Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Internet Security 2: (Aka Advanced Inetsec) 183.222

    Hochgeladen von

    Rango Tango
    36 Ansichten17 Seiten
    introduction

    Originaltitel

    01 Introduction

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    introduction

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    36 Ansichten17 Seiten

    Internet Security 2: (Aka Advanced Inetsec) 183.222

    Hochgeladen von

    Rango Tango
    introduction

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 17

    Int.

    Secure Systems Lab


    Vienna University of Technology

    Internet Security 2
    (aka Advanced InetSec)
    183.222
    Lecturers Challenge Gurus
    Markus Kammerstetter Eduard Thamm
    Christian Platzer
    Edgar Weippl
    Martina Lindorfer
    Adrian Dabrowski
    Administrative Issues
    Int. Secure Systems Lab
    Vienna University of Technology
    •Mode
    • Weekly lectures
    • Regular programming assignments
    • Written final exam (end of January)

    •When and Where


    • Thursday 11:15 am. – 13:15 pm. (s.t.)
    • FH HS 3
    • Lectures until January

    •Slides and News (please visit regularly)


    •https://secenv.iseclab.org
    •Certificate is self-signed, no worries
    •“Brand new website”, if you find bugs please tell us
    •TISS News are important

    Internet Security 2 (aka Advanced InetSec)


    InetSec 1 and InetSec 2
    Int. Secure Systems Lab
    Vienna University of Technology

    InetSec 1 InetSec 2
    •Unix Security
    •Windows Security
    •Web Security
    •Buffer Overflows
    •Internet Application Security
    •Cryptography
    •Reverse Engineering
    •Viruses and Worms
    •Testing
    •Underground Economy

    Internet Security 2 (aka Advanced InetSec)


    Lecture - Topics
    Int. Secure Systems Lab
    Vienna University of Technology

    • Unix security
    • Windows security
    • Buffer overflows (stack, heap, format strings,…)
    • Web security (XSRF, session stealing,…)
    • Reverse engineering and binary analysis
    • Viruses and worms
    • Document encryption
    • Hardware Security

    Internet Security 2 (aka Advanced InetSec)


    Who should do InetSec 2
    Int. Secure Systems Lab
    Vienna University of Technology
    • People who would like become “security gurus”

    we usually take part in a Capture The Flag hacking contest against other
    universities. Hopefully again this year…

    lots of fun: many top positions over the past years, we won the competition in
    2006 & 2011, and then moved to the DEFCON CTF finals!

    • People who are technically oriented



    you should be (somewhat) familiar with C and Linux, ASM helps

    Java-purists will have some catching up to do ;-)

    • You should be interested in solving technical problems


    - even if it might cost you some time
    • People who have time! You get the chance to solve challenges such as
    - writing a worm or trojan
    - reverse engineering applications
    - …

    Internet Security 2 (aka Advanced InetSec)


    Int. Secure Systems Lab
    Vienna University of Technology
    Who should do InetSec 2
    Int. Secure Systems Lab
    Vienna University of Technology

    Internet Security 2 (aka Advanced InetSec)


    Your Roadmap to Enlightenment
    Int. Secure Systems Lab
    Vienna University of Technology
    Challenges Solved Rating

    0 Script Kiddie
    1 Nobody+ InetSec1
    2 Nobody++
    3 Nobody Junior
    4 Nobody Senior
    5 Nobody Professional
    6 Apprentice Stackmaster

    7 Apprentice++
    8 Apprentice Junior InetSec2
    9 Apprentice Senior
    10 Apprentice Professional
    11 Stackmaster
    12 Expl0it Warlock
    13 Guru / Master Guru (CtF required)

    Internet Security 2 (aka Advanced InetSec)


    Lab
    Int. Secure Systems Lab
    Vienna University of Technology
    •Assignments

    6 challenges, mostly following the lecture content

    lab starts with the lectures on the October 10th (i.e., challenge 1)

    registration open until October 10th
    – you cannot turn in challenge solutions later
    – enroll via TISS!

    •Environment

    assignments should be mostly solved at home

    small test network, which is remotely accessible via ssh (Linux)

    accounts are created automatically with the registration

    check homepage for details

    Internet Security 2 (aka Advanced InetSec)


    Lab
    Int. Secure Systems Lab
    Vienna University of Technology

    •Challenge topics (tentative)



    Unix vulnerabilities

    Remote buffer overflow

    Windows Security

    Program analysis and Patching (“Cracking”)

    Advanced stack buffer overflow

    Malware (Worm, Virus, something simple)

    Internet Security 2 (aka Advanced InetSec)


    Grading
    Int. Secure Systems Lab
    Vienna University of Technology
    •How you get your grade

    over the whole semester, you can solve 6 lab assignments

    final exam at the end

    50% needed for each to pass the course

    5 challenges “count” full, 20% assigned to each (plus one extra for 10% bonus)

    see website for more info

    Final exam needs registration via TISS!!

    –your are required to correctly solve 3 assignments to take the exam!


    –do the math:
    – 5 (challenges) * 20% + 10% bonus (exam points) = 110% max
    – one challenge is optional
    •Turning in challenge solutions
    – through the lab environment
    – hard deadlines (with sufficient time)
    – automatic checking with immediate feedback
    – no points for partially solved challenges!

    Internet Security 2 (aka Advanced InetSec)


    What’s more
    Int. Secure Systems Lab
    Vienna University of Technology

    Capture the Flag (CTF) Exercise

    – security exercise involving universities around the world

    – teams have to hack into other machines while simultaneously


    defending their own systems

    – probably rather time consuming


    – but very rewarding and interesting (and there will be pizza ;-) )
    – more information under http://ictf.cs.ucsb.edu/ and lecture homepage

    – Most likely date: Fri Dec 6th

    Internet Security 2 (aka Advanced InetSec)


    More Stuff
    Int. Secure Systems Lab
    Vienna University of Technology

    Praktika, Diploma theses


    –We always need students who are motivated to work on security projects, a very
    incomplete list is on http://www.seclab.tuwien.ac.at/praktikaandtheses.html
    –Please do not hesitate to write us your own proposals: inetsec@seclab.tuwien.ac.at

    Internet Security 2 (aka Advanced InetSec)


    Internships
    Int. Secure Systems Lab
    Vienna University of Technology

    •Secure Systems Lab has become international


    –possibility for very good students to do internship projects abroad
    –take from three months to half a year
    –participate in our research projects
    –if you are good (technically AND academically) then we like you

    • Locations besides Vienna

    Internet Security 2 (aka Advanced InetSec)


    Internships
    Int. Secure Systems Lab
    Vienna University of Technology

    Internet Security 2 (aka Advanced InetSec)


    Cybersecurity Lecture Series
    Int. Secure Systems Lab
    Vienna University of Technology

    ● LEVENTE BUTTYÁN (Budapest University of Technology)

    ● » Targeted cyber attacks: examples and challenges


    ahead «

    ● 10th October 2013,


    4:30 pm,
    ● HS 18 Czuber Hörsaal
    Conclusion
    Int. Secure Systems Lab
    Vienna University of Technology

    Hope you are interested and


    we’ll see you next week!


    Unix Security

    Das könnte Ihnen auch gefallen