Textbook

CNIT 123
Ethical Hacking and Network Defense

Spring 2008 Sam Bowne

Final Scores posted 5-23-08

Open Lab Hours for Sci 214

Schedule · Lecture Notes · Projects · Links · Forum · Bookshelf · Home Page


Errors in the textbook


38013 601 Lec  SAT  09:00-12:00PM  Science 215

Catalog Description

Students learn how hackers attack computers and networks, and how to protect systems from such attacks, using both Windows and Linux systems. Students will learn legal restrictions and ethical guidelines, and will be required to obey them. Students will perform many hands-on labs, both attacking and defending, using port scans, footprinting, exploiting Windows and Linux vulnerabilities, buffer overflow exploits, SQL injection, privilege escalation, Trojans, and backdoors.

Prerequisites: CNIT 106 and 120 or equivalent familiarity with the fundamentals of networking and security.

Upon successful completion of this course, the student will be able to:
  1. Explain what an ethical hacker can and can not do legally, and explain the credentials and roles of penetration testers.
  2. Define the types of malicious software found in modern networks.
  3. Explain the threats and countermeasures for physical security and social engineering.
  4. Perform footprinting to learn about a company and its network.
  5. Perform port scans to locate potential entry points to servers and networks.
  6. Perform enumeration (finding resources, accounts, and passwords) on Microsoft, Netware, and Unix/Linux targets.
  7. Perform very simple programming in C, HTML, and Perl, specifically oriented towards the needs of network security professionals.
  8. Learn how to identify Microsoft Windows vulnerabilities and to harden systems.
  9. Learn how to identify Linux vulnerabilities and to protect servers.
  10. Describe how to take control of Web Servers, and how to protect them.
  11. Locate and hack into wireless networks, and protect them.
  12. Explain how cryptography and hashing work, and perform attacks against them such as password cracking and man-in-the-middle attacks.
  13. Describe and deploy security devices, including routers, firewalls, Intrusion Detection Systems, and honeypots.

Textbooks

Hands-On Ethical Hacking and Network Defense by Michael T. Simpson -- ISBN: 0-619-21708-1 Buy from Amazon

CNIT 123: Ethical Hacking and Network Defense -- Lecture Notes and Projects (Spring 2008 Revision) by Sam Bowne (buy it at the CCSF Bookstore)




Schedule

DateQuizTopic
Sat 1-19  Ch 1: Ethical Hacking Overview
Sat 1-26  Ch 2: TCP/IP Concepts Review
Fri 2-1 Last Day to Add Classes
Sat 2-2Quiz on Ch 1 & 2   
Proj 1-3 due
Ch 3: Network and Computer Attacks
Sat 2-9Quiz on Ch 3  
Proj 4&5 due
Ch 4: Footprinting and Social Engineering
Sat 2-16 Holiday - No Class
Tue 2-19 Last Day to Request CR/NC Grading
Wed 2-20 Last Day to Remove an Incomplete Grade
Sat 2-23Quiz on Ch 4 
Proj 6&7 due
Ch 5: Port Scanning
Sat 3-1Quiz on Ch 5 
Proj 8&9 due
Ch 6: Enumeration
Sat 3-8No Quiz  
Proj 10&11 due
Ch 7: Programming for Security Professionals
Sat 3-15Quiz on Ch 6&7 
Proj 12&13 due
Ch 8: Microsoft Operating System Vulnerabilities
Sat 3-22 Holiday - No Class
Sat 3-29 Holiday - No Class
Sat 4-5No Quiz - MTV here
Proj 14&15 due
Ch 9: Linux Operating System Vulnerabilities
4-7 through 4-11 RSA Security Conference (extra credit)
Fri 4-11 Last Day to Withdraw
Sat 4-12Quiz on Ch 8 & 9
Proj 16&17 due
Ch 10: Hacking Web Servers
Sat 4-19Quiz on Ch 10 
Proj 18&19 due
Ch 11: Hacking Wireless Networks
Sat 4-26Quiz on Ch 11 
Proj 20&21 due
Ch 12: Cryptography
Sat 5-3Quiz on Ch 12 
Proj 22&23 due
Ch 13: Protecting Networks with Security Devices
Sat 5-10Quiz on Ch 13 -- Last Class
Proj 24&25 due
Lecture 14: More Wireless Hacking -- Cracking WEP Encryption &
Lecture 15: Man-in-the-Middle Attack (not in textbook)
Sat 5-17  Final Exam: 9 am Room 215
Fri 8-10
through
Sun 8-12
  DEFCON in Las Vegas





