Lecture: Network Security

You want to know how today´s attacks against networks work? You want to learn about countermeasures and how to secure your network? Then this is your lecture! The lecture introduces actual threats on and attacks against computer networks (e.g. worms, bot-nets). You will gain a practical insight into their functioning and damage potential. During the lecture, you will be hacking systems yourself, but also learn about security protocols and state-of-the-art defense measures, including Intrusion Detection Systems and Honeypots. So, if you are interested in network security and willing to work, we would be happy to see you in the first lecture.

Course:

Exercises:

Other:

  • Term: Master Computer Science, Diploma (Graduate)
  • Requirements: Content of "High Performance Networking" is prerequisite. Basic programming skills (see below)
  • Faculty: MA-INF 3201; old DPO: B,C; new DPO: B
  • Effort: 2.0 L + 2.0 E
  • Follow-up/Side-events: A seminar will take place at the end of the lecture period. Subsequent to lectures "Data Communication and Internet Technology" and "Network Security" participating in a lab is possible.

Student Evaluation:

Remark(s)

Master: According to the changes 03/2010 of the Master Examination Regulation 2008, this module counts as 2L + 2E with a total of 6 credits.

B-IT Master: only 4 credits.

Diplom/DPO2003: please see the German version of this web page if you plan to participate in this lecture for Diplom [B1].

Required Programming Skills

The lecture Network Security teaches security from a very practical point of view. This includes hands-on exercises, hacks and the development of countermeasures.

For students participating in the lecture it is mandatory to have basic programming skills. We are providing a self-test, which shows the level of your skills and tells you if you are capable to deal with the practical tasks.

Application for an account in the Network Security Lab


To apply for an account in the Network Security Lab, please write an e-mail to Daniel Plohmann.
Your e-mail should contain your full name and your usual unix/windows login name used in the university network.
With your application, you also accept the Terms of Use.

Slides and Presentations

Access to the files requires a username and password. Both will be announced in the first lecture.

ChapterPDF-Files

0 – Preface

Slides 1-25 (1.681.418 Bytes)
slides 1-11 (749.676 Bytes)
slides 12-25 (941.990 Bytes)

1 – Introduction

 Slides 1-23 (351.193 Bytes)

2 – Attack Overview

  1. TCP Refresher
  2. Session Hijacking
  3. TCP DoS Attacks
  4. The RST Attack
  5. DNS Spoofing
Slides 1-35 (990.480 Bytes)

3 - SQL Injection

  1. Attack vectors
  2. SQL Refresher
  3. form data (logins) and escaping
  4. Untyped Languages
  5. Input sanitization
 Slides 1-19 (304.486 Bytes)

4 – Cryptography

  1. Confidentiality, ensured by Encryption
  2. Integrity Protection, ensured by Signatures
  3. Authentication, ensured by Certificates
 Slides 1-73 (790.634 Bytes)

5 – Building Secure Channels

  1. Authentication and Encryption
  2. Key Management
Slides 1-27 (498.820 Bytes)

6 – Authentication

  1. Authentication Protocols
  2. Authentication Frameworks
 Slides 1-42 (646.616 Bytes)

7 – Internet Worms

  • A Short History of Worms
  • What is a Worm?
  • Worm Spreading
  • Worm Watching
  • Scanning Mechanisms
  • Damages
  • Examples
  • What to do?
 Slides 1-61 (747.204 Bytes)

Worm Challenge

 Slides 1-7 (50.165 Bytes)

8 – Firewalls, Part I

 Slides 1-20 (815.104 Bytes)

8 – Firewalls, Part II

  • Cisco Access Control Lists
  • UNIX iptable
  • Network Address Translation (NAT
 Slides 1-20 (249.455 Bytes)

9 – Network Infrastructure

  • Network Design
  • Network Management Concepts
  • SNMP
  • Further Topics
  • Layer 2 Overview
  • Spanning Tree Operation and Security
  • VLAN Concepts and Management
  • VLAN Security
  • ARP, DHCP Security
 Slides 1-39 (690.047 Bytes)

10 – Botnets

Slides 1-17 (854.716 Bytes)

11 – Buffer Overflows

 Slide 1-37 (823.901 Bytes)

  

Assignment Sheets

The PDF-Files can be viewed and printed with Acrobat Reader. The program is available for free and installed on nearly all hosts of the institute.

Information on Tutorials/Exercises

publication datePDF-file Supplementary Slides Further Informationscheduled exercise
14.04.2011sheet 1 28.04.2011 - 15:00
28.04.2011sheet 2 12.05.2011 - 15:00
12.05.2011sheet 3 attack_trace.pcap26.05.2011 - 15:00
26.05.2011sheet 4 session.pcap
what_happened.pcap		09.06.2011 - 15:00
09.06.2011sheet 5 Berlichingen30.06.2011 - 15:00
30.06.2011sheet 6 14.07.2011 - 15:00
14.07.2011sheet 7 Good luck for the exams! :)