COMPUTER AND NETWORK
SYSTEM ADMINISTRATION
CNT 4603-01
Syllabus, lectures, and other materials — Fall 2015

Fall 2015: Syllabus for CNT-4603

Reading Schedule

Final Paper

Assignments

Assignment 1 (no journal due)

Assignment 2 (journal due September 15)

Assignment 3 (journal due September 22)

Assignment 4 (no journal necessary, this is an in-class lab)

Assignment 5

Assignment 6

Pentest Assignment

Class Notes

01

Building Blocks

Notes on chapter two of the text

Processes and daemons

Processes and daemons, continued

Building the tree of processes and daemon

Notes on chapter three of the text

Root

Users

Networking

IPv6

Naming the network: DNS

Network services

Network services

Your physical environment

Other Material

Email lists, newsgroups, RSS feeds, and so forth

I highly recommend reading the ACM's Risks Digest (you can read it in rdf format at http://catless.ncl.ac.uk/rdigest.rdf, or via email — instructions are at http://www.csl.sri.com/users/risko/risksinfo.html) or adding its RSS feed at http://catless.ncl.ac.uk/risksatom.xml to your feed browser. Also, you might want to join the FSU Nolenet mailing list.





Reference to the Tanenbaum-Torvalds discussion of micro versus macro: Open Sources: Voices from the Open Source Revolution; Appendix A, The Tanenbaum-Torvalds Debate

The Evolution of the Unix Time-sharing System

The Art of Unix Programming

Server Fault Forum

LWN

2008-06-09: An Email About A SAN here at FSU: SAN Issue -- root cause explanation

2008-06-09: An Email about a Mailman problem here at FSU: Mailman problem

2008-06-11: An Email about a ClamAV problem with respect to Selinux: ClamAV/Selinux problem

2008-06-13: Reference for enjoyable book on networking:

   Network Warrior, Second Edition
   by Gary A. Donahue
   Publisher: O'Reilly
   Pub Date: May, 2011
   Print ISBN-13: 978-1-4493-8786-0

2008-06-16: Morgan Stanley and AFS: When Your Business Depends On It: The Evolution of a Global File System for a Global Enterprise

2008-06-16: Relatively recent (2006) NFS operations resource: Linux NFS-HOWTO

2008-06-27: Recent article on top-level domains in the New York Times: New Flavors for Addresses on the Web Are on the Way

2008-07-07: Recent article on consumer views of service downtimes in the New York Times: As Web Traffic Grows, Crashes Take Bigger Toll

2008-07-09: Recent article on patching DNS flaw: Vendors form alliance to fix DNS poisoning flaw

2008-07-09: DNS patches prove fatal for some software: MS DNS patch snuffs net connection for ZoneAlarm users

2008-08-08: Press release from Dr. Bernstein on DNS cache poisoning: DNS still vulnerable, Bernstein says

2008-08-11: Plastic Keys to Physical Locks: Researchers Crack Medeco High-Security Locks With Plastic Keys

2008-08-20: An Email about an administrator failing to set permanent state after setting temporary state: Blocked Hosts List?

2008-08-22: An Email about an intrusion at Redhat's Fedora: Infrastructure report, 2008-08-22 UTC 1200

2009-01-05: Backup woes: Hard Lessons in the Importance of Backups: JournalSpace Wiped Out

2009-01-22: NSA Selinux link: http://www.nsa.gov/research/selinux/.

2009-02-10: Data breach at FAA: FAA reports 45,000 data records pilfered from server

2009-02-26: Man-in-the-middle attack that looks viable: SSL Strip

2009-03-06: Finally, a vulnerability found in DJBDNS: Security Issue in DJBDNS Confirmed

2009-03-06: And a second vulnerability also found in DJBDNS: Rapid DNS Poisoning in DJBDNS

2009-04-01: Spam Back to 94% of All E-Mail

2009-04-06: Carbonite loses customer backups, sues Promise Technology

2009-05-15: Backup woes at Avsim: Hackers 'destroy' flight sim site

2009-05-20: Microsoft IIS hole fells university server

2009-05-21: Microsoft IIS6 bug exposes sensitive files sans password

2009-07-15: U.S. Postal Service Gives Stamp of Approval to FOSS

2009-07-15: DHCP server can take over client

2009-07-21: More on the DD-WRT story mentioned brought up in class: Open-source firmware vuln exposes wireless routers

