University of Southern California

 

CS530L - Security Systems
lab component
David Morgan

see "Syllabus" link for email address

German "Enigma" cryptographic device

 

Home

Syllabus

Lab policies

Student lab times

CS530 main class

DETER net testbed
  home
  get/use an account
  FAQ
  tutorial


a vi cheat sheet


Labs

Packet sniffing

Cryptography

Authentication

Authorization

Intrusion detection

Firewalls (DETER)

Vulnerability assessment

Arp spoofing (DETER)

Software security

Tunnels and vpns

 

FALL 2009
lecture 4:30p - 5:20p Fri OHE122

Until recent years, information systems security was the limited focus of the military and the financial communities. With the recent explosive growth and merging of telecommunications and computing, security has become an integral element of any reliable and robust information systems environment. This class will cover information systems security at the graduate level. Students should have a basic understanding of networking and operating systems prior to attending the class.

Tunnels lab questions are now available. Please find them in their usual place at the end of the instructions for the lab. (11/17)

Green light for the tunnels exercise - the instructions are posted, but currently lack the question set for you at the end. That will be forthcoming shortly. (11/15)

tunnels lab for next week is on DETER - no physical meetings during week of November 16. Do the lab on DETER, due dates fall week of November 23. Instructions for the tunnels lab will be posted shortly. (11/13)

Tuesday lab makeup - those who were unable to complete the softwaresecurity exercise in the lab on Tuesday 11/10 can please do it remotely instead. Note my remarks in lecture today and these generic sample instructions for using ssh port forwarding. The actual values you should use are:
 As gateway use dmorgan.us or equivalently 66.159.240.70.
 As user account name use tuesday.
 As password use Tuesday-CS530.
 As target machine address use any of the 5 from 192.168.1.221 through 192.168.1.225.
 As target port use 22.
 As client software for the final connection use an ssh client, directed to IP 127.0.0.1 and the port number you arbitrarily choose per the linked instructions above. (11/13)

Thursday 11/12 lab postponement to 11/19 - lab grader Gauravkumar Shah will be unable to attend tomorrow's 13:00h lab session. We would like to postpone it a week, to Thursday 11/19 at 13:00h instead. The topic is software security. If you are a member of the Thursday lab please do not attend tomorrow afternoon but plan to do so next Thursday, with apologies for any inconvenience. Thank you. (11/11)

arpspoof lab for next week is on DETER - no physical meetings during week of November 2. Do the lab on DETER, due dates fall week of November 9. (10/30)

Green light for the firewall exercise - please proceed to do it. Since you sat at the intersection a long time waiting for this light to change, let's extend the submission deadline by a week. The firewall lab would be due in the week of 10/26, but instead let's make it the week of 11/2. You will also have another lab due that week, per upcoming 10/23 Friday lecture (vulnerability assessment with nessus), so there will be two. Please do them between now and then as best fits your schedule. (10/21)

Netgear router is available for your examination. Failure to reach it from class during today's lecture was probably due to a firewall prohibition against use of port 8080. Outside of class it works fine. Connect to it at http://66.159.240.21:8080. Use the login credentials per the firewall lab instructions. (10/16)

Please await green light here before doing lab for next week. It is a remote-execution DETER exercise. No physical lab meeting. Please see/read the instructions at link, below left, entitled "Firewalls (DETER)" but don't actually perform the lab, pending further notification here on the website. (10/16)

Lab grading - students have asked the scheme and rationale for lab grading. Here is the lab grading slide from the first lab lecture. The grade to be expected for fulfilling a lab assignment with correct answers is "pass." Other grades are for cases that are exceptional in some way and shouldn't normally be expected. (10/16)

No labs next week 10/5-10/8 - shifted to 10/12-10/15
No lab lecture next week 10/9

Apply for your DETER account now please per comments in today's "Intrusion detection" lecture, first few slides. (Note activation requires an approval step by me after you've finished applying. During this coming week please allow a couple days for that as I may not have daily internet access.) (10/2)

Lab forum - is available on www.uscden.net for our use. If you have subjects or questions you would like to raise, that's a good place to do it.

