mailing list archives
Re: Few interesting topics in Network Security please.
From: Wes Deviers <wdevie () hrcsb org>
Date: Mon, 28 Apr 2008 12:00:26 -0400
On Sat 26 Apr 2008 9:04:43 pm KishoreKumar Bairi wrote:
I am a student. Who is doing project under a professor. In our
university from next year a new course on NETWORKING is going to be
started. My task is to design "lab experiments" for that course.
Can you please suggest few experimental ideas, that will help a newbie
in Networking field.
Note: "Network Security" is also included.
I don't want to be "that guy", but some of the suggestions on here are a
little...difficult for the average undergraduate course. Having recently (in
the past 5 years) graduated from a CS program, I think trying to get
undergrads in a course called "Networking" to do meaningful packet analysis
with Wireshark is wishful thinking at best.
Here's a setup I think might actually teach some useful skills and not just
convince students that networking is voodoo. You should be specifically
target routing and IP addressing since that seems to be really hard for
* Set up a classroom with 4-5 groups of computers. Create 4-5 teams of
students and give them each a group of computers, a L3 managed switch that's
unconfigured, a few crossover cables, and some OS install disks. You should
probably do some variant of Windows Server on a couple and a Q&D Linux
install on a couple.
Exercise 1) Install all the operatint systems and connect all the computers
together via the switch. Use static assignments; this should corrospond well
to your lecture on IP addressing and netmasks. Make sure they can all
communicate. Have the students run one service on each. Say, IIS with FTP,
and a telnet server on Linux. Make sure each service is accessable by all
the other machines. Introduce a packet sniffer, briefly, as a lecture
exercise. Have one of the students log into their Linux machine root account
via FTP then give everybody their password as a proof of concept. ---Make
sure they pick a unique password so they don't use the same one as
Ex 2) Address the problem from 1 by installing an ssh server & ftp/ssl server.
Demonstrate the difference. Set up a DHCP server, make sure it works on all
the machines. Basic DNS also; more advanced comes later.
Ex 3) Get them logged into the L3 switch and play around with blocking
protocols and ports. Fits in well with your lecture on the OSI model (this
is probably week 3)
Ex 4) Pick two of the machines, one Windows and one Linux, to designate as
routers. Have them install a 2nd NIC in each. For many students, this will
be the first time they ever have a case off their computer. Connect the two
machines via a crossover cable and assign them a new subnet. This will be
their routing backbone. Make sure the assignments are unique.
Ex 15) By this point, you should have the entire lab functioning as a fully
dynamic, redundant, routed network using Quagga/Zebra and BGP. Services
should be available via DNS with firewalls set up to block specified teams.
You should have had at least part of a lecture about Patch Tuesday; there
should have been at least one lecture about firewalls and IDS, about why
touching networks is dangerous, etc. You should also have covered at least
the basics of packet sniffing and how headers control functionality and are
useful for debugging. And, because nobody else will cover it, "programming
with security in mind" will probably fall to this class as well. Hopefully
your school still teaches a class or two that uses a language with no garbage
collector/memory manager so the students will at least "get it".
If you could send out graduates that know -anything- about routing (especially
dynamic), CIDR, OSI/Internet layered models, packet layout, or layered
security, you would be doing the world a big favor.
Re: Few interesting topics in Network Security please. Wes Deviers (Apr 28)
RE: Few interesting topics in Network Security please. Sergio Castro (Apr 28)