COSC301 - Schedule

S1 2017

Contents

Papers

You can open and collapse the various labs and lectures by clicking on the disclosure triangles.

Week StartingHappenings
27 February 2017
Lecture 1
Presenter: ZH

Intruduction, Operating Systems

Topics

  • Introduction to the paper, administration
  • Overview/recap of operating systems (esp. Linux) and relation of components such as processes, daemons, kernel, drivers & modules, hardware.
No lab after the first lecture, go through the pre-lab material
Lecture 2
Presenter: ZH

Network Hardware

Topics

  • A quick tour of IEEE standards.
  • Ability to identify common network hardware, such as a network interface card, hub, switch, router; explain the purpose of each.
    While we concentrate on IP and ethernet in this paper, the student should also have a little exposure to concepts such as serial connections (eg. DSL), and also high-speed interconnects such as InfiniBand or FibreChannel.", "Be able to appreciate the difference between various bus interconnections, and why on-board NICs may give superior performance.
  • Understand how network traffic enters and leaves a machine, from a basic understanding of what a socket is, to a more thorough understanding of concepts of hardware interrupts, DMA, and performance issues such as zero-copy (scatter/gather I/O).
Laboratory 1
Marks: 1

Introduction, Operating Systems

Practices

  1. Familiarisation with the VirtualBox-based lab environment and resources.
  2. Develop your skills in the terminal shell to help you work faster and smarter.
6 March 2017
Lecture 3
Presenter: ZH

Basic System/Network Administration

Topics

  • Learn about the available network configuration and diagnostic tools for IPv4.
  • Learn about the available network configuration and diagnostic tools for IPv6, especially stateless autoconfiguration.
Laboratory 2
Marks: 3

Ethernet Practical

Practices

  1. Be able to install a RJ-45 ethernet plug on the end of Cat 5 UTP cable.
  2. Assemble a small ethernet network according to a data-link layer schematic, and draw the corresponding network-layer schematic.
  3. Understand how a structured cable plant operates.
    Due to the length of this practical, it will likely need to be available in other weeks also. This is why the next hands-on practical (wireless) is the week after next.
Lecture 4
Presenter: ZH

IPv6 Bootcamp

Topics

  • Revise IPv6 addressing
  • Understand basic IPv6 mechanisms, such as stateless address autoconfiguration, neighbour discovery and router advertisements
  • Topics such as DNS are not talked about yet, that is covered in a later lecture.
  • Advanced topics such as Mobile IPv6 or IPSec are not encountered in this lecture.
  • Brief overview of transition mechanisms.
  • Security problems associated with IPv6.
  • Interface management in Linux
Laboratory 3
Marks: 3

Basic Interface Management

Practices

  1. View the status of Ethernet interfaces and the result of auto-negotiation.
  2. Name interface logically when this is appropriate.
  3. Practice the use of IPv4 configuration and query tools.
  4. Practice the administration of IPv4 interface configuration in Debian GNU/Linux.
13 March 2017
Lecture 5
Presenter: ZH

Wireless Networking

Topics

  • Develop a familiarity with wireless terminology and behaviour, including how signals behave and interference.
  • Develop a working knowledge of basic 802.11 wireless networking, sufficient to set up such a network using best practices.
  • Understand the motivation and basic structure of a Wireless Distribution System (WDS).
  • Understand the purpose and basic mechanisms of network authentication using 802.1x and RADIUS (WPA-Enterprise).
  • Familiarise students with the various types of antennas, and the typical coverage volumes and uses.
  • Understand the correct use of independent (ad-hoc) networks.
Laboratory 4
Marks: 2

IPv6 Bootcamp

Practices

  1. Practice enabling and disabling IPv6 on Linux, and how to control autoconfiguration etc.
  2. Observe how IPv6 works with router advertisements.
  3. Practice the use of IPv6 configuration and query tools.
  4. Practice the administration of IPv6 interface configuration in Debian GNU/Linux.
  5. Practice the creation of tunnels and how this complicates things.
Lecture 6
Presenter: ZH

Scripting Technique

Topics

  • Understand the concept, scope and benefits of applying the use of scripting solutions.
  • Learn the constructs used in developing Bourne shell scripts.
  • Learn a number of useful commands, as applied to example problems.
  • Spend a little time covering common uses of sed and awk.
Laboratory 5
Marks: 2

Wireless Networking

Practices

  1. Configure a wireless access-point observing best practices.
  2. Do some research to establish minimum requirements for WPA2 Windows clients.
  3. Configure a Linux, Windows, or Mac OS X wireless station to access an access-point.
  4. Optionally, configure a station to access a network protected with 802.1x and RADIUS authentication.
No further Ethernet practicals will be done after this week!
20 March 2017
Lecture 7
Presenter: ZH

