Difference between revisions of "SEC830"
Bossa nesta (talk | contribs) (→Weekly Outline) |
(→Subject Description) |
||
| Line 15: | Line 15: | ||
== Subject Description == | == Subject Description == | ||
| − | When the Internet became a public medium in 1992, every connected computer became an instant target for crackers. This subject deals with | + | When the Internet became a public medium in 1992, every connected computer became an instant target for "crackers". This subject deals with operating system security including networking issues, wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, access control lists, public key infrastructure, system logging, authentication schemes and intrusion detection and prevention. |
=== Credit Status === | === Credit Status === | ||
| Line 29: | Line 29: | ||
Upon successful completion of this subject students should be able to: | Upon successful completion of this subject students should be able to: | ||
| − | * install and use encryption software | + | * install and use encryption software |
| − | * | + | * maintain user accounts and passwords |
| − | * identify and disable unused system services | + | * implement and use public key infrastructures |
| − | * audit the security of a Linux system | + | * identify and disable unused system services |
| − | * enable and use wrappers and proxies | + | * audit the security of a Linux system |
| − | * | + | * enable and use wrappers and proxies |
| − | * | + | * maintain file permissions and access control lists |
| − | + | * implement and maintain manditory access controls | |
| − | + | * setup, maintain and monitor system logs | |
| − | + | * configure a Linux firewall | |
| − | + | * setup intrusion prevention and detection systems | |
| − | + | * monitor and restrict logins | |
| + | * install, configure and administrate authentication schemes | ||
=== Topic Outline === | === Topic Outline === | ||
Revision as of 08:31, 15 January 2009
Note! This information is under revision.
Contents
SEC830 - Security Issues
Professor
SYA810 is taught by John Selmys (Winter 2009)
Weekly Outline
See the [Winter 2009 SEC830 Weekly Schedule] for specific dates and topics.
Nes: This is the [old SEC830], note that it would be changed during the semester. Just for people wants to learn in advanced.
Subject Description
When the Internet became a public medium in 1992, every connected computer became an instant target for "crackers". This subject deals with operating system security including networking issues, wrapper and proxy programs, securing TCP/IP services, host security and passwords, SUID/GUID files, cryptography, firewalls, access control lists, public key infrastructure, system logging, authentication schemes and intrusion detection and prevention.
Credit Status
1 credit in the LUX program.
Prerequisites
SYA710
Specific Outcomes
Upon successful completion of this subject students should be able to:
* install and use encryption software * maintain user accounts and passwords * implement and use public key infrastructures * identify and disable unused system services * audit the security of a Linux system * enable and use wrappers and proxies * maintain file permissions and access control lists * implement and maintain manditory access controls * setup, maintain and monitor system logs * configure a Linux firewall * setup intrusion prevention and detection systems * monitor and restrict logins * install, configure and administrate authentication schemes
Topic Outline
- Overview of Unix Security - 5%
- common vulnerabilities and attacks
- security policies
- User Responsibilities - 15%
- users, groups and passwords
- permissions (including suid/sgid)
- files and directories
- encryption
- access control lists (ACLs)
- System Security - 15%
- backups
- monitoring accounts
- system logs
- privileged access
- Network Security - 20%
- trusted hosts
- securing network services
- firewalls
- network file systems (NFS CIFS)
- wireless security
- The Secure Shell (SSH) - 10%
- Installation and Configuration
- Pluggable Authentication Modules (PAM) - 10%
- Installation, Configuration, Administration
- Security Tools - 15%
- Tripwire, Crack, Satan, Saint
- Root kits
- Tiger, COPS
- Sniffers (tcpdump, sniffit, kismet)
- Port Scanning using nmap
- Intrusion Prevention - 10%
- AppArmor
- SELinux
Modes Of Instruction
- 2 hours interactive lecture per week, and 2 hours lab time per week
Prescribed Text
- Hack Notes: Linux and Unix Security Portable Reference by Nitesh Dhanjani; ISBN 0-07-222786-9 published by McGraw-Hill/Osborne
Reference Material
- Linux System Security by Scott Mann, Ellen Mitchell and Mitchell Krell, 2002 Pearson, 2nd Edition. ISBN 0130470112
- UNIX Security by editors of Sys Admin magazine 1997 R&D Books/Miller Freeman ISBN 0-87930-471-5
- Practical UNIX and Internet Security by Simson Garfinkel and Gene Spafford 1996 - 2nd Edition O'Reilly & Associates, Inc. ISBN 1-56592-148-8
Supplies
- None
Promotion Policy
To obtain a credit in this subject, a student must:
- Achieve a grade of 55% or better on the final exam
- Satisfactorily complete all assignments
- Achieve a weighted average of 55% or better for the tests and final exam
- Achieve a grade of 55% or better on the overall course
Modes of Evaluation
- 30% Assignments/Labs
- 40% Final Exam
- 30% Midterm Test
