Network Security - CUNY

abusivetrainerNetworking and Communications

Nov 20, 2013 (3 years and 10 months ago)


Network Security
Course #:
Spring 2010 CIS 252: Network Security
Course Hours
: MW 6 - 7:40 pm
Course URL:
Yuri Cantor
Office Hours:
By appointment

(recommended: networking, some programming, and unix scripting)
Course Description:
The course will introduce the topic of network security through an analysis of attack and defense

techniques. The course will provide students with an understanding of how to identify and exploit

network vulnerabilities and the principles behind securing networks and identifying attacks. Students

will also develop a familiarity with various network penetration testing tools and create a portfolio of

labs demonstrating their proficiency both defending and penetrating networks. Topics will include

scanning, firewalls, intrusion detection, engineering principles, trust, cryptography, and network

Academic Dishonesty:
Please see Lehman/CUNY Policy on academic integrity:
. And
if you aren't sure what constitutes

academic dishonesty, please come and see me.
Required Text:
“Hacking Exposed Network Security Secrets & Solutions Fifth Edition”, Stuart McClure, Joel

Scambray, George Kurtz
ISBN 0-07-226081-5
Class participation: 5%
Quizes: 20%
Lab Assignments: 50%
Final: 25%
Course Workload:
failure to complete any of the work will result in an INC or an F.
There will

be approximately 5 homeworks. Students will have between 1 and 2 weeks to complete

Assignments must be submitted by email to
and are due

before the class starts.
Late assignments will receive no credit.
Students must complete their own

assignments and must indicate if they received help or worked with another person on the assignment

and who they worked with.
Student Responsibilities:
Attendance, Daily reading, Lab assignments, Presentations, Class participation, Class entry/exit slips
Students will be expected to come to class having read the assigned reading (articles and textbook).

Each class students will be expected to participate in discussions which may involve all or some of the

following: answering questions about the reading, presenting a problem from the reading, asking

questions about the reading, and presenting or answering questions about the Labs that have been

assigned. Each class will either begin with students writing and submitting an entry slip or end with

students writing and submitting an exit slip.
Tentative Schedule (subject to change):
Reading is due
each class, Labs (except for lab 0 which is due the following class) are

due before the start of the class two weeks from the day they are assigned.
Week 1,2
(pg 5-40) (pg 41-76) (pg 77-133) (pg 525,526)
Intro lecture, networking basics
Methodology for attacking, threat models, points of vulnerability

Tools for attacking

Homework/Lab 0:
Test software, submit email of successful testing of softaware
Homework/Lab 1:
scanning/enumeration and sniffing
Week 3,4

(pg 463-484)
Methodology of defending

Points of protection

Tools for defending

Homework/Lab 2:
configure firewall block all unused ports from scan
week 5,6


How do you break through