Spring 2010 CIS 252: Network Security
: MW 6 - 7:40 pm
(recommended: networking, some programming, and unix scripting)
The course will introduce the topic of network security through an analysis of attack and defense
techniques. The course will provide students with an understanding of how to identify and exploit
network vulnerabilities and the principles behind securing networks and identifying attacks. Students
will also develop a familiarity with various network penetration testing tools and create a portfolio of
labs demonstrating their proficiency both defending and penetrating networks. Topics will include
scanning, firewalls, intrusion detection, engineering principles, trust, cryptography, and network
Please see Lehman/CUNY Policy on academic integrity:
if you aren't sure what constitutes
academic dishonesty, please come and see me.
“Hacking Exposed Network Security Secrets & Solutions Fifth Edition”, Stuart McClure, Joel
Scambray, George Kurtz
Class participation: 5%
Lab Assignments: 50%
failure to complete any of the work will result in an INC or an F.
be approximately 5 homeworks. Students will have between 1 and 2 weeks to complete
Assignments must be submitted by email to
and are due
before the class starts.
Late assignments will receive no credit.
Students must complete their own
assignments and must indicate if they received help or worked with another person on the assignment
and who they worked with.
Attendance, Daily reading, Lab assignments, Presentations, Class participation, Class entry/exit slips
Students will be expected to come to class having read the assigned reading (articles and textbook).
Each class students will be expected to participate in discussions which may involve all or some of the
following: answering questions about the reading, presenting a problem from the reading, asking
questions about the reading, and presenting or answering questions about the Labs that have been
assigned. Each class will either begin with students writing and submitting an entry slip or end with
students writing and submitting an exit slip.
Tentative Schedule (subject to change):
Reading is due
each class, Labs (except for lab 0 which is due the following class) are
due before the start of the class two weeks from the day they are assigned.
(pg 5-40) (pg 41-76) (pg 77-133) (pg 525,526)
Intro lecture, networking basics
Methodology for attacking, threat models, points of vulnerability
Tools for attacking
Test software, submit email of successful testing of softaware
scanning/enumeration and sniffing
Methodology of defending
Points of protection
Tools for defending
configure firewall block all unused ports from scan
How do you break through the configured defenses
How do you know your defenses work
netcat traffic through firewall
Follow up on the concept of trust
Connecting trust to protcol development/software development
ARP Spoof, DHCP rogue server man in the middle attack
(pg 211-235) (pg 487-507)
Circular problems / assumptions
Use Host based IDS to detect attacks from previous labs
(pg 348-405) (pg 407-460)
Wireless vs wired
RIP/BGP attack update packet generation