Textbook

CNIT 122
Firewalls

Fall 2011 Sam Bowne

Schedule · Lecture Notes · Projects · Links · Forum · Bookshelf · Home Page

Scores

 


 73752 Tue 6-9 Moved to MUB 170 

 Multi-Use Bldg. is the new building across Phelan ave from Science Hall

Catalog Description

Fundamentals, techniques, and procedures to design an effective secure Internet connection using software or hardware firewalls. Discussion of types of firewalls, packet filtering, proxy servers, Intrusion Detection Systems, and Virtual Private Networks (VPNs).

Prerequisites: CNIT 106 and 120 or equivalent familiarity with the fundamentals of networking and security. Upon successful completion of this course, the student will be able to:
  1. Describe network security vulnerabilities when connected to the Internet
  2. Discuss the required features of an effective firewall
  3. Define and differentiate between packet filtering, firewalls, and NAT (Network Address Translation)
  4. Compare and evaluate various proxy servers, caching servers, and circuit-level gateways
  5. Analyze and evaluate various solutions comparing strength of security, speed, cost, and complexity
  6. Plan and draft the best design for a secure firewall in given scenarios
  7. Install and test a software firewall
  8. Implement an Intrusion Detection System
  9. Manage firewall configuration, monitoring, and logging
  10. Examine various reporting methods
  11. Install and configure a hardware firewall
  12. Configure VPNs in conjunction with the firewall
  13. Design a gateway computer designated to accept Internet access outside the firewall
  14. Configure authentication and encryption for network security
  15. Perform basic troubleshooting, monitoring, and diagnostics

Textbooks

Guide to Firewalls and VPNs, 3rd Edition by Whitman; Mattord; Green -- ISBN for eText: 1-111-55119-7; ISBN for Print: 1-111-13539-8
      Buy Printed Book from Amazon ($105)       Buy eText from CourseSmart ($68)


Schedule (may be revised)

Tue 8-23  Ch 1 Introduction to Information Security
Tue 8-30  Ch 2 Security Policies and Standards
Fri 9-2 Last Day to Add
Tue 9-6Proj 1-3 due
Quiz on Ch 1 & 2		 Ch 3 Authenticating Users
Tue 9-13 6:00 PMProj 4 due
Quiz on Ch 3		 Ch 4 Introduction to Firewalls
Tue 9-20 6:00 PMProj 5 & 6 due
No Quiz		 Ch 4 Introduction to Firewalls
Tue 9-27 6:00 PMProj 7 due
Quiz on Ch 4		 Ch 5 Packet Filtering
Tue 10-4 6:00 PMProj 8 due
Quiz on Ch 5		 Ch 6 Firewall Configuration and Administration
Tue 10-11 7:00 PMNo Project Due Guest Speaker: Matthew Prince, CEO of CloudFlare
Tue 10-18 7:00 PMProj 9 & 10 due
Quiz on Ch 6		 Ch 7 Working with Proxy Servers and Application- Level Firewalls
Fri 10-21 Mid-term grades due
Tue 10-25 6:00 PMProj 11 & 12 due
Quiz on Ch 7		 Ch 8 Implementing the Bastion Host
Tue 11-1 6:00 PMNo Proj Due
No Quiz		 Ch 9 Encryption— The Foundation for the Virtual Private Network
Tue 11-8 6:00 PMProj 13 due
Quiz on Ch 8 & 9		 Ch 10 Setting Up a Virtual Private Network
Tue 11-15 6:00 PMProj 14 due
No Quiz		 Guest Speaker: Kyle Rankin "Remote Wiping"
Thu 11-17 Last Day to Withdraw
Tue 11-22 6:00 PMProj 15 & 16 due
No Quiz		 Guest Speaker: Daniel Ayoub from SonicWall
Tue 11-29 7:00 PMNo Proj due Guest Speaker: Kyle Rankin: GPU Password Cracking
Tue 12-6Class Cancelled; Proj 17 due 
Tue 12-13 6:00 PM  Final Exam




Lecture Notes

Policy
Ch 1 Introduction to Information SecurityPPT
Ch 2 Security Policies and StandardsPPT
Ch 3 Authenticating UsersPPT
Ch 4 Introduction to FirewallsPPT
Ch 5 Packet FilteringPPT
Ch 6 Firewall Configuration and AdministrationPPT
Ch 7 Working with Proxy Servers and Application- Level FirewallsPPT
Ch 8 Implementing the Bastion HostPPT
Ch 9 EncryptionPPT
Ch 10 Setting Up a Virtual Private NetworkPPT
How Socks Works
The lectures are in Word and PowerPoint formats.
If you do not have Word or PowerPoint you will need to install the
Free Word Viewer 2003 and/or the Free PowerPoint Viewer 2003.


Back to Top

Projects

Project 1: Windows Firewall (15 pts.)
Project 2: BackTrack Linux (10 pts.)
Project 3: Creating a Vulnerable LAMP Web Application (20 pts.)
Project 4: Scanning a Web Application with w3af (10 pts.)
Project 5: Gmail 2-Factor Authentication (10 pts.)
Project 6: Protecting Apache with mod_security (15 pts.)
Project 7: NAT on a Cisco Router in Packet Tracer (15 pts.)
Project 8: ACL on a Cisco Router in Packet Tracer (15 pts.)
Project 9: Snort (15 pts.)
Project 10: Installing Nagios (15 pts.)
Project 11: Using Nagios (15 pts.)
Project 12: Making a Honeypot with honeyd (10 pts.)
Project 13: Configuring Single Packet Authorization with fwknop (20 pts.)
Project 14: Web Filtering Proxy with Squid, ClamAV, and DansGuardian (15 pts.)
       BadApp.exe
Project 15: SSH Tunnel and X Windows (15 pts.)
Project 16: SOCKS Proxy (15 pts.)
Project 17: Testing CloudFlare (15 pts.)

