Internet-Security - Weaknesses and Targets (Teleteaching) (Wintersemester 2009/2010)

Dozent: Prof. Dr. Christoph Meinel (Internet-Technologien und -Systeme)
Tutoren: Dr. Feng Cheng

Allgemeine Information

• Semesterwochenstunden: 4
• ECTS: 6
• Benotet: Ja
• Einschreibefrist: 13.11.2009
• Lehrform:
• Belegungsart: Wahlpflichtmodul

Studiengänge

• IT-Systems Engineering BA

Beschreibung

"Internet Security - Weaknesses and Targets" is based on "Internet- & WWW-Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issuses.

 

News

• Examination dates fixed (14.12.2009, 18.02.2010)! First hands-on experience scheduled (23.11.2009/27.11.2009)!
• 04.11.2009 There is no lecture on Wednesday! Lectures on Hackers & Viruses as well as Computer Crime are published on Tele-Task.
• 26.10.2009 First exercise sheet online here! Hand-In is on Monday, 02.11.2009, 12:00.
• 21.10.2009  Time and room for exercise courses are changed:
  • Group A: Monday, 13:30 - 15:00, HS 1
  • Group B: Friday, 11:00 - 12:30, HS 3
• 15.10. 2009 Online Exercise Registration: There will be no lists at the blackboards for registering to a specific exercise group. Registration is possible here (only from inside HPI) using your HPI OpenID.

Voraussetzungen

Contents of lecture "Internet- und WWW-Technologien" (esp. protocols) should be present.

Literatur

• Meinel/Sack: WWW (for repetition of the WWW basics)
• Stuttard/Pinto: The Web Application Hacker's Handbook - Discovering and exploiting security holes
• Koziol/Litchfield/Aitel/Anley/Eren/Mehta/Hassel: The Shellcoder's Handbook - Discovering and exploiting security holes
• The Internet

Lern- und Lehrformen

Lecture and exercise.

Every week a 90 minutes lecture (in english) is held and streamed over the internet. Students have to solve and submit their exercises weekly.

Leistungserfassung

50 % of the maximum exercise points (in 1st and 2nd half of semester) are needed to be able to take part in the examination at the end of the semester. In the middle of the semester (14.12.2009,  13:30?Uhr B.E 2?) there will be a written intermediate exam which counts about 1/3. At the end of the course there is a second written exam (counts about 2/3). Students who want to improve their mark can also register for an oral examination. Outstanding exercise results and participation in discussion can lead to a better mark.

There will be two practical hands-on exercises including reconnaissance, analysis, and practical attack of a prepared victim network.

Termine

Examination dates:

• 14.12.2009 Half-term examination, HS 1, 13:30
• 18.02.2010 final examination, HS 1; 10:00

Lecture dates: Wednesday, 8:30 - 10:00, HS 2

Exercise course dates:

• Group A: Monday, 13:30 - 15:00, HS 1
• Group B: Friday, 11:00 - 12:30, HS 3
• 23.11.2009 (Group A) / 27.11.2009 (Group B) Hands-on experience on Reconnaisance and Attacks on Accounts and passwords

Exercise sheets will be published every Monday in the HPI network folder of the lecture. Deadline for the submission of the solutions: Monday (one week after the publication) 12:00 o'clock (Foyer, Tray 51).

ATTENTION: The first exercise is on Monday, 26.10.2009, 13:30

Zurück