Week

Subjects

Litterature
Recommendations/Links

Exercises/Solutions/Examples

5

Getting ready 
Zealand, Roskilde

Doonesbury 1-2
Superman, Hitman...

Kurose&Ross: Computer Networks (CN)

Stallings: Network Security Essentials (NSE)

Easttom: Computer Security Fundamentals (CSF) Extensive background readings

Buying Books  NOW
Winterbathing in the fjord

Link to Exercises Kurose&Ross (CN)

Link to Stallings exercises

Download All Slides Kurose&Ross

Introduction to Wireshark (video)

IT-Security super job opportunities

(video)

6

Security overview

Symmetric keys
Cipher block modes

ECB vs CBC

(Public/private keys)

Install necessary SW

Ubuntu Installation
Virtual machines

• CN: Ch. 8.1-8.2.1,(8.2.2)
• (CSF: Ch. 1 & 3)
• NSE: Ch. 1-1.5, 2-2.2, 2.5
• Useful security links
• DigitalAttackMap
• https://www.owasp.org
• http://www.shadowserver.org
  

Slides/Videos

• CN Chapter 8 Slides
• Security Introduction Slides
• Security Overview Slides
• Conventional Encryption Slides
• Bots
• Hack yourself
• TV Docs Hacking Hitler by tracking
  

Homework1: Security Attacks

Homework1: Security Attacks.html

Packet Sniffer Wireshark

Packet Sniffer Wireshark.htm

Lab Cryptool 1
Lab DES file

Homework1: Security Attacks Answers
from students

7
more links next row

Public key encryption
RSA & Diffie-Helmann

Hashing
SHA 512
MAC/HMAC

Renew Certificates

Work on SSL-Assignment

• CN: Ch. 8.2.2
• NSE: Ch. 3.4, 3.5
• 
  
• CN: Ch. 8.3-8.4
• NSE: Ch. 3-3.1, 3.2(extensive)
• NSE: Ch. 3.3 (p. 91-95)
  
• HMAC (Wikipedia)
• Cryptographic Hash Standards
• First Sha1 collision detected 2017
  

Slides/videos

• Public-key Lecture
• Lecture Slides on PKI

Lab Cryptool 2

OpenSSL

Lab Open SSL

Lab Cryptool Ceritficates 3

Homework 4: Tracking

CertificateX509

CertificateX509 No.2
Scripts for X.509 certificates

SSL AssignmentC#

TCPEchoServerClientC#

SSLSolutionC#

SSLSolutionClientServerValidationC

SSL AssignmentJava

SSLProject
TCPEchoServerClientJava
SSL SolutionJava

X509 authentification

Procedures & ceritficates

SSL/TLS principles
SSL programming

Literature/recommendations/Link

• NSE: Ch. 4.5
• Wikipedia entry on X509
• Wikipedia Revocation List
  
  
• CN: Ch. 8.6
• http://en.wikipedia.org/wiki/SSL
• http://wiki.wireshark.org/SSL
• SSL Useful Links
• What is HTTPS?
• How to secure socket connections with TLS/SSL (XAML)

Slides/videos rehearsal on TLS/SSL

• Lecture Slides on TLS
• Lecture Slides on SSL

X509 authentification

Procedures & ceritficates

SSL/TLS principles
SSL programming

Literature/recommendations/Link

• NSE: Ch. 4.5
• Wikipedia entry on X509
• Wikipedia Revocation List
  
  
• CN: Ch. 8.6
• http://en.wikipedia.org/wiki/SSL
• http://wiki.wireshark.org/SSL
• SSL Useful Links
• What is HTTPS?
• How to secure socket connections with TLS/SSL (XAML)

Slides/videos rehearsal on TLS/SSL

• Lecture Slides on TLS
• Lecture Slides on SSL

Introduction to password cracking.

Exercises
Password Cracking Mini

Literature/recommendations/Links

Slides/videos

• Master-Slave architecture
• Instructions PasswordCracking
• System Architecture1 Example
• System Architecture2 Example

PasswordCrackingMiniAssignment

PasswordCrackingProject

PasswordCrackingCentralizedC

PasswordCrackingCentralizedJava

SocketConcurrentJava

Kerberos
Ticket Granting ServiceTickets content

Follow up on exercises.

