Comp690 Seminar in Computer and Network Information Systems

Professor Michael Werner - Wentworth Institute of Technology

Email: wernerm@wit.edu

Syllabus Summer 2006

Lab Exercises - Summer 2006

Presentation Schedule

Research Topics

Quiz Schedule

No make-ups for quizzes except in extreme circumstances. Best 2 of 3 counted.

Textbook

tComputer Security Fundamentals:1/e
© 2006 | ISBN: 0131711296
Chuck Easttom

Textbook web site: http://wps.prenhall.com/bp_security_2006_1

 

References

Cryptography and Network Security:4/e
© 2006 | ISBN: 0131873164 William Stallings

Network Security Essentials:3/e
© 2007 | ISBN: 0132380331 William Stallings

Introduction to Computer Security, Matt Bishop, ISBN: 0-321-24744-2, Addison Wesley
View Larger Cover Image

Wentworth's Academic Conduct and Honesty Policy

Class Notes

Here are some interesting web sites on security:

Privacy in Telecommunications

To Catch a Thief: Digital Forensics in Storage Networks

Child Pornography Laws and Cases

 

Chapter 1

·         http://www.cert.org  The Computer Emergency Response Team site; a respected security resource

·         http://www.microsoft.com/security/default.msp  The Microsoft Security Advisor Web site, with Microsoft-specific security information

·         http://www.f-secure.com  F-Secure Corporation for virus information

·         http://www.sans.org/  SANS Institute Web site for security-related documents

Chapter 2

·         http://www.freesoft.org/CIE/Topics/75.htm Freesoft.org, an Internet Encyclopedia; Domain Name Service DNS topic

·         http://www.dns.net/dnsrd/docs/whatis.html A DNS resource directory; DNS overview and general references

·         http://www.webfavor.com/tips/DNS.html Site containing information on web site and server management; What is DNS? topic.

Chapter 3

·         http://news.netcraft.com  The Netcraft Web site, with information about Web servers

·         http://www.visualware.com/  The Visualware Web site; it performs a visual trace route on a Web site

·         http://www.internic.net/  A site providing IP registration information

·         http://www.cotse.com/pscan.htm  The site where the NetCop download can be found

·         http://www.rawlogic.com/netbrute  The Web site for NetBrute, a port scanner that does more than simply scan for open ports; it also gives you additional information

·         http://www.fish.com/satan/mirrors.html  A Web site that provides a list of SATAN download sites

·         Social engineering Web sites:

http://www.securityfocus.com/cgi-bin/sfonline/infocus.pl?id=1527

http://www.cybercrimes.net/Property/Hacking/Social%20Engineering/SocialEngineering.html

http://www.sans.org/rr/whitepapers/engineering/

 

·         List of port numbers Web sites:

http://www.networksorcery.com/enp/protocol/ip/ports00000.htm

http://www.iana.org/assignments/port-numbers

http://www.techadvice.com/tech/T/TCP_well_known_ports.htm

 

·         Common search engines for further information:

http://www.yahoo.com

http://www.google.com

http://www.lycos.com

Chapter 4

·         http://www.sans.org/dosstep/  A page from the SANS site titled Help Defeat Denial of Service Attacks: Step-by-Step

Chapter 5

·         http://www.f-secure.com/virus-info/virus-news/  Virus news and information from the F-Secure Corporation

·         http://www.cert.org/nav/index_red.html  Virus information from the CERT® Coordination Center of Carnegie-Mellon University, a reporting center for Internet security problems

·         http://securityresponse.symantec.com/  Information and advice on security threats from Symantic Security Response

·         http://www.cexx.org  Information on malware, adware, and spam from the Counterexploitation site

·         http://www.spywareguide.com  Information on spyware and adware, product reviews, and privacy tips from the SpywareGuide site

·         http://www.webroot.com Spy Sweeper software from Webroot Software, Inc.

·         http://www.spykiller.com Spy Killer software from TrustSoft Inc.

·         http://www.spectorsoft.com Spector Pro Internet monitoring and reporting software from the SpectorSoft Corporation

Chapter 6

·         http://www.linksys.com/  Linksys networking products

·         http://www.firewallguide.com/  A home PC firewall guide

·         http://www.firewallguide.com/broadband.htm  A guide to broadband security

·         http://www.fs-security.com/  Firestarter: A free packet-filtering application for Linux

·         http://www.symantec.com/  Security products from Symantec

·         http://us.mcafee.com/  McAfee Internet security products

·         http://www.agnitum.com/products/outpost/  Outpost firewall

·         http://www.teros.com/products/appliances/gateway/index.shtml  Teros offers an application gateway specifically tailored for Web servers

·         http://www.watchguard.com/products/fireboxx.asp  Firebox hardware from Watchguard Technologies

·         http://www.coyotelinux.com/  Wolverine is a robust commercial firewall solution for Linux