Extra Credit Projects

Twitter Project (10 pts.)
Binary Games

Proj 1x: Configuring CloudFlare with Automatic IPv6 (15 pts.)
Proj 2x: Emulating Multiple Devices with honeyd (15 pts.)
Proj 3x: Independent Research (variable pts.)
Proj 4x: Tor (15 pts.)
Proj 5x: PyLoris (15 pts.)

More projects are coming.


Back to Top

Links

Links for Lectures

Ch 3a: Checkpoint User, Client, and Session Authentication
Ch 3b: Kerberos (protocol) - Wikipedia
Ch 3c: Kerberos Test Bed Report
Ch 3d: Wikileaks Cable Viewer showing CONFIDENTIAL cable about extraterrestrial life
Ch 3e: www.cyberguerrilla.info » Anonymous\' claimed FBI document (may be a forgery)
Ch 3f: Lockheed Says Hacker Used Stolen SecurID Data
Ch 3g: Implementing 802.1x Authentication
Ch 3h: \"Misuse of Kerberos\" section here explains a situation in which a Kerbos system sends passwords in cleartext

Ch 4a: Circuit Gateways
Ch 4b: Evolution of the Firewall Industry
Ch 4c: netfilter/iptables project homepage - The netfilter.org project

Ch 5a: Install Watch Command on OS X
Ch 5b: Firewalls -- Application Proxy Gateways
Ch 5c: ftester
Ch 5d: Scapy

Ch 6a: Limiting VPN Access to Specific Incoming IP Addresses
Ch 6b: 0-Day SCADA Exploits Released, Publicly Exposed Servers At Risk
Ch 6c: SHODAN - Search for CarelDataServer
Ch 6d: FACT CHECK: SCADA Systems Are Online Now
Ch 6e: SCADA: Air Gaps Do Not Exist
Ch 6f: DHS Thinks Some SCADA Problems Are Too Big To Call *quot*Bug*quot*

Ch 7a: WinGate Proxy Server
Ch 7b: squid : Optimising Web Delivery
Ch 7c: Internet Security and Acceleration (ISA) Server
Ch 7d: Forefront Threat Management Gateway (TMG)
Ch 7e: Sun Java System Web Proxy Server - Wikipedia
Ch 7f: How to use Group Policy to Allow or Block URL*quot*s
Ch 7g: SOCKS - Wikipedia
Ch 7h: Apache Reverse Proxy Vulnerability from Misconfiguration

Ch 8a: Translation lookaside buffer - Wikipedia
Ch 8b: Linux chkconfig Command Examples
Ch 8c: Microsoft Security Compliance Manager
Ch 8d: AIX and TCB - The UNIX and Linux Forums
Ch 8e: Security Assessment Tool MSAT
Ch 8f: Microsoft Security Assessment Frequently Asked Questions
Ch 8g: Selecting Secure Passwords--with table of ALT key Unicode values
Ch 8h: SD-UX Concepts

Other Links

Top 10 Open Source Web Application Firewalls (WAF)
AlienVault
CloudFlare has a WAF!
myNetWatchman - Network Intrusion Detection and Reporting -- project!
Protecting WebGoat with mod_security
Bypassing Chrome*quot*s Anti-XSS filter --GOOD PROJECT IDEA
Implementing Security Controls via Nagios
Firewalling SSH Brute Force Attacks
New Snort rules to stop Rockwell & other SCADA attacks (10-5-110
Setting Up A Scada Honeypot (from 2-21-11)
Protecting SCADA Systems Through Honeypots
Next generation firewlls and Web application firewalls explained

New Unsorted Links

Windows Firewall Script To Block IP Addresses And Country Network Ranges
Are stored procedures safe against SQL injection? <-- COLD CALLS INFO
2011-10-30: The Costs of Laptop Theft and Loss
Ch 9a: The Costs of Laptop Theft and Loss
CH 9b: Pretty Animation of AES Encryption
Ch 9c: Browser companies react to BEAST attack
Ch 9d: S-HTTP: Secure Hypertext Transfer Protocol (SHTTP) Overview (RFC 2660)
Ch 9e: Why did HTTPS become the standard method instead of S-HTTP?
Ch 9f: Brute Force Attacks
ModSecurity SQL Injection Challenge: Lessons Learned
2011-11-07: Network Access Quarantine Control
Ch 10b: Virtual Private Networks -- Microsoft solutions
Ch 10c: IP Masquerading
Ch 10d: How does IP Masquerade differ from Proxy or NAT services?
Ch 10e: Point-to-Point Tunneling Protocol - Wikipedia
Ch 10f: Layer 2 Tunneling Protocol - Wikipedia

Redline -- Free Memory Forensics Tool

BlackBag Technologies Announces New MacQuisition 2012.R1 Release for $500

Back to Top

Last Updated: 11-30-11 5:30 pm