Network Penetration & Security

Northwestern CS RTFM, Fall Quarter 2007

Sam McIngvale and Whitney Young

Professor Yan Chen

2008 Iteration

Materials are being prepared to enhance this course for 2008. The new class website can be found here.

Overview

This RTFM course will focus on remote computer penetration (hacking). The class will introduce basic theory for many different types of attacks and then actually carry them out in 'real-world' settings. The goal is to learn security by learning how to view your machine as a 'hacker'. In addition, we will be preparing for the 2007 UCSB International Capture the Flag Competition (held each December). Capture the Flag is a network security exercise where the goal is to exploit other machines while defending your own.

During the course, we will read and discuss papers written by professors as well as hackers. We will learn about different types of hacks that we will actually carry out and others that might be beyond the scope of the course. After learning how to execute such exploits and penetrate a network, we will discuss ways to protect your network from others exploiting the same vulnerabilities.

If you have any questions, you can email Sam (sam.mcingvale@u.northwest...) or Whitney (wbyoung@u.northwest...)

Class Files

• Exploit example
• Vulnerable heap
• Metasploit student walkthrough
• Teams

Newsgroup

Syllabus

Projects

• Project 1 — Generating shellcode — Due 11:59pm 10/10/2007
• Project 2 — Buffer Overflows (Part 1) — Due 11:59pm 10/22/2007
• Project 3 — Buffer Overflows (Part 2) — Due 11:59pm 11/9/2007
• Research Project

Class slides and readings

• Week 1 (9/26)
• Welcome Open Office, PDF
• Week 2 (10/1 and 10/3)
• TCP/IP, Enumerating local/remote host Open Office, PDF
• Nessus Scanning
• The art of port scanning
• x86 Stack Structure, Shellcode Open Office, PDF
• The Art of Writing Shellcode
• Smashing the Stack for Fun and Profit
• Week 3 (10/8 and 10/10)
• Buffer Overflows I Open Office, PDF
• Smashing the Stack for Fun and Profit
• Buffer Overflows II Open Office, PDF
• Week 4 (10/15 and 10/17)
• Practice on buffer overflow attacks
• Vulnerability Assessment, Linux Passwords Open Office, PDF
• John the Ripper man page
• Week 5 (10/22 and 10/24)
• Heap Overflows Open Office, PDF
• Firewalls (talk by Yan Chen, PPT)
  More comprehensive slides on firewalls: Open Office, PDF
• Week 6 (10/29 and 10/31)
• Practice on heap overflow attacks
• Format Strings Open Office, PDF
• Exploiting Format String Vulnerabilities
• Week 7 (11/5 and 11/7)
• Web Attacks (Jim and James) PPT
• Practice on the format string attacks
• Practice contest of CTF on 11/10 (10am to 5pm)
• Week 8 (11/12 and 11/14)
• Setting up groups to target different functionalities in the competition
• Exercise more on the practice contest
• Get familiar with the rules and scoring system of the iCTF (PDF slides from the organizer)
• Week 9 (11/19, 11/21 class cancelled due to Thanksgiving)
• Partition the students into the following groups for discussion:
  1. Installing software without having internet access on the VM (an unknown Linux distro)
  2. Firewall/IDS
  3. Server administration
  4. Local setup
  5. Server setups
  See more details on the mailing list.
• Week 10 (11/26 and 11/28) Project presentations
• Wireless Hacking 1 (Zhaosheng Zhu, Jiazhen Chen, Kai Chen, and Ying He)
• Wireless Hacking 2 (Anup Goyal, Nathan Matsuda, Rahul Potharaju, Edward Merchant, Ionut Trestian, and James Gross)
• Mac Hacking(Jack Schlesinger, Kevin Kang, Greg Schmidt, and Brittany Tarvin)
• AppleTV Hacking (Zach Bischof, Greg Bok, Hagai Livini, and Paul Wang)
• Console Hacking (Andrew Reiter and Sean Kim)
• Network-based Intrusion Detection Systems (Matt Robben, Gary Bramwell, and Brad)
• Windows-based Exploit (Peter Kamm and Adam Shaw)
• Week 11 (real competition on 12/7!)
• Backup slides
• SQL Injection Open Office, PDF