CIS271DL - GNU/Linux Security

Mesa Community College Network Academy
CIS271DL – GNU/Linux Security

Mondays and Wednesdays
18:00 – 21:40
2008Okt20 - 2008Dez10

CIS271DL has been moved to BA3 on MCC's main campus [PDF] at Southern and Dobson.

Call the Business and Industry Institute, 480 461 6100, and ask for Jessica in order to register for classes.

Network Security Hacks, Tips & Tools for Protecting Your Privacy Second Edition, October 2006

Andrew Lockhart
ISBN 10: 0-596-52763-2 | ISBN 13: 9780596527631

Watch Bruce Schneier for extra credit. Remember to turn in a short report on his talk. See Bruce's website for more info on him.

Presentations
Two exploit reports: each student is required to give two exploit reports during the course of the class. They are to be 3 to 5 minute reports on a recent security issue and why it's a security concern for the GNU/Linux community. Each exploit report is worth 10 points of homework. Each one not done will cost 20 points.

Two individual presentations: each will be 10 minutes to an hour long. Pre-arrange the topics with the instructor. Individual presentations are worth 50 points each.

One group presentation: the class will be split into a few small groups and each group will do a 30 to 90 minute presentation on one of the group topics. The group presentation is worth 100 points.

Homework

  • assignment2: download and burn to CD two security-related Live CDs
  • assignment3: join the security list for one distribution and for one Free Software project, report which lists joined to the instructor
  • assignment6: create two ssh keys. Setup a remote host to allow the keys for authentication, but limit connections with the command configuration option. Limit each key to a different command. Email the instructor text copies of commands and results showing the use of the keys for a connection for the allowed commands. Also include the command configuration and the results of trying to run a command that isn't allowed. Due before class Mon, 2008Nov24.

Reading assignments

Class assignments

  • 2008Nov17: Create an SSH connection and forward some port to Groklaw's web server. Use FoxyProxy to verify it works.

Potential test topics
These are as listed in class, but this is not a complete list of topics available for the test.

Very Likely:
authentication vs. authorization
AppArmor
SE Linux
ssh
ssh keys, fingerprints
tunnels
pam
shadow
passwd
hamachi
GPG
Nessus
password recovery
nmap
wireshark, tcpdump
ettercap, arp poisoning, dns spoofing
name 3 security organizations

Somewhat Likely:
suid/guid
chroot()
firefox addons, e.g. foxyproxy
firewalls
forensics toolkits
honeypots
ids
port knocking
clickjacking
ethics
permissions
port stealing
tcp vs. udp
header fields
tcpwrappers
ControlMaster
socks

Extra Credit Only:
MX Coke

Security exploits presented

  • http://blogs.techrepublic.com.com/networking/?p=700
  • http://lasecwww.epfl.ch/keyboard/
  • http://www.LinuxSecuriy.com/content/view/141231/170

Changes

  • 2008Okt26: added explanations of the 3 types of presentations and homework assignments 2 and 3.
  • 2008Nov02: added reading assignment.
  • 2008Nov11: added AppArmor reading assignment.
  • 2008Nov12: added links to Schneier Stoff.
  • 2008Nov16: added links for SE Linux documentation.
  • 2008Nov17: added class assignment.
  • 2008Nov17: added security exploits thus far reported on.
  • 2008Nov18: added assignment 6.
  • 2008Nov24: fixed assignment 6.
  • 2008Nov29: the Sunday lab did not solidify, ask in #PLUGlabs on irc.freenode.net for more info.
  • 2008Nov29: added info about joining the Hamachi network.
  • 2008Dez06: added potential test topics as listed in class.

Security Resources

Security Lab Hamachi network

modprobe tun
tuncfg
hamachi-init
hamachi start
hamachi login
hamachi join pluglabs pluglabs
hamachi go-online
hamachi list

"ifconfig ham0" will give you info about your IP for the Hamachi network.