Lecture Notes

Policy
Student Agreement
Code of Ethics
Ch 1: Ethical Hacking Overview     Powerpoint
Ch 2: TCP/IP Concepts Review     Powerpoint
Ch 3: Network and Computer Attacks     Powerpoint
Ch 4: Footprinting and Social Engineering     Powerpoint
Ch 5: Port Scanning     Powerpoint
Ch 6: Enumeration     Powerpoint
Ch 7: Programming for Security Professionals     Powerpoint
           hello.c    hello2.c    hello3.c    loopdemo.c    pingscan.c
           branch.plx    hello.plx    hello2.plx    leet.plx    pingscan.plx
Ch 8: Microsoft Operating System Vulnerabilities     Powerpoint
Ch 9: Linux Operating System Vulnerabilities     Powerpoint     Linux Notes for Lecture
Ch 10: Hacking Web Servers     Powerpoint
Ch 11: Hacking Wireless Networks     Powerpoint
Ch 12: Cryptography     Powerpoint
Ch 13: Protecting Networks with Security Devices     Powerpoint
Lecture 14: More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP)     Powerpoint
Lecture 15: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack     Powerpoint
The lectures are in Word and PowerPoint formats.
If you do not have Word or PowerPoint you will need to install the
Free Word Viewer 2003 and/or the Free PowerPoint Viewer 2003.


Back to Top

Projects

The projects are the heart of the course. We will use virtual and physical machines running Windows XP, Vista, Windows 2000, and Ubuntu Linux on closed private networks, performing real network attacks and intrusions which would be illegal on public networks. We will use both wired and wireless networks. We will also perform countermeasures to prevent, detect, and mitigate the damage done by these attacks.

How to Read Your CCSF Email
How to Get your Windows XP Activation Code from MSDNAA
Downloading MSDNAA Software
Virtual Machines at Home
Fixing Problems with Ubuntu on VMware

Project 1: Preparing a Trusted Windows XP Virtual Machine (10 pts.)
Project 2: Using Metasploit to Take Over a Windows 2000 Computer (Ch 3, 15 pts.)        Process Utility for Classroom Demo
Project 3: Stealing Passwords with a Packet Sniffer (Ch 3, 15 pts.)
Project 4: Installing Ubuntu Linux (20 pts.)
Project 5: Using whois (Ch 4, 10 pts.)
Project 6: Port Scans and Firewalls (Ch 5, 15 pts.)
Project 7: Analyzing Types of Port Scans (Ch 5, 20 pts.)
Project 8: Using a Software Keylogger (10 pts.)
Project 9: NetBIOS Null Sessions (Ch 6, 15 pts.)
Project 10: Programming in C on Ubuntu Linux (Ch 7, 15 pts.)
Project 11: Programming in Perl on Ubuntu Linux (Ch 7, 10 pts.)
Project 12: Cracking Windows XP Passwords with Ophcrack (15 pts.)
Project 13: Using the Ultimate Boot CD to Create Administrator Accounts (10 pts.)
Project 14: Rootkitting Ubuntu Linux (Ch 9, 20 pts.)      fix-fu
Project 15: Using a Hardware Keylogger (10 pts.)
Project 16: Setting up a Web Server (15 pts.)      Big Image
Project 17: Performing a Denial of Service Attack With Nmap (15 pts.)
Project 18: Nessus Vulnerability Scanner (20 pts.)
Project 19: John the Ripper on Ubuntu Linux (Ch 12, 10 pts.)
Project 20: Installing Metasploit on Ubuntu Linux (15 pts.)
Project 21: Unlocking a Windows Desktop from Ubuntu Linux With MSFconsole (20 pts.)
Project 22: Testing Firewalls (Ch 13, 15 pts.)
Project 23: Cracking WEP with BackTrack 2 (20 pts.)
Project 24: Sniffing Passwords with ettercap on Ubuntu Linux (15 pts.)
Project 25: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack (15 pts. extra credit)
Project 25 Alternate: HTTPS MITM with Cain (15 pts. extra credit)