Lecture for Friday 9/25 is online here - it requires a browser with Flash plug-in and is about 50MB. Please do not attend lab in person on Friday afternoon 9/25. I will be absent. This online lecture supplants the one I would normally give there. I will lecture normally, in person, Friday 10/2. (9/24)

DETER network testbed - we will soon use it. You will need an account. Information at the links for "DETER net testbed" at left explain how to apply for one. Please don't do it yet. Please check here early part of next week for further info about how we will ask you to proceed to get your accounts. Meantime, please familiarize yourself with DETER by briefly exploring the links at left. (9/24)

Check this website before Friday lecture next week -  I must be absent next Friday 9/25. Please check here, where next week I will post more specific information about how we will handle lecture for the topic (authorization), and how it would affect you. (9/18)

Request - in your submittal files, if you could identify the timeslot to which you belong, e.g., "Monday 14:30", it would greatly assist our graders. (9/15)

Pre-read instructions for this week's lab - on the topic of cryptography. That's good general advice, but for this topic and activity in particular, which are ambitious, an advance familiarity before you step into the lab will help you. Also, you need to take with you from the lab a file you will generate. Be prepared to transfer it to an outside computer you control (e.g., by ftp) or bring a medium (floppy or usb drive). (9/11)

New "edition 3" lab time assignments published - at the link entitled "Student lab times" at left. Please check and attend lab accordingly. (9/11)

Cryptography All-Star Panel - Diffie-Hellman's  Mr. Diffie and Mr. Hellman, and RSA's Mr. Rivest and Mr. Shamir are the panelists who spoke at the RSA Conference in April 2008. You can view their 45-minute discussion online. Click on the panel discussion under the Tuesday, April 8 column. (9/11)

New "edition 2" lab time assignments published - at the link entitled "Student lab times" at left. Please check, find your assignment if you have one, and attend lab accordingly this coming week. (9/7)

What if I (still) have no assignment listed? Then you are (still) among those who didn't fill in the web form or did so incorrectly. Or maybe, you are a d-clearance latecomer to the class who emailed me previously. I'm waiting for your request and will honor it if I get it in time, to give you a slot for this week.

Barring such arrangements that I'll make with you individually, if you have no timeslot assignment please don't attend this lab. You'll miss credit for it. (But don't forget your lowest lab-- this one in that case-- gets dropped for end-of-semester grading purposes.) Separately though, the packet sniffing subject matter of this lab is important to some of the future labs. So even if you don't join a lab this week, read the instructions and absorb what you can from them. You should also, for this particular lab, find it feasible to to perform most of the activities in the instructions on your own.

If you haven't provided a proper request but still want to, please do. Do it via the web form, by the end of the day tomorrow Tuesday 9/8, and then I'll take another look.

I will of course be happy to deal with extenuating exceptions you may have on a personal, case-by-case basis. (9/7)

Forget the Labor Day holiday adjustment method that I proposed in last Friday's lecture-- it won't work. So if you are in one of the Monday labs, we will move this lab to next Monday and proceed accordingly from week to week. So the lab exercise for a given week will be done on Tuesday, Wednesday, Thursday of that week plus Monday of following week. If you are a Monday student, please don't try to attend a non-Monday lab this week, instead attend your own lab next Monday. (9/7)

Student lab time assignments published - at the link entitled "Student lab times" at left. Please check and find your assignment if you have one. (9/4)

Initial lab topic - packet sniffing with Wireshark and tcpdump. See the link at left entitled "Packet sniffing." (9/4)

What if I have no assignment listed? Then you are among the 30 who didn't fill in the web form or did so incorrectly. To handle that you can (please!) turn in a correct late request by the end of the day Saturday and it will get attention in a second-priority round Sunday. Then, look at "Student lab times" for an assignment at the end of Sunday when I'll try to publish "edition 2." Note the 5 now-eliminated candidate timeslots (see below) and of course  be sure not to request those. For them, enter zeros on the web form.

