Using An Isolated Network to Teach Advanced Networks and Security

Slides:

Advertisements

Similar presentations

An Isolated Network in Support of an Advanced Networks and Security Course LTC Curtis A. Carver Jr. LTC John M.D. Hill Dr. Udo W. Pooch.

Advertisements

Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

5-Network Defenses Dr. John P. Abraham Professor UTPA.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Module 11: Supporting Remote Users. Overview Establishing Remote Access Connections Connecting to Virtual Private Networks Configuring Authentication.

Introduction to Computer Administration System Administration

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

1 Creating a Virtual Laboratory to Teach Information Assurance Courses Online Dr. Wayne Summers & Dr. Bhagyavati Columbus State University Columbus, Georgia.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

CPMT 1451 IT Essentials: PC Hardware and Software ITCC 1301 Cisco Exploration 1: Network Fundamentals ITCC 1304 Cisco Exploration 2: Routing Protocols.

Honeypot and Intrusion Detection System

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Bart Miller – October 22 nd,  TCB & Threat Model  Xen Platform  Xoar Architecture Overview  Xoar Components  Design Goals  Results  Security.

Terri Lahey Control System Cyber-Security Workshop October 14, SLAC Controls Security Overview Introduction SLAC has multiple.

Module 7: Advanced Application and Web Filtering.

Scott Teeters, Jr. MicroSolved, Inc. in partnership with Sogeti USA How to Fail A Penetration Test Concepts in Securing a Network.

CSCI 1033 Computer Hardware Course Overview. Go to enter TA in the “Enter Promotion Code” box on the bottom right corner.

Network Security Lewis R. Folkerth, P. E. Consumers Energy Energy Management Systems

Intrusion Detection on a Shoestring Budget Shane Williams UT Austin Graduate School of Library and Information Science Oct. 18, 2000 SANS Network Security.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Building an Interactive Classroom Haley Crabtree Terra State Community College Assistant Professor.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Firewalls2 By using a firewall: We can disable a service by throwing out packets whose source or destination port is the port number for that service.

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

TS workshop 2004U. Epting, M.C. Morodo Testa - TS department1 Improving Industrial Process Control Systems Security Uwe Epting (TS/CSE) Maria Carmen Morodo.

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Introduction to System Administration. System Administration  System Administration  Duties of System Administrator  Types of Administrators/Users.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

CompTIA Security+ Study Guide (SY0-401)

CSCE 548 Student Presentation By Manasa Suthram

Firmware threat Dhaval Chauhan MIS 534.

Methods to overcome corporate firewall restrictions

CompTIA Security+ SY0-401 Real Exam Question Answer

OpenLabs Security Laboratory

Protecting your mobile devices away from virus by a cloud-based approach Wei Wu.

Outline Introduction Characteristics of intrusion detection systems

Information and documentation media systems.

CompTIA Security+ Study Guide (SY0-401)

Internet of Things Vulnerabilities

CompTIA Security+ Study Guide (SY0-501)

IS3440 Linux Security Unit 9 Linux System Logging and Monitoring

ISMS Information Security Management System

Curtis A. Carver Jr., John M.D. Hill, John R. Surdu, and Udo W. Pooch

Limiting Uncertainty in Intrusion Response

How to Mitigate the Consequences What are the Countermeasures?

Investigation into the strengths and weaknesses of freeware network simulation tools for education purposes Academic Question : Which is the most stabiles.

Internet Engineering Course

Microsoft Virtual Academy

Protection Mechanisms in Security Management

Implementing Firewalls

Presentation transcript:

Using An Isolated Network to Teach Advanced Networks and Security LTC John M.D. Hill LTC Curtis A. Carver Jr. CPT Jeffrey Humphries Dr. Udo W. Pooch

Agenda Introduction Active Learning and Cooperative Groups Lab Architecture Issues in Building a Security Lab Questions and Conclusions 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Introduction Texas A&M University has been teaching a graduate class in Computer Security since 1995. The class utilizes an isolated network security lab to prove a cooperative, active learning opportunity for the students. The purpose of the class is to teach students about network security in an active learning environment. The purpose the security lab is to isolate the effects of this active learning from the rest of the campus and departmental networks. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Introduction (continued) The lab is isolated by a combinations of hardware and software safeguards: All components of the lab connect to a single router. The router’s gateway is through a proxy firewall server. Students can access the lab remotely only by logging into the firewall. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Active Learning 70% of the student’s grade is the lab exercise. Students must learn and actively apply classroom lessons in order to pass the course. The exercise is self-directed. Students must research, code, and implement solutions to the exercise. Students do not attack passive systems. Instead, the systems are actively being defended by fellow students. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Persistent Learning Groups Students must work together as a team because: The problem presented to students is too complex and time-consuming for one student to solve. The exercise is weighted heavily. Without success in the lab, students will fail. Students learn more from each other than they ever would from a professor. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Lab Architecture Inferno 1 Router Firewall Heaven Inferno 2 Arcadia Gabriel Server Switch Attack Switch Inferno 4 Utopia Research Switch Inferno 5 Research 5 Limbo Research 4 Boot Server Research 1 Research 2 Research 3

Attack Components These are the student attack platforms. Each student team has access to a SPARC workstation and personal computer that is configured to run both Window NT and LINUX. This allows the students to attack using three different operating systems. Student teams have complete configuration control over their attack platform and may enable or disable whatever services they desire. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Server Components These components are generally the systems the students are attacking. There are some component systems that are off-limits (St Peter, Boot Server). There are some components that can be attacked that the students do not know about (Gabriel). 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Sever Components (continued) The remaining systems present a variety of operating systems with different levels of security: Limbo SunOS 2.4 system with no security patches. Utopia is Solaris 2.5 system with the latest security patches and standard services. Xanadu is a hardened server with the latest security patches and limited access. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Server Components (continued) Heaven is a Window NT and HTTP server with the latest patches applied. Arcadia is a Linux email server. Gabriel is a remote logging station. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Research Components These components are research systems that can be used to develop and analyze security systems in a hostile environment. As an example, they are currently being used to evaluate intrusion detection systems that feature active intrusion response mechanisms. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Additional Security Tools Employed Tiger – vulnerability scanner Tripwire – Integrity checker TCPWrapper – network protocol tool 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Issues Delineation of lab and real world activities. Protection of the network lab so that it cannot be used to launch attacks outside of the lab. The high maintenance cost of providing a mix of operating systems at different levels of security. 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference

Questions and Conclusions 11/20/2018 Presented to the 32nd Technical Symposium on Computer Science Education (SIGCSE) Conference