2009-07-23: Adobe Flash woes: New attacks exploit vuln in (fully-patched) Adobe Flash

2009-07-29: Major BIND bug: BIND crash bug prompts urgent update call

2009-07-29: FSU's response to the BIND bug: [Nolenet] DNS server code upgraded

2009-07-30: Data Exposure in the U.S. government: US Congress probes accidental top secret file sharing

2009-07-30: Hardware security: Intel warns over bare-metal BIOS bug

2009-07-31: DNS: Wildcard certificate spoofs web authentication

2009-07-31: iPhone: How To Hijack 'Every iPhone In The World'

2009-07-31: Details on the Linux 2.30 NULL pointer problem: Fun with NULL pointers, part 1

2009-08-31: Warming server rooms: Intel says data centers much too cold: Frozen assets a waste of cash

2009-08-31: IIS bug gives attackers complete server control

2009-09-02: Why Gmail Failed Today

2009-09-09: Windows unpatchable: Microsoft: Patching Windows 2000 'infeasible'

2009-09-16: The Curious Case of the Failing Connections, The Curious Case of the Failing Connections, Part 2

2009-09-16: Microsoft starts warnings of support phase-out for older Windows Server releases

2009-10-07: A practical example of why you do not want to still be using 512-bit RSA keys: TI-83 Plus OS Signing Key Cracked

2009-10-12: Linux saves Aussie electrical grid

2009-10-16: Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack

2009-10-16: Maybe all's well that ends well? Microsoft recovers 'most, if not all' Sidekick users' data

2009-12-04: Test setup leaks into production: Bing dies (briefly) after Microsoft hits wrong button

2010-08-23: Why RAID 5 stops working in 2009

20109-09-07: Part one of Doomsday Weekend: who can you trust?

2010-09-07: A series of disorderly events

2010-09-08: DNSSEC versus DNSCurve OpenDNS adopts DNSCurve

2010-09-15: Stuxnet attackers used 4 Windows zero-day exploits

2010-09-16: Intel eats crow on software RAID

2010-09-20: Siemens: Stuxnet worm hit industrial systems

PSN was running on unpatched Apache server with no firewall .

2011-05-10: Why Sony's PSN problem won't take down cloud computing

2011-05-10: Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region

2011-05-10: Global CIO: Why The Amazon Cloud Outage Is Irrelevant

2011-05-31: BIND Named woes again: Large RRSIG RRsets and Negative Caching can crash named

2011-06-06: How a cheap graphics card could crack your password in under a second

2011-08-02: Anatomy of a Unix breach

2011-08-30: Fixing a CGI-like Script

2011-09-12: Rent-a-Bot Networks Tied to TDSS Botnet

2011-11-04: Chaos Computer Club analyzes government malware

2011-11-14: Et tu, Boeing? FACT CHECK: SCADA Systems Are Online Now

2011-11-14: Underground call-centre for identity theft uncovered by security researchers

2011-11-14: The Dark Side Of Biometrics: 9 Million Israelis' Hacked Info Hits The Web

2011-11-14: The Underground Economy of Fake Antivirus Software (PDF)

2011-11-14: The Perfect Scam

2011-11-14: Who killed the fake-antivirus business?

2011-11-14: Russian police take a bite out of online crime

2011-11-28: Japan's continuing cybersecurity problems: Upper House confirms falling victim to cyber-attacks

2011-11-28: Japan's continuing cybersecurity problems: Only 45% of lawmakers changed passwords after cyber-attack

2011-11-30: Carrier IQ saga: Carrier IQ Tries to Silence Security Research Exposing Its Rootkit, gets Pinned Down by the EFF

2011-11-30: Carrier IQ saga: The Rootkit Of All Evil — CIQ

2011-11-30: Carrier IQ saga: Carrier IQ Tries to Censor Research With Baseless Legal Threat

2011-11-30: Carrier IQ saga: Smartphone Invader Tracks Your Every Move

2011-11-30: Carrier IQ saga: CarrierIQ

2011-11-30: Carrier IQ saga: Proof Published that Carrier IQ is Recording Key Presses and Location Data

2011-11-30: Carrier IQ saga: The Storm Is Not Over Yet — Lets Talk About #CIQ

2012-04-19: OpenSSL flaw

2012-06-11: US Navy buys Linux to guide drone fleet

2012-08-31: Finspy: Software Meant to Fight Crime Is Used to Spy on Dissidents

2012-08-31: Finspy: Egypt, FinFisher Intrusion Tools and Ethics

2012-08-31: Finspy: From Bahrain With Love: FinFisher's Spy Kit Exposed?