Project X1: Subnet Exercises (Ch 2, 10 pts. extra credit)
Project X2: HackThisSite (Ch 10, 15 pts. extra credit)
Project X3: Getting into Ubuntu Linux Without a Password (15 pts. extra credit)
Project X4: Protecting Your Privacy with The Onion Router (TOR) (10 pts. extra credit)
Project X5: Programming with Python on Windows (Ch 7, 15 pts. extra credit)
Project X6: Microsoft Baseline Security Analyzer (MBSA) (Ch 8, 10 pts. extra credit)
Project X7: Winfingerprint (Ch 8, 10 pts. extra credit)
Project X8: OpenPGP on Ubuntu Linux (Ch 12, 15 pts. extra credit)
Project X9: Cracking Windows Passwords with Cain and Abel (Ch 12, 15 pts. extra credit)
Project X11: Installing VMware Tools With VMplayer (10 pts. extra credit)
Proj X12: Installing Windows Server 2008 Beta (15 pts)
Proj X13: Building a Server 2008 Beta Domain Controller (15 pts)
Proj X14: Joining a Domain from Vista (10 pts)
Proj X15: Cracking WPA (15 pts)

Back to Top

Hacker's Bookshelf

Non-Technical

The Art of Deception

The Art of Deception: Controlling the Human Element of Security (2003) by Kevin D. Mitnick, William L. Simon, Steve Wozniak
The Art of Intrusion

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers (2005) by Kevin D. Mitnick, William L. Simon
Takedown

Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It (1996) by Tsutomu Shimomura, John Markoff
Hacker Crackdown

The Hacker Crackdown: Law And Disorder On The Electronic Frontier (1993) by Bruce Sterling
Hackers

Hackers: Heroes of the Computer Revolution (2001) by Steven Levy
Crypto

Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age (2002) by Steven Levy
Takedown

Brute Force: Cracking the Data Encryption Standard (2005) by Matt Curtin

Fiction With Technical Information

Stealing the Network

Stealing the Network: How to Own the Box (2003) by Ryan Russell, Ido Dubrawsky, FX, Joe Grand, Tim Mullen
Stealing the Network

Stealing the Network: How to Own a Continent (2004) by FX, Paul Craig, Joe Grand, Tim Mullen, Fyodor, Ryan Russell, Jay Beale
Stealing the Network

Stealing the Network: How to Own an Identity (2005) by Raven Alder, Chris Hurley, Tom Parker, Ryan Russell, Jay Beale, Riley Eller, Brian Hatch, Jeff Moss
Zero Day Exploit

Zero Day Exploit: Countdown to Darkness (2004) by Rob Shein, David Litchfield, Marcus Sachs

Technical

Gray Hat Hacking

Gray Hat Hacking : The Ethical Hacker's Handbook (2004) by Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Michael Lester
Hacker's Challenge

Hacker's Challenge : Test Your Incident Response Skills Using 20 Scenarios (2001) by Mike Schiffman
Hacker's Challenge 2

Hacker's Challenge 2: Test Your Network Security & Forensic Skills (2002) by Mike Schiffman, Bill Pennington, David Pollino, Adam J. O'Donnell
Hacker's Challenge 3

Hacker's Challenge 3 (2006) by David Pollino, Bill Pennington, Tony Bradley, Himanshu Dwivedi
Google Hacking

Google Hacking for Penetration Testers (2004) by Johnny Long, Ed Skoudis, Alrik van Eijkelenborg
Wi-Foo

Wi-Foo: The Secrets of Wireless Hacking (2004) by Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky
Back to Top

Links


          
Back to Top
Valid XHTML 1.0!      
Last Updated: 5-23-08