CS496/596: Network Security

Location: FAB 170 (TR 14:00-15:50)

Instructor: D. Kevin McGrath

• PDX username: dmcgrath
• Office hours:
  • Location: FAB 120-15 and Zoom (PW: PSUSecure)
  • Times:
    • Tuesday: Code Party! 18:00 - 22:00 (VSC 105)
    • Wednesday: 14:00 - 15:30

Teaching Assistant: Emma Yakley

• CS496/596: Network Security
  • Homework
    • Submission
    • Assignments
  • Pages
    • Lecture content
    • Other stuff
    • Useful links for learning
  • Previous offerings

Syllabus

Recorded Lectures: These will be made available via [MediaSpace] as they occur. Login required.

Homework

Each homework will build in some fashion on the previous homework. This may be conceptually, but may be directly. These aren’t your typical “write answers to questions” type assignments, but rather are intended to be more hands-on. Nearly all the work I’m asking you to do is taken from tasks I had to perform professionally as a security vulnerability engineer. The first assignment will be to get the environment set up and configured. Subsequent assignments will build on this.

Submission

All work will be submitted via MarkDown documents within an internal gitlab repo. You will be using this repo for the rest of the term. This repo exists on the CECS intranet. You will need to add the TA and me to this repo as Developers. Grades and feedback will be done via a merge request from the TA.

Assignments

• Homework 1
• Homework 2
• Homework 3
• Homework 4
• Homework 5
• Final Paper: CS496
• Final Project: CS596 – this can be done by 496 students in place of the paper.
• Alternate final project: CS596 – this can be done by 596 students in place of the default final project. First come, first served in terms of hardware. If you want to do this, let me know ASAP.

Pages

Lecture content

• SSH setup – setting up SSH keys for use with the VM
• tmux cheatsheet
• tmux config – configuration file for tmux from the Software Configuration page
• Linux Handbook on tmux
• Introduction to Networking – a brief introduction to networking concepts
• Introduction to network reconnaissance – a brief introduction to network reconnaissance and using nmap
• nmap cheatsheet
• SSH Tunnel for Windows RDP – SSH tunneling trick we will be using in various places through the term
• Capturing packets – a brief introduction to capturing packets
• Cracking WiFi – a brief introduction to cracking WiFi
• Using wireshark – a brief introduction to using wireshark
• Introduction to scapy – a brief introduction to scapy
• scapy cheatsheet
• 80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals – an article detailing a real-world attack on a medical device, including how he reversed the protocol (RWHAT).
• Defensive measures – a brief introduction to firewalls and IPS/IDS
• TunnelVision exploit against VPNs – an exploit a malicious network admin could use to render most VPNs useless.
• Ripple20 RH0 bug pcap file – a pcap file demonstrating the Ripple20 RH0 bug
• Ripple20 RH0 bug description – a description of the Ripple20 RH0 bug

Other stuff

• Useful SANS resources
• Software configuration – not required, but possibly useful information on environment setup
• Powershell profile – powershell profile from the Software Configuration page
• Technical Writing – if unfamiliar with markdown or LaTeX, this page will help
• VM Setup on Windows
• VM Setup on macOS
• Kali configuration

Useful links for learning

• The Art of Packet Crafting with Scapy
• Markdown
• The C Book
• The GNU make manual
• Managing projects with make
• The chmod calculator
• The Python tutor
• The Linux Command Line (Direct PDF link)
• Adventures with the Linux Command Line
• The Linux Development Platform
• gdb tutorial
• gef manual

Previous offerings

• Winter 2024
• Spring 2024