Textbook

CNIT 123
Ethical Hacking and Network Defense

Spring 2007 Sam Bowne

Final Grades posted 5-30-07 7 am

Open Lab Hours for Sci 214

Schedule · Lecture Notes · Projects · Links · Bookshelf · Home Page


Errors in the textbook


38036  501  MON 6 pm - 9 pm  Science 215
38013  601  SAT 9 am - Noon  Science 215

Catalog Description

Students learn how hackers attack computers and networks, and how to protect systems from such attacks, using both Windows and Linux systems. Students will learn legal restrictions and ethical guidelines, and will be required to obey them. Students will perform many hands-on labs, both attacking and defending, using port scans, footprinting, exploiting Windows and Linux vulnerabilities, buffer overflow exploits, SQL injection, privilege escalation, Trojans, and backdoors.

Prerequisites: CNIT 106 and 120 or equivalent familiarity with the fundamentals of networking and security.

Upon successful completion of this course, the student will be able to:
  1. Explain what an ethical hacker can and can not do legally, and explain the credentials and roles of penetration testers.
  2. Define the types of malicious software found in modern networks.
  3. Explain the threats and countermeasures for physical security and social engineering.
  4. Perform footprinting to learn about a company and its network.
  5. Perform port scans to locate potential entry points to servers and networks.
  6. Perform enumeration (finding resources, accounts, and passwords) on Microsoft, Netware, and Unix/Linux targets.
  7. Perform very simple programming in C, HTML, and Perl, specifically oriented towards the needs of network security professionals.
  8. Learn how to identify Microsoft Windows vulnerabilities and to harden systems.
  9. Learn how to identify Linux vulnerabilities and to protect servers.
  10. Describe how to take control of Web Servers, and how to protect them.
  11. Locate and hack into wireless networks, and protect them.
  12. Explain how cryptography and hashing work, and perform attacks against them such as password cracking and man-in-the-middle attacks.
  13. Describe and deploy security devices, including routers, firewalls, Intrusion Detection Systems, and honeypots.

Textbook

Hands-On Ethical Hacking and Network Defense by Michael T. Simpson -- ISBN: 0-619-21708-1 Buy from Amazon




Schedule for Saturday Class
(may be revised)

DateQuizTopic
Sat 1-20  Ch 1: Ethical Hacking Overview
Sat 1-27  Ch 2: TCP/IP Concepts Review
Fri 2-2 Last Day to Add Classes
Sat 2-3Quiz on Ch 1 & 2   
Proj 1-3 due
Ch 3: Network and Computer Attacks
Sat 2-10Quiz on Ch 3  
Proj 4&5 due
Ch 4: Footprinting and Social Engineering
Sat 2-17 Holiday - No Class
Tue 2-20 Last Day to Request CR/NC Grading
Sat 2-24Quiz on Ch 4 
Proj 6&7 due
Ch 5: Port Scanning
Sat 3-3Quiz on Ch 5 
Proj 8&9 due
Ch 6: Enumeration
Sat 3-10Quiz on Ch 6 
Proj 10&11 due
Ch 7: Programming for Security Professionals
Sat 3-17Quiz on Ch 7 
Proj 12&13 due
Ch 8: Microsoft Operating System Vulnerabilities
Sat 3-24Quiz on Ch 8 &
Proj 14&15 due
Ch 9: Linux Operating System Vulnerabilities
Sat 3-31 Holiday - No Class
Sat 4-7 Holiday - No Class
Sat 4-14Quiz on Ch 9 &
Proj 16&17 due
Ch 10: Hacking Web Servers
Mon 4-16 Last Day to Withdraw
Sat 4-21Quiz on Ch 10 
Proj 18&19 due
Ch 11: Hacking Wireless Networks
Sat 4-28Quiz on Ch 11 
Proj 20&21 due
Ch 12: Cryptography
Sat 5-5Quiz on Ch 12 
Proj 22&23 due
Ch 13: Protecting Networks with Security Devices
Sat 5-12Quiz on Ch 13 
Proj 24-26 due
Last Class: More Wireless Hacking -- Cracking WEP Encryption
Sat 5-19  Final Exam


Schedule for Monday Class
(may be revised)