Filesystems

Topics

  • Be aware of the different types of hard-drive technologies, including ATA, SCSI and SATA, including the performance issues of each.
  • Understand how Unix (and to a lesser extent Windows) file-systems work, including concepts of inode, permissions, links, journalling and performance issues such as block size and fragmentation.
  • Have an understanding of other access-control mechanisms, such as access-control-lists (ACLs); the difference between discretionary and mandatory access-control.
  • Be able to identify different types of file-system objects found in the file-system, such as files, directories, symbolic links, named pipes etc.
  • Identify the common RAID levels.
Laboratory 6
Marks: 2

VIM

Practices

  1. Exercises related to a different text editor.
Lecture 8
Presenter: ZH

System Installation

Topics

  • Understand methods of which operating systems can be installed.
  • Understand the role virtualisation plays in a modern infrastructure.
  • Basic steps involved in installing any (esp. Linux) system.
  • Learn how a classical Linux/UNIX systems boots and how this is changing.
  • Managing security during installation.
  • Investigate some methods used to manage mass installations.
  • Learn about best practices in account management, and managing access to administrative privileges.
Laboratory 7
Marks: 2

Shell Scripting

Practices

  1. Utilise best practices in creating UNIX shell scripts.
  2. Practice the constructs covered in the lecture.
  3. Create a script to generate a report about web-server utilisation.
27 March 2017
Lecture 9
Presenter: ZH

Post-Installation

Topics

  • Basic user management.
  • Trim any unnecessary services to reduce security exposure.
  • Look at system-hardening methods, and sources of best practices.
  • Investigate the use of version management tools to manage configuration files.
  • Look at where services may be started, and how to manage inetd or xinetd.
Laboratory 8
Marks: 2

Filesystems

Practices

  1. Create and manage file-system objects, assign permissions.
  2. Use access-control-lists.
  3. Use common archival tools.
  4. Investigate a particular backup solution.
Lecture 10
Presenter: ZH

Scheduled Tasks and Log Management

Topics

  • Investigate possible uses, benefits and costs of scheduled tasks by administrators and users.
  • Look at how scheduled tasks can best be managed on a typical Linux system, what is lacking, and how it is changing.
  • Investigate risks associated with log management.
  • Identify desirable log-related properties.
  • Look at how logs can be rotated and archived (and the benefits and costs), and laws and regulations for log-keeping.
  • Learn about how logs can be filtered and monitored.
  • Remote logging; benefits and risks.
Laboratory 9
Marks: 2

System Installation

Practices

  1. Either install Ubuntu Linux (or some other supported product for which media and updates are readily and cheaply available on campus) into a VirtualBox virtual machine,
    or install a Ubuntu Linux LTSP terminal server into a VirtualBox virtual machine and set up some diskless clients to boot from the server over the network,
    or install a number of basically identical (VirtualBox) machines in a scalable manner.
  2. Create appropriate set-up and configuration documentation for the system.
  3. Perform any necessary security updates.
No further Wireless practicals will be done after Thrusday's lab.
3 April 2017
Lecture 11
Presenter: ZH

The Domain Name System (DNS)

Topics

  • Learn the configuration methods and elements for a DNS client.
  • Understand how DNS works.
  • Learn about best practices in DNS management.
  • Learn how DNS handles IPv6 and the problems that occur.
  • Find out what additional security features are available in DNS such as DNS-SEC and TSIG.
  • Look at current issues, including Internationalised Domain Names (IDNs.)
Laboratory 10
Marks: 2

Post Installation

Practices

  1. Use a revision-management product to manage configuration files.
  2. Find out what services are running, evaluate the necessity of each, and stop or limit those that are not needed.
  3. Configure inetd or xinetd to manage services used by those.
  4. Use TCP Wrappers to limit access to services.
Lecture 12
Presenter: ZH

Address Assignment and the Rendezvous Problem

Topics

  • Learn about the development that lead up to DHCP.
  • Learn about the DHCPv6 and its relationship to router advertisements and stateless address auto-configuration.
  • Find out about problems faced by DHCP implementations, and best practices to manage them.
  • Investigate alternative ways of solving the problems addressed (and not addressed) by DHCP.
    This should introduce concepts of directory services.
  • Look at how DHCP services can be made more reliable.
  • Look at how Dynamic DNS helps to solve the rendevzous problem.
  • Investigate how the rendezvous problem is solved in an ad-hoc network, by using link-local addresses, mDNS, and DNS-SD.
Laboratory 11
Marks: 2

Scheduled Tasks and Log Management

Practices

  1. Look at how scheduled tasks are managed on an Ubuntu Linux system.
  2. Manage scheduled tasks by adding a new task.
  3. Modify log rotation and archive settings.
  4. Filter log entries using simple regular expressions.
  5. Enable remote syslog operation.
10 April 2017
Lecture 13
Presenter: ZH

