| Time & Place: |
Ref. No. 15812:
Monday, Wednesday 5:30 – 6:45
PM, Dale Mabry room
DTEC–461
|
| Instructor: |
Name: Wayne Pollock
E-mail: Internet:
Office & Phone:
DTEC–404, 253–7213.
DM
Office Hours:
Monday–Thursday, 3:55–5:25 & 8:30–9:00;
On-line Office Hours:
Tuesday–Friday, 12:00 PM
(noon)–1:00 PM;
or by appointment.
|
| Texts: |
James Turnbull, Hardening Linux, ©2005 Apress.
ISBN:
1-59059-444-4.
Peter G. Smith, Linux Network Security,
©2005 Charles River Media.
ISBN: 1-58450-396-3.
Optional:
AEleen Frisch, Essential System Administration,
3rd Edition. ©2002 O'Reilly & Associates.
ISBN: 0-596-00343-9.
|
| Description: |
(This course is 3 credit hours long.)
This course covers the concepts and administration of system and network
security on Unix and Linux systems.
Students will gain the skills needed to protect Unix and Linux servers
from various types of threats.
Students will understand, plan, and implement security on Linux servers
including developing security policies, local system security,
network security, monitoring systems and networks, basic firewall setup,
and the use of various security related tools (e.g.,
PAM,
sudo).
|
| Objectives: |
After completing this course, the student will be able to:
- Understand the historical perspective of security (government,
military, financial/business, personal/medical)
- Understand modern computer and information security concepts:
MAC, DAC, ACLs, capabilities,
confidentiality, integrity, availability,
identity, authorization, authentication, etc.
- Understand various system threats including reverse engineering,
rootkits, buffer-overflows, etc.
- Understand Unix/Linux system security concepts including
user and group permissions for files and directories,
SetUID, ACLs,
sudo (and RBAC for Solaris), backups, updates and patches
(with digital signatures and message digests),
intrusion detection/prevention systems
(IDS/IPS), and disk quotas
and resource limits
- Controlling access to system components and setting security policies
using SELinux, Solaris zones and containers, Xen, and PAM
- Understand the basics of encryption and digital signatures,
and the use of various encryption and digest tools and mechanisms
such as GPG, MD5, SHA1,
and SSH
- Develop and document system security policies and procedures
- Understand security incidents and how to detect and respond effectively
to them
- Understand network security concepts and design, including auditing,
intrusion detection, DMZs, bastion hosts,
VPNs, Wi-Fi security issues, tunneling using
SSH and SSL/TLS,
and various network threats such as DoS (denial of service)
and SQL Injection
- Understand and configure various network services securely, including
using xinetd and TCP Wrappers to control access services
such as FTP, printing, and file sharing
- Understand and configure SASL
- Configure security for various services (e.g., mail services,
OpenLDAP, web services, sshd)
- Understand, deploy, and configure firewalls using iptables and
access lists
- Describe the functions of authentication servers (such as RADIUS),
PKI, and IPSec.
- Understand the basics of Kerberos, Windows security (active
directory), and Samba
- Understand and configure firewalls using proxy servers such as
squid
- Understand and configure a secure logging infrastructure
- Understanding justifications for and methodology of
security audits and evaluations (and the difference between them)
- Monitor a network using various tools and techniques as logging,
port scanning, network intrusion detection systems (NIDS),
and packet sniffing
- Understand the basics of computer forensics
|
| Prerequisite: |
CTS 2322
(previously called CGS 2764)
or permission of the instructor.
Students enrolled in a degree or college credit certificate
program must complete all prerequisites.
Note! HCC registration computers may not check
for prerequisites before allowing you to enroll.
Be certain you have all required prerequisites or you won't have
much of a chance of success.
|
| Facilities: |
Assignments can be performed on the Dale Mabry campus Linux computers,
which can be accessed from the classroom or from some computers the
open computer lab.
YborStudent.hccfl.edu (a Linux server) can be accessed from
on or off campus and can be used to practice, examine configuration files,
read man pages, and do some assignments.
