IST-451 – Network Security

 

Resources

 

These Web-based resources are provided as value-added for IST-451.  The resources have been compiled by DR. Gerry Santoro, often with the aid of IST-451 students.  The resources are mostly optional and provided so that the student has the opportunity to gain more in-depth understanding in this area.  Please note that some of them may be assigned reading/viewing.

 

Penn State Resources

 

·         Penn State Center for Cyber-Security, Information Privacy and Trust - http://cybersecurity.ist.psu.edu/index.php

·         Penn State Cyber-Security Lab - http://s2.ist.psu.edu/ 

 

US Government Resources

 

NOTE: Some of these, such as NIST documents, may be listed below in topical areas.

 

·         NSA Information Assurance advice and resources - http://www.nsa.gov/ia/mitigation_guidance/index.shtml

·         US Computer Emergency Readiness Team -- http://www.us-cert.gov/

·         Complete list of NIST Information Security Publications -- http://csrc.nist.gov/publications/PubsTC.html

·         NICCS – National Initiative for Cybersecurity Careers and Studies - http://niccs.us-cert.gov/

 

Hacking Educational Resources

 

Security professionals must understand how systems are attacked and compromised in order to effectively protect those systems.  Following is a list of Web sites that provide learning resources for ethical hacking.

 

·         Hack This Site - https://www.hackthissite.org/

·         Hack This! - https://www.hackthis.co.uk/

·         Hack in the Box - http://www.hitb.org/

·         Hack a Day - http://hackaday.com/

·         Evil Zone - https://evilzone.org/

 

Blogs and Newsletters

 

·         Bruce Schneier Crypt-O-Gram -- http://www.schneier.com/crypto-gram.html

·         Secure State Blog -- http://blog.securestate.com/

·         Krebs on Security -- http://krebsonsecurity.com/

 

 

Basic Resources

 

·        Top 125 Security Tools -  http://sectools.org/

·         Wireshark - http://www.wireshark.org/

·         Nmap - http://nmap.org/

·         Backtrack - http://www.backtrack-linux.org/

·         Metasploit - http://www.metasploit.com/

·         Cain and Abel - http://www.softpedia.com/get/Security/Decrypting-Decoding/Cain-and-Abel.shtml

·         Nessus - http://www.nessus.swri.org/

·         Snort - http://www.snort.org/

·         Back Orifice - http://www.bo2k.com/index2.shtml

·         Secundia personal vulnerability scanner - http://secunia.com/vulnerability_scanning/personal/

 

·         SANS Information Security Reading Room - http://www.sans.org/reading_room/

·         Security Tube - http://www.securitytube.net/

·         White paper – Fundamental Principles of Network Security (Schneider Electric) - http://www.apcmedia.com/salestools/SADE-5TNRPG_R1_EN.pdf

·         Schneider Electric white paper library - http://www.apc.com/prod_docs/results.cfm?DocType=White%20Paper&Query_Type=10

 

 

 

 

Topic 1 - Security Fundamentals and Data Communication

 

 

·         Internet/Network Glossary -   http://www.sidetrips.com/support/glossary_network.asp

·         Glossary of Networking Terms - http://www.wildpackets.com/resources/compendium/glossary_of_networking_terms

·         Brief History of the Internet - http://www.internetsociety.org/internet/internet-51/history-internet/brief-history-internet/

·         How Ethernet Works - http://computer.howstuffworks.com/ethernet.htm

·         How token-ring works - http://compnetworking.about.com/od/networkprotocols/g/token-ring-networks.htm

·         How WiFi works - http://www.howstuffworks.com/wireless-network.htm

·         What is a packet? - http://computer.howstuffworks.com/question525.htm

·         “As We May Think” by Vannevar Bush – published in 1945, this amazing article basically described what would later become the Internet and World Wide Web – although the technologies did not exist -  http://www.theatlantic.com/magazine/archive/1945/07/as-we-may-think/3881/

·         Penn State Data Backbone - http://tns.its.psu.edu/ib/ibHistory.cfm

·         An Atlas of Cyber-Spaces - http://personalpages.manchester.ac.uk/staff/m.dodge/cybergeography/atlas/

