Tuesday, July 13, 2010
Have you been wondering where I have been hiding all this time? Well, providing labs for four classes and two info-sec workshops will make time for blog posting sparse.
IS 315 Risk Management and Intrusion Detection: Wireshark Labs to cover the basics and core protocols (TCP,UDP, IP, ICMP, ARP, etc.) and special projects to build a Snort IDS and discuss sensor placement and risk management concerning the deployment. Plans are to author snort signatures towards the end of the quarter if time permits.
IS 418 Securing Linux Platforms and Applications: Some basic labs to brush up on Linux accounts and permissions did an IPTables to review firewalling. Building on all this teaching SELinux...we have been covering the basics and tacking a few of the concepts, particularly MCS and MLS models.
IS 316 Firewalls & VPNs: Started with IPTables and BASH shell scripting around that to automate the process. Currently working on Packet Filtering and using OpenSSH Layer 3 VPNs. Will graduate to pfSense (firewall, proxy and VPN) and possibly using the Cisco ASA as a firewall/VPN platform.
IS 413 Auditing E-Commerce and Network System Implementation: The students have already had policy and auditing courses including another one the evening before. We are using WebGoat and Damn Vulnerable Web App to learn about many of the web application risks that are out there. Towards the end of the quarter we will investigate the audit trails and discuss writing strong policy around these issues.
Headed to Greenbelt MD for a week to teach a CEH class, then over to Honolulu HI for a week to teach a CEH class then back to Greenbelt for a week long CHFI class. I suppose after that I will be allowed to return home! ;)