From off-campus you can also practice using any Unix/Linux system available
(or install Linux at home).
You will also use the
YborStudent Wiki for some of your work
and having class on-line discussions.
You will need your own floppy/flash disk, writing materials,
and Scantron 882–E or 882–ES forms.
You can use HawkNet
(WebAdvisor) or
FACTS.org to obtain your final grade for the course.
HCC DM Open Lab
Computers are located in the computer science department
open lab in DTEC–462.
Lab hours are:
Dale Mabry campus open lab hours
| Monday – Thursday | 8:00 AM
to 10:00 PM |
| Friday | 8:00 AM to 8:30 PM |
| Saturday | 8:00 AM to 4:30 PM |
(Note: Lab techicians (Lab Techs ) are not teaching assistants
or tutors, and shouldn't be expected to help you with your coursework.)
|
| Grading: |
Grading Policy
| Projects (about 8): |
50% |
|---|
| 3 equally weighted
closed-book multiple choice exams |
50% |
|---|
| Wiki
(class study guide) assignment |
+5 |
|---|
| Classroom
participation: |
+5% |
|---|
Grading scale:
A=90-100, B=80-89, C=70-79, D=65-69, F=0-64
(Or you can elect to "audit" the class during the add/drop period.)
(Collaborating on the class wiki counts as up to 5 points extra credit,
as does active class participation.
See below for details.)
|
| Policies: |
-
No makeup exams will be offered without the prior approval of the
instructor.
-
Exams will be closed book and closed note multiple choice exams.
While the exams are non-cumulative, each does build upon knowledge
acquired earlier.
Exams are based mostly upon material presented in class
however some questions may be from assigned readings (the textbooks
and on-line resources).
-
Exams will only cover material discussed in class or assigned
as reading before the exam.
Should the class fall behind the course schedule,
some topics shown on the syllabus due for an earlier exam will be
tested on the following exam instead.
-
Regular attendance is imperative for the successful completion of
this class.
The textbook and on-line resources should be considered as required
course supplements; in other words the course is not based on
the text.
-
All phones, pagers, and beepers must be turned off during class time,
except with prior permission of the instructor.
No food or drink is permitted in HCC classrooms.
-
Attendance will be taken within 5 minutes of the start of class;
after 4 unexcused absences and/or lateness, the student will lose
2 points off the final grade for each additional occurrence.
-
If you miss a class you are still responsible for the material covered
in that class.
All students should exchange contact information (name, email
address, phone number) with at least one other student in the
class.
If you must miss a class, you should then contact another student and
request they take class notes for you.
(Note Campus Cruiser has email and discussion board areas for our
course.)
-
Credit for class participation includes attendance, preparedness,
and adding to class discussions by asking questions and
participating in discussions.
Playing computer games, surfing the Internet, or working on
assignments for this or other classes during class time will lose
you credit.
-
Additional time outside of class will be required.
For typical students an average of between 8 and 12 hours each week
outside of class are required for preparation, practice,
and projects.
- Students are expected to prepare for each class by completing all
reading assignments, reviewing examples and model solutions provided,
and practicing outside of class.
This is important — you can't learn a skill such as Unix/Linux
administration only by attending class and reading books.
You must practice several hours a few days each week!
If you won't have enough time available, consider auditing the course.
-
Students are expected to check the class website regularly.
Any syllabus changes, class cancellations, project assignments,
and homework assignments are announced in class and posted to the
website and the
RSS feed for this class.
-
A student shall not, without my express authorization, make or receive
any recording, including but not limited to audio and video recordings,
of any class, co-curricular meeting, organizational meeting, or meeting
with me.
Further you do not have my permission to post on the web or otherwise
distribute my class lectures and other course materials.
(You can distribute freely any materials I make publicly available from
the HCC (or the wpollock.com) website, without asking
permission, provided you give me credit for the work and don't alter it.
Any other use will require expressly given permission.
-
Working together on individual assignments is considered as
cheating!
Turning in someone else's work without giving them credit is also
considered cheating
(plagiarism).
Cheating will result in an automatic F (zero) for the
project for all parties.