 

·         2009 Kaspersky Security Bulletin - http://www.securelist.com/en/analysis/204792101/Kaspersky_Security_Bulletin_2009_Statistics_2009

·         Undercover Multipurpose Anti-Spoofing Kit - http://www.cs.fsu.edu/~sudhir/research/UnMask.pdf

·         Ping of Death - http://insecure.org/sploits/ping-o-death.html

·         A simple Oracle host-based scanner - http://www.symantec.com/connect/articles/simple-oracle-host-based-scanner

·         The danger of complexity – more code, more bugs - http://www.techrepublic.com/blog/security/the-danger-of-complexity-more-code-more-bugs/3076?tag=content;siu-container

·         Fortiguard threat research and response - http://www.fortiguard.com/

·         Kevin Mitnick on Social Engineering - http://www.youtube.com/watch?v=1doZ-Jlu0mE

·         Wikipedia article on Transport Layer Security - http://en.wikipedia.org/wiki/Secure_Sockets_Layer

 

 

Topic 2 – Firewall Technologies

 

 

·         Firewalls (from Wikipedia) - http://en.wikipedia.org/wiki/Firewall_(computing)

·         How Firewalls work - http://en.wikipedia.org/wiki/Firewall_(computing)

·         US-CERT Security Tip: Understanding Firewalls - http://www.us-cert.gov/cas/tips/ST04-004.html

·         Microsoft TechNet: Firewalls - http://technet.microsoft.com/en-us/library/cc700820.aspx

·         PC Magazine firewall reviews - http://www.pcmag.com/category2/0,2806,4722,00.asp

·         C/Net Internet Security and Firewall reviews - http://reviews.cnet.com/internet-security-firewall/

·         Consumer Search firewall reviews - http://www.consumersearch.com/firewalls

·         CISCO PIX firewall configuration guides - http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_installation_and_configuration_guides_list.html

·         CISCO IOS firewall configuration - http://www.cisco.com/en/US/products/sw/secursw/ps1018/tsd_products_support_configure.html

·         CISCO ACLs and IP fragments - http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800949b8.shtml

·         Creating ACL entries in Wireshark - http://packetlife.net/blog/2009/oct/29/creating-acl-entries-wireshark/

·         Using Firewall Builder to configure ACLs - http://www.howtoforge.com/using-firewall-builder-to-configure-router-access-lists

·         User Datagram Protocol - http://en.wikipedia.org/wiki/User_Datagram_Protocol

·         Video: TCP vs UDP (4:55) - http://www.youtube.com/watch?v=v-CmPz73Y8Q&feature=player_embedded

·         Slides for talk by Udo Steinegger on issues with IPv4 to IPv6 transition - http://www.ipv6.om/gctcms/Editor/files/IPv6%20-%20Evolutional%20and%20challenges.pdf

·         Video: One method for email spoofing (3:31) - http://www.metacafe.com/watch/1795511/how_to_spoof_an_email/

·         SANS paper on session hijacking in Windows networks - http://www.sans.org/reading_room/whitepapers/windows/session-hijacking-windows-networks_2124

·         Computer World article on browser vulnerabilities - http://www.computerworld.com/s/article/9140582/Firefox_flaws_account_for_44_of_all_browser_bugs

·         SANS article showing how DNS spoofing can lead to MITM attack - http://www.sans.org/reading_room/whitepapers/dns/dns-spoofing-man-middle_1567

·         Video: DNS Spoofing (9:52) - http://www.youtube.com/watch?v=ZwfUFlpTUdc

·         Compromising hosts with SNMP - http://www.attackvector.org/?p=571

·         Explanation of TCP/IP 3-way handshake - http://support.microsoft.com/kb/172983

·         SS5 SOCKS Proxy System - http://ss5.sourceforge.net/

·         SecTools top firewalls - http://sectools.org/tag/firewalls/

·         Video: CISCO ASA Training 101: Access-List Fundamentals http://www.youtube.com/watch?v=w2Gz0yOgZkg&feature=related

