Department and Course Number

CEG 429

 Course Coordinator Prabhaker Mateti
Course Title

Internet Security

 Total Credits 4

Catalog Description

CEG 499 Internet Security  Introduction to security issues arising primarily from computer networks. Topics include node and service authentication, address spoofing, hijacking,  SYN floods, smurfing, sniffing, routing tricks, and privacy of data en route. Buffer overruns and other exploitation of software development errors.  Hardening of operating systems.  Intrusion detection. Firewalls. Ethics.  Prerequisites: CEG 402

Text Books

  1. William Stallings, Network Security Essentials: Applications and Standards,  1st edition (April 15, 2000), Prentice Hall; ISBN: 0130160938.  This is a recommended text book.
  2. Simson Garfinkel, Gene Spafford, Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488.  Another recommended text book.

Home Page

www.cs.wright.edu/people/faculty/pmateti/Courses/499

Course Goals

The student should have learned the following:

  1. Design weaknesses in TCP/IP
  2. IP filtering techniques used in firewalls.
  3. Structure of viruses, worms and trojans.

The student should be able to apply the concepts above to the following:

  1. Properly configure a Unix system from a security perspective.
  2. Customize a firewall.
  3. Probe a LAN for weaknesses

Prerequisites by Topic

  1. Fluency in C/C++
  2. Comfortable as a Unix user.
  3. TCP/IP
  4. LANs and Internet

Major Topics Covered in the Course

Wk Lectures
1 Intro, LinuxNotes, BootUp, NetUtils, Cryptography, Password
2 Config, Fortification, HardenOS, BackDoors
3 RootKits, TCPIP, Sniffers
4 IPexploits, TCPexploits, DNSattacks,
5 TCPexploits
6 Probing, PacketFilter
7 Firewalls, IntrusionDetection, [OrangeBk], Audit,
8 BufferOverflow, SecSoftware,
9 Viruses, Worms, Trojans, Privacy
A Hackers' Views, Ethics

Laboratory Projects

The laboratory experiments contribute 30% to the final grade. Six experiments are  expected worth 5% each. 

All project work must be conducted within the Operating Systems and Internet Security (OSIS) Lab.  No other WSU facilities are allowed.   It is required that you sign our statement of ethics.

The list of experiments may change. Currently the list is as follows.

  1. Experience Serious Nuisance + Selected PC Viruses Trojan Horses
  2. Viruses and Worms 
  3. Password Cracking; 
  4. Privacy and Authentication of a User and PGP
  5. Hostile Applets in Java and ActiveX
  6. Different Versions of  ftp, ftpd, telnet, rlogin
  7. Buffer Overflow Exploitation
  8. Probing a Host for Weakness
  9. Sniffing
  10. Spoofing
  11. Denial-of-Service Attacks
  12. Setting Up a Linux PC as a Packet Filtering Router

Most experiments are to be performed by the student individually with a few that are best learned when there is a pair of students.   These projects must be work done solely by you (and your partner), except for the parts I provided you with. 

Estimate CSAB Category Content

Core Advanced Core Advanced
Data Structures Concepts of PL 1.0
Algorithms Comp Organization + Architecture 1.0
Software Design 1.0 Other 1.0

Oral and Written Communications

There are no oral presentations.  Students submit lab reports on the experiments they conduct. This report is expect to be written as a valid technical report.

Social and Ethical Issues

Social, ethical and legal issues are discussed in two lectures,  We try to have guest lectures on legal and ethical issues. It is required that the students sign our statement of ethics.

Theoretical Content

None.

Problem Analysis

After conducting an experiment, there are leading questions that the student must answer.  These involve problem analyses.  E.g., after the Sniffer lab, they are expected to answer if sniffing is possible when switches are used instead of hubs.

Solution Design

Effective improvement of security requires a design that is based on a comprehensive view of the entire system: computers, networks and humans.