ECE4112 Internetwork SecurityNew Laboratory Write-up and Lecture Material FormatLegal and Moral ResponsibilitiesNetwork Reconnaissance TechniquesIP Address SpoofingGaining AccessTrojans and BackdoorsDefensesIntrusion DetectionECE4112 Internetwork SecurityVersion 1/9/2007Instructor: Henry OwenOffice Klaus 3358Email: [email protected]: 404-894-4126Class Hours: Tuesdays 1:35-2:55 (Class does not meet on Thursdays, however you are required to attend Thursday April 26).Open lab Hours, TA support schedule to be postedOffice Hours Th 1:30-3:000 TAs:Shyam Seshadri [email protected] Lapscher [email protected] Campbell [email protected] web site:http://users.ece.gatech.edu/~owen/Academic/academic.htmClass Laboratory: Klaus 2446 Lab Hours: See Schedule on door it is an "open" lab; Lab TAs for this class post hours also. It is during these hours you may obtain help and or get signed off for completing a lab assignment. Prerequisites: ECE3076 or CS3251 or ECE4110 and only CMPE ECE EE CS; some previous C Programming (or Java) experience, assembly language helpful but not mandatory1.5 hours of class per week (participation and attendance part of your grade), approximately 9 hours of lab per week, 3 hours of course creditClass Text:Hacking Exposed, Fifth Edition, McGraw Hill, ISBN 0-07-226081-5Last Semester Student reviews of Class and Instructor:Available on line at class web site http://users.ece.gatech.edu/~owen/Academic/academic.htm under last semester’s class info.Students work in groups of two to complete assigned labs. It is OK to talk to others and help each other in the lab. Students will be graded based upon their completion of assigned labs and the specific written improvements and implementing those improvements they make to those assigned labs/lectures. Completion of lab assignments will result in a B for the lab assignments. Creating detailed additions, doingthese additions, documenting them, and presenting them in class presentations opens up the possibility of a higher grade on the lab assignments. You must prove that you actually did your suggested lab additions/enhancements through screen shots and other output to be turned in. In addition students are required to generate one entirely new lab and accompanying class presentation material for possible use in future course offerings of Internetwork Security. Specific format and content are required and are specifiedin a separate document on the class web site.Grading:Eleven assigned labs (completion of each lab is worth 8 points; suggested additions/enhancements may possibly be worth 2 additional points. The last 2 points are not automatically awarded, the maximum points each lab 1assignment is 10 points). In order to earn these extra points you must also present to the class your enhancement via power point slides and a brief oral explanation and presentation of results (through screen shots and other output) 60%New self-contained laboratory, student lab handout, TA setup instructions, answer key, grading criterion, and lecture presentation materials for a new lab(See last semester web site for examples) 30%Class attendance and participation 10%Class Handouts:All class handouts may be found in the ECE4112 handout box located in the class lab.Class Rule:You will never take any programs from the lab on any writable media/memory devices, nor will you ever connect any of the lab machines to any production wired or wireless network machines or laptop devices. This is to prevent the spread of any of our malicious programs and techniques. You are encouraged to bring code into the lab to experiment with.New Laboratory Write-up and Lecture Material FormatThe new lab format information will be issued in a separate document (see class web site)Suggested References:- Counter Hack Reloaded, Second Edition, Ed Skoudis, Prentice Hall, ISBN 0-13-148104-5- Hands-On Ethical Hacking and Network Defense, Michael Simpson, Thompson, 2006, ISBN 0-619-21708-1- The Unofficial Guide to Ethical Hacking, Second edition, Ankit Fadia, Thomson Course Technology, 2006. ISBN 1-59863-062-8 ($44.99)- Rootkits, Subverting the Windows Kermel, Greg Hoglund and James Butler, Addison Wesely, 2006ISBN 0-321-20098-5 ($44.99)- Windows Forensics and Incident Recovery, Harlan Carvey, Addison-Wesley, 2005, ISBN 0-321-20098-5 ($54.99)- Anti-Hacker Toolkit, Third Edition, Mike Shema, Chris Davis, Aaron Phillip, and David Cohen, McGraw Hill Osborne, 2006, ISBN 0-07-226287-7 ($54.99) - WI-Foo: The Secrets of Wireless Hacking, Andrew A. Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky, Addison Wesley, 2004 ISBN 0321202171, ($34.99)- Network Security A Hacker’s Perspective, Second Edition Ankit FAdia, Thompson 2006, ISBN 1-59863-163-2 ($49.99) - Gray Hat Hacking : The Ethical Hacker's Handbook, Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Michael Lester, McGraw-Hill Osborne, 2005, ISBN: 0072257091 ($49.99)- Malware, Fighting Malicious Code, Ed Skoudis, Printice Hall, 2004, 0-13-101405-6 ($44.99)- Computer Forensics Jump Start, Michael Solomon, Diane Barrett, Neil Broom, Sybex, 2005, 0-7821-4375-x, ($22.99)- Hacking Web Applications Exposed, Joel Scambray, and Mike Shema, McGraw Hill, ISBN 0-07-222438-X- Hack Attacks Revealed, A complete Reference with Custom Security Hacking Toolkit, John Chrillo,Wiley, ISBN 0-471-4`624-x- Honeypots, Tracking Hackers, Lance Spitzner, Addison Wesley, ISBN 0-321-10895-72Course Topics:Legal and Moral ResponsibilitiesHacking and the LawNetwork Reconnaissance TechniquesNetwork MappingVulnerability AssessmentNetwork Mapping toolsVulnerability ScannersSniffingDefensesIP Address Spoofing Denial of Service Techniques using address spoofingMan-in-the-middleDefensesGaining AccessStack-Based Buffer Overflow Attacks and Password Attacks and Cracker toolsWeb Attacks DefensesMaintaining AccessRootKitsTrojans and BackdoorsDefenses Intrusion DetectionIntrusion Detection toolsWriting new intrusion detection signaturesHoneyNetsForensicsFirewallsCisco PIX Firewall Case StudyLinux Firewall Case StudyFirewall RulesWireless Network SecurityIEEE 802.11 standardsWireless attack toolsDefensesWorms and VirusesCharacterization of Worm Spreading TechniquesWorm and Virus infection and detectionVirtual Private NetworksCisco VPN case studyLinux VPN experimentationWeb Server SecurityWeb Server Vulnerabilities3Defenses4ECE4112 Internetwork Security (Version 1-9-2007)Tu Jan 9 First Day of Class,