Prof. Ying-Dar Lin (


Tuan (

汪建廷 (

Ricardo Pontaza (

張敬昊 (

Introduction to Computer Security, Spring 2017

syllabus download


Stuart McClure, Joel Scambray, George Kurtz, "Hacking Exposed 7: Network Security

Secrets & Solutions," McGraw-Hill, July 2012.


1. Ying-Dar Lin, Ren-Hung Hwang, Fred Baker, “Computer Networks: An Open Source

    Approach,” Chapter 8 Network Security, McGraw-Hill, Feb 2011.

2. William Stallings, “Cryptography and Network Security, 6th edition,” Prentice Hall,

    March 2013.

Previous Course Page:




Chapter 8 (from the reference book)














2017/04/12 Homework 3

Due: 4/24 (Mon) uploaded to NCTU E3 ( (format: problem, solution with explanation, screen dumps

  1. (60 points) Use Cain to crack passwords on “your” Windows system with the following three different methods supported by Cain.
    1. Brute-force cracking
    2. Dictionary cracking
    3. Rainbow cracking
  2. (30 points) Use John the Ripper (JTR) to crack passwords on “your” Linux system.
  3. (40 points) Use Metaexploit to exploit a known vulnerability on a server of your choice and on a browser of your choice, respectively.
  4. (20 points) After you gain the access of a target host, show how you could install a backdoor program and make it accessible with netcat. You can listen on your host to wait for the backdoor to connect over.
  5. (20 points) Compare the vulnerability information that you can collect from three sources: Bugtraq, Open Source Vulnerability Database, Common Vulnerability and Exposures Database. Draw a table to compare them in several features.
  6. (20 points) Use find to search the SUID, SGID, and world-writable files on your Linux system.
  7. (20 points) Use Logclean-ng to clean the logs created during one login session on your Linux system.

2017/04/06 Midterm


Time: 4/17 (Mon) 10:10AM-12:00NN
Coverage: ch8 (in the reference book), ch1-5 (in the textbook)
Form: open book but no electronic device (only printed materials, no sharing).

2017/03/20 Homework 2

Due: 4/07 (Fri) uploaded to NCTU E3 ( (format: problem, solution with explanation, screen dumps)

  1. (50 points) Select a target domain and use Nmap for the following tasks.
    1. host discovery on the selected domain,
    2. port scanning on a selected host,
    3. active stack fingerprinting on the selected host,
    4. version scanning on a selected port,
    5. vulnerability scanning on the selected port.
  2. (20 points) List and compare nmap-os-fingerprints used in Nmap and osprints.conf used in Siphon. Discuss how and why they differ.
  3. (20 points) List and compare nmap-services and nmap-service-probe. Discuss how and why they differ.
  4. (10 points) On a UNIX/Linux host, list /etc/inetd.conf. Discuss what services are being offered.
  5. (30 points) Select a target domain, run metaexploit with Nmap scans and import Nmap results into the database. Show found hosts and available ports.
  6. (30 points) Select a website to do banner grabbing with telnet, netcat, and grendel-scan, respectively. Show and compare their results.
  7. (20 points) Select a target domain to do automatic DNS enumeration by dnsenum to find subdomains, servers, and their IP addresses.

2017/03/13 Homework 1

Due: 3/22 (Wed) uploaded to NCTU E3 ( (format: problem, solution with explanation, screen dumps)

  1. (20 points) Select a web site.
    1. Use "Wget" or "Teleport Pro" to mirror the site. Look for comments within comment tags. Give screen dumps and explain what you found.
    2. Use "DirBuster" with a proxy feature through "privoxy" to enumerate hidden files and directories. Screen dump and explain the hidden files and directories you found.
  2. (20 points) Lookup "How I met your girlfriend" in the BlackHat 2010 demo to explain, in 0.5 page, how this was done.
  3. (20 points) Select a person. Use on-line sites for phone book, social network, information, job, photo management, business directory,, etc. to summarize, with screen dumps and explanations, what information you can get. If your target is not in US nor native English speaker, you might need to use on-line sites different from the textbook.
  4. (20 points) Google "XYZ resume firewall" and "XYZ resume intrusion detection" where "XYZ" is the name of your target company. Screen dump "useful" results and explain what you got.
  5. (20 points) Lookup and Google cached results, and select a target web site. Compare the differences between an archived and cached copy with its current on-line web site. Give screen dump and explain the differences.
  6. (20 points) Find Google Hacking Database at Summarize what it has and select 3 strings to search. Screen dump and explain what you got.
  7. (20 points) Select a web site. Start from to find its registry, registrar, and registrant. Also select an IP address. Start from to find who owns the IP address. Show your screen dump and explain.
  8. (20 points) Select a domain name. Use nslookup to dump its DNS records. Show your screen dump and explain.
  9. (20 points) Select a domain name. Use traceroute or similar tools to find the access path to that domain. Show your screen dump and explain.
  10. (bonus: 40 points) Follow the case study right before chapter 1. Select one target and run through all tools (Tor, Vidalia, Privoxy, tor-resolve, proxychains, Nmap, socat, nc). Screen dump the process and explain what you got in your screen.


No class on March 1 (Wed).


Quiz #1 on March 6 (Mon), covering ch8 in the reference book. Future quizzes would not be announced.


No class this Saturday (02/18).