Also, you can only earn credit for your own work and not someone else's,
even if you do cite your sources.
Note that some projects may be group projects, where each member of
a small group works together on a project.
It is also OK to ask a fellow student for class
notes (in the event you miss a class) or for help in understanding
the text or material given to the class (e.g., examples on the
class website).
It is encouraged to study together as well.
-
You must follow the academic honesty policy and the
student code of conduct for HCC.
A second cheating offense will result in an
F
for the course, and your name will be turned over to the dean for
further handling.
I take these matters very seriously.
You have been warned!
- Communications Policy:
I will respond to your emails within 48 hours or two business
days.
HCC policy is that grades can only be discussed in person
during office hours, or via email only if you use your assigned
HCC HawkNet (or Campus Cruiser) email account.
-
Every effort will be made to stick to the weekly schedule for
our course.
However it may happen that we will fall behind the schedule at
some point.
If so no topics will be skipped.
Instead we will attempt to catch up over the following weeks.
-
Please be aware that if we fall behind on the weekly schedule,
the topics discussed may not match what shows on the syllabus.
The weekly schedule may (but probably won't be) updated in this
case.
-
In the case we fall behind, homework assignments are automatically
postponed until we do discuss that topic in class
(i.e., the next class).
Projects and in-class exams will not be automatically postponed.
Should your instructor deem it necessary, projects and exams may be
rescheduled; this will be announced in class.
-
Hawk Alert text messaging service allows you to receive
important information regarding campus closures or emergencies.
You may also sign up for financial aid notifications and
registration and payment deadlines.
This is a free service, although some fees may be applied by your
cellular service provider or plan for text messages.
To sign up, or for more information, visit
www.hccfl.edu/alerts/.
-
No appointment is necessary to see me during my scheduled, on-campus
office hours.
You can just
walk-in .
You can make appointments for other times as long as I'm available.
-
Occasionally my office hours will be canceled on short
(or no) notice, for example if the dean calls me for a meeting.
Before driving out to campus just for my office hours, you can contact
me the night before to make sure I still plan to be there.
-
Late Policies:
Late assignments (homework assignments, projects, or exams)
generally will not be accepted.
An assignment is late if not turned in by the start of
class on the day it is due.
Late assignments will be accepted late only if
you obtain the instructor's permission prior to the due
date of the assignment, or for a documented serious medical
reason.
All late assignments are subject to a late penalty of
at least one letter grade (10%) regardless of the reason for
the delay.
Projects and homework assignments later than one week will receive a
more severe late penalty; very late assignments without adequate
excuses will receive a grade of F (0).
However if you have a very good reason your instructor
may waive any or all of the late penalty.
(Examples of good reasons include extended illness that prevents
working, being out of town for work, or military service.
Remember documentation will be required.)
-
The danger of spreading flu or other
disease requires some changes to normal policies.
HCC is implementing the
recommendations for institutions of higher learning
of the
CDC.
(See
www.cdc.gov/h1n1flu/guidance/ and
www.flu.gov/ for
guidance from the CDC.)
You won't need documentation if you miss class due to
the flu.
(But if you think you have the flu, you should see a doctor
as soon as you can.)
In the unlikely event of a school closure due to the flu,
some plan to make up the missed work will be made.
If you think you have the flu, stay home.
Do not come to HCC until 48 hours after your
fever has broken.
People are infectious to others for a day or so before
they have any symptoms.
Flu is spread by touching doorknobs, computer keyboards,
railings on stairs, etc., that were touched by someone
with the flu.
Avoid shaking hands; use the fist shake (touching of fists)
if you must use a physical greeting.
The most effective way to prevent catching the flu is
to wash your hands frequently, especially after touching
something that was touched by others.
Avoid unnecessary touching of eyes, nose and mouth.
While not as good as properly washing hands, hand sanitizers
have been installed throughout the campus;
use them often.
|
|
Projects: |
Projects will be assigned from the class web page
at various times.
You will have sufficient of time to complete the projects,
at least a week but usually two weeks.
Although there will be some group assignments you
must work individually on the non-group projects.
