CSE4481

User Tools

Site Tools

You are here: CSE 4481 4.0 - Computer Security Laboratory » CSE 4481 Labs
Trace:
labs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
labs [2012/02/27 21:58] marklabs [2013/12/20 16:22] (current) mark
Line 1: Line 1:
 +
 ====== CSE 4481 Labs ====== ====== CSE 4481 Labs ======
  
Line 65: Line 66:
  
  
-<html> <!--+
 ====== Lab 06 ====== ====== Lab 06 ======
 The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code
Line 73: Line 74:
     * **Papers** [[http://insecure.org/stf/smashstack.html|Smashing the Stack]] [[http://www.radarhack.com/tutorial/metasploit_for_dummies.pdf|Metasploit for dummies]] [[http://dougsko.com/msf3/msf3tut.pdf|Developing an Exploit Using the Metasploit Framework]]     * **Papers** [[http://insecure.org/stf/smashstack.html|Smashing the Stack]] [[http://www.radarhack.com/tutorial/metasploit_for_dummies.pdf|Metasploit for dummies]] [[http://dougsko.com/msf3/msf3tut.pdf|Developing an Exploit Using the Metasploit Framework]]
     * **Lecture** {{:lab6.ppt|Slides}}        * **Lecture** {{:lab6.ppt|Slides}}   
 +
  
 ====== Lab 07 ====== ====== Lab 07 ======
Line 78: Line 80:
 The goal of the {{:lab07.pdf|Lab 07}} is to study intrusion protection strategies, and gain hands-on experience with different types of protection methods, such as intrusion detection and prevention software (IDPS), The goal of the {{:lab07.pdf|Lab 07}} is to study intrusion protection strategies, and gain hands-on experience with different types of protection methods, such as intrusion detection and prevention software (IDPS),
 auditing, and honeypots auditing, and honeypots
 +
 ===== Helpful material ===== ===== Helpful material =====
     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]
     * **Lecture** {{:lab7.ppt|Slides}}       * **Lecture** {{:lab7.ppt|Slides}}  
 +
 +
 ====== Game ====== ====== Game ======
  
-    * **Rules**     {{:game.ppt|Game}}  +    * **Rules**    {{:game.ppt|Game}}   
     * **Projects**       * **Projects**  
---> </html>+        * Team 1  {{:team1.zip|Project}} 
 +        * Team 2  {{:team2_client.tar|Client}} {{:team2_readme.pdf|Readme}} {{:team2_server.tar|Server}} 
 +        * Team 3  {{:team3_team_obfuscate_chat_application.zip|Application}} 
 + 
 + 
labs.1330379906.txt.gz · Last modified: by mark