Electronic Mail

Topics

  • Understand the processes by which the electronic mail is sent on the Internet, including a reasonable understanding of the SMTP, POP and IMAP protocols.
  • Understand the problems solved by MIME.
  • Understand the problems of spam and viruses, and tools and techniques for combatting it.
  • Look at crytographic tools available for protecting e-mail content, such as GPG, and the nature of such protections.
Laboratory 12
Marks: 0

Catchup Lab

Practices

  1. This lab session is dedicated to people who need to catch up. People who are up-to-date will have lower priority.
Lecture 14
Presenter: ZH

World Wide Web

Topics

  • Observe a HTTP request and identify important fields and their function.
  • Get an overview the mechanisms that can be used to generate content dynamically.
  • Look at the common security problems involved in building web applications, and how these risks can be mitigated.
  • Learn about the use of virtual hosting.
  • Learn about the use of virtual hosting.
  • Look at best practices in managing web servers. (perhaps have them read a white-paper or such).
  • Touch on issues of high performance and availability, such as load-balancing, clustering, fail-over techniques.
Laboratory 13
Marks: 3

The Domain Name System (DNS)

Practices

  1. Practice using the available DNS querying and diagnostic tools.
  2. Configure the BIND 9 DNS server using best practices for a small network environment.
  3. Add IPv6 data to the DNS.
  4. Add IDNA data to the DNS.
  5. Audit and harden security settings.
17 April 2017
Easter
24 April 2017
Lecture 15
Presenter: ZH

Transaction Layer Security (TLS)

Topics

  • Cover basic cryptography concepts.
  • Look at the brief history of Transaction Layer Security (TLS) and Secure Sockets Layer (SSL).
  • Understand how certificate-based cryto-systems work.
  • Know what TLS can and cannot effectively guard against.
  • Consider the issues involving virtual-hosting and TLS, and why it is better to negotiate TLS (via a protocol command such as SMTPs STARTTLS) rather than use a seperate port.
  • Look at the process of getting a certificate, and the cryptographic mechanisms behind having a certificate signed.
  • Demonstrate a simple example of using stunnel to show the essential configurations that are needed.
Laboratory 14
Marks: 3

Address Assignment and the Rendezvous Problem

Practices

  1. Install and configure a DHCP server and provide basic services including static and dynamic address assignments.
  2. Install and configure radvd, a IPv6 SLAAC daemon.
  3. Install and configure a DHCPv6 server?
ANZAC day (25th)
Lecture 16
Presenter: ZH

Remote Terminal Services

Topics

  • Understand the history of remote terminal services, and the problems associated with each.
  • Understand the problems that SSH solves.
  • Explore the various ways that ssh can be used.
  • Look at the development of GUI-based terminal services, including issues such as remote assistance, multiple logon, compression, ancilliary services (file transfer, report gathering, command execution).
    Seek permission to have a local mirror of the Apple Remote Desktop webcast.
  • Look briefly at X11, VNC and Remote Desktop.
Laboratory 15
Marks: 2

Remote Terminal Services

Practices

  1. Set up public key access using best practices.
  2. Practice using SSH tools to explore major features.
  3. Configure SSH services using best practices.
  4. Identify security weakpoints introduced using SSH services.
  5. Experience using X11 tunnelled over a SSH connection.
  6. Experience accessing either VNC or Remote Desktop to access a remote machine. (Optional, at home activity)
1 May 2017
Lecture 17
Presenter: ZH

File Transfer Protocol (FTP) & Web Caching

Topics

  • Learn about the history and solution domain of FTP.
  • Look at the security problem posed by the use of FTP.
  • Look at the security problem posed by the use of FTP.
  • Explore the issues relating to caching and proxying requests, and the benefits and costs of doing so.
  • Look at the mechanisms content providers can use to control how content is cached.
  • Learn about proxy authentication and accounting.
  • Explore the benefits and costs of transparent proxying, and the purposes to which it can be employed.
Laboratory 16
Marks: 5

World Wide Web (Practical Test)

Practices

  1. Install and configure the Apache web server.
  2. Enable the PHP pre-processor and create some simple content.
  3. Configure name-based virtual domains.
  4. Protect content using various forms of access control.
  5. Harden the web server configuration using best practices.
Lecture 18
Presenter: ZH

Network Security

Topics

  • Tie up loose ends.
  • Talk about Network Administration.
  • Learn about common security attack vectors to the system and network.
  • Recap of material covered so far, concentrating on the principles involved.
Laboratory 17
Marks: 2

Electronic Mail

Practices

  1. Provide basic e-mail services to a small network, including a manually-managed mailing list.
  2. Provide basic spam protection and filtering.
  3. Use GPG to protect e-mail content.
8 May 2017
Lecture 19
Presenter: ZH