You may work together in small groups on group projects,
provided the names of all who worked together are listed.
Each student must still submit their own copy.
Projects are typically completed outside of regular class
hours.
Projects are graded on the following scale:
A = 95% (Excellent: Good design with good comments, style, and extras)
B = 85% (Good: Good design, some comments, readable style,
and it works)
C = 75% (Acceptable: Project objectives are met or are close to
being met)
D = 65% (Unacceptable)
E = 10-64% (Variable credit: At least you tried)
F = 0% (Didn't hand in the project)
Minor extras worth +5 points, minor omissions or poor design worth -5.
Projects are not graded when turned in.
They are graded all at once, sometime after the project deadline has
passed (usually the next weekend).
Further details will be provided with your first project.
(See also submitting assignments below.)
|
|---|
Homework
Assignments: |
For this course your weekly homework assignment is to update the
study guide on the
class wiki
with a substantial contribution based on the material covered
in class, from assigned readings, or from other resources you
have studied.
A substantial contribution means adding new material,
adding references (links), or elaborating (or correcting) some
previous addition made by you or another student.
You should add at least two, but no more than
five items.
(This is to ensure all students have a chance to add something.)
Do not work on the wiki during class.
You should use
wiki formatting and not HTML formatting when
possible, and be sure to spell-check your work.
The wiki will automatically send your instructor an email for each
update, so there is no need to add your name to your contribution.
However, be sure your wiki account name is something your instructor
will recognize as belonging to you!
Your instructor is the editor and moderator of this study guide
(and for all material posted on this wiki site).
While some time will be given for students to correct postings,
in order to ensure an accurate study guide the instructor may
edit, add to, or remove material posted by students.
The homeworks will be graded on or after the following week
(so you have the weekend to post your homework).
Your contribution will be graded based on correctness,
completness, and clarity.
Each week (for at least 12 weeks), students can earn up to
8 points toward the homework grade.
|
Wiki
Assignment: |
Extra credit can be earned by updating the study guide on the
class wiki
with a substantial contribution based on the material covered
in class, from assigned readings, or from other resources you
have studied.
A substantial contribution means adding new material,
adding references (links), or elaborating (or correcting) some
previous submission.
You should use
wiki formatting and not HTML formatting when
possible, and be sure to spell-check your work.
The wiki will automatically send your instructor an email for each
update, so there is no need to add your name to your contribution.
Your instructor is the editor and moderator of this study guide
(and for all material posted on this wiki site).
While some time will be given for students to correct postings,
in order to ensure an accurate study guide the instructor may
edit, add to, or remove material posted by students.
The wiki assignment will be graded on or after the following week
(so you have through the weekend to post something for the previous
week).
Your contributions will be graded based on correctness,
completness, and clarity.
Note regular posting is required to earn extra credit; one
large post the last week of the term will not earn much (or
any) extra credit.
|
|
Submitting Projects: |
Projects should be submitted by email to
.
Please use a subject such as Unix/Linux Security Project #1
Submission so I can tell which emails are submitted work.
Send only one assignment per email message.
Email your projects by copy-and-paste into your mail program.
(Please do not send as attachments!)
If possible, use the text and not the HTML
mode of your email program.
Do not send any email to wpollock@YborStudent.hccfl.edu as I may not read that
account regularly.
In the event a student submits more than once for the same assignment,
I will ignore all but the last one received up to the deadline.
Projects submitted after the deadline will not count toward your
grade except as allowed by the course
late policy.
The HCC email server automatically accepts and
silently discards email with certain types of attachments.
If you must send email to my Internet (non-YborStudent) email
account please avoid using any attachments, but especially
zip files.
To send email with a .zip
attachment
you must first rename the file extension to .zap
and then send the renamed file as an attachment.
To avoid having your submitted work rejected as spam ,
you can use
CampusCruiser to send email to professors.
If you have an email problem you may turn in a printout instead.
Be sure your name is clearly written on the top of any pages turned in.
Please staple multiple pages together (at the upper left).
|
![[Valid RSS]](http://wpollock.com/images/valid-rss.png)
