Packet filtering is a tool  for improving network security that removes packets whose fields match certain patterns. Even though it is called "filtering",  packet alteration before accepting is available.  A firewall is a computer system dedicated to protect a LAN from the Internet at large.  In these lectures, we describe how packet filtering is done and present the setup of a filter based on Linux.  We also discuss the technical details firewalls and their setup using a PC with multiple NICs.

These lectures are about developing good habits and learning techniques that prevent errors in security software.  We discuss: Robust Programs, Correct Programs and Secure Programs; Fail-open or -closed, Security compartments, SUID programs, race conditions, and Construction Principles for Secure Programs.

 We discuss: Communicating sequential processes, clients and servers, remote procedure calls, weak and strong semaphores, split-binary-semaphores, Asynchronous and synchronous message passing. Logical clocks, ordering of events. Heartbeat, probe/echo, and broadcast algorithms. Distributed mutual exclusion, Distributed implementation of semaphores, and distributed termination detection.  Process migration. Mobile objects. Using idle workstations. Consistent global states. Replication management.  Distributed programming languages. Example languages: SR, Linda TupleSpace, Java RMI.  Example systems: PVM. MPI, Condor, DFS.

Lectures: 730  |  830  |  891-Java

Linux runs on everything from tiny mobile devices to clusters that are in the Top 500 super computers. This talk is a sweeping overview of where Linux is today. We go over the many distributions, and what makes them different, to how an old door-stop PC can be converted to be an effective firewall for, say, a 5-node LAN in your basement. We also discuss why every engineer ought to be conversant with Linux and open source software.

Cluster computing distributes the computational load to collections of similar machines. Support from an operating system eases this task. This talk describes what cluster computer computing is, the typical software packages used, and examples of large clusters in use today. This talk also reviews the details of OpenMosix and other cluster computing modifications made to the Linux kernel.

Wireless LAN Overview; Wireless Network Sniffing; Wireless Spoofing; Wireless Network Probing; AP Weaknesses; Denial of Service; Man-in-the-Middle Attacks; War Driving; Wireless Security Best Practices; Conclusion

 Computer professionals are often unclear about security issues.  This talk explains the structure of viruses, worms, Trojans,  buffer overflow, distributed denial of service, man-in-the middle, spoofing, connection hijacking,  ARP and DNS poisoning, BGP attacks, 802.11 wireless attacks, and in general TCP/IP exploits.  It also describes how personal computer systems can be defended beyond the installation of a typical anti-virus package.

We developed a laboratory-based course on Internet Security. The course is aimed at the senior undergraduate. This paper discusses the course and explains how others can set up their own labs to teach this course. All the laboratory work is conducted in a laboratory of PCs running Linux. We developed lecture notes for the course, and a web site to widely disseminate these materials.

The WWW has brought the Internet to every computer with a modem or a NIC. What is not as widely known is the loss of privacy and security it has caused. This talk will describe these issues, and present some measures that individuals can take.