CSE4481

User Tools

Site Tools

You are here: CSE 4481 4.0 - Computer Security Laboratory » CSE 4481 Labs
Trace:
labs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
labs [2010/11/09 04:45] marklabs [2011/12/20 14:17] (current) mark
Line 54: Line 54:
  
 ====== Lab 05 ====== ====== Lab 05 ======
-The goal of the {{:lab05.pdf|Lab 05}} is To study tools that help find vulnerabilities in software applications.+The goal of the {{:lab05.pdf|Lab 05}} is to study tools that help find vulnerabilities in software applications.
  
 ===== Helpful material ===== ===== Helpful material =====
     * **Tools**  [[wp>Nikto_Web_Scanner|Nikto]] [[http://www.parosproxy.org/|Paros Proxy]]  [[wp>OpenVAS|OpenVAS]] [[wp>Metasploit_Project|Metasploit]]     * **Tools**  [[wp>Nikto_Web_Scanner|Nikto]] [[http://www.parosproxy.org/|Paros Proxy]]  [[wp>OpenVAS|OpenVAS]] [[wp>Metasploit_Project|Metasploit]]
-    * **Lecture** {{:lab5.ppt|Slides}}  +    * **Lecture** {{:lab5.ppt|Slides}}    
 + 
 +====== Lab 06 ====== 
 +The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code 
 + 
 +===== Helpful material ===== 
 +    * **Tools**   [[wp>Metasploit_Project|Metasploit]] [[http://www.gnu.org/software/gdb/|gdb]] 
 +    * **Papers** [[http://insecure.org/stf/smashstack.html|Smashing the Stack]] [[http://www.radarhack.com/tutorial/metasploit_for_dummies.pdf|Metasploit for dummies]] [[http://dougsko.com/msf3/msf3tut.pdf|Developing an Exploit Using the Metasploit Framework]] 
 +    * **Lecture** {{:lab6.ppt|Slides}}    
 + 
 +====== Lab 07 ====== 
 + 
 +The goal of the {{:lab07.pdf|Lab 07}} is to study intrusion protection strategies, and gain hands-on experience with different types of protection methods, such as intrusion detection and prevention software (IDPS), 
 +auditing, and honeypots 
 +===== Helpful material ===== 
 +    * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]] 
 +    * **Lecture** {{:lab7.ppt|Slides}}   
 + 
 +====== Game ====== 
 + 
 +    * **Rules**     {{:game.ppt|Game}}   
 +    * **Projects**  
labs.1289277959.txt.gz · Last modified: 2010/11/09 04:45 by mark
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki