CNIT 120: Network Security


Spring 2013 Sam Bowne


Open Lab Hours for Sci 214

Schedule · Lecture Notes · Projects · Links · Home Page


33816 001 Lec  T R  11:10-12:25PM

Catalog Description

Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).

Advisorie: Students should have taken CNIT 106 or 106C or 201E, or equivalent familiarity with the fundamentals of networking.

Upon successful completion of this course, the student will be able to:
  1. Define areas of security concern, discuss network security, and identify network risks.
  2. Distinguish between and define internal and external threats to data and services.
  3. Describe the vulnerabilities of various media (susceptibility to wiretaps or eavesdropping).
  4. Secure access to resources on the network using passwords, permissions, and access control lists (ACLs).
  5. Evaluate various anti-virus software programs, software firewalls, and hardware firewalls.
  6. Define and identify types of firewalls, including Network Address Translation (NAT).
  7. Discuss weaknesses of various operating systems and known and recommended fixes (patches).
  8. Detect unauthorized attempts to access resources by monitoring (auditing).
  9. Install and configure intrusion detection programs; analyze reports and recommend responses.
  10. Provide solutions for known vulnerabilities in communications: email, remote access, file transfer, and electronic commerce.
  11. Provide end-to-end security for the transmission of data between hosts on the network.
  12. Describe vulnerabilities inherent in wireless technologies and present suggested solutions.


"CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide", by Darril Gibson ISBN: 1463762364 Buy online

Schedule (may be revised)

Tue 1-15  Intro: Hacktivism, Cybercrime, and Vigilantes
Thu 1-17  Intro: CCSF's "Virus" Scandal
Tue 1-22  Ch 1. Mastering the Basics of Security
Thu 1-24  Ch 1. Mastering the Basics of Security
Tue 1-29 Ch 1. Mastering the Basics of Security
Thu 1-31Proj 1 & 2 due Ch 2. Exploring Control Types and Methods
Fri 2-1 Last Day to Add
Tue 2-5 Ch 2. Exploring Control Types and Methods
Thu 2-7Quiz: Ch 1-2 Ch 3. Understanding Basic Network Security
Tue 2-12 Ch 3. Understanding Basic Network Security
Thu 2-14Proj 3 & 4 due Ch 3. Understanding Basic Network Security
Tue 2-19Quiz: Ch 3 Ch 4. Securing Your Network
Thu 2-21Class Cancelled for JunOS Training
Sun Feb 24 - Mon. Feb. 25 B-Sides San Francisco (extra credit)
Tue 2-26Proj 5 & 6 due Ch 4. Securing Your Network
Thu 2-28Proj 7 due Ch 5. Securing Hosts and Data
Tue 3-5Quiz: Ch 4 Ch 5. Securing Hosts and Data
Thu 3-7Proj 8 & 9 due Ch 6. Understanding Malware and Social Engineering
Tue 3-12Quiz: Ch 5 Ch 6. Understanding Malware and Social Engineering
Thu 3-14Proj 10 due Guest Speaker: Tim Ryan, Technical Operations Manager, CCSF
Tue 3-19Quiz: Ch 6 Ch 7. Identifying Advanced Attacks
Thu 3-21Proj 11 & 12 due Ch 7. Identifying Advanced Attacks
Tue 3-26 Holiday--No Class
Thu 3-28 Holiday--No Class
Tue 4-2Quiz: Ch 7 Ch 8. Managing Risk
Thu 4-4Proj 13 due Ch 8. Managing Risk
Thu 4-4 Mid-term grades due
Tue 4-9Quiz: Ch 8 Ch 9. Preparing for Business Continuity
Thu 4-11Proj 14 & 15 due To Be Announced
Tue 4-16Quiz: Ch 9 Ch 10. Understanding Cryptography
Thu 4-18Proj 16 due To Be Announced
Tue 4-18 Last Day to Withdraw
Tue 4-23No Quiz Ch 10. Understanding Cryptography
Thu 4-25Proj 17 due Ch 10. Understanding Cryptography
Sat 4-27Wardriving 9 AM MUB 330
Tue 4-30No Quiz Ch 10. Understanding Cryptography
Thu 5-2Proj 18 due Ch 10. Understanding Cryptography
Tue 5-7Quiz: Ch 10 Ch 11. Exploring Operational Security
Thu 5-9Class Cancelled
Tue 5-14Quiz: Ch 11 Security+ Review Questions
Thu 5-16All Extra Credit Projects Due Last Class: Review
Thu 5-23  Final Exam: 10:30 am

Lecture Notes

Student Agreement
The Security Circus (ppt)
CCSF's "Virus" Scandal (ppt)

Lecture Videos on YouTube

Lecture Audio Files

1. Mastering the Basics of Security     PPT
2. Exploring Control Types and Methods     PPT
3. Understanding Basic Network Security     PPT
4. Securing Your Network     PPT
5. Securing Hosts and Data     PPT
6. Understanding Malware and Social Engineering     PPT
7. Identifying Advanced Attacks     PPT
8. Managing Risk     PPT
9. Preparing for Business Continuity     PPT
10. Understanding Cryptography     PPT
11. Exploring Operational Security     PPT

Back to Top


COMMENT ON THE PROJECTS       Read the comments

Project 1: Firefox and NoScript (10 pts.) (rev. 8-16-12)
Project 2: HijackThis (10 pts.) (rev. 8-16-12)
Project 3: Sniffing Passwords with Wireshark (10 pts.) (rev. 2-14-13)
Project 4: Port Scans and Windows Firewall (20 pts.) (rev. 8-21-12)
Project 5: WOT (Web of Trust) (10 pts.) (rev. 8-12-11)
Project 6: Blocking Ads with the Hosts File (15 pts.) (rev. 1-17-13)
Project 7: Hashes and Digital Signatures (15 pts.) (rev. 8-30-12)
Project 8: TrueCrypt (15 pts.)
Project 9: MD5 Hash Collisions (15 pts.)
Project 10: Preparing a BackTrack Virtual Machine (10 pts.)
Project 11: WebGoat Setup (10 pts.)
Project 12: SQL Injection with WebGoat (15 pts.)
Project 13: Skipfish Vulnerability Scanner (15 pts.) (rev. 9-12-11)
Project 14: Gmail 2-Factor Authentication (10 pts.)
Project 15: Snort (15 pts.)
Project 16: Encipher It (10 pts.)
Project 17: Making a Linux HTTPS Server (20 pts.)
Project 18: Viewing Segments and Clusters with a Hex Editor (20 pts.) (Updated 5-2-13)
     SPAM.zip      EGGS.zip
Project 19: reCAPTCHA (15 pts.)

Extra Credit Projects

Twitter Project (10 pts.)
Binary Games
Project 2x: XSS with Google Gruyere (15 pts.)
Project 3x: Privilege Escalation with Google Gruyere (10 pts.)
Project 4x: Performing an HTTPS DoS Attack (10 pts.)
Project 5x: Stealing Logon Passwords Remotely (15 pts.) (updated 12-2-12)
Project 6x: Bypassing Antivirus (10 pts.)
Project 7x: Bypassing Antivirus Part 2 (10 pts.)
Project 8x: Preparing an Ubuntu machine at Amazon Web Services (15 pts.)
Project 9x: Setting Up an IPSec L2TP VPN server on Ubuntu (15 pts.)
Project 10x: Microsoft Azure (15 pts.)
Project 11x: VPN Server on Windows Server 2008 (15 pts.)
Project 12x: SHA-3 (15 pts.)
Back to Top


Certification Preparation

Security+ Study Guides, Practice Exams, Training Resources, and Forums
Security+ Exam Changing 12-31-2011 to SY0-301
CompTIA Security SY0-301 Authorized Exam Cram (3rd Edition) ($16)
CompTIA Security+ Certification: JK0-018 is the same as SY0-301
CompTIA CEUs (Continuing Education Requiements)
Security Plus WAP Simulation

Links for Chapter Lectures

Ch 1a: Palin's Email Account Hacked
Ch 1b: The MS-CHAP version 1 authentication protocol has been deprecated in Windows Vista
Ch 1c: Divide and Conquer: Cracking MS-CHAPv2 with a 100 success rate

Ch 2a: Defense Contractor Leaks Obama's Presidential Helicopter Plans to Iran
Ch 2b: Get SID of user
Ch 2c: Mac Ad: Vista Security - YouTube
Ch 2d: Under Worm Assault, Military Bans Disks, USB Drives (from 2008)
Ch 2e: IEEE 1667: USB device authentication
Ch 2f: Set Local User Logon Hours in Windows XP
Ch 2g: Configuring IP Access Lists - Cisco Systems
Ch 2h: Pentagon destroys thousands of copies of Army officer's memoir
Ch 2i: Google throws 'kill switch' on Android phones

Ch 3a: An Illustrated Guide to the Kaminsky DNS Vulnerability
Ch 3b: Download Splunk for free on your operating system
Ch 3c: OSSIM, the Open Source SIEM

Ch 4a: Using Nepenthes Honeypots to Detect Common Malware
Ch 4b: MS honeypot research sheds light on brute-force hacks
Ch 4c: Microsoft Proposes Personal Honeypots to Fend Off Hackers
Ch 4d: New Metasploit 0-day exploit for IE
Ch 4e: IE 0Day Demo
Ch 4f: asleap - exploiting cisco leap
Ch 4g: Reaver Cracking WPS in 19 Hours
Ch 4h: Wi-Fi Protected Setup
Ch 4i: Which ports to unblock for VPN traffic to pass-through?
Ch 4j: Configuring Firewalls
Ch 4k: NAT traversal - Wikipedia
Ch 4l: Toward a Gigabit Wi-Fi Nirvana: 802.11ac and 802.11ad
Ch 4m: Best 802.11ac routers - CNET Reviews
Ch 4n: NSA Backdoor in Elliptic Curve random number algorithm
Ch 4o: Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS
Ch 4p: Introducing Universal SSL from Cloudflare, using ECC
Ch 4q: WiFi Pineapple Mark V Standard -- HakShop
Ch 4r: Rogue Management in a Unified Wireless Network - Cisco
Ch 4s: Free VPN Service - Hotspot Shield VPN
Ch 4t: An Explosion of Data Breaches and PoS RAM Scrapers (2014)
Ch 4u: Geotagging poses security risks Article The United States Army
Ch 4v: Insurgents Used Cell Phone Geotags to Destroy AH-64s in Iraq Defense Tech

Ch 5a: Restricted Groups: Security Configuration Editor
Ch 5b: Federal Agencies Fail Health IT Security Audits (from 2011)
Ch 5d: Come fly the insecure skies, a lesson in IT deployment at one of the largest US airports
Ch 5e: Amazon Outage Hits Netflix, Heroku, Pinterest, Instagram (July, 2012)
Ch 5f: Google Hack Attack Was Ultra Sophisticated, New Details Show

Ch 6a: Microsoft disables AutoRun on Windows XPVista to prevent malware infections
Ch 6b: Buckshot Yankee
Ch 6c: LoveBug worm hit 10 years ago during a simpler time
Ch 6d: Internet Security 2012 Virus - Removal Guide - Fixrogues
Ch 6e: Think Apple's Got Your Back? 600K Trojan Virus Attacks Say Otherwise
Ch 6f: Fannie Mae Logic Bomb Would Have Caused Weeklong Shutdown
Ch 6g: Sony's 'rootkit' CDs
Ch 6h: Barracuda Spam Firewall
Ch 6i: Eric Schmidt: Google gets close to 'the creepy line'
Ch 6j: HP Storage Hardware Harbors Secret Back Door
Ch 6k: Linux kernel - Wikipedia
Ch 6l: Hackers Target the Unemployed as Money Mules
Ch 6m: Amazon.com: 3M Privacy Filter
Ch 6o: Virus Coaxes Man to Turn Himself in for Child Pornography

Ch 7a: Kerberos prevents MITM
Ch 7b: Barclays: 97 percent of data breaches still due to SQL injection
Ch 7c: G-Zapper - Removes Google Cookies

Ch 8a: IP Address Locator - Enter an IP address to find its location
Ch 8b: IP Address WHOIS Lookup
Ch 8c: Extracting and Cracking Mac OS X Lion Password Hashes
Ch 8d: Ubuntu's password management with SHA512

Ch 9a: HBGary Federal's Aaron Barr Resigns After Anonymous Hack Scandal
Ch 9b: Google's Disk Failure Experience
Ch 9c: On the ground with AT&T's Network Disaster Recovery team
Ch 9d: Google Throws Open Doors to Its Top-Secret Data Center
Ch 9e: AVTECH - Recommended Data Center Temperature & Humidity
Ch 9f: Compromising Electromagnetic Emanations of Keyboards Experiment 22 on Vimeo

Ch 10a: Understanding sha-1 collision weakness
Ch 10b: The cost of SHA-1 collisions reduced to 2^52
Ch 10c: No SHA-1 Collision? Yet SHA1 is broken?
Ch 10d: SHA-3 Winner Chosen, But It May Be Years Before Keccak Has an Effect
Ch 10e: Hashcalc download
Ch 10f: FileAlyzer
Ch 10g: RIPEMD - Wikipedia
Ch 10h: How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases
Ch 10i: LM hash - Wikipedia
Ch 10j: Enabling NTLMv2 Authentication
Ch 10k: How to enable NTLM 2 authentication (from Microsoft)
Ch 10l: Network Security: LAN manager authentication level in the Registry
Ch 10m: Cracking NTMLv2 (PPT slides from 2002)
Ch 10n: Hash Generator--Calculates Correct NTLM Hashes
Ch 10o: Block size (cryptography) - Wikipedia -- Why AES Uses 128-bit Blocks
Ch 10p: Animation of AES encryption process
Ch 10q: EFF Breaks DES by Brute Force (1999)
Ch 10r: The RSA Hack: How They Did It - NYTimes.com (Apr. 2, 2011)
Ch 10s: NIST Recommends 2048-bit RSA Keys now (see page 20)
Ch 10t: First Steganographic Image in the Wild
Ch 10u: spammimic - steganography in spam
Ch 10v: Commercial quantum cryptography devices
Ch 10w: Quantum cryptography devices cost $82,000 a pair
Ch 10x: DigiNotar dies from certificate hack caper (from 2011)
Ch 10x1: ComodoHacker's Pastebin
Ch 10y: Chrome to stop checking Certificate Revocation List (CRL)?
Ch 10z: An Illustrated Guide to Cryptographic Hashes
Ch 10z1: IETF takes rifle off wall, grabs RC4 cipher's collar, goes behind shed (Dec. 1, 2014)
Ch 10z2: SSL Pulse -- quality of encryption on Web sites
Ch 10z3: Apple dumps SSL 3.0 for push notifications due to Poodle flaw (10-23-14)

Ch 11a: PSExec Pass The Hash - Metasploit Unleashed
Ch 11b: Computer Fraud Casebook: The Bytes that Bite: Joseph T. Wells
Ch 11c: The Story Behind San Francisco's Rogue Network Admin
Ch 11d: eDisclaimers
Ch 11e: selective attention test - YouTube
Ch 11f: Free, Live Streaming Web Cam Views from Around the World

Other Links

Proj 6 link: Download details: Microsoft Baseline Security Analyzer 2.1.1 (for IT Professionals)
Metasploit Megaprimer 300 mins of video tute
Different Types of Hashes and Salts
Security Theater video with Bruce Schneier
National Cyber League Fall Pilot Registration
The National Cyber League (NCL): Where Cyber Security is a Passion
The First Few Milliseconds of an HTTPS Connection -- EXCELLENT WALKTHROUGH
Security Plus Performance Based Questions
The Case of the Missing Digital Signatures Tab Didier Stevens
2013-12-08: Statement from French Government regarding the MitM certificates by their intermediate
2013-12-08: Google Explaining the French MITM Attack
2013-12-11: Safely and efficiently imaging a MacBook Air
2013-12-17: Hacker Ag3nt47 Hits Harvard, Stanford, MIT (from May)
Free Mini Course - CompTIA Security Performance Based Exam Questions - InfoSec Institute
2014-01-04: Prison Locker Ransomware, an upcoming malware threat in 2014
Ch 6n: Trusted Platform Module contains an RSA key
HacKid 1: Hacker Tells Story of Melbourne University Hack
HacKid 2: How the feds took down the Dread Pirate Roberts Ars Technica
Codebashing SQLi Tutorial
DNSSEC Demo: Online Dig of IETF.ORG
Updated CompTIA Security Exam--SY-301 expires Dec 31, 2014
Steganography Demo -- USEFUL FOR PROJECT

New Unsorted Links

Ch 10p: Animation of AES (fixed link 11-17-15)
How Yahoo was forced to give data secretly to the NSA Prism project (from 2014) -- IMPORTANT PRECEDENT
The Tricky Encryption That Could Stump Quantum Computers (from Sept., 2015)
CNSA Suite and Quantum Computing FAQ (Jan. 2016)


Old Links from Previous Textbook

Back to Top
Last Updated: 5-9-13 6:20 am