Schedule and Readings

Introduction (Lecture Notes: pdf  doc)

Unix Security (Lecture Notes: pdf  doc)

• Password, /etc/passwd, shadow password.
• Users and Groups.
• File Permissions: access control, umask, chmod, chown, chgrp, Set-UID.
• Privileged Programs (Set-UID Programs)
  • Required Reading: Bishop: How to Write a Setuid Program
  • Reading: Checklist for Security of Setuid Programs (a local copy)

Software Vulnerabilities

• Buffer and Integer Overflow: (Lecture Notes: pdf )
  • Stack Buffer Overflow: Smashing The Stack For Fun And Profit (Aleph One)
  • Heap Overflow: w00w00 on Heap Overflows (by Matt Conover)
  • Integer Overflow: Basic Integer Overflows (by blexim)
• Race Condition: (Lecture Notes: pdf )
  • Required Reading: Secure programmer: Prevent race conditions (by David Wheeler)
• Format String (Lecture Notes: pdf )
  • Exploiting Format Strng Vulnerabilities (scut / team teso)
• Input Validation (Lecture Notes: pdf )
  • Required Reading: Chapter 5: Secure Programming for Linux and Unix HOWTO (by David Wheeler)
• David Wheeler's book: Secure Programming for Linux and Unix HOWTO -- Creating Secure Software

System Security (General Concepts)

• Authentication and Password (Lecture Notes: pdf )
  • Pluggable Authentication Modules (PAM)
    • Red Hat Linux 9 Reference Guide (Chapter 7)
    • Samar and Lai. Making Login Services Independent of Authentication Technologies
  • Dictionary attacks, Login spoofing attacks.
• Access Control (Lecture Notes: pdf )
  • Access Control Matrix
  • DAC: Descretionary Access Control
  • MAC: Mandatory Access Control
  • Reference Monitor
  • Access Control List (ACL)
• Capabilities (Lecture Notes: pdf )
  • Henry M. Levy, Capability-Based Computer Systems. (read chapter 1).
  • (Case Study) White Paper: Trusted Solaris 8 Operating Environment.

Basics of Cryptography (Lecture Notes)

• Secret key cryptography
• Required Reading: Block cipher modes of operation (Wikipedia)
• One-way hash function
• Required Reading: Hash Collisions (The Poisoned Message Attack)
• Required Reading: Steve Friedl's Unixwiz.net Tech Tips: An Illustrated Guide to Cryptographic Hashes
• Public key cryptography
• Required Reading: Public-key cryptography (Wikipedia)

Network Security

• DNS and Pharming Attacks (Lecture Notes)
  • Required Reading: The Pharming Guide DNS and BIND's Sample Chapter 2: How Does DNS Work?
  • Security Issues with DNS
  • Using the Domain Name System for System Break-ins
  • Threat Analysis of the Domain Name System (DNS)
• Cross-Site Scripting
  • Required Reading: Cross-site scripting From Wikipedia
  • News: Cross-Site Scripting Worm Floods MySpace
• SQL Injection Attacks
  • Required Reading: Steve Friedl's Unixwiz.net Tech Tips: SQL Injection Attacks by Example