CS591 F2008 Assignment

Assignment

Week 1 (8/27): Read Chapter 1 of Security Engineering, MetaSploit Version 3.1 user guide. Browse the introduction pdf presentation. Make sure your ufp account is up to date and you can login to EN138 PCs with that account. Check with me early Wednesday before class if this is the first time you access EN138 lab.
Week 2 (9/3): Read “Smashing The Stack For Fun And Profit,” by Aleph One. Browser the buffer overflow viewgraph.
Week 3 (9/8): Read “On the Effectiveness of Address-Space Randomization,” by Shacham et al at Stanford's applied crypto group at ACM Computer Communication Security Conference 2004.
Week 4 (9/15): Read Basic Cryptography viewgraph, Chapter 5 of "Security Engineeering" or Chapter 8 of "Computer Network" by Tanenbaum (if have one or check out from library).
Week 5 (9/22): Read Chapter 2 of "Security Engineering"
Week 6 (9/29): Read Secure Web Access Web page
Week 7 (10/6): Read Chapter 18, Network Attack and Defense.Security Engineeri. Sec. 18.3.2 is firewall related topic.
Week 8 (10/13): Read iptables tutorial
Week 9 (10/20): Review for midterm
Week 10 (10/27): Read Snort IDS minimal installation guide, Browse NIST IDS Survey document
Week 11 (11/3) Spring break
Week 12 (11/10) ReadAnomalous Payload-based Worm Detection and Signature Generation, by Wang et al, Raid 2005.
Week 13 (11/17) Read HIDS: Tripwire, Implementing Tripwire. Browse Tripwire presentation, Read Introduction to Nessus, scanning, analyze reports.
Week 14 (11/24) Read CORE IMPACT - Penetration Testing: Assessing Your Overall Security Before Attackers Do by By Stephen Northcutt, Jerry Shenk,Dave Shackleford, Tim Rosenberg, Raul Siles, and Steve Mancini, browse ISSAF draft Sections 2, 3, 7.A, 7.B), CS591 viewgraphs.
Week 15 (12/1) Read Security Models, Browse Bell-LaPadula model viewgraph, Chapter 3 Tour of Trusted Solaris Environment page 49 of trusted solaris user guide, SELinux