Instructor:

Prof. Ying-Dar Lin (ydlin@cs.nctu.edu.tw)

TA:

Tuan (minhtuanthaivn@gmail.com)

汪建廷 (ctwang@cs.nctu.edu.tw)

Ricardo Pontaza (pontaza.ricardo@gmail.com)

張敬昊 (frankchang.cs04g@g2.nctu.edu.tw)

Introduction to Computer Security, Spring 2017

syllabus download

TextBook:

Stuart McClure, Joel Scambray, George Kurtz, "Hacking Exposed 7: Network Security

Secrets & Solutions," McGraw-Hill, July 2012.

Reference:

1. Ying-Dar Lin, Ren-Hung Hwang, Fred Baker, “Computer Networks: An Open Source

    Approach,” Chapter 8 Network Security, McGraw-Hill, Feb 2011.

2. William Stallings, “Cryptography and Network Security, 6th edition,” Prentice Hall,

    March 2013.

Previous Course Page:

15spring

16spring

Slides:

Chapter 8 (from the reference book)

Chapter1

Chapter2

Chapter3

Chapter4

Chapter5

Chapter6

Chapter7

Chapter8

Chapter9

Chapter10

Chapter11

Chapter12

Scores:

2016/03/20 Homework 2

Due: 4/07 (Fri) uploaded to NCTU E3 (https://dcpc.nctu.edu.tw/) (format: problem, solution with explanation, screen dumps)

  1. (50 points) Select a target domain and use Nmap for the following tasks.
    1. host discovery on the selected domain,
    2. port scanning on a selected host,
    3. active stack fingerprinting on the selected host,
    4. version scanning on a selected port,
    5. vulnerability scanning on the selected port.
  2. (20 points) List and compare nmap-os-fingerprints used in Nmap and osprints.conf used in Siphon. Discuss how and why they differ.
  3. (20 points) List and compare nmap-services and nmap-service-probe. Discuss how and why they differ.
  4. (10 points) On a UNIX/Linux host, list /etc/inetd.conf. Discuss what services are being offered.
  5. (30 points) Select a target domain, run metaexploit with Nmap scans and import Nmap results into the database. Show found hosts and available ports.
  6. (30 points) Select a website to do banner grabbing with telnet, netcat, and grendel-scan, respectively. Show and compare their results.
  7. (20 points) Select a target domain to do automatic DNS enumeration by dnsenum to find subdomains, servers, and their IP addresses.

2016/03/13 Homework 1

Due: 3/22 (Wed) uploaded to NCTU E3 (https://dcpc.nctu.edu.tw/) (format: problem, solution with explanation, screen dumps)

  1. (20 points) Select a web site.
    1. Use "Wget" or "Teleport Pro" to mirror the site. Look for comments within comment tags. Give screen dumps and explain what you found.
    2. Use "DirBuster" with a proxy feature through "privoxy" to enumerate hidden files and directories. Screen dump and explain the hidden files and directories you found.
  2. (20 points) Lookup "How I met your girlfriend" in the BlackHat 2010 demo to explain, in 0.5 page, how this was done.
  3. (20 points) Select a person. Use on-line sites for phone book, social network, information, job, photo management, business directory, jigsaw.com, etc. to summarize, with screen dumps and explanations, what information you can get. If your target is not in US nor native English speaker, you might need to use on-line sites different from the textbook.
  4. (20 points) Google "XYZ resume firewall" and "XYZ resume intrusion detection" where "XYZ" is the name of your target company. Screen dump "useful" results and explain what you got.
  5. (20 points) Lookup Archive.org and Google cached results, and select a target web site. Compare the differences between an archived and cached copy with its current on-line web site. Give screen dump and explain the differences.
  6. (20 points) Find Google Hacking Database at hackersforcharity.org/ghdb/. Summarize what it has and select 3 strings to search. Screen dump and explain what you got.
  7. (20 points) Select a web site. Start from whois.iana.org to find its registry, registrar, and registrant. Also select an IP address. Start from arin.net to find who owns the IP address. Show your screen dump and explain.
  8. (20 points) Select a domain name. Use nslookup to dump its DNS records. Show your screen dump and explain.
  9. (20 points) Select a domain name. Use traceroute or similar tools to find the access path to that domain. Show your screen dump and explain.
  10. (bonus: 40 points) Follow the case study right before chapter 1. Select one target and run through all tools (Tor, Vidalia, Privoxy, tor-resolve, proxychains, Nmap, socat, nc). Screen dump the process and explain what you got in your screen.

2017/02/24

No class on March 1 (Wed).

2017/02/24

Quiz #1 on March 6 (Mon), covering ch8 in the reference book. Future quizzes would not be announced.

2017/02/17

No class this Saturday (02/18).