The IWAR range: a laboratory for undergraduate information assurance education
CCSC '01 Proceedings of the sixth annual CCSC northeastern conference on The journal of computing in small colleges
Managing Cisco Network Security
Managing Cisco Network Security
Hacking Exposed: Network Security Secrets and Solutions,Third Edition
Hacking Exposed: Network Security Secrets and Solutions,Third Edition
Designing and implementing a cyberwar laboratory exercise for a computer security course
Proceedings of the 35th SIGCSE technical symposium on Computer science education
A real-time information warfare exercise on a virtual network
Proceedings of the 36th SIGCSE technical symposium on Computer science education
A laboratory based capstone course in computer security for undergraduates
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Teaching hands-on Linux host computer security
Journal on Educational Resources in Computing (JERIC)
Laboratory experiments for network security instruction
Journal on Educational Resources in Computing (JERIC)
SEED: A Suite of Instructional Laboratories for Computer Security Education
Journal on Educational Resources in Computing (JERIC)
Spamulator: the Internet on a laptop
Proceedings of the 13th annual conference on Innovation and technology in computer science education
Two approaches to an information security laboratory
Communications of the ACM - Surviving the data deluge
Cyber defense competition: a tale of two teams
Journal of Computing Sciences in Colleges
| Hi-index | 0.00 |
With funding from NSF the Department has set up a stand alone lab for students to learn penetration testing techniques(attack), to harden their networks against these attacks (defense) , and also to gather enough evidence to through careful logging and audit controls to convict a hacker (convict). Linux RedHat 7.1 was used and all the machines were set up as standalone servers in three different subdomains, with 2 perimeter routers and 2 firewalls to allow experimentation with various configurations. In all over 50 software tools were downloaded and tested. Students were screened and asked to sign a disclaimer. They should also have been required to have networking experience. An initial mistake was to run a very minimal server with no services and practically no users. This was not realistic. It made it quick to rebuild systems but much harder to attack.The attacks need to be carefully planned and structured in a specific sequence one at a time, otherwise it becomes very difficult to follow what is going on.