EECS4481

User Tools

Site Tools

You are here: EECS 4481 4.0 - Computer Security Laboratory » EECS 4481 Labs
Trace: EECS 4481 Labs
labs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
labs [2015/01/26 03:24] marklabs [2015/05/05 14:50] (current) mark
Line 2: Line 2:
  
 ====== Lab 01 ====== ====== Lab 01 ======
-The goal of {{:se.pdf|Lab 01}} is to become familiar with the social engineering and perform some simple security related tasks+The goal of {{:lab01.pdf|Lab 01}} is to become familiar with the social engineering and perform some simple security related tasks
  
 ===== Helpful material ===== ===== Helpful material =====
Line 30: Line 30:
   * **Dynamic linker**  [[wp>Dynamic_linker|Dynamic linker]] [[http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html|Static, Shared Dynamic and Loadable Linux Libraries   * **Dynamic linker**  [[wp>Dynamic_linker|Dynamic linker]] [[http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html|Static, Shared Dynamic and Loadable Linux Libraries
 ]] [[wp>DLL_injection|DLL Injection]] ]] [[wp>DLL_injection|DLL Injection]]
-  * **Lecture** {{:lab4.ppt|Slides}}  +  * **Lecture** {{::plab03.pdf|Slides}}  
  
  
  
 +====== Lab 04 ======
  
-<html> +In this {{:passwordcracking.pdf|Lab 04}}, you will recover passwords using two different techniques:
-<!-- +
- +
-====== Lab 01 ====== +
- +
-The goal of {{:lab01.pdf|Lab 01}} is to become familiar with the Attack Lab environment, practice configuring a small network, and perform some simple security related tasks +
- +
-===== Helpful material ===== +
- +
- +
- +
-  * **Computer Name**   [[http://docstore.mik.ua/rfc/rfc1178.html|RFC1178]], [[http://compnetworking.about.com/od/windowsnetworking/qt/wcomputernaming.htm|Appropriately Name Networked Windows Computers]] +
-  * **Protocols** [[wp>Dynamic_Host_Configuration_Protocol|DHCP]], [[wp>Domain_Name_System|DNS]] and [[wp>Internet_Control_Message_Protocol|ICMP]] +
-  * **File systems**  [[wp>NTFS| NTFS]] [[wp>ext3|ext3]] +
-  * **Windows Security Authentication** [[wp>Domain_controller|Domain Controller]] +
-  * **Windows Admin Tasks** [[http://technet.microsoft.com/en-us/library/cc784837%28WS.10%29.aspx|Common Administrative Tasks]] , [[wp>VBScript]], [[http://technet.microsoft.com/en-us/library/cc758918(WS.10).aspx|Logon Script]], [[http://www.computerperformance.co.uk/Logon/logon_scripts.htm|VBscript examples]]  +
-  * **Linux Admin**  [[http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/|Linux Administration]] ,[[http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/shadow-file-formats.html|Linux Password File]] +
-  * **Lecture**  {{:lab1.ppt|Slides}} +
-    +
- +
-====== Lab 02 ====== +
-The goal of {{:lab02.pdf|Lab 02}} is to become familiar with network protocols (IP, TCP, ARP). Students will use +
-sniffing tools to monitor user sessions on other hosts in the network, and perform active attacks, +
-such as redirecting traffic and issuing a denial of service attack. +
- +
-===== Helpful material ===== +
-  * **Sniffers**  [[wp>Wireshark|Wireshark]] [[wp>Tcpdump|tcpdump]] +
-  * **Network Tools** [[wp>Netcat|netcat]] [[wp>nmap|nmap]] +
-  * **Lecture** {{:lecture-lab2.ppt|Slides}}  +
- +
-  +
-====== Lab 03 ====== +
-In this {{:lab03.pdf|Lab 03}}, you will recover passwords using two different techniques:+
 dictionary attack and precomputation attack. Recovering a password, dictionary attack and precomputation attack. Recovering a password,
 known as password cracking, can be a devastating attack, especially known as password cracking, can be a devastating attack, especially
Line 79: Line 48:
   * **Password Crackers**  [[wp>John_the_Ripper|John the Ripper]] [[http://ophcrack.sourceforge.net/|ophcrack]]   * **Password Crackers**  [[wp>John_the_Ripper|John the Ripper]] [[http://ophcrack.sourceforge.net/|ophcrack]]
   * **Password Dumping Utilities**  [[wp>|Pwdump]] [[http://www.foofus.net/~fizzgig/fgdump/|fgdump]]   * **Password Dumping Utilities**  [[wp>|Pwdump]] [[http://www.foofus.net/~fizzgig/fgdump/|fgdump]]
-  * **Lecture**  {{:lab3.ppt|Slides}}+  * **Lecture** {{:lab3.ppt|Slides}}
  
-====== Lab 04 ====== 
-The goal of the {{:lab04.pdf|Lab 04}} is to become familiar with various injection problems such as command injection, code injection etc. Injection attack is the exploitation of software bugs caused by processing invalid data. The goal of this lab is to study ways to exploit different injection vulnerabilities. 
  
