CIS 5605-01
Syllabus, lectures, and other materials — Fall 2009

Final Paper Guidelines (due 2009-12-02)

Fall 2009: Syllabus for CNT-5605-01

Groups and Group Member Information


Assignment #2: assigned on 2009-09-11, due on 2009-09-16

Assignment #3: assigned on 2009-09-16, due on 2009-09-23

Assignment #4: assigned on 2009-09-23, due on 2009-09-30

Question Set #1: assigned on 2009-09-23, due on 2009-09-28

Assignment #5: assigned on 2009-10-28, due on 2009-11-04

Security Assignment: assigned on 2009-10-28, due on 2009-12-04

Question Set #2: assigned on 2009-11-02, due on 2009-11-09

Assignment #6: assigned on 2009-11-23, due on 2009-11-23 2009-12-02

Class Notes

Introduction (pdf format)

Introduction (html format)

Daemons (html format)

Daemons continued (html format)

Foundations and building blocks (html format)

Boot time (html format)

Root and system administration (html format)

Handling users and data (html format)

Networking (html format)

DNS (html format)

NFS (html format)

Web and email services (html format)

Security (html format)

Physical Environment (html format)

Disaster, recovery, and contingency operations (html format)

Other Material

I highly recommend reading comp.risks (you can read it in rdf format at, or via email --- instructions are at or adding its RSS feed at to your feed browser.

2008-06-09: Reference to the Tanenbaum-Torvalds discussion of micro versus macro: Open Sources: Voices from the Open Source Revolution; Appendix A, The Tanenbaum-Torvalds Debate

2008-06-09: An Email About A SAN here at FSU: SAN Issue -- root cause explanation

2008-06-09: An Email about a Mailman problem here at FSU: Mailman problem

2008-06-11: An Email about a ClamAV problem with respect to Selinux: ClamAV/Selinux problem

2008-06-13: Reference for enjoyable book on networking:

   Network Warrior
   by Gary A. Donahue
   Publisher: O'Reilly
   Pub Date: June 01, 2007
   Print ISBN-10: 0-596-10151-1
   Print ISBN-13: 978-0-59-610151-0
   Pages: 598

2008-06-16: Morgan Stanley and AFS: When Your Business Depends On It: The Evolution of a Global File System for a Global Enterprise

2008-06-16: Relatively recent (2006) NFS operations resource: Linux NFS-HOWTO

2008-06-27: Recent article on top-level domains in the New York Times: New Flavors for Addresses on the Web Are on the Way

2008-07-07: Recent article on consumer views of service downtimes in the New York Times: As Web Traffic Grows, Crashes Take Bigger Toll

2008-07-09: Recent article on patching DNS flaw: Vendors form alliance to fix DNS poisoning flaw

2008-07-09: DNS patches prove fatal for some software: MS DNS patch snuffs net connection for ZoneAlarm users

2008-08-08: Press release from Dr. Bernstein on DNS cache poisoning: DNS still vulnerable, Bernstein says

2008-08-11: Plastic Keys to Physical Locks: Researchers Crack Medeco High-Security Locks With Plastic Keys

2008-08-20: An Email about an administrator failing to set permanent state after setting temporary state: Blocked Hosts List?

2008-08-22: An Email about an intrusion at Redhat's Fedora: Infrastructure report, 2008-08-22 UTC 1200

2009-01-05: Backup woes: Hard Lessons in the Importance of Backups: JournalSpace Wiped Out

2009-01-22: NSA Selinux link:

2009-02-10: Data breach at FAA: FAA reports 45,000 data records pilfered from server

2009-02-26: Man-in-the-middle attack that looks viable: SSL Strip

2009-03-06: Finally, a vulnerability found in DJBDNS: Security Issue in DJBDNS Confirmed

2009-03-06: And a second vulnerability also found in DJBDNS: Rapid DNS Poisoning in DJBDNS

2009-04-01: Spam Back to 94% of All E-Mail

2009-04-06: Carbonite loses customer backups, sues Promise Technology

2009-05-12: Berkeley data break-in: Hackers attack campus databases, steal Social Security numbers, other data

2009-05-12: The Evolution of the Unix Time-sharing System

2009-05-15: Backup woes at Avsim: Hackers 'destroy' flight sim site

2009-05-20: Microsoft IIS hole fells university server

2009-05-21: Microsoft IIS6 bug exposes sensitive files sans password

2009-07-15: U.S. Postal Service Gives Stamp of Approval to FOSS

2009-07-15: DHCP server can take over client

2009-07-21: More on the DD-WRT story mentioned brought up in class: Open-source firmware vuln exposes wireless routers

2009-07-23: Adobe Flash woes: New attacks exploit vuln in (fully-patched) Adobe Flash

2009-07-29: Major BIND bug: BIND crash bug prompts urgent update call

2009-07-29: FSU's response to the BIND bug: [Nolenet] DNS server code upgraded

2009-07-30: Data Exposure in the U.S. government: US Congress probes accidental top secret file sharing

2009-07-30: Hardware security: Intel warns over bare-metal BIOS bug

2009-07-31: DNS: Wildcard certificate spoofs web authentication

2009-07-31: iPhone: How To Hijack 'Every iPhone In The World'

2009-07-31: Details on the Linux 2.30 NULL pointer problem: Fun with NULL pointers, part 1

2009-08-31: Warming server rooms: Intel says data centers much too cold: Frozen assets a waste of cash

2009-08-31: IIS, again: IIS bug gives attackers complete server control

2009-09-02: Gmail: Why Gmail Failed Today

2009-09-09: Windows unpatched: Microsoft confirms critical unpatched Vista, Windows 7 RC bug

2009-09-09: Windows unpatchable: Microsoft: Patching Windows 2000 'infeasible'

2009-09-16: System administration: The Curious Case of the Failing Connections, The Curious Case of the Failing Connections, Part 2

2009-09-16: Microsoft starts warnings of support phase-out for older Windows Server releases

2009-10-07: A practical example of why you do not want to still be using 512-bit RSA keys: TI-83 Plus OS Signing Key Cracked

2009-10-12: Linux saves Aussie electrical grid

2009-10-12: Sidekick customers, during this service disruption, please DO NOT remove your battery, reset your Sidekick, or allow it to lose power.

2009-10-16: Big-Box Breach: The Inside Story of Wal-Mart’s Hacker Attack

2009-10-16: Maybe all's well that ends well? Microsoft recovers 'most, if not all' Sidekick users' data

2009-12-04: Test setup leaks into production: Bing dies (briefly) after Microsoft hits wrong button