Possible homework assignments: 1. find a lump of src code related to network mgmt and/or network security and analyze the architecture. This might include ssh/mrtg/big-brother/kernel ipfw implementation or some other piece of software that is freely available. (If this code it big and gnarly enough, you can argue this into a term-paper replacement). analysis of the public-domain tripwire tool is another possibility. 2. visit the Engineering library at PSU (5th floor). Find articles on network security (or network management) in IEEE and ACM journals. Skim the article. Make abstracts for said articles (bibliographic form and paragraph description). Other journals may apply. 3. p. 76, Stallings. We find a nice list of SNMP-Related RFCs. Pick 10 proposed standards and nicely summarize what they are about. A focus on enterprise MIBS here oculd be of interest too. The instructor could help you find Cisco enterprise MIBS of interest. Recent switch-oriented MIBS might be of interest. 4. your idea here. Possible term paper topics might include 1. Internet-wide traffic analysis. Find out what is going on in the IETF in this area ... Or see http://www.caida.org for a starting point. The teacher can provide some clues as well. 2. find something to compare IPSEC to; e.g., Cisco's link-level (L2TP), and/or Microsoft's PPTP. Compare and constrast the approaches. Or take a really close look at two implementations of IPSEC; e.g., Cisco and Linux S/WAN, and/or FreeBSD in FreeBSD 4.X. (summary, linux vs freebsd or freebsd vs cisco). 3. write up a paper that compares various secure email protocols, including PGP/PEM and Secure Mime. 4. search for and find cracker tools (used for security breaches/network intrusion (as opposed to detection :->) and write up a survey of said tools. E.g., recent DDOS tools, or rootkits, or just general one attack based tools. The instructor can help here. The recent HACKING EXPOSED book may be of use. 5. investigate, analyze, and write up various network management tools as found on: http://www.caida.org/tools RRDtool-based tools may also be of interest. 6. there is this field called "intrusion detection" which includes tools that look at packets and try to pattern match said packets with known attacks. This might be a good venue for a term paper. Tools here may include tools that analyze systems including tripwire (file system checksums) or distributed analysis (security hole checking tools), like satan, nessus (www.nessus.org), saint http://www.wwdsi.com/saint, or others. (Thanks to Crispan Cowan for some hints). -6. There is also an opposite field that looks for holes in a very different way. One could checkout nmap and other known probing tools. 7. tools exist for linux-based routing and firewalls. E.g., there is a linux router project (http://www.linuxrouter.org) and a linux-based automatic firewall script project (mason, http://users.dhp.com/~whisper/mason). 8. your idea here -------------------------------------------------------------- note: References in Stallings on p. 603. RFC list on p. 76-77.