COMP 4722 Network Security
This course delves into arguably the most important security topic today; the security of the network. In this course, we cover primarily the defensive side of network security, and the tools and techniques used to secure, analyze and detect attacks in modern networks. Specific topics include:
- Firewalls, types and capabilities, software implementations, configuration and management
- Linux networking basics, setting up a virtual network environment for testing and implementation
- Common Unix/Linux tools for network management/configuration (ip, if, ss, netstat, route, ping, nc, etc.)
- Common networking setup for Linux environments (configuration files, DHCP/DNS/VLAN/VPN in test networks)
- Programming using OpenSSL libraries for key exchange and encryption/decryption
- Firewall configuration and implementation in Linux (netfilter, iptables, etc.)
- Intrusion detection basics, types and capabilities
- Intrusion detection (NIDS) deployment and usage (snort, bro, etc.)
- Automated vulnerability scanning and vulnerability management basics
- Vulnerability scanner/manager deployment using (Greenbone, Wazuh, ELK)
- Host-based vulnerability scanning, management, HIDS using Wazuh
- VPNs, overview, implementation and usage (openvpn, wireguard)
- Security auditing for real: SIEMs
- Wireless network security, attacks and threats (open wireless, Wifi pineapple, cracking network passwords and keys)
Course learning objectives
- Identify and classify network security threats, and develop a security model (and/or policies) to prevent, detect and recover from the attacks.
- Understand generic properties of secret keys, message digest, and well-known public key algorithms, and how each is used.
- Understand authentication handshakes and analyze their relative security and performance strengths.
- Obtain an overview of security standards used in practice, PKI standards, IPSec, and SSL.
- Understand attack payloads, intrusion detection, and the use of a firewall and its configuration to provide network access control.
- Familiarity with using the OpenSSL library high level interface to secure communications.
- Be able to configure network security software in modern *nix operating systems
- Capability to deploy and use vulnerability scanning, detection, and management software
- Know how NIDS/HIDS operate (and differ), and some common types of implementations (rule based, anomaly detection, thresholds, etc.)
- Be able to use and identify common attacker tools from a network perspective