·         Documentation for CISCO ASA Training 101: Access-List Fundamentals http://www.soundtraining.net/i-t-tutorials/cisco-tutorials/46-cisco-asa-access-control-lists

·          

 

 

Topic 3 – Encryption

 

·         Encryption (Wikipedia) - http://en.wikipedia.org/wiki/Encryption

·         How Encryption works - http://www.howstuffworks.com/encryption.htm

·         TrueCrypt: free open-source on-the-fly encryption - http://www.truecrypt.org/

·         Symantic Endpoint encryption FDE - http://www.symantec.com/endpoint-encryption

·         Sophos SafeGuard encryption - http://www.sophos.com/en-us/products/encryption.aspx

·         Pidgin-Encryption: encrypts instant messages - http://pidgin-encrypt.sourceforge.net/

·         Computer Science Unplugged: public key encryption - http://csunplugged.org/public-key-encryption

·         SafeHouse encryption - http://www.safehousesoftware.com/

·         Review of encryption methods - http://ftp-software-review.toptenreviews.com/encryption-algorithms.html

·         USDA encryption security standards - http://www.ocio.usda.gov/directives/doc/DM3530-005.htm

·         Good intro article on encryption methods - http://www.dedoimedo.com/computers/encryption-1.html

·         IBM DeveloperWorks: Symmetric cryptography - http://www.ibm.com/developerworks/library/s-crypt02/index.html

·         IBM DeveloperWorks: Asymmetric cryptography - http://www.ibm.com/developerworks/library/s-crypt03/index.html

·         IBM DeveloperWorks: Cryptography on the Internet - http://www.ibm.com/developerworks/library/s-crypt04/index.html

·         IBM DeveloperWorks: Practical applications of Cryptography - http://www.ibm.com/developerworks/library/s-crypt05/index.html

·         Quantum-key distribution - http://en.wikipedia.org/wiki/Quantum_key_distribution

·         DES (Wikipedia) - http://en.wikipedia.org/wiki/Data_Encryption_Standard

·         Trithemius cipher (Wikipedia) - http://en.wikipedia.org/wiki/Trithemius_cipher

·         Product cipher (Wikipedia) - http://en.wikipedia.org/wiki/Product_cipher

·         Vernam’s Cipher - http://www.ranum.com/security/computer_security/papers/otp-faq/

·         Triple DES – (Wikipedia) - http://en.wikipedia.org/wiki/Triple_DES

·         Legacy of DES (Schneier) - http://www.schneier.com/blog/archives/2004/10/the_legacy_of_d.html

·         RSA (Wikipedia) - http://en.wikipedia.org/wiki/RSA_(algorithm)

·         Video: RSA algorithm explained (1:34) - http://www.youtube.com/watch?v=b57zGAkNKIc&feature=related

·         Example of RSA encryption - http://mathcircle.berkeley.edu/BMC3/rsa/node4.html

·         Relative advantages/disadvantages of public-key vs secret-key methods - http://www.rsa.com/rsalabs/node.asp?id=2167

·         Steganography (Wikipedia) - http://en.wikipedia.org/wiki/Steganography

·         Spychecker S-Tools - http://www.spychecker.com/program/stools.html

·         SecTools top encryption tools - http://sectools.org/tag/crypto/

·         SecTools top password crackers - http://sectools.org/tag/crackers/

·          

 

 

Topic 4 – Virtual Private Networks

 

·         VPN (Wikipedia) - http://en.wikipedia.org/wiki/Virtual_private_network

·         How VPNs work - http://www.howstuffworks.com/vpn.htm

·         Cisco VPN introduction - http://www.cisco.com/en/US/products/ps5743/Products_Sub_Category_Home.html

·         OpenVPN - http://openvpn.net/

·         VPN tutorial - http://compnetworking.about.com/od/vpn/a/vpn_tutorial.htm

·         PPTP - http://compnetworking.about.com/od/vpn/g/bldef_pptp.htm

·         IPsec - http://compnetworking.about.com/od/vpn/g/bldef_ipsec.htm

·         VPN Tunneling - http://compnetworking.about.com/od/vpn/a/vpn_tunneling.htm

