cs530l lab component of lab component of cs530l security
play

CS530L lab component of lab component of CS530L Security - PDF document

CS530L lab component of lab component of CS530L Security Systems course Security Systems course August 28, 2020 Correlation Correlation lab component << >> main course lab component << >> main course


  1. CS530L – – lab component of lab component of CS530L Security Systems course Security Systems course August 28, 2020 Correlation Correlation lab component << >> main course lab component << >> main course � loosely coupled � contributes to course grade – directly: via grading of individual labs – indirectly: subject matter may appear in exams � cumulative lab results are reported to Professor Neuman who considers them in determining course grade 1

  2. Lab sessions per week Lab sessions per week � a 50-minute lab lecture – Friday 4:30 pm, via Webex – addresses the theory that the exercise demonstrates – explains the exercise procedurally � a lab exercise – performed hands on – conducted on a VirtualBox virtual machine (VM) – each exercise on a particular VM – per specific instructions Lab exercise weekly topics Lab exercise weekly topics � Cryptography/key mgmt � Firewalls � Authentication � Intrusion detection � Authorization � ARP spoofing � Application security � Tunnels & VPNs � Packet sniffing � Filesystem labeling subject to adjustment – some changes might be made 2

  3. Lab website Lab website � announcements � lab exercise instructions http://www-scf.usc.edu/~csci530l/ or equivalently a ! h t c o g ” l l “ e r t e e t l http://ccss.usc.edu/530l t o n ” n n u w “ e r m b n u Lab exercise mechanics Lab exercise mechanics � before lecture: preview website’s posted instructions for the upcoming topic � attend lecture on that week's topic (synchronously/live or asynchronously/recorded) � perform lab on that topic during ensuing week � after: electronically turn in requested result – email it to csci530l@usc.edu – use prescribed email title keywords for each lab (the specific keywords are posted on website) – deadline: start of following week’s lab lecture, 4:30 Fridays 3

  4. Lab schedule Lab schedule Lecture topic Lecture date Due date introduction 8/28 cryptography 9/4 9/11 authentication 9/11 9/18 authorization 9/18 9/25 application security 9/25 10/2 packet sniffing 10/2 10/9 firewalls 10/9 10/16 intrusion detection 10/16 10/23 arp spoofing 10/23 10/30 tunnels and vpns 10/30 11/6 filesystem labeling 11/6 11/13 subject to adjustment – probable week off around 10/9 midterm time Lab grading Lab grading � there are 10 lab exercises � each is followed by a few questions � every question must be answered � each lab graded fail/lo-pass/pass/hi-pass 0 1 2 3 � 8 highest grades averaged (i.e., lowest discarded) � average will influence course grade – average > 2 raises/enhances – average < 2 lowers/damages – average = 2 no effect 4

  5. Policies Policies � no late submissions � follow course online homes – lab website at http://www-scf.usc.edu/~csci530l/ – professor's main site for the course http://csclass.info/USC/CSCI530/F20/ Lab platform Lab platform � VirtualBox – how do I get VirtualBox? � several VMs will be distributed – what VMs are there? – how do I get the VMs? – how do I import the VMs into VirtualBox? 5

  6. How do I get VirtualBox VirtualBox? ? How do I get What VMs VMs are there? are there? What � there will be 3 or 4 of them � in the form of .ova files – ova files are large – I will split them into smaller fragments for download – you will recombine the fragments post-download � the first one is now posted (succeeding slides) – the others will follow when needed see lab website's "detailed instructions" link 6

  7. Which labs use which VMs Which labs use which VMs? ? Lecture topic Lecture date cryptography fedora30-fall20 authentication (tba/tbd) authorization fedora30-fall20 application security stack overflow CentOS 4.3 min-gdb heartbleed (tba/tbd) C sign extension fedora30-fall20 packet sniffing fedora30-fall20 firewalls fedora30-fall20 intrusion detection CentOS 4.3 min-gdb arp spoofing fedora30-fall20 tunnels and vpns fedora30-fall20 tba/tbd = to be annouced to be delivered (tba/tbd) filesystem labeling How do I get the VMs VMs? ? How do I get the visit this URL and log in with your USC credentials students please confirm shared drives' accessibility 7

  8. How do I import the VMs How do I import the VMs into into VirtualBox VirtualBox? ? Some configuration scripts Some configuration scripts � VirtualBox includes "vboxmanage" command – a command line equivalent for GUI features � I wrote short scripts that use vboxmanage to automate VM setup work for you – to create them – to make settings (virtual cabling, IPs, hostnames) – to power them on and off – to destroy them � because your time is for using, not configuring 8

  9. Getting the scripts Getting the scripts initially (8/28/20) these contain scripts only for the first lab, about cryptography (others will be added/included before future labs) Using the scripts Using the scripts � there are 10 labs � a set of scripts for each, in its own directory – for Windows ".bat" batch language scripts – for linux/Apple ".sh" bash shell language script – functionally equivalent � 4 to 6 scripts in each set 4 scripts 6 scripts 9

  10. Script execution order Script execution order � using them in order is important at first, to start: vmconfigure-populate.bat (or .sh for bash, on linux or Apple) vmconfigure-construct-network.bat (if present) vmconfigure-guestOS-internal-settings.bat (if present) OR vmconfigure-poweron.bat to end: vmconfigure-poweroff.bat vmconfigure-destroy.bat Script functions Script functions vmconfigure-populate.bat creates VMs by cloning the base VM vmconfigure-construct-network.bat cables interfaces to network(s) common to other VMs vmconfigure-guestOS-internal-settings.bat powers machines on runs commands in their OS (linux) to establish hostnames, addresses, routes vmconfigure-poweron.bat powers machines on (only) vmconfigure-poweroff.bat powers machines off (cleanly) vmconfigure-destroy.bat deletes all trace of machines (must first be in poweroff state) 10

  11. Demo - Demo - instantiating this net instantiating this net Run: 1. vmconfigure-populate.sh 2. vmconfigure-construct-network.sh 3. vmconfigure-guestOS-internal-settings.sh 4. vmconfigure-poweroff.sh 5. vmconfigure-destroy.sh Demo - - resultant screenshot resultant screenshot Demo 11

  12. Today’ Today ’s take s take- -away for your to away for your to- -do list do list � download/install VirtualBox � download/import one appliance (VM) – "fedora30-fall20" � download scripts for your platform � preview the instructions for next week's "cryptography" lab topic http://www-scf.usc.edu/~csci530l/lab-publickey.htm Email contacts Email contacts � csci530l@usc.edu lab grader(s), me, course TA, prof collectively � davidmor@usc.edu me individually 12

  13. Thank you Thank you � for sharing an interest in the subject matter � for adjusting to new, remote classwork � for your kind attention today 13

Recommend


More recommend