Open Source Security Tools for Information Technology Professionals



Similar documents
Introduction Open Source Security Tools for Information Technology Professionals

Open Source Security Tools

Contents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix

Course Title: ITAP 3471: Web Server Management

Course Title: Penetration Testing: Security Analysis

CNA 432/532 OSI Layers Security

NETWORK SECURITY (W/LAB) Course Syllabus

Description: Objective: Attending students will learn:

Open Source Security Tool Overview

City University of Hong Kong. Information on a Course offered by Department of Electronic Engineering with effect from Semester A in 2012/2013

Introduction to Firewalls Open Source Security Tools for Information Technology Professionals

Network Security and Firewall 1

SCP - Strategic Infrastructure Security

By Jascha Wanger

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Linux Network Security

NETWORK SECURITY HACKS *

Intrusion Detection Systems (IDS)

CIT 380: Securing Computer Systems

information security and its Describe what drives the need for information security.

Certified Ethical Hacker (CEH)

ITSY Security Assessment/Auditing Spring 2010 Professor: Zoltan Szabo D111 LEC TR 11:20AM 12:45PM D111 LAB TR 12:50PM 02:15PM

3 Days Course on Linux Firewall & Security Administration

Cisco IPS Tuning Overview

INFORMATION SECURITY TRAINING CATALOG (2015)

Linux Operating System Security

e-code Academy Information Security Diploma Training Discerption

COURSE SYLLABUS FIREWALLS & NETWORK SECURITY. ITSY-2301 Number Lecture - Lab - Credit. ITSY-1342 Prerequisites. April 16, 2015 Revision Date

Network Attacks and Defenses

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Raritan Valley Community College Academic Course Outline. CISY Advanced Computer Networking

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

An Open Source IPS. IIT Network Security Project Project Team: Mike Smith, Sean Durkin, Kaebin Tan

Some Tools for Computer Security Incident Response Team (CSIRT)

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

167 th Air Wing Fast Track Cyber Security Blue Ridge Community and Technical College

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Security + Certification (ITSY 1076) Syllabus

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

How To Set Up A Network Map In Linux On A Ubuntu 2.5 (Amd64) On A Raspberry Mobi) On An Ubuntu (Amd66) On Ubuntu 4.5 On A Windows Box

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems

Intrusion Detection System (IDS)

Undergraduate Course Syllabus

Ethical Hacking Course Layout


Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

Topics in Network Security

Small Systems Solutions is the. Premier Red Hat and Professional. VMware Certified Partner and Reseller. in Saudi Arabia, as well a competent

Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction

Build Your Own Security Lab

CIS 156. Firewalls and Intrusion Detection

IDS / IPS. James E. Thiel S.W.A.T.

167 th Air Wing Fast Track Cyber Program Blue Ridge Community and Technical College

EC-Council Certified Security Analyst (ECSA)

Tim Bovles WILEY. Wiley Publishing, Inc.

Interdisciplinary Program in Information Security and Assurance. By Kossi Edoh NC A&T State University Greensboro

Penetration Testing Workshop

Firewall Testing. Cameron Kerr Telecommunications Programme University of Otago. May 16, 2005

1 Scope of Assessment

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Security Event Management. February 7, 2007 (Revision 5)

ANTI-HACKER TOOL KIT. ourth Edition

"Charting the Course to Your Success!" MOC D Windows 7 Enterprise Desktop Support Technician Course Summary

HARFORD COMMUNITY COLLEGE 401 Thomas Run Road Bel Air, MD Course Outline CIS INTRODUCTION TO UNIX

CENTRAL TEXAS COLLEGE ITSY 2401 FIREWALLS AND NETWORK SECURITY. Semester Hours Credit: 4 INSTRUCTOR: OFFICE HOURS:

Experiences from Educating Practitioners in Vulnerability Analysis

CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required

IT6203 Systems & Network Administration. (Optional)

Network Security Course Specifications

Intrusion Detection Systems. Darren R. Davis Student Computing Labs

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Medical Device Security Health Group Digital Output

CRYPTUS DIPLOMA IN IT SECURITY

CDS and Clearing Limited Thapathali, Kathmandu 7 th Level (Technical) Syllabus

CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Table of Contents. Introduction. Audience. At Course Completion

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Network Security: A Practical Approach. Jan L. Harrington

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

F-SECURE MESSAGING SECURITY GATEWAY

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

Transcription:

Open Source Security Tools for Information Technology Professionals CUNY SPS Course Syllabus Aron Trauring May 23, 2005 (rev October 21, 2005)