·         VPN reviews, many for personal use - http://www.vpnreviews.com/

·         VPN providers and services - http://enterprisefeatures.com/2011/06/top-17-virtual-private-network-providers-and-vpn-services/

·         Computerworld article on personal VPNs - http://www.computerworld.com/s/article/9205401/3_personal_VPNs_offer_safer_Wi_Fi

·         Video: Cisco networks VPN introduction (5:56) - http://www.youtube.com/watch?v=4Q7bj3dNbR8&feature=related

·         RADIUS (Wikipedia) - http://en.wikipedia.org/wiki/RADIUS

·         Penn State VPN bridge - https://www.work.psu.edu/vpn/

·         Penn State Anywhere VPN - http://aset.its.psu.edu/vpn/index.html

·         Internet Key Exchange (Wikipedia) - http://en.wikipedia.org/wiki/Internet_Key_Exchange

·         Video: Cisco site to site VPN using IPsec - http://www.youtube.com/watch?v=aJB0E3_C4dQ

·         Brazoslink.net - http://www.brazoslink.net/

·         How to set up PPTP VPN on android - http://www.youtube.com/watch?v=0a0uayPyBzk

·         Illustrated Guide to IPSec - http://www.unixwiz.net/techtips/iguide-ipsec.html

·         Penn State Anywhere VPN service - http://aset.its.psu.edu/vpn/

·          

 

Topic 5 – Authentication

 

·         Authentication (Wikipedia) - http://en.wikipedia.org/wiki/Authentication

·         Authentication (RSA Info Security Glossary) - http://www.rsa.com/glossary/default.asp?id=1006

·         Initiative for Open AuTHentication - http://www.openauthentication.org/

·         Password Authentication Protocol (PAP – Wikipedia) - http://en.wikipedia.org/wiki/Password_authentication_protocol

·         Basic Access Authentication (BAA – Wikipedia) - http://en.wikipedia.org/wiki/Basic_access_authentication

·         Kerberos - http://gost.isi.edu/publications/kerberos-neuman-tso.html

·         Video: Kerberos Introduction (7:12) - http://www.youtube.com/watch?v=7-LjpO2nTJo

·         Kerberos protocol (Wikipedia) - http://en.wikipedia.org/wiki/Kerberos_(protocol)

·         Two-factor authentication (Wikipedia) - http://en.wikipedia.org/wiki/Two-factor_authentication

·         Simple Authentication and Security Layer (SASL – Wikipedia) - http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer

·         Authentication World - http://www.authenticationworld.com/

·         RSA Adaptive Authentication - http://www.emc.com/security/rsa-identity-protection-and-verification/rsa-adaptive-authentication.htm

·         Authentication in distributed systems - http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=44&ved=0CHAQFjADOCg&url=http%3A%2F%2Fresearch.microsoft.com%2Fpubs%2F68215%2Facrobat.pdf&ei=KkIpUN-OFIG26wGl6YCwBA&usg=AFQjCNGo9PVzSija82XwW3loRo0lpgdcwQ&sig2=aPNociVffIBihtB_6yiRYA

·         Video: A is for Authentication (5:37) - http://www.youtube.com/watch?v=mKGke1rAQ9A

·         Video: IBM RFID commercial - http://www.youtube.com/watch?v=eob532iEpqk

·         Rainbow table (Wikipedia) - http://en.wikipedia.org/wiki/Rainbow_table

·         How to hijack Facebook using firesheep - http://www.pcworld.com/article/209333/how_to_hijack_facebook_using_firesheep.html

·         Keepass - http://keepass.info/

·         So long and no thanks for the externalities: the rational rejection of security advice by users - https://docs.google.com/viewer?url=http://research.microsoft.com/en-us/um/people/cormac/papers/2009/SoLongAndNoThanks.pdf&pli=1

·         Salt (Wikipedia) - http://en.wikipedia.org/wiki/Salt_(cryptography)

·         S/Key (Wikipedia) - http://en.wikipedia.org/wiki/S/KEY

·         Video: Two-factor authentication (7:36) - http://www.youtube.com/watch?v=G-LT8ei9-Pw&feature=related

