from 2007)
• grades
  
  
• 1. UNIX notes, lab1
• 2. buffer overflow: overflow_example.c, auth_overflow.c, auth_overflow3.c, lab2a: auth_overflow1h.c, auth_overflow3h.c
• 3. network attack: sniffing: lab3 (click HTTP-ethereal-lab-file3.html, get ethereal-traces.zip )
• ARP cache poisoning
• lab3b
• lab3c, video
• 4. web applications

References

• CCDC
• CCDC reginal (video from 2008)
• SANS


• Perl (free chapter)