-===== Helpful material ===== +====== Lab 05 ======
-  * **Sample Application** {{:casino-sample.gz|Casino}} +
-  * **Java Decompiler**  [[http://jode.sourceforge.net/|JODE]]    +
-  * **Dynamic linker**  [[wp>Dynamic_linker|Dynamic linker]] [[http://www.yolinux.com/TUTORIALS/LibraryArchives-StaticAndDynamic.html|Static, Shared Dynamic and Loadable Linux Libraries +
-]] [[wp>DLL_injection|DLL Injection]] +
-  * **Lecture** {{:lab4.ppt|Slides}}  +
  
- +The goal of {{:network.pdf|Lab 05}} is to become familiar with network protocols (IP, TCP, ARP). Students will use 
-====== Lab 05 ====== +sniffing tools to monitor user sessions on other hosts in the network, and perform active attacks, 
-The goal of the {{:lab05.pdf|Lab 05}} is to study tools that help find vulnerabilities in software applications.+such as redirecting traffic and issuing a denial of service attack.
  
 ===== Helpful material ===== ===== Helpful material =====
-    * **Tools**  [[wp>Nikto_Web_Scanner|Nikto]] [[http://www.parosproxy.org/|Paros Proxy]]  [[wp>OpenVAS|OpenVAS]] [[wp>Metasploit_Project|Metasploit]] +  * **Sniffers**  [[wp>Wireshark|Wireshark]] [[wp>Tcpdump|tcpdump]] 
-    * **Lecture** {{:lab5.ppt|Slides}} +  * **Network Tools** [[wp>Netcat|netcat]] [[wp>nmap|nmap]] 
 +  * **Lecture** {{:lecture-lab2.ppt|Slides}}  
  
-   
 ====== Lab 06 ====== ====== Lab 06 ======
-The goal of the {{:lab06.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code+The goal of the {{:overflow.pdf|Lab 06}} is to gain first-hand experience on different types of overflow vulnerabilities. Such vulnerabilities can be utilized by a malicious user to alter the flow control of the program, even execute arbitrary pieces of code. For instance, buffer overflow vulnerability arises due to the mixing of the storage for data (e.g. buffers) and the storage for controls (e.g. return addresses): an overflow in the data part can affect the flow of the program, because an overflow can change the return address and as a result enable execution of malicious code
  
 ===== Helpful material ===== ===== Helpful material =====
Line 109: Line 72:
  
  
-    
  
  
 ====== Lab 07 ====== ====== Lab 07 ======
  
-The goal of the {{:lab07.pdf|Lab 07}} is to study intrusion protection strategies, and gain hands-on experience with different types of protection methods, such as intrusion detection and prevention software (IDPS),+The goal of {{:lphase01.pdf|Lab 07a}} is to practice configuring a small network 
 + 
 +===== Helpful material ===== 
 + 
 + 
 + 
 +  * **Computer Name**   [[http://docstore.mik.ua/rfc/rfc1178.html|RFC1178]], [[http://compnetworking.about.com/od/windowsnetworking/qt/wcomputernaming.htm|Appropriately Name Networked Windows Computers]] 
 +  * **Protocols** [[wp>Dynamic_Host_Configuration_Protocol|DHCP]], [[wp>Domain_Name_System|DNS]] and [[wp>Internet_Control_Message_Protocol|ICMP]] 
 +  * **File systems**  [[wp>NTFS| NTFS]] [[wp>ext3|ext3]] 
 +  * **Windows Security Authentication** [[wp>Domain_controller|Domain Controller]] 
 +  * **Windows Admin Tasks** [[http://technet.microsoft.com/en-us/library/cc784837%28WS.10%29.aspx|Common Administrative Tasks]] , [[wp>VBScript]], [[http://technet.microsoft.com/en-us/library/cc758918(WS.10).aspx|Logon Script]], [[http://www.computerperformance.co.uk/Logon/logon_scripts.htm|VBscript examples]]  
 +  * **Linux Admin**  [[http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/|Linux Administration]] ,[[http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/shadow-file-formats.html|Linux Password File]] 
 + 
 + 
 +===== Part B ===== 
 + 
 + 
 +The goal of the {{:lab07b.pdf|Lab 07}} is to study intrusion protection strategies, and gain hands-on experience with different types of protection methods, such as intrusion detection and prevention software (IDPS),
 auditing, and honeypots auditing, and honeypots
  
Line 120: Line 99:
     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]     * **Tools**   [[wp>Snort_(software)|Snort]] [[http://www.honeyd.org/|honeyd]] [[http://www.honeyd.org/|honeyd]] [[http://labrea.sourceforge.net/labrea-info.html|labrea]]
     * **Lecture** {{:lab7.ppt|Slides}}       * **Lecture** {{:lab7.ppt|Slides}}  
- 
  
 ====== Game ====== ====== Game ======
  
     * **Rules**    {{:game.ppt|Game}}       * **Rules**    {{:game.ppt|Game}}  
-    * **Projects**   
-        * Team 1   {{:team1.zip|Project }}  
-        * Team 2   {{:team2.zip|Project}}  
-        * Team 3   {{:team3.zip|Project}} 
-        * Team 4   {{:team4.zip|Project}} 
-        * Team 5   {{:team5.zip|Project}} 
- 
  
---> 
-</html> 
labs.1422242691.txt.gz · Last modified: 2015/01/26 03:24 by mark
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki