Description: 

The course IT Security is integrated into the training in the field of networks, systems and security within the curriculum, and provides the student with an applied foundation in the principles, technologies and fundamental criteria of security in computer and telematic environments. In continuity with previous courses in local area networks, administration and systems, it allows the student to understand the main risks, vulnerabilities and protection mechanisms associated with systems and data networks. Likewise, the course promotes the development of skills in analysis, diagnosis and application of security measures in practical contexts, incorporating the use of the LOST Project environment as support for applied work and progressive learning. In this way, it constitutes a relevant foundation for later subjects or pathways linked to cybersecurity, network administration and the protection of ICT infrastructures.

Type Subject
Tercer - Obligatoria
Semester
Second
Course
3
Credits
4.00

Titular Professors

Jaume Abella Fuentes
Professor

Professors

Aleix Muntal Culubret
Previous Knowledge: 

It is recommended to have completed Local Area Networks (49063 / 49A63).

It is also recommended that the student has completed or is taking the course Networking Laboratory (TL002) or Administration and Design of Operating Systems (EM007 / EMA07).

Objectives: 

The main objectives of the course are for the student to:

  • Learn IT Security.
  • Learn Ethical Hacking.
  • Be able to carry out analyses of security tests.
  • Be able to identify vulnerabilities in systems.
  • Be able to apply security solutions.

Contents: 

The specific contents of the course are detailed below:

1. Basic Scenarios

  • Know how to activate and configure Windows IIS and Linux Web and FTP servers.
  • Know how to activate, configure and work with Linux SSH servers.
  • Analyze 3-way-handshake TCP process, ICMP traffic (also traceroute operation in Windows and Linux and other types of relevant traffic to understand network operation (with Linux tcpdump tool)).
  • Identify, create and use TCP/IP sockets (netcat and netstat tools).
  • Learn how to avoid password sniffing on Windows and Linux capturing passwords with Wireshark and tcpdump.
  • Learn how to avoid ARP spoofing implementing it and capturing the traffic generated.

2. Cryptography

  • Understand and identify symmetric and asymmetric cryptography methods.
  • Know SSH protocol versions and their operation and configuration.
  • Understand, identify and use hashing algorithms (MD5 and SHA-1).
  • Identify how Linux stores passwords and understand methods of password encryption (MD5, Blowfish, DES, SHA-256, SHA-512).
  • Know, identify and manage digital certificates.
  • Understand and identify HTTPS and SSL operation.

3. Password Cracking

  • Implement password dictionary attacks (with different tools like John the Ripper, Hydra, Medusa, among others) and learn countermeasures to avoid them.
  • Implement password Brute-force attack (with different tools like Brutus) and learn countermeasures to avoid them. Additionally, analyze rainbow tables performing.
  • Be aware of ways to obtain people’s passwords and how to avoid it (social engineering, shoulder surfing, phishing, among others).

4. Basic Network Attacks

  • Implement and identify ping of death attack and learn to apply countermeasures.
  • Implement and identify smurf attacks and learn to apply countermeasures.
  • Implement Web Session Hijacking attack and learn to apply countermeasures.
  • Implement SYN flood attack and learn to apply countermeasures.

5. Footprinting

  • Conduct a footprinting (with different tools and methods suggested in Kali Linux and OSINT documentation) and learn how to document it.

6. Host Scanning

  • Identify how Nmap works, which information it helps to gather, what traffic it generates and learn to use it.
  • Understand the differences between state results in port scanning, identify Nmap port scans and implement a port scan.
  • Identify Nmap options for version detection and use Nmap to detect applications and Operating system versions.
  • Learn to use Hping as a scanning tool.
  • Learn what is and Idle scanning, implement it and propose countermeasures.

7. Fingerprinting

  • Know and implement fingerprinting, and explain IP and ICMP fingerprinting techniques.
  • Know, implement and explain techniques for Server Banner Grabbing.
  • Know, implement and explain techniques for Client Banner Grabbing.
  • Explain what security through obscurity is used for and implement a header obfuscation scenario.

8. Vulnerabilities

  • Know vulnerability databases and find vulnerabilities for a specific application using these databases.
  • Know, describe, install and configure Nessus and identify security problems using this tool.

9. Penetrating

  • Understand “Unicode Directory traversal” vulnerability (CVE-2000-0884, MS00-078), use netcat to hack a Windows server with this vulnerability and, determine and apply countermeasures.
  • Understand how Metasploit Framework is used to exploit vulnerabilities, use Metasploit Framework to hack into a Windows system and, determine and apply countermeasures.
  • Exploit a poorly secured Linux with basic methods, using netcat to open a backdoor and, determine and apply countermeasures.
  • Understand SQLi methods, exploit a vulnerable web server using SQLi, use different tools to implement SQLi, implement complementary methods to test a web server and, determine and apply countermeasures.

Methodology: 

The subject is carried out with a "Learning by doing" methodology.

The subject has two relevant training activities:

  1. LABs for each lesson. Each lesson has a set of LABs that accompany students to learn the various topics detailed in the DETAILED CONTENTS section step by step.
    • LABs are carried out in groups of two people.
    • LABs are carried out during the different class sessions, where the support of the instructor is available to solve doubts and / or incidents. If during the class there is not enough time to finish the planned LABs, you will have to finish them outside class hours and deliver them at most on the dates indicated in the course planning.
    • Each LAB will be reviewed by the instructor and its development must be shown to the instructor when the checkboxes of each statement are reached.
    • Each LAB has scoring deliverables.
  2. A final exercise (Security Testing Exercise). In this final exercise, each group must carry out a Vulnerability Assessment and Penetration Testing on a set of previously assigned servers from the LOST Project. During this exercise, students must apply most of the concepts learned during the first part of the course and document the results. Finally, they must carry out an INTERVIEW to assess their learning individually.

Evaluation: 

The course is assessed through continuous assessment and an individual test.

The final grade is obtained from the following elements:

  • Attendance: 10%
  • LABs: 25%
  • Security Testing Report: 35%
  • Personal interview: 10%
  • Exam: 20%

To pass the course, it is necessary to:

  • have a minimum attendance of 75%.
  • obtain at least a 5 in the LABs, the Security Testing Report and the personal interview.
  • obtain at least a 4 in the final exam in order to calculate the average.
  • achieve a final grade equal to or higher than 5.

There is a midterm exam that exempts the student from the final exam if a grade equal to or higher than 5 is obtained. In addition, all LABs must be submitted in order to carry out the Security Testing Exercise. In the case of the extraordinary examination period, the final Security Testing Report must have been submitted before taking the exam.

Evaluation Criteria: 

The following will be assessed:

  • The understanding of the fundamental concepts of IT security applied to systems and networks.
  • The ability to identify vulnerabilities, risks and security problems in computing environments.
  • The correct application of security techniques, tools and procedures in practical activities.
  • The ability to analyse results and document the tests carried out rigorously.
  • The technical quality, coherence and justification of the proposed solutions.
  • Conceptual and terminological rigour in the use of the language specific to computer security.
  • Clarity, coherence and correctness in the written and oral presentation of the results.

Basic Bibliography: 

Subject's notes and laboratory practices

Additional Material: 

Complementary documentation is available to students at estudy.salle.url.edu (virtual campus).