Security Basics mailing list archives
Re: Few interesting topics in Network Security please.
From: Wes Deviers <wdevie () hrcsb org>
Date: Mon, 28 Apr 2008 12:00:26 -0400
On Sat 26 Apr 2008 9:04:43 pm KishoreKumar Bairi wrote:
Hi all, I am a student. Who is doing project under a professor. In our university from next year a new course on NETWORKING is going to be started. My task is to design "lab experiments" for that course. Can you please suggest few experimental ideas, that will help a newbie in Networking field. Note: "Network Security" is also included. Regards, KishoreKumar.
I don't want to be "that guy", but some of the suggestions on here are a little...difficult for the average undergraduate course. Having recently (in the past 5 years) graduated from a CS program, I think trying to get undergrads in a course called "Networking" to do meaningful packet analysis with Wireshark is wishful thinking at best. Here's a setup I think might actually teach some useful skills and not just convince students that networking is voodoo. You should be specifically target routing and IP addressing since that seems to be really hard for folks. * Set up a classroom with 4-5 groups of computers. Create 4-5 teams of students and give them each a group of computers, a L3 managed switch that's unconfigured, a few crossover cables, and some OS install disks. You should probably do some variant of Windows Server on a couple and a Q&D Linux install on a couple. Exercise 1) Install all the operatint systems and connect all the computers together via the switch. Use static assignments; this should corrospond well to your lecture on IP addressing and netmasks. Make sure they can all communicate. Have the students run one service on each. Say, IIS with FTP, and a telnet server on Linux. Make sure each service is accessable by all the other machines. Introduce a packet sniffer, briefly, as a lecture exercise. Have one of the students log into their Linux machine root account via FTP then give everybody their password as a proof of concept. ---Make sure they pick a unique password so they don't use the same one as Gmail/etc/--- Ex 2) Address the problem from 1 by installing an ssh server & ftp/ssl server. Demonstrate the difference. Set up a DHCP server, make sure it works on all the machines. Basic DNS also; more advanced comes later. Ex 3) Get them logged into the L3 switch and play around with blocking protocols and ports. Fits in well with your lecture on the OSI model (this is probably week 3) Ex 4) Pick two of the machines, one Windows and one Linux, to designate as routers. Have them install a 2nd NIC in each. For many students, this will be the first time they ever have a case off their computer. Connect the two machines via a crossover cable and assign them a new subnet. This will be their routing backbone. Make sure the assignments are unique. ... Ex 15) By this point, you should have the entire lab functioning as a fully dynamic, redundant, routed network using Quagga/Zebra and BGP. Services should be available via DNS with firewalls set up to block specified teams. You should have had at least part of a lecture about Patch Tuesday; there should have been at least one lecture about firewalls and IDS, about why touching networks is dangerous, etc. You should also have covered at least the basics of packet sniffing and how headers control functionality and are useful for debugging. And, because nobody else will cover it, "programming with security in mind" will probably fall to this class as well. Hopefully your school still teaches a class or two that uses a language with no garbage collector/memory manager so the students will at least "get it". If you could send out graduates that know -anything- about routing (especially dynamic), CIDR, OSI/Internet layered models, packet layout, or layered security, you would be doing the world a big favor. Wes
Current thread:
- Few interesting topics in Network Security please. KishoreKumar Bairi (Apr 28)
- Re: Few interesting topics in Network Security please. Ankur Jindal (Apr 28)
- Re: Few interesting topics in Network Security please. Chuck Taylor (Apr 28)
- RE: Few interesting topics in Network Security please. Tariq Naik (Apr 28)
- Re: Few interesting topics in Network Security please. Jon Kibler (Apr 28)
- RE: Few interesting topics in Network Security please. Rivest, Philippe (Apr 28)
- Re: Few interesting topics in Network Security please. James Grace (Apr 28)
- RE: Few interesting topics in Network Security please. Cassiem, Nazier A (Apr 29)
- Re: Few interesting topics in Network Security please. James Grace (Apr 29)
- RE: Few interesting topics in Network Security please. Rivest, Philippe (Apr 28)
- Re: Few interesting topics in Network Security please. Matt Lakin (Apr 29)
- <Possible follow-ups>
- Re: Few interesting topics in Network Security please. MICHAEL THORP (Apr 28)
- Re: Few interesting topics in Network Security please. Chuck Taylor (Apr 28)
- Re: Few interesting topics in Network Security please. krymson (Apr 28)