Course Description Information security is a top priority for information technology professionals and their employers. A bewildering number of security tools are available in the market, many costing thousands of dollars. Yet few system administrators have sufficient time or resources to properly address potential security problems. One option is to use open source software, where the code used to create the software is available for public use. Open source products are often at low cost and of high-quality, but few IT professionals have the expertise or time to evaluate these alternatives. This new course is a practical, hands-on introduction to the topics of open source software and computer security, and several specific open source security tools. While most of the tools run on Linux or other Unix platforms, they address security issues in, and solutions for, Microsoft Windows-based networks as well. The course will be a combination of lectures and labs, which will provide students a hands-on opportunity to use and apply these tools. Through using these tools, students will learn about core security threats in the modern IT networked environment and how to handle them. While addressing security issues for all major IT platforms, the students will also learn some basic skills for using the most famous open source product, the Linux operating system. Required Text Howlett, Tony Open Source Security Tools: A Practical Guide to Security Applications. New York: Prentice Hall. 2005 Optional Texts and Labs Instructor chosen material on the Oreilly s online Safari University (online text resource center) Labs: Linux personal computer and network servers. Course Expectations/Grading Rubric 1) Students must attend all classes. More than one absence will affect the grade and a student with more than two absences will be dropped from the course. Two late arrivals will be considered one absence. 2) Students must actively participate in all class sessions. 3) Students must complete all class labs. 4) Students must prepare an electronic notebook which includes topical articles about computer security issues found in the trade press during the period the course is offered. An introductory essay must relate the articles to the topics 2

covered in the course, including suggestions on how the tools we learn may be used to address some of the issues raised in the articles. 5) Students must complete weekly quizzes that cover cumulative material and a final exam. 6) Grading: Class Labs 20% Electronic notebook 20% Class Participation 10% Weekly Quizzes 30% Final examination 20% Competencies that Students will Develop in the Course Overarching Objectives: At the conclusion of the course, the student will be able to 1) Identify fundamental network computer security issues. 2) Understand what open source software is and when it is advantageous to use for network security applications. 3) Understand how to apply specific open source tools to uncover security breaches. 4) Deploy specific tools to monitor and protect a computer network against attack. Content-specific objectives: At the conclusion of the course, the student will be able to 1) Harden their security tool system 2) Deploy secure remote administration tools 3) Deploy firewalls 4) Use a port scanner and analyze its results 5) Use a vulnerability scanner and analyze its results 6) Use a network sniffer and analyze its results 7) Deploy and use intrusion detection systems 8) Make use of security analysis and management tools 9) Deploy and use encryption tools 10) Deploy and use forensic tools Strands Laboratory Technology: In each lesson, there will be extensive use of individual computers to install, deploy, and activate specific security applications. Theoretical Underpinnings: Each lesson will examine the underlying computer network technology s theory and practice of the tools used in the labs, as well as of the specific network security threats these tools address. 3

Problem Solving: Built into each lesson, there will be opportunities for students to learn and apply general problem solving techniques to common network administration issues. Online Resources: In each lesson, students will be provided relevant online resources and have the opportunity to explore and make use of these. In addition to these strands that are contained in every lesson, there will be many different strategies employed in the classroom setting, including group and individual work, teacher lectures, questions and answers, teacher demonstrations, student discussions, active learning and note taking. Course Outline Session I - Introductory FOSS Welcome Overview of course Introduction to Free and Open Source Software (FOSS) Introduction to GNU/Linux Session II - Introductory TCP/IP / Security Overview of TCP/IP network principles Introduction to information security Lab: Linux Principles and Networking Overview, ping, traceroute, whois, dig, finger, ps Session III - Hardening the Security Tool System Trusted Computing Base Installing the GNU/Linux distribution securely Secure booting and boot loaders Consoles Users and Groups Process accounting PAM Keeping informed about security Lab: TCB Session IV - Secure Connections and Remote Administration Symmetric and asymmetric encryption SSH VNC Lab: OpenSSH, VNC Session V/VI - Firewalls How Does a Firewall work? 4

Adding rules Choosing filtering criteria iptables Creating a basic firewall Advanced concepts Lab: iptables, SmoothWall Session VII - Port Scanners TCP/UDP ports TCP fingerprinting How port scanning works Port scanning configuration Port Scanning Techniques Lab: Nmap, Nlog Session VIII - Vulnerability Scanners Typical application-level vulnerabilities Vulnerability scanning setup and configuration How to do safe and ethical vulnerability scanning Sample scan configurations What vulnerability scanning doesn t do Lab: Nessus Session IX - Network Sniffers Network sniffer fundamentals Ethernet history and operation How to do safe and ethical network sniffing Sample sniffer configurations Network sniffer applications Lab: TcpDump, Ethereal Session X - Intrusion Detection Systems Types of intrusion detection systems Signatures for network intrusion detection systems False positives in network intrusion detection systems Proper intrusion detection system placement Tuning an intrusion detection system File integrity checking Lab: Snort, Tripwire Session XI - Analysis and Management Tools Managing server log files Using databases and web servers for security data Analyzing IDS data 5

Managing vulnerability scan data Running a vulnerability scan management system Lab: ACID, NPI, NCC Session XII - Encryption Tools Different encryption algorithms Encryption applications Certificate authority security model Web of trust security model Lab: PGP,GnuPG,Certificates Session XIII - Forensic Tools Uses for forensic tools Incident response concepts Preparing for forensic investigation Tenets of good forensic investigation Lab: Sleuth Kit, Autopsy Forensic Browser, The Forensic Toolkit 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information