Please review the requirements carefully since incorrectly composed requests are unrecognized by my software script. Not because it's mean-spirited but because it's mechanistic. It's software! Follow the requested rules please, so your request can work for you.

 If you again don't make a correct request in this weekend's round, you'll miss next week's lab and miss credit for it. (But don't forget your lowest lab-- this one in that case-- gets dropped for end-of-semester grading purposes.) Separately though, the subject matter of this lab is not dispensable as future labs depend on it. So even if you don't join a lab this week, read the instructions and absorb what you can from them. You should also, for this particular lab, find it feasible to to perform most of the activities in the instructions on your own.

Anyone who does not provide a correct request Saturday so gets no 1st-week timeslot can provide one by the end of the day Tuesday 9/8 and get an assignment for the 2nd week and beyond. After Tuesday's final, 3rd-round call the window closes.

I will of course be happy to deal with extenuating exceptions you may have on a personal, case-by-case basis. (9/4)

Timeslots selected, timeslots eliminated - based on approximate popularity 6 were chosen from among the 11 candidate timeslots. They are
 Mon 13:00
 Mon 14:30
 Tue 13:00
 Wed 9:00
 Wed 10:30
 Thu 13:00
Labs will not be held at the other 5 candidate times, now eliminated. (9/4)

Lab timeslot web form is ready - please go ahead and express your priority preferences in the manner described in lecture, and below. There were a few duplicate last names, all rendered unique by by suffixing the first character of the first name. Use your (possibly suffixed) last name as your ID, all letters lowercase. (8/30)

DETER network testbed - please familiarize yourself with DETER by briefly exploring the links under "DETER net testbed" at left. Later in the semester we will do exercises using DETER's remote hardware, instead of our lab's hardware. (8/28)

Individual lab timeslot assignments

You will be assigned to a particular lab session. You will express preference among the timeslots using this web form:

On the form (which does not validate entries) please take care to enter a unique explicit digit from among 1-4, 5, and 0 for each of the 11 lab timeslot possibilities. Give a single 1, 2, 3, and 4 to your top 4 timeslots, then give 5’s to all non-conflicting but less preferred timeslots, and 0’s to all conflicting timeslots. If your entries deviate from that, they won't be accepted by further processing, which extracts all the properly formed entries only. This could adversely affect your getting the timeslot you prefer. I will do my best to follow student preference, but that can't guarantee everyone their top choice.

The web form is here. To use it, you need to supply an ID. I must pre-load the form with a list of IDs before it will be useable. I'll do that ASAP and post prominent notice at top of this page. I intend to use your last names. (8/28)

Slides from today's lecture (8/28)

Lab location - room OHE406. The hardware-identical computers in this room have removable hard drives. You will be assigned a drive. You will insert it in one of the computers when you arrive at the lab each week. You will put it in a locker afterward, where it will be stored for you until the following week's session. (8/28)

DEN students - most of the lab exercises are performed on either Windows or in a VMware virtual machine. Taking the liberty of assuming you have access to a Windows machine, please use that for the Windows-based exercises. For the vm-based exercises, we will make available images of the same vm's that are installed in the lab, for you to install on your machine. You will then be able to run that vm using VMware server, which is distributed free from www.vmware.com. The lab handouts (instructions) will be posted online, on this website, weekly. I intend to distribute the vm images available to you on a DVD that will be mailed to you. (8/28)

 

The University of Southern California does not screen or control the content on this website and thus does not guarantee the accuracy, integrity, or quality of such content. All content on this website is provided by and is the sole responsibility of the person from which such content originated, and such content does not necessarily reflect the opinions of the University administration or the Board of Trustees