COMP10032 Course Page - (Unix Security)
COURSE OUTLINE MAIN CONTACTS PAGE POLICIES
Last updated :
Important Dates and Messages

These documents will change frequently over the term. I will include materials I have written, BSD documentation, and material from the textbook. Please be prepared to make notes during the lecture time.

Week Topic / Lecture / Labs Reference / Notes Reading
1 Jan 7 - Jan 11
[Slides]
[Video 1/2]
[Video 2/2] 		System Installation Guide
pkgsrc Documentation 		Read preface
Cypto 101
2 Jan 14 - Jan 18
[Video] 		Router install is done on the back row machines and takes about an hour. Everyone should do this during the lab and work on the hacks on the row machines for the rest of the time. Pages 1-9, 18-36
Crypto 102
3 Jan 21 - Jan 25 NetBSD Kernel Manual
Save your kernel config file to csunix with scp
Note: using adjustkernel is cheating
Pkgsrc is on ftp @ 10.100.1.150 		Pages 216-225
Public Key Cryptography
4 Jan 28 - Feb 1 read man chflags, man gpg
My GPG Public Key 		Pages 231-237
Symmetric Block Ciphers
5 Feb 4 - Feb 8
[Review] 		Read the Guide on the
Cryptographic Device Driver
Read man cgd, and man cgdconfig 		Pages 256-261
Cryptographic Hashes
6 Feb 11 - Feb 15 Midterm Exam    
7 Feb 18 - Feb 22
  • Lab 7 - SSH Keys
  • automate file transfer with scp using Public Key authentication (Read the openssh documentation, look at ssh-keygen)
  • turn off shell access for sftp users
  • Install and use the parallelized login hacker hydra, and defend with Perl scripting and ipf rules.
 you will work with static IP for the routers and client workstations for the rest of the term. hack 66, page 272 (Make notes)
x Feb 25 - Feb 29 READING WEEK
8 Mar 3 - Mar 7

[Slides]
  • Lab 8 - Cracking Passwords
  • Install John the Ripper from pkgsrc
  • Learn the difference between Password Encryption and Password Hashing
  • Learn about rainbow tables
  • Learn the significants of having a 'salt' in a Password Hash
  
Primes and Certificates
9 Mar 10 - Mar 14

[Slides]
  • Lab 9 - Certificates and SSL
  • Securely obtain and install root certificates, so lynx can validate certificates presented by unknown sites.
  • Work subnetted with routing for this, everything must be static and correctly resolving for DNS. You will need the practise with routing for the final.
 README.sslcerts
10 Mar 17 - Mar 21
  • Lab 10 - IPFilter
  • Build a stateful firewall on your workstation, then on the row server
 man pages for:
ipfilter and ipftiler rules
ipnat and ipnat rules
11 Mar 24 - Mar 28
  • Squid Proxy Lab
  • Install and run an inbound (nginx) and outbound (squid) proxy.
  • Squid must handle all client outbound web requests.
  • Install Apache on port 1080, proxy CGI requests to it
 Work subnetted with routing for this, everything must be static and client outbound port 80 and 443 must be blocked with ipf. Start with this nginx.conf file for nginx. There is also a wiki.
12 Mar 31 - Apr 4 Review Week
Review Document
Review/Practise Exam 		May be used to make up for any labs that land on a holiday.  
13 Apr 7 - Apr 11 Final Hands-On Exam    
14 Apr 14 - Apr 18 Final Exam
Tuesday April 15th, 2008 		Rm. A223 - 11:30 - 13:30 BOTH SECTIONS
Reference Materials

For each week, I have linked to a Podcast (denoted by the infront of the link) to provide you with an alternate explaination, and a wider understanding of the general concepts we will be used each week. It is highly recommended that you listen to them.

Other Resources:


The BSD Certification homepage has a useful command reference and Certification Requirements document (both are pdfs). We expect that we can write a version of this soon; I will advise as soon as I hear something.

The textbook is "BSD Hacks" by Dru Lavigne, ISBN 0-596-00679-9, it is in the bookstore
Schedule Email Ext./Room Examples
Allan Jude allan.jude@mohawkcollege.ca 3265/E132A <Soon>