CS496/596: Network Security

Location: EB 103 (TR 16:40-18:30)

Instructor: D. Kevin McGrath

• PDX username: dmcgrath
• Office hours:
  • Location: FAB 120-15 and Zoom (PW: PSUSecure)
  • Times:
    • Tuesday: 14:30 - 16:15
    • Wednesday: Code Party (19:00-22:00, FAB 86-01/88-03)
    • Thursday: 14:30 - 16:15

Syllabus

Recorded Lectures: These will be made available via MediaSpace. Login required.

Homework

Each homework will build in some fashion on the previous homework. This may be conceptually, but may be directly. These aren’t your typical “write answers to questions” type assignments, but rather are intended to be more hands-on. Nearly all the work I’m asking you to do is taken from tasks I had to perform professionally as a security vulnerability engineer. The first assignment will be to get the VM environment set up and configured. Subsequent assignments will build on this.

Submission

All work will be submitted via MarkDown documents within an internal gitlab repo. You will be using this repo for the rest of the term. This repo exists on the CECS intranet. You will need to add me to this repo as Developers. Grades and feedback will be done via a merge request from me.

Assignments

• Homework 1
• Homework 2
• Homework 3
• Homework 4
• Homework 5
• Final Paper: CS496
• Final Project: CS596 – this can be done by 496 students in place of the paper.
• Alternate final project: CS596 – this can be done by 596 students in place of the default final project. First come, first served in terms of hardware. If you want to do this, let me know ASAP.

Pages

• Software configuration – not required, but possibly useful information on environment setup
• tmux config – configuration file for tmux from the Software Configuration page
• Powershell profile – powershell profile from the Software Configuration page
• Technical Writing – if unfamiliar with markdown or LaTeX, this page will help
• VM Setup on Windows
• VM Setup on macOS
• Kali configuration
• SSH setup – setting up SSH keys for use with the VM
• SSH Tunnel for Windows RDP – SSH tunneling trick we will be using in various places through the term
• Introduction to Networking – a brief introduction to networking concepts
• Introduction to network reconnaissance – a brief introduction to network reconnaissance and using nmap
• Cracking WiFi – a brief introduction to cracking WiFi
• Capturing packets – a brief introduction to capturing packets
• Using wireshark – a brief introduction to using wireshark
• Introduction to scapy – a brief introduction to scapy
• 80 to 0 in Under 5 Seconds: Falsifying a Medical Patient’s Vitals – an article detailing a real-world attack on a medical device, including how he reversed the protocol (RWHAT).
• Defensive measures – a brief introduction to firewalls and IPS/IDS
• TunnelVision exploit against VPNs – an exploit a malicious network admin could use to render most VPNs useless.
• Ripple20 RH0 bug pcap file – a pcap file demonstrating the Ripple20 RH0 bug
• Ripple20 RH0 bug description – a description of the Ripple20 RH0 bug

Useful links for learning

• The Art of Packet Crafting with Scapy
• scapy cheatsheet
• nmap cheatsheet
• tmux cheatsheet
• Linux Handbook on tmux
• Markdown
• The C Book
• The GNU make manual
• Managing projects with make
• The chmod calculator
• The Python tutor
• The Linux Command Line (Direct PDF link)
• Adventures with the Linux Command Line
• The Linux Development Platform
• gdb tutorial
• gef manual