·         RSA Hack demonstrates superiority of cell phone as 2nd factor - http://securitywatch.pcmag.com/e-commerce/283547-rsa-hack-demonstrates-superiority-of-cell-phone-as-2nd-factor

·         Video: RSA security hack explained (3:15) - http://www.youtube.com/watch?v=kXB0BwwvZ1E&feature=related

·         About the Lockheed-Martin hack - http://emptywheel.firedoglake.com/2011/05/30/about-the-lockheed-martin-hack/

·         Shibboleth (Wikipedia) - http://en.wikipedia.org/wiki/Shibboleth_(Internet2)

·         Video: Federated access (3:56) - http://www.youtube.com/watch?v=HPq0IvVGwhI&feature=related

·         Penn State implements Shibboleth - http://www.internet2.edu/annualreport/2003/sidebar04.html

·         Veri-Sign - http://www.verisign.com/

·          

 

 

Topic 6 – Intrusion Detection and network mapping

 

·         IDS (Wikipedia) - http://en.wikipedia.org/wiki/Intrusion_detection_system

·         NIST Guide to Intrusion Detection and Prevention Systems (sp 800-94) - http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf

·         Introduction to Intrusion Detection Systems - http://netsecurity.about.com/cs/hackertools/a/aa030504.htm

·         The evolution of Intrusion Detection Systems - http://www.symantec.com/connect/articles/evolution-intrusion-detection-systems

·         SecTools top intrusion detection systems - http://sectools.org/tag/ids/

·         SecTools top port scanners - http://sectools.org/tag/port-scanners/

·         SecTools top network traffic-monitoring tools - http://sectools.org/tag/traffic-monitors/

·         SecTools top packet-sniffers - http://sectools.org/tag/sniffers/

·         Video: Network Mapping (51:20) - http://www.youtube.com/watch?v=_uIOdTfp6Pw

·         OpenExtra network mapping introduction - http://www.openxtra.co.uk/articles/network-mapping

·         CISCO Network Magic network mapper - http://www.purenetworks.com/product/network-map.php

·         Network mapping (Wikipedia) - http://en.wikipedia.org/wiki/Network_mapping

·         What is nmap and what can it do? http://www.sans.org/security-resources/idfaq/what_is_nmap.php

·         The DIDS (Distributed Intrusion Detection System) Prototype - http://static.usenix.org/publications/library/proceedings/sa92/snapp.pdf

·         Intrusion Detection in Wireless Ad-Hoc Networks - http://www.projapps.com/CS4274.pdf

·          

 

Topic 7 – DDoS, malware and BOTnets

 

·         Mariposa Botnet -  http://www.csmonitor.com/USA/2011/0630/How-the-FBI-and-Interpol-trapped-the-world-s-biggest-Butterfly-botnet

·         America’s 10 most-wanted BOTnets - http://www.networkworld.com/news/2009/072209-botnets.html

·         BOTnet protection from Microsoft - http://www.microsoft.com/security/pc-security/botnet.aspx

·         CISCO ASA BOTnet traffic filter - http://www.cisco.com/en/US/prod/vpndevc/ps6032/ps6094/ps6120/botnet_index.html

·         PCMag best anti-malware of 2012 - http://www.pcmag.com/article2/0,2817,2372364,00.asp

·         Anti-Spyware comparisons and reviews - http://anti-spyware-review.toptenreviews.com/

·         Web of Trust - http://www.mywot.com/

·         Privacy Bird - http://www.privacybird.org/

·         SANS – Understanding Intrusion Detection Systems - http://www.sans.org/reading_room/whitepapers/detection/understanding-intrusion-detection-systems_337

·         Slides from “Plashdance: Discovering permanent denial of service attacks against embedded systems” - http://webcache.googleusercontent.com/search?q=cache:JQa9uBhKsLIJ:eusecwest.com/esw08/esw08-smith.pdf+phlashdance&cd=2&hl=en&ct=clnk&gl=us&source=www.google.com

