Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Isolated Network in Support of an Advanced Networks and Security Course LTC Curtis A. Carver Jr. LTC John M.D. Hill Dr. Udo W. Pooch.

Published byJohnathon Herridge Modified over 10 years ago

Similar presentations

Presentation on theme: "An Isolated Network in Support of an Advanced Networks and Security Course LTC Curtis A. Carver Jr. LTC John M.D. Hill Dr. Udo W. Pooch."— Presentation transcript:

1 An Isolated Network in Support of an Advanced Networks and Security Course LTC Curtis A. Carver Jr. LTC John M.D. Hill Dr. Udo W. Pooch

2 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference2 Agenda Introduction Lab Architecture – Black Components (attacking computers) – Gold Components (attacked computers) – Grey Components (research systems) Issues in Building an Isolated Lab Questions and Conclusions

3 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference3 Introduction Texas A&M University has been teaching a graduate class in Computer Security since 1995. The class utilizes an isolated network security lab to prove a cooperative, active learning opportunity for the students. The purpose of the class is to teach students about network security in an active learning environment. The purpose the security lab is to isolate the effects of this active learning from the rest of the campus and departmental networks.

4 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference4 Introduction (continued) The lab is isolated by a combinations of hardware and software safeguards: – All components of the lab connect to a single router. – The routers gateway is through a proxy firewall server. Students can access the lab remotely only by logging into the firewall.

5 Lab Architecture Hell 1 Hell 2 Hell 3 Hell 4 Black Switch Gold Switch Router Firewall Gray Switch Heaven Arcadia Utopia Gabriel Limbo Grey 1 Hell 5 Boot Server Grey 2Grey 3 Grey 4 Grey 5

6 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference6 Black Components These are the student attack platforms. Each student team has access to a SPARC workstation and personal computer that is configured to run both Window NT and LINUX. This allows the students to attack using three different operating systems. Student teams have complete configuration control over their attack platform and may enable or disenable whatever services they desire.

7 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference7 Gold Components These components are generally the systems the students are attacking. There are some Gold component systems that are off-limits (St Peter, Boot Server). There are some components that can be attacked that the students do not know about (Gabriel).

8 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference8 Gold Components (continued) The remaining systems present a variety of operating systems with different levels of security: – Limbo SunOS 2.4 system with no security patches. – Utopia is Solaris 2.5 system with the latest security patches and standard services. – Xanadu is a hardened server with the latest security patches and limited access.

9 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference9 Gold Components (continued) Heaven is a Window NT and HTTP server with the latest patches applied. Arcadia is a Linux email server. Gabriel is a remote logging station.

10 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference10 Grey Components These components are research systems that can be used to develop and analyze security systems in a hostile environment. As an example, they are currently being used to evaluate intrusion detection systems that feature active intrusion response mechanisms.

11 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference11 Additional Security Tools Employed Tiger – vulnerability scanner Tripwire – Integrity checker TCPWrapper – network protocol tool

12 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference12 Issues Delineation of lab and real world activities. Protection of the network lab so that it cannot be used to launch attacks outside of the lab. The high maintenance cost of providing a mix of operating systems at different levels of security.

13 Copyright © 2000 Curtis Arthur Carver, Jr., and John Mitchell Duval Hill. All Rights Reserved. This document may freely be reproduced provided that it is distributed intact and includes the copyright statement and this requirement. References to cited authors available upon request. Contact hilljmd@tca.net. 3/16/00Presented to the 13th Annual Federal Information System Security Education Association (FISSEA) Conference13 Questions and Conclusions

Download ppt "An Isolated Network in Support of an Advanced Networks and Security Course LTC Curtis A. Carver Jr. LTC John M.D. Hill Dr. Udo W. Pooch."

Similar presentations

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Educating System Testers in Vulnerability Analysis: Laboratory Development and Deployment Leonardo A. Martucci, Hans Hedbom, Stefan Lindskog, and Simone.

Educating System Testers in Vulnerability Analysis: Laboratory Development and Deployment Leonardo A. Martucci, Hans Hedbom, Stefan Lindskog, and Simone.
Condor use in Department of Computing, Imperial College Stephen M c Gough, David McBride London e-Science Centre.

Condor use in Department of Computing, Imperial College Stephen M c Gough, David McBride London e-Science Centre.
Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.

Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.
High Availability in Hurricane Alley Multi-site multi-node CAS Deep in the Heart of Texas Srinivas Varadaraj & Bill Thompson Jasig Sakai Conference1.

High Availability in Hurricane Alley Multi-site multi-node CAS Deep in the Heart of Texas Srinivas Varadaraj & Bill Thompson Jasig Sakai Conference1.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Department of Electrical Engineering and Computer Science United States Military Academy, West Point, New York Department of Computer Science Texas A&M.

Department of Electrical Engineering and Computer Science United States Military Academy, West Point, New York Department of Computer Science Texas A&M.
DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.

DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.
Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.

Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.
Emerging Curriculum Issues in Digital Libraries MAJ(P) Curtis A. Carver Jr. LTC John M.D. Hill Udo W. Pooch.

Emerging Curriculum Issues in Digital Libraries MAJ(P) Curtis A. Carver Jr. LTC John M.D. Hill Udo W. Pooch.
5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.

Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.
Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O.

Rendezvous – a DIY VPN (profiting from mobile access to the enterprise) Rendezvous Server ET bjecvalu O.
Web Server Hardware and Software

Web Server Hardware and Software
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Introduction to Network Administration. Objectives.

Introduction to Network Administration. Objectives.
Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : 97077200 7 August 1999 The Chinese University.

Security Issues on Distributed Systems 7 August, 1999 S 1 Prepared by : Lorrien K. Y. Lau Student I.D. : August 1999 The Chinese University.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Similar presentations

Ads by Google