DateQuizTopic
Mon 1-22  Ch 1: Ethical Hacking Overview
Mon 1-29  Ch 2: TCP/IP Concepts Review
Fri 2-2 Last Day to Add Classes
Mon 2-5Quiz on Ch 1 & 2   
Proj 1-3 due
Ch 3: Network and Computer Attacks
Mon 2-12Quiz on Ch 3  
Proj 4&5 due
Ch 4: Footprinting and Social Engineering
Mon 2-19 Holiday - No Class
Tue 2-20 Last Day to Request CR/NC Grading
Mon 2-26Quiz on Ch 4 
Proj 6&7 due
Ch 5: Port Scanning
Mon 3-5Quiz on Ch 5 
Proj 8&9 due
Ch 6: Enumeration
Sun 3-11  Daylight Savings Begins
Mon 3-12Quiz on Ch 6 
Proj 10&11 due
Ch 7: Programming for Security Professionals
Mon 3-19Quiz on Ch 7 
Proj 12&13 due
Ch 8: Microsoft Operating System Vulnerabilities
Mon 3-26Quiz on Ch 8 &
Proj 14&15 due
Ch 9: Linux Operating System Vulnerabilities
Mon 4-2 Holiday - No Class
Mon 4-9Quiz on Ch 9 &
Proj 16&17 due
Ch 10: Hacking Web Servers
Mon 4-16 Last Day to Withdraw
Mon 4-16Quiz on Ch 10 
Proj 18&19 due
Ch 11: Hacking Wireless Networks
Mon 4-23Quiz on Ch 11 
Proj 20&21 due
Ch 12: Cryptography
Mon 4-30Quiz on Ch 12  Ch 13: Protecting Networks with Security Devices
Proj 22&23 due
Mon 5-7Quiz on Ch 13 
Proj 24&25 due
More Wireless Hacking -- Cracking WEP Encryption
Mon 5-14Quiz on Ch 13 
Proj 26 due
Last Class: To Be Announced
Mon 5-21  Final Exam


Back to Top

Lecture Notes

Policy
Student Agreement
Code of Ethics
Ch 1: Ethical Hacking Overview     Powerpoint
Ch 2: TCP/IP Concepts Review     Powerpoint
Ch 3: Network and Computer Attacks     Powerpoint
Ch 4: Footprinting and Social Engineering     Powerpoint
Ch 5: Port Scanning     Powerpoint
Ch 6: Enumeration     Powerpoint
Ch 7: Programming for Security Professionals     Powerpoint
           hello.c    hello2.c    hello3.c    loopdemo.c    pingscan.c
           branch.plx    hello.plx    hello2.plx    leet.plx    pingscan.plx
Ch 8: Microsoft Operating System Vulnerabilities     Powerpoint
Ch 9: Linux Operating System Vulnerabilities     Powerpoint
Ch 10: Hacking Web Servers     Powerpoint
Ch 11: Hacking Wireless Networks     Powerpoint
Ch 12: Cryptography     Powerpoint
Ch 13: Protecting Networks with Security Devices     Powerpoint
Lecture 14: More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP)     Powerpoint
Lecture 15: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack     Powerpoint
The lectures are in Word and PowerPoint formats.
If you do not have Word or PowerPoint you will need to install the
Free Word Viewer 2003 and/or the Free PowerPoint Viewer 2003.


Back to Top

Projects

The projects are the heart of the course. We will use virtual and physical machines running Windows XP, Vista, Windows 2000, and Ubuntu Linux on closed private networks, performing real network attacks and intrusions which would be illegal on public networks. We will use both wired and wireless networks. We will also perform countermeasures to prevent, detect, and mitigate the damage done by these attacks.

How to Read Your CCSF Email
How to Get your Windows XP Activation Code from MSDNAA
Downloading MSDNAA Software
Virtual Machines at Home

Project 1: Preparing a Trusted Windows XP Virtual Machine (10 pts.)
Project 2: Using Metasploit to Take Over a Windows 2000 Computer (25 pts.)        Process Utility for Classroom Demo
Project 3: Stealing Passwords with a Packet Sniffer (20 pts.)
Project 4: Using a Software Keylogger (15 pts.)
Project 5: Installing Ubuntu Linux (20 pts.)
Project 6: Port Scanning with Nmap (15 pts.)
Project 7: Cracking Windows XP Passwords with Ophcrack (20 pts.)
Project 8: Installing Metasploit on Ubuntu Linux (25 pts.)
Project 9: Protecting Your Privacy with The Onion Router (TOR) (10 pts.)
Project 10: Using whois (10 pts.)
Project 11: Getting into Ubuntu Linux Without a Password (20 pts.)
Project 12: Using a Hardware Keylogger (10 pts.)
Project 13: Unlocking a Windows Desktop from Ubuntu Linux With MSFconsole (20 pts.)
Project 14: Analyzing Types of Port Scans (20 pts.)
Project 15: Using the Ultimate Boot CD to Create Administrator Accounts (10 pts.)
Project 16: Testing Firewalls (20 pts.)
Project 17: Setting up a Web Server (15 pts.)      Big Image
Project 18: Performing a Denial of Service Attack With Nmap (20 pts.)
Project 19: NetBIOS Null Sessions (20 pts.)
Project 20: Nessus Vulnerability Scanner (20 pts.)
Project 21: Programming in C on Ubuntu Linux (15 pts.)
Project 22: Programming in Perl on Ubuntu Linux (10 pts.)
Project 23: Sniffing Passwords with ettercap on Ubuntu Linux (15 pts.)
Project 24: Rootkitting Ubuntu Linux (and wrecking it) (15 pts.)
Project 25: Apache Tomcat Web Server on Ubuntu Linux (15 pts.)
Project 26: John the Ripper on Ubuntu Linux (10 pts.)

