ENEE457 Computer Systems Security:
Fall 2022 Lecture Summaries
-
Lecture 1 (8/29, corresponds to pre-recorded Lecture 1).
-
Lecture 2 (8/31, corresponds to pre-recorded Lecture 2).
-
Lecture 3 (9/4, corresponds to pre-recorded Lecture 3).
-
We will cover the Hearbleed attack on OpenSSL
and do a Class Exercise that will help you on
Project 1. If you'd like to download the code for the class exercise it can be found here. You may bring your laptop to class and follow along if you wish, but it is not required (9/12).
-
Lecture 4 (9/14, corresponds to pre-recorded Lecture 4).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
Lecture 5 (9/19, corresponds to pre-recorded Lecture 5).
-
Lecture 6 (9/21, corresponds to pre-recorded Lecture 6).
-
Lecture 7 (9/26, corresponds to pre-recorded Lecture 7).
See also Class Exercise.
See also Class
Exercise Solutions.
-
Lecture 8 (9/28, corresponds to pre-recorded Lecture 8). We reviewed CSRF, XSS, and SQL Injection attacks. We started the intro for the Crypto unit. Video of this lecture can be found on Canvas/ELMS in the Panopto Recordings -> Lectures under the ENEE 457, Fall 2022 course.
-
Lecture 9 (10/3 and 10/5, corresponds to pre-recorded Lecture 9).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
Lecture 10 (10/10, corresponds to pre-recorded Lecture 10).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
(10/12): We reviewed CPA security, PRFs, MACs (and reviewed the CBC-Encrypt
and CBC-Mac constructions).
See the the following class exercise for additional practice:
Class Exercise.
See also Class
Exercise Solutions.
-
Lecture 11 (10/17 and 10/24, corresponds to pre-recorded Lecture 11).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
Lecture 12 (10/31, corresponds to pre-recorded Lecture 12).
See also Class Exercise
which we will do together during class
See also Class
Exercise Solutions.
-
Lecture 13 (11/2, corresponds to pre-recorded Lecture 13).
-
Lecture 14 (11/7, corresponds to pre-recorded Lecture 14).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
Lecture 15 (11/9, corresponds to pre-recorded Lecture 15).
See also Class Exercise
which we will do together during class.
See also Class
Exercise Solutions.
-
In Class Lab 1 (11/14).
Please download lab setup files from here.
You will also need Sniffer,
Spoofer, Sniff and Spoof.
Overview: We will do a brief introduction to TCP/IP. We will then setup the lab (docker containers) and discuss the various tools that will be used throughout the lab (SCAPY, Wireshark, Telnet, ping, ifconfig). We will do a first task together that is not from the SEED labs. You will then work on Task 1.3 from here individually or in small groups. Finally, you will be asked to begin working on Task 1.4 from here and, once completed, turn in a short lab report with screenshots of your code and of your terminal during a successful attack (due date: Nov 21 at 11:59pm).
-
In Class Lab 2 (11/16).
Please download lab setup files from here.
You will also need Synflood,
Reset, Reverse Shell.
Overview: We will look in more detail at the TCP protocol. We will then setup the lab (docker containers) and discuss the three types of attacks on TCP that we will run. We will work on the first attack together (SYN Flooding--Task 1 from here). You will then work on the RST attack from Task 2 here individually or in small groups. Finally, you will be asked to begin working on the session hijacking/reverse shell attack from Task 4 here and, once completed, turn in a short lab report with screenshots of your code, of your terminal, and of Wireshark, during a successful attack (due date: Nov 28 at 11:59pm).
The following commands will be useful for the SYN Flooding attack:
sysctl net.ipv4.tcp_max_syn_backlog
sysctl -w net.ipv4.tcp_max_syn_backlog=80
netstat -nat
netstat -tna | grep SYN_RECV | wc -l
ss -n state syn-recv sport = :23 | wc -l
ip tcp_metrics show
ip tcp_metrics flush
-
In Class Lab 3 (11/21).
Please download lab setup files from here.
You will also need DNS Cache Poisoning.
Overview: We will learn all about DNS Servers! We will then setup the lab (docker containers) and execute three attacks of increasing severity, culminating in a full-fledged DNS Cache Poisoning attack. We will work on the first attack together (Task 1 from here). You will then work on the second attack from Task 2 here individually or in small groups. Finally, you will be asked to begin working on Task 3 here and, once completed, turn in a short lab report with screenshots of your code, of your terminal, and of Wireshark, during a successful attack (due date: Nov 30 at 11:59pm).
The following commands will also be useful:
rndc dumpdb -cache
rndc flush
cat /var/cache/bind/dump.db
grep "example" /var/cache/bind/dump.db
tc qdisc add dev eth0 root netem delay 100ms
tc qdisc del dev eth0 root netem
tc qdisc show dev eth0
-
In Class Lab 4 (11/29).
Please download lab setup files from here.
Overview: We will go through a brief introduction on Firewalls and specifically on a built-in firewall on Linux known as iptables. We will then setup the lab (docker containers) and experiment with setting various rules in iptables for the INPUT, OUTPUT, and FORWARD chains (Tasks 2.A, 2.B, 2.C from here). Finally, you will be asked to begin working on Task 3 (both parts A and B) here and, once completed, turn in a short lab report with screenshots of your iptable commands, your firewall rules, and terminals of the relevant docker containers (due date: Dec 5 at 11:59pm).
The following commands will also be useful:
iptables -t filter -L -n --line-numbers
iptables -P OUTPUT DROP
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A FORWARD -p icmp --icmp-type echo-request -j DROP
iptables -A FORWARD -i eth0 -p tcp --sport 5000 -j ACCEPT
iptables -A FORWARD -p tcp -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -p tcp -i eth0 --dport 8080 --syn -m conntrack --ctstate NEW -j ACCEPT
-
Lecture 16 (11/30, corresponds to pre-recorded Lecture 17).
-
Lecture 17 (12/5, corresponds to pre-recorded Lecture 19).
-
Lecture 18 (12/7).