·         http://www.support.microsoft.com/gp/securityhome  Microsoft security support for home users

·         http://www.nsa.gov/snac/  the National Security Agency has a Web site with a number of specific network security guides

·         http://www.cisecurity.com/  the Center for Internet Security offers a number of security guides and benchmarks

·         http://www.sans.org/resources/policies/  The SANS Institute has a number of sample policies you can download and modify or use

·         http://web.ukonline.co.uk/cook/sectemplate.htm  Windows 2000 security templates

·         http://www.microsoft.com/exchange/default.mspx  Microsoft Exchange Server templates

·         http://www.networkcert.net/security/templates.htm  A collection of Windows security templates

·         http://www.mavetju.org/networking/security.php/  Cisco router security

·         http://www.sans.org/rr/whitepapers/firewalls/  Information on firewalls and perimeter protection

Chapter 7

·         Cryptography history resources

http://cse.stanford.edu/classes/sophomore-college/projects-97/cryptography/history.html — The Stanford University History of Cryptography Web site provides an overview of cryptography and why it is necessary.

 

http://www.cybercrimes.net/Cryptography/Articles/Hebert.html — This site features a brief history of cryptography from Cybercrimes.net, a University of Dayton Law School Web site

 

·         Fraudulent Encryption Methods

http://www.interhack.net/people/cmcurtin/snake-oil-faq.html — Snake Oil Warning Signs: Encryption Software to Avoid article (Curtin, 1998) provides some basic encryption information and tips on how to spot illegitimate or substandard encryption software.

 

Chapter 8

 

·         Cyber crime resources

http://www.usdoj.gov/criminal/cybercrime/  Department of Justice Web site on cyber stalking

 

http://www.cybercrimes.net/  Web site of the University of Dayton School of Law devoted to cyber crime

 

http://www.qspace.com/  Check your credit rating

 

http://channels.netscape.com/  Download Netscape Navigator for free

 

http://www.haltabuse.org/  The Halt Online Abuse Web site

Chapter 9

·         Data value resources

http://www.cert.org/archive/pdf/tutorial-workbook.pdf  The CERT Web site offers a useful worksheet you can use to itemize the assets in your organization. This link is to the actual document in PDF format.

 

·         Drive encryption resources

http://www.navastream.com/  Navastream provides security and encryption services and software.

 

http://www.pcdynamics.com/SafeHouse/  SafeHouse from PC Dynamics, Inc. provides encryption software for desktop and notebook computers.

Chapter 10

·         Cyber terrorism resources

http://www.sinnfein.org/  The Web site of Sinn Féin, the Irish Republican group that seeks to end British rule in Ireland

Chapter 11

·         General search resources

http://www.yahoo.com   a popular site often used for “people searches”

http://www.infobel.com  a site providing addresses and phone numbers from around the world

 

·         Other name, phone number, and address lookup sites

http://www.smartpages.com

http://www.theultimates.com/white/

http://www.bigfoot.com/

http://www.whowhere.com

http://www.switchboard.com

http://www.icq.com/whitepages/search.php

 

·         Court records and criminal checks

http://www.fbi.gov/hq/cid/cac/registry.htm  an exhaustive FBI list of individual online state sex offender registries

http://records.txdps.state.tx.us/  Texas Department of Public Safety public criminal records and sex offender registries

http://www.oscn.net/applications/oscn/casesearch.asp  Oklahoma court records site

http://www.ncsconline.org/D_KIS/info_court_Web_sites.html  National Center for State Courts Web site, providing links to state judicial branches

http://www.law.emory.edu/FEDCTS/  list of all federal court Web sites in the United States.

 

·         Other Web sites that should help you start your search for court records:

http://freeprf.com/  free public records finder

http://www.pacer.psc.uscourts.gov/  PACER Service Center is the Federal Judiciary's registration, billing, and technical support center for electronic access to U.S. District, Bankruptcy, and Appellate court records

http://www.theboost.net/court_records/  court records search sites

http://ctl.ncsc.dni.us/publicaccess/  National Center for State Courts clearinghouse for public access to state court records

http://www.ancestorhunt.com/prison_search.htm  prison inmates search from the Ancestor Hunt genealogy search site

http://www.bop.gov/  prison records from the Federal Bureau of Prisons

http://www.searchsystems.net/  free public records directory

            http://www.pro.gov.uk/  United

Chapter 12

·         Firewall resources

http://www.agnitum.com/products/outpost/  outpost firewall software resource

 

·         Free firewall software resources

http://www.free-firewall.org/

http://www.homenethelp.com/web/howto/free-firewall.asp

http://www.firewallguide.com/freeware.htm

 

·         IDS sites

http://www.snort.org/  Snort can be downloaded for free

 

 

 

 

 

 Up to Courses Page