2012-08-31: Finspy: The SmartPhone Who Loved Me: FinFisher Goes Mobile?

2012-09-24: DNT: Why Do Not Track is worse than a miserable failure

2013-01-16: "Red October" Diplomatic Cyber Attacks Investigation

2013-02-18: U.S. said to be target of massive cyber-espionage campaign

2013-02-20: APT1: Exposing One of China's Cyber Espionage Units

2013-02-25: Code certificate laissez-faire leads to banking Trojans

2013-03-04: Where Apps Meet Work, Secret Data Is at Risk

2013-03-22: How whitehats stopped the DDoS attack that knocked Spamhaus offline

2013-04-08: How a banner ad for H&R Block appeared on apple.com - without Apple's OK

2013-05-14: The Case of the 500 Mile Email

2013-05-16: Network outage here at FSU

2013-07-11: US agency baffled by modern technology, destroys mice to get rid of viruses

2013-07-11: Netragard's Hacker Interface Device (HID).

2013-07-16: Fraudsters trick people into handing over cards on doorstep

2013-08-01: Trusting iPhones plugged into bogus chargers get a dose of malware

2013-08-26: The Guardian's NSA Files collection of articles (also related, The Guardian's general NSA keyword articles)

2013-08-26: They Know Much More Than You Think

2013-08-27: Snowden Interview

2013-08-27: Viewing PRISM: XKEYSCORE

2013-09-10: The NSA Is Breaking Most Encryption on the Internet

2013-09-10: NSA Foils Much Internet Encryption

2013-09-10: The NSA's Secret Campaign to Crack, Undermine Internet Security

2013-09-10: Revealed: how US and UK spy agencies defeat internet privacy and security

2013-09-10: The Factoring Dead: Preparing for the Cryptopocalypse

2013-09-10: How Advanced Is the NSA's Cryptanalysis—And Can We Resist It?

2013-09-10: A Few Thoughts on Cryptographic Engineering

2013-09-10: New Snowden Documents Show NSA Deemed Google Networks a "Target"

2013-09-24: The iPhone 5s Touch ID hack in detail

2013-09-26: UEFI Boot to Zork

2013-09-30: Meet the Machines that Steal Your Phone's Data

2013-10-10: A Computer Infection That Can Never Be Cured

2013-10-10: The Next Frontier of Password Cracking

2013-10-17: Analysis of the HTTPS Certificate Ecosystem

2013-10-22: The Privacy Challenges of Big Data: A View from the Lifeguard's Chair

2013-10-22: Experian Sold Consumer Data to ID Theft Service

2013-10-31: Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps

2013-10-31: The DEFCON21 Social Engineer Capture The Flag Report (PDF)

2013-11-01: Just Six People Got Insurance Through Healthcare.gov on Day One

2013-11-05: Top 100 Adobe passwords

2014-01-09: NSA ANT document in PDF format (rough OCR has been applied)

2014-01-09: The Danger of Rogue System Administrators

2014-01-09: NSA Codenames

2014-01-09: A new Dual EC DRBG flaw

2014-01-23: A First Look at the Target Intrusion, Malware

2014-01-23: Bluetooth Hackers Allegedly Skimmed Millions Via Gas Stations

2014-01-28: Spy Agencies Probe Angry Birds and Other Apps for Personal Data

2014-02-05: 7 Die in Fire Destroying Argentine Bank Archives

2014-05-13: Analyzing Forged SSL Certificates in the Wild

2014-05-13: Feds: Sailor hacked Navy network while aboard nuclear aircraft carrier

2014-05-22: The Naming of Hosts Is a Difficult Matter

2014-06-03: Filing by Computer: A Pillow Helped

2014-06-25: Mathematicians Discuss the Snowden Revelations

2015-05-12: Exploiting DRAM rowhammer bug

2015-05-12: Architecting Websites in the HTTP2 era

2015-06-17: Locked Out of the Server Room

2015-06-30: Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation

2015-06-30: Process isolation NsJail

2015-10-06: Latest filesystem hierarchy specification: Linuxbase

2015-11-10: The Future of Leap Seconds

2015-11-10: XKCD's take on the leap second problem

2015-11-17: Beware of Ads that Use Inaudible Sound to Link Your Phone, TV, Tablet, and PC