Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Challenges of Teaching an Interdisciplinary IA Course Rose Shumba Indiana University of Pennsylvania EPASEC 2006.

Published byBerniece Logan Modified over 8 years ago

Similar presentations

Presentation on theme: "The Challenges of Teaching an Interdisciplinary IA Course Rose Shumba Indiana University of Pennsylvania EPASEC 2006."— Presentation transcript:

1 The Challenges of Teaching an Interdisciplinary IA Course Rose Shumba Indiana University of Pennsylvania EPASEC 2006

2 Overview of talk Overview of the COSC 316 course –Course background –Concepts and hands on exercises covered –Teaching resources Experiences and challenges So, what? Possible solution

3 Course background Interdisciplinary course for the Criminology, Business students, Communications, and Computer. Introduces the theory and concepts of host computer security. –Security building blocks for a Linux host Pre-requisite -Problem Solving and Structured Programming.

4 Main concepts covered Users, Passwords and authentication Users, Groups and the Super user, File systems and Security Cryptography Basics Defending accounts Integrity Management Auditing and Logging Vulnerability assessment Introduction to digital forensics

5 Basis for the course “The security blocks form a sound defense strategy of multiple layers. If one layer is penetrated, there are still other layers of protection. “

6 Hands-on exercise Introduction to Unix commands and utilities Password crackers, PAM module, integrity checking, password configuration files. User Private Groups and sharing of devices in groups. Defending accounts utilities- protecting of root account, sudo utility, sudoers files, checking for root kits, lsof tool

7 Hands-On exercise File permissions- use of chmod and umask utility, sticky bit, SUID bit, SGUID bits Tripwire tool for integrity checking Auditing and logging- use of logging tools; swatch, logcheck, logrotate, pacct. PGP tool; sending keys to the server. Tool capstone project-Sara, Rat, Nessus, Hunt, Ethereal, Squid, Satan, Protsentry, and Internet Security Scanner.

8 Teaching Resources An isolated network security laboratory with 22 Red Hat Linux 9.2 servers, 10 Cisco 2600 series routers and 10 PIX firewalls. Text: Garfinkel. S, Spafford, G, Schwartz. A; Practical Unix and Internet Security; O’Reilly; Third edition; 2003.

9 Positive experiences Linux is free; we are using Red Hat 9.1. There is an abundance of freely downloadable Linux security tools. Tutorials and documentation are available with most of the tools, which can be tailored to one’s teaching environment. Positive feedback has been received from students on the use of hands-on exercises.

10 Positive experiences The password cracking, accounts defending, groups security, Tripwire, PGP exercise and the capstone tool project were very interesting as for activities performed (from student evaluations).

11 Challenges Research tool exercise is interesting for computer science majors but a challenge for non-computer science majors. –Extensive documentation with some of the assigned tools. –The challenging installation process –some tools require advanced Unix/Linux knowledge, and, –Output from some of the tools is sometimes not easy to understand it requires an understanding of basic network concepts.

12 Challenges There is a need to include Windows tools as highlighted both in the course student evaluations and by the dept Interns. Windows tools are however usually commercial. Given a choice between Windows and Linux, 95% of the students chose Windows Trial versions for the capstone project.

13 Solution Designed a prerequisite for this course COSC216 to introduce students to the Windows and Linux operating systems and basic information assurance topics. Course has only been taught once.

Download ppt "The Challenges of Teaching an Interdisciplinary IA Course Rose Shumba Indiana University of Pennsylvania EPASEC 2006."

Similar presentations

Educating System Testers in Vulnerability Analysis: Laboratory Development and Deployment Leonardo A. Martucci, Hans Hedbom, Stefan Lindskog, and Simone.

Educating System Testers in Vulnerability Analysis: Laboratory Development and Deployment Leonardo A. Martucci, Hans Hedbom, Stefan Lindskog, and Simone.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.
Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.

Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.
04/07/06 DePaul University - Teaching and Technology Conference Remote Networking Labs for Hands-on Exercises James Yu, Ph.D. Scholl of CTI DePaul University.

04/07/06 DePaul University - Teaching and Technology Conference Remote Networking Labs for Hands-on Exercises James Yu, Ph.D. Scholl of CTI DePaul University.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.

Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.

Introduction to UNIX Acknowledgement:Thanks to Dr Andrew Horner for the original version of this set of slides. All trademarks are the properties of their.
1 Host – Based Intrusion Detection “Working of Tripwire”

1 Host – Based Intrusion Detection “Working of Tripwire”
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Introduction to Computer Administration System Administration

Introduction to Computer Administration System Administration
Chapter 3  Manage the computer’s resources ◦ CPU ◦ Memory ◦ Disk drives ◦ Printers  Establish a user interface  Execute and provide services for applications.

Chapter 3  Manage the computer’s resources ◦ CPU ◦ Memory ◦ Disk drives ◦ Printers  Establish a user interface  Execute and provide services for applications.

Similar presentations

Ads by Google