Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates
暂无分享,去创建一个
With funding from NSF the Department has set up a stand alone lab for students to learn penetration testing techniques(attack), to harden their networks against these attacks (defense) , and also to gather enough evidence to through careful logging and audit controls to convict a hacker (convict). Linux RedHat 7.1 was used and all the machines were set up as standalone servers in three different subdomains, with 2 perimeter routers and 2 firewalls to allow experimentation with various configurations. In all over 50 software tools were downloaded and tested. Students were screened and asked to sign a disclaimer. They should also have been required to have networking experience. An initial mistake was to run a very minimal server with no services and practically no users. This was not realistic. It made it quick to rebuild systems but much harder to attack.The attacks need to be carefully planned and structured in a specific sequence one at a time, otherwise it becomes very difficult to follow what is going on.
[1] Michael Wenstrom. Managing Cisco Network Security , 2001 .
[2] Stuart McClure,et al. Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition , 2001 .
[3] John R. Surdu,et al. The IWAR range: a laboratory for undergraduate information assurance education , 2001 .
[4] Saumil Shah,et al. Hacking Linux Exposed , 2001 .