Internal Routing

Topics

  • Understand routing issues, and the benefits and costs of dynamic routing.
  • Understand the differences between internal and external routing algorithms, and the different problems each must solve.
  • Understand basic RIP and the improvements that can be made of it.
  • Understand the differences between OSPF and RIP, and why OSPF is superior.
  • See how different routing domains can be integrated.
  • Investigate the security issues faced by dynamic routing.
  • Cover the common configuration mechanisms of routers.
Laboratory 18
Marks: 0

Catchup Lab

Practices

  1. This lab session is dedicated to people who need to catch up. People who are up-to-date will have lower priority.
Lecture 20
Presenter: ZH

Management Tools & Protocols

Topics

  • Understand the aims, uses, benefits and costs of monitoring systems for network elements.
  • Understand the structure of SNMP, and how it is used. Look briefly at alternatives.
  • Look at common ways of presenting or using the data.
  • Evaluate the usefulness of in-band and out-band monitoring and alerts.
  • Look at best practices in deploying a management solution.
  • Cover concepts such as Lights Out Management.
  • Briefly look at policy-based configuration using tools such as configd.
Laboratory 19
Marks: 5

Virtual LANs & Internal Routing

Practices

  1. Learn about and configure virtual LANs.
  2. Gain experience with the Vyatta OFR router platform.
  3. Configure static routing.
  4. Configure a network to use RIP.
  5. Configure a network to use RIPng for IPv6.
15 May 2017
Lecture 21
Presenter: ZH

Firewalls

Topics

  • Understand where a firewall fits into a network infrastructure.
  • Survey the different firewall architectures available.
  • Trace the path of a packet through a firewall.
  • Find the types of traffic that firewalls should protect against.
  • Understand the benefits and costs of stateful packet inspection.
  • Look at best practices in firewall design and management.
  • Learn about common firewall-associated tasks, namely NAT.
Laboratory 19
Marks: 0

Virtual LANs & Internal Routing (cont)

Practices

  1. continuing
Lecture 22
Presenter: ZH

Diagnostics & Ethics

Topics

  • Cover diagnostic techniques, and what to do in a crisis.
  • Look at fault-management procedures.
  • When to use scheduled and unscheduled outages.
  • Discuss ethical restraints the System/Network Administrators have to consider, and their legal/regulatory/moral responsibilities.
Laboratory 20
Marks: 2

Subnetting Tutorial

Practices

  1. Learn how to subnet a network and become comfortable working with IPv4 CIDR addressing.
  2. Cover subnetting and addressing in IPv6.
22 May 2017
Lecture 23
Presenter: ZH

Network Accounting & Visibility

Topics

  • Understand the philosophical and technical issues regarding network accounting.
  • Explore ways we can observe what is happening on a network.
  • Observe the security benefits and costs of accounting, including how it pertains to visitor and wireless networks.
  • Understand what we can account for.
  • Learn about the common NetFlow protocol, and to what extent it meets the requirements.
  • Learn a little about RADIUS and the accountancy data it can provide.
  • Look at how network measurement and accounting can be integrated into a defence-in-depth strategy.
  • Cover best practices in network accounting.
Laboratory 21
Marks: 5

Firewalls

Practices

  1. Implement a firewall based on a given policy.
  2. Implement source and destination NAT.
Lecture 24
Presenter: ZH

Exterior Routing

Topics

  • Understand the issues relating to routing between autonomous systems, and how it is different to interiour routing systems.
  • Understand the basics of Border Gateway Protocol (BGP).
  • Investigate Internet Management issues relating to routing.
  • Investigate the security issues and best practices in managing BGP.
Laboratory 21
Marks: 0

Firewalls (cont)

Practices

  1. continuing
29 May 2017
Lecture 25
Presenter: ZH

Revision

Topics

  • Re-cap of the paper.
  • Exam preperation.
  • Questions and Answers
Laboratory 23
Marks: 0

Catchup Lab

Lecture 26
Presenter: Luke Robinson, NZ Polic Southern Unit

Guest Lecture: Digital Forensics

Topics

  • By a professional from industry
Laboratory -
Marks: 0

Final Lab

Practices

  1. Everything must be signed off before the end of this lab.
Lectures cease Friday (2nd)
Extra Labs for Experts
Laboratory 24
Marks: 0

FTP and Caching

Laboratory 25
Marks: 0

SNMP

Laboratory 26
Marks: 0

IPv6 Firewalls

Laboratory 27
Marks: 0

Netflow

Total marks allocated: 45 in lab work, 5 in a lab practical test 0 in tutorials, 0 in assignments, totalling 50 marks assigned for internal assessment over a period of 13 weeks.