Literature/recommendations/Links

• NSE: NSE: Ch. 4.1, 4.3
• Kerberos version 5 (in Windows Server)
• Dialougue on Authentication system like Kerberos from MIT!
  

Slides/videos

• Kerberos Slides
• How Kerberos Works (Youtube)
• Kerberos Authentication Process (Youtube)

Homework 2 Kerberos

Exercises from week 7
to be continued and finalized

Password Management

HashCat with GPU

Web security
Web Tokens

Follow up on exercises.
Homework 2 Kerberos

Literature/recommendations/Links

• NSE: Ch. 11.3
• Windows passwords techniques
• Cracking Windows Passwords I
• Cracking Windows Passwords II
  
  
• hashcat.net
• http://splashdata.com bad passwords
  
  
• JWT Token Structure
• JWT Basics
• JWT Useful links

Slides/videos

• JWT Introduction Slides
  
• Password Management Attacks
• Cracking using graphic processors video
• How to crack passwords using hashcat
  

Hashcat cracking
Hashcat Cracking.html

JWTRestService

JWT TokenIntroduction

JWTAuthServerClient

Hacking
Database security
SQL-Attacks
Defence of SQL-injection

Web security

Literature/recommendations/Links

• DBMS Note: DB
• Connolly DB Ch. 18 Ch. 18-18.2, 18.4

• SQL Injection Examples
  
  

Slides/Videos

• Lecture Slides DB Security
• DB Security Threats

Exercises from week 9
to be finalized

SQLInjection Smart

SQLInjection Defence

JWTAuthServerClient

Pretty Good Privacy
PGP
(S/Mime)

Literature/recommendations/Links

• CN: Ch. 8.5
• NSE: Ch. 8 & Appendix H
• Base64 Radix64 definition
  Guide to PGP installation

Slides/videos

• ElectronicMailSecurity Slides

Lab PGP-Email

PGP Problems solved

VPN
Virtual Private Network
IP-Sec

Installation of

VM VirtualBox
Ubuntu 16.04
Kali Linux

Maybe BlockChain
see next row

Literature/recommendations/Links

NSE Ch. 9 very detailed.
CN: Ch. 8.7 good overview

• Wiki IPSec
• Wiki VPN
• Wiki OpenVPN
• Protocols and modes overview
• OpenVPN Security Overview

Slides/Videos

• IPSec & VPN Whiteboard Slides
• NSE IPSec Slides on Chapter 9
• CN Chapter 8 Slides on VPN & IPSec
• IPsec & VPN Lecture Slides used

Mandatory VPN project

Guidelines on installation of VirtualBox, Ubuntu, Kali & VPN

Alternatively choose

Mandatory Blockchain project Word

Mandatory Blockchain project PDF

Useful tips and links for blockchain

11/12

Online

Blockchain
E-Coins

Introduction on Mandatory VPN or
Blockchain

Mandatory project starts

• BlockChain Wikipedia
• BlockChain for dummies
• Bitcoin the original article!!
• Lisk
• Ethereum
• Blockchain.com/charts
  

Slides/Videos

• BlockChain Whiteboard Slides PDF
• BlockChain Whiteboard Slides PP
• Secret Chinese Bitcoin Mine
• BlockChain Introduction (6 minutes)
• BlockChain Detailed (23 minutes)

Mandatory VPN project

Guidelines on installation of VirtualBox, Ubuntu, Kali & VPN

Alternatively choose
Mandatory Blockchain project Word

Mandatory Blockchain project PDF

Useful tips and links for blockchain

Blockchain questions

12

Mandatory project
Blockchain or VPN

Mandatory VPN project extra links

• OpenVPN Security Overview
• OpenVPN HowTo
• Digital Oean OpenVPN Installation On Ubuntu 16.04
• OpenVPN Client Configuration Example
• OpenVPNConfiguration

(VPN 14.04 Old version Problems Answered)

VPN 16.04/18.04 Problems Answered

13

14
OnLine

Hack or get hacked

Homeworks 4+5

ManInTheMiddle-Attacks
ARP Cache Poisoning, DNS Spoofing
ARP Cache Poisoning, SSL Hijacking

Literature/recommendations/Links

CN: Ch. 6.1, 6.4

Wikipedia: MAC_address

Slides/Videos

• CN Chapter 5 All Slides Ed 6
• ManInMiddle Slides PDF
• ManInMiddle Slides PP
• https://hack.me
• http://www.windowsecurity.com/articles-tutorials/

Homework 5 Wireshark SSL

ManInMiddle Attack Excercise

ManInMiddle Attack Excercise PDF

Removed Cain and Abel zip with exe files

Cain and Abel zip with txtcnnheat files

John the Ripper Cracker

Challenge from US Difficult!

N/A: Firewalls

15

Easter Vacation

  Holidays That means students catch up

  Teachers relax !

Hack or get hacked

Kali-Linux tool

Literature/recommendations/Links

• http://www.hackingtutorials.org/wifi-hacking-tutorials/top-10-wifi-hacking-tools-in-kali-linux/
• https://itsfoss.com/best-kali-linux-tools/
• http://tools.kali.org/
• 
  
• http://www.kalitutorials.net/
• http://www.kalitutorials.net/2013/08/kali-linux.html
• https://gitlab.com/kalilinux

• http://www.techrepublic.com/article/pro-tip-install-kali-linux-tools-on-ubuntu-with-this-easy-script

Slides/Videos

• Kali-Linux Slides (PP)
• Kali-Linux Slides (PDF)

Kali-Linux Tools Exercise
Kali-Linux Tools Exercise PDF

nmap.txt

17
OnLine

Hack or get hacked

Kali-Linux tool

Metasploit

Metasploitable

Literature/recommendations/Links

• https://tools.kali.org/exploitation-tools/metasploit-framework
• https://sourceforge.net/projects/metasploitable/files/Metasploitable2/
• https://www.offensive-security.com/metasploit-unleashed/
• https://www.wikigain.com/download-install-metasploitable-in-virtualbox/
• https://www.exploit-db.com/

Slides/Videos

• Hacking Slides (PP)
• Hacking Slides (PDF)
• Metasploit Slides (PDF) N/A

Metasploit Investigation

Metasploitable Installation

Pentest using Metasploitable vs. 1.0

Synopsis writing and supervision starts on Wednesday

Here are some ideas:

Firewalls theory/practise
Various risks/denfences
Security on mobiles
Gaming over net, vulnerabilities
Cloud security
Log transcripts exercise
Windows vulnerabilities
Hacking theory and practise
Security in layers
Wireless keyboards hacking
E-coins theory and simple practice
Ethereum vs, Lisk tools
Kerberos ideas in Angular
Private blockchains
Web-token and Angular
Your own blockchain
Attaxks on Windows 7 in Metasploit
Machine Learning: Tools investigations and Interpolation
Machine Learning: Tools and Face Recognition

20

21

22

50

51

52

Pretty Good Privacy (PGP)
(S/Mime)

Literature/recommendations/Links

• CN: Ch. 8.5
• NSE: Ch. 8 & Appendix H
• Base64 Radix64 definition
  Guide to PGP installation

Slides/videos

• ElectronicMailSecurity Slides

Lab PGP-Email

PGP Problems solved

Hacking and defence

http://www.hackingtutorials.org/wifi-hacking-tutorials/top-10-wifi-hacking-tools-in-kali-linux/

http://www.kalitutorials.net/

http://www.kalitutorials.net/2013/08/kali-linux.html

http://tools.kali.org/

http://www.techrepublic.com/article/pro-tip-install-kali-linux-tools-on-ubuntu-with-this-easy-script/

nmap.txt

Kali-Tools

Database transactions
Concurrency by locks

• DBMS Note: DB
  
• Connolly DB Ch. 19
• DB 19-19.2.5, 19.2.7-8, 19.3,19.5
  

Slides/Videos

• Lecture Slides DBTransactions
• DB Transaction

Firewalls

DB Chapter19 Assignments
DB Comparison

Fireewalls Solution
Comparison of Firewalls

DB Chapter 19

DB Comparison Solution

SecureSocket C#

SecureSocket Java

Network-tools

Shields up for ports

23

Rehearsal for exam

24

Oral Exam

Good luck !

Exam Roll List

Re-exam unkbnown

35

 5th Semester starts