CSC524-F: Networks and Security
Prof. B. Rosenberg
Spring Semester, 2007 (072)
MWF 1:25-2:15
Memorial Building, Room 300
Announcements
- We all need computer accounts, or personal computers for
experiements.
- When working on computer networks, heed the Acceptible Use Policies
in effect for the university.
- Reports due on date of final, May 7.
Syllabus
- See Spring
2006 for an idea about this course. We will modify this so as to
follow the outline of the textbook by Comer.
Textbooks
Suggested reading
- Radia Perlman, Interconnects: Bridges, Routers, Switches and
Internetworking Protocols.
- Douglas Comer, Internetworking with TCP/IP, Vol I: Principles, Protocols,
and Architecture.
- William R. Cheswick and Steven M. Bellovin, Firewalls and Internet
Security: Repelling the Wily Hacker.
Class notes
- Networking Concepts:
- Level 1: Physical Transmission of Data
- Transmission media
- RS-232 serial communications
- Noise, S/N, information, channels, encoding, error correction, examples brought here
- Level 2: Datalink layer
- Ethernet
- Wi-Fi
- Bridges, Switches, Hubs and Repeaters
- Level 3: Network Layer
- The IP protocol
- Addresses, networks, and subnets:
Classful
and
CIDR
- Private/Local addresses, Zeroconf addresses.
- IP/Ethernet glue: RFC 826 - ARP
- Level 4: Transport Layer (Datagram)
- Level 3 Maintainence
- Network Address Translation, and Port Address Translation.
- Routing protocols: Distance Vector (RIP); Link State (OSPF)
- BOOTP and DHCP
- DNS
- RFC 1034: Domain Names - Concepts and Facilities
- RFC 1035:
Domain Names - Implementation and Specification
- Level 4: Transport Layer (Stream)
- Network Security
- Accessing Network Resources
Assignment
- Assignment 1
- Read chapters 1 through 3 in the class text.
- Look at traces 1 and 2 in traceroutes.
These are traceroutes to NASA's homepage.
- Where are the web servers located for NASA?
- More or less, where do the packets journey to get there.
- Where the web servers in the same place? Why are they different?
How might this work?
- Look at trace 3 in traceroutes.
This is a traceroute to Georgia Tech.
- Over what network does the packet flow? What is the difference
between how these leave UM and the previous traces.
- Read about FLRNET, the Florida Lambda Rail. Look at the LambdaRail NOC (Network Operations Center) report and map.
- Try to hit all of the POP's (Point Of Presence). The Georgia Tech route
hit MIA, ORL and JAX. Try to find a destination that traceroutes
through TPA and TLH and PEN.
- Try to find a commercial site in the same geograpic vicinity as the academic
site. Is FLRNET faster?
- Download, unpack, compile and run the sample applications that we
talked about in class.
- Using the sample applications as a guide, write a network service which
on query returns the time of day (a time-of-day server).
- Assignment 2
- Read chapters 4 through 10 in the book.
- Investigate Gigabit Ethernet (GbE).
- What standards are there for GbE? What standard is your computer
using? (Or a computer neart you?)
- What is the encoding scheme? Can you explain it briefly?
- What is the packet size? Talk about why and how of padding.
- Suppose you have a 8 port switch, that is, a box which allows
wires into it for 8 hosts or other GbE devices. What is the bit-rate
required so that the switch can support the full data rate of all
ports? Assume that each port wants to talk to exactly one other
port, and that the switch is smart enough to route traffic directly
and only to the destination port. What is the effect of full-duplex
on this calculation?
- Due: Monday, 3 March.
- Assignment 3
- Read Chapters 11, 16 through 24, and chapters 26 through 31. (Sorry, lots of reading!)
- Read Beej's Guide to Sockets
for help.
- Build a TFTP client/server program.
- Don't worry about files, write the applcation as a filter,
stdin to stdout, through a pipe.
- If you want a hint, see the source code to netcat.
- Write it first without worrying about timeouts and errors.
If you want to, and have time, add the timeouts.
- It would probably be beneficial to support both Netascii
and Octet.
- Phaser I Due: April 2
- Due: April 6
- Final Assignment
- Reading: Just finish the book already!
- Finish Phase III of the TFTP server: add mulitple connections,
time outs and (optionally) OCTET and NETASCII modes.
Practicum
- Practicum students should further enhance the TFTP server to
read and write from files.
References
-
General Networking
- Software engineering for security
- WEP
- My RC4 example.
- CRC-32 failure of WEP.
- SecurityFocus review
- My RC4 example.
- CRC-32 failure of WEP.
- Attacks
on RC4 and WEP, Fluhrer, Mantin, Shamir, Cryptobytes Vol 5., No. 2, 2002,
pp 26-34.
-
KoreK attacks in chopper.
Korek
explains some of them.
-
Weakness in the Key Scheduling
Algorithm of RC4 Scott Fluhrer, Itsik Mantin, Adi Shamir.
-
Using the Fluhrer, Mantin, and
Shamir Attack to Break WEP Adam Stubblefield, John
Ioannidis, Aviel Rubin.
-
AirSnort source code.
- Exploits
- Virus
-
Open Source Security Response Philosophy
-
Secure Operating Systems
- RFC's
- IPv6
- Port Knocking
- Cookies
- Topics for next term
- CAS, Yale CAS, UM CAS, and single signon
- Keychains, methods of key diversity
- Spam and Phishing counter-measures
- CDSA
- PKI and certificates