Have you been wondering where I have been hiding all this time? Well, providing labs for four classes and two info-sec workshops will make time for blog posting sparse.
IS 315 Risk Management and Intrusion Detection: Wireshark Labs to cover the basics and core protocols (TCP,UDP, IP, ICMP, ARP, etc.) and special projects to build a Snort IDS and discuss sensor placement and risk management concerning the deployment. Plans are to author snort signatures towards the end of the quarter if time permits.
IS 418 Securing Linux Platforms and Applications: Some basic labs to brush up on Linux accounts and permissions did an IPTables to review firewalling. Building on all this teaching SELinux...we have been covering the basics and tacking a few of the concepts, particularly MCS and MLS models.
IS 316 Firewalls & VPNs: Started with IPTables and BASH shell scripting around that to automate the process. Currently working on Packet Filtering and using OpenSSH Layer 3 VPNs. Will graduate to pfSense (firewall, proxy and VPN) and possibly using the Cisco ASA as a firewall/VPN platform.