·         Fork Bomb (Wikipedia) - http://en.wikipedia.org/wiki/Fork_bomb

·         Nuke attack (Wikipedia) - http://en.wikipedia.org/wiki/WinNuke

·         MyDoom (Wikipedia) - http://en.wikipedia.org/wiki/MyDoom

·         Root nameserver DDOS attacks (Wikipedia) - http://en.wikipedia.org/wiki/DNS_Backbone_DDoS_Attacks

·         Cyber-attacks during South Ossetia war (Wikipedia) - http://en.wikipedia.org/wiki/Cyberattacks_during_the_2008_South_Ossetia_war

·         Operation Payback (Wikipedia) - http://en.wikipedia.org/wiki/Operation_Payback

·         Cornficker worm (Wikipedia) - http://en.wikipedia.org/wiki/Conficker

·         Best anti-virus software 2012 - http://www.pcmag.com/article2/0,2817,2372364,00.asp

·         Reviews of anti-spyware software - http://anti-spyware-review.toptenreviews.com/

·         Bancos infostealer malware - http://www.symantec.com/security_response/writeup.jsp?docid=2003-071710-2826-99

·         The Great Cyberheist – Alberto Gonzalez - http://www.nytimes.com/2010/11/14/magazine/14Hacker-t.html?_r=2

·         SandBoxie - http://www.sandboxie.com/

·         Stuxnet (Wikipedia) - http://en.wikipedia.org/wiki/Stuxnet

·         Video: Stuxnet – anatomy of a computer virus (3:20) - http://vimeo.com/25118844

·         Researchers connect Flame to Stuxnet - http://www.wired.com/threatlevel/2012/06/flame-tied-to-stuxnet/

·         Stuxnet source code - http://thehackernews.com/2011/07/stuxnet-source-code-released-online.html

·         DuQu Trojan FAQ - http://www.securelist.com/en/blog/208193178/Duqu_FAQ

·         DuQu - http://www.f-secure.com/v-descs/backdoor_w32_duqu.shtml

·         DuQu source code - http://torrentz.eu/du/duqu+malware+source+code-q

·         Flame (Wikipedia) - http://en.wikipedia.org/wiki/Flame_(malware)

 

 

Topic 8 – Network Security Management

 

·         SecTools top vulnerability scanners - http://sectools.org/tag/vuln-scanners/

·         SecTools top Web vulnerability scanners - http://sectools.org/tag/web-scanners/

·         Slides for CNSS model - http://www.docstoc.com/docs/24334901/CNSS-Model

·         Committee on National Security Systems – http://www.cnss.gov

·         CNSS (Wikipedia) - http://en.wikipedia.org/wiki/Committee_on_National_Security_Systems

·         Difference between Management and Leadership - http://guides.wsj.com/management/developing-a-leadership-style/what-is-the-difference-between-management-and-leadership/

·         American Management Association - http://guides.wsj.com/management/developing-a-leadership-style/what-is-the-difference-between-management-and-leadership/

·         Strategic Planning (Wikipedia) - http://en.wikipedia.org/wiki/Strategic_planning

·         Security Policy (Wikipedia) - http://en.wikipedia.org/wiki/Security_policy

·         SANS Security Policy Templates - http://www.sans.org/security-resources/policies/

·          

 

 

 

 

Reference Books.

 

·         Volonino, L. Anzaldua, R. and Godwin, J., Computer Forensics: Principles and Practices, Pearson / Prentice Hall, New Jersey, 2007. ISBN: 0-13-154727-5.

·         William Stallings, Cryptography and Network Security: Principles and Practice (3rd Edition), Prentice-Hall, 2002. ISBN 0-13-091429-0.

·         C. Kaufman, R. Perlman, M. Speciner, Network Security: Private Communication in a Public World, Prentice Hall, 1995.

·         William R. Cheswick and S. M. Bellovin, Firewalls and Internet Security, Addison-Wesley, 1994. ISBN 0-201-63357-4.

·         Chapman, D.B., Zwicky, E. D., Building Internet Firewalls, O'Reilly & Associates, 1995.

·         S. L. Garfinkel, E. H. Spafford, Practical Unix & Internet Security, O'Reilly and Associates Inc., 1996.

·         Dieter Gollmann, Computer Security, John Wiley & Sons Ltd., 1999, ISBN 0-471-97844-2.