Project V1: Installing Vista (10 pts. extra credit)
Project V2: Updates and Antivirus on Vista (10 pts. extra credit)

Project X1: Subnet Exercises (10 pts. extra credit)
Project X2: HackThisSite (15 pts. extra credit)
Project X3: Installing VMware Tools With VMplayer (10 pts. extra credit)
Project X4: Programming with Python on Windows (15 pts. extra credit)
Project X5: Microsoft Baseline Security Analyzer (MBSA) (10 pts. extra credit)
Project X6: Winfingerprint (10 pts. extra credit)
Project X7: Removing the Rootkit from Ubuntu Linux (10 pts. extra credit)      fix-fu
Project X8: Installing WebGoat and Scanning it with Nessus on Ubuntu Linux (15 pts. extra credit)
Project X9: OpenPGP on Ubuntu Linux (15 pts. extra credit)
Project X10: Cracking Windows Passwords with Cain and Abel (15 pts. extra credit)
Project X11: Installing Windows Longhorn Beta on VMware (15 pts. extra credit)      NIC Drivers
Project X12: Cracking WEP from Windows on a Busy WLAN (15 pts. extra credit)
Project X13: Cracking WEP With Packet Injection with the Backtack 2 Live CD (15 pts. extra credit)
Project X14: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack (15 pts. extra credit)



Proposed topics for additional projects:
  • Spoofing Web pages to Steal Credentials
  • TCP/IP Session Hijacking
  • Using ARP and DNS Cache Poisoning to Intercept Network Traffic
  • Man-in-the-Middle Attacks and Defeating Secure Sockets Layer
  • Defeating Biometric Security Devices
  • Hacking Magnetic Stripe Cards
  • Lockpicking and Bump Keys
  • Google Hacking
  • Capture the Flag: teams of students attacking and defending each other's servers
Back to Top

Hacker's Bookshelf

Non-Technical

The Art of Deception

The Art of Deception: Controlling the Human Element of Security (2003) by Kevin D. Mitnick, William L. Simon, Steve Wozniak
The Art of Intrusion

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers (2005) by Kevin D. Mitnick, William L. Simon
Takedown

Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It (1996) by Tsutomu Shimomura, John Markoff
Hacker Crackdown

The Hacker Crackdown: Law And Disorder On The Electronic Frontier (1993) by Bruce Sterling
Hackers

Hackers: Heroes of the Computer Revolution (2001) by Steven Levy
Crypto

Crypto: How the Code Rebels Beat the Government Saving Privacy in the Digital Age (2002) by Steven Levy
Takedown

Brute Force: Cracking the Data Encryption Standard (2005) by Matt Curtin

Fiction With Technical Information

Stealing the Network

Stealing the Network: How to Own the Box (2003) by Ryan Russell, Ido Dubrawsky, FX, Joe Grand, Tim Mullen
Stealing the Network

Stealing the Network: How to Own a Continent (2004) by FX, Paul Craig, Joe Grand, Tim Mullen, Fyodor, Ryan Russell, Jay Beale
Stealing the Network

Stealing the Network: How to Own an Identity (2005) by Raven Alder, Chris Hurley, Tom Parker, Ryan Russell, Jay Beale, Riley Eller, Brian Hatch, Jeff Moss
Zero Day Exploit

Zero Day Exploit: Countdown to Darkness (2004) by Rob Shein, David Litchfield, Marcus Sachs

Technical

Gray Hat Hacking

Gray Hat Hacking : The Ethical Hacker's Handbook (2004) by Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, Michael Lester
Hacker's Challenge

Hacker's Challenge : Test Your Incident Response Skills Using 20 Scenarios (2001) by Mike Schiffman
Hacker's Challenge 2

Hacker's Challenge 2: Test Your Network Security & Forensic Skills (2002) by Mike Schiffman, Bill Pennington, David Pollino, Adam J. O'Donnell
Hacker's Challenge 3

Hacker's Challenge 3 (2006) by David Pollino, Bill Pennington, Tony Bradley, Himanshu Dwivedi
Google Hacking

Google Hacking for Penetration Testers (2004) by Johnny Long, Ed Skoudis, Alrik van Eijkelenborg
Wi-Foo

Wi-Foo: The Secrets of Wireless Hacking (2004) by Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky
Back to Top

Links


          
Back to Top
Valid XHTML 1.0!      
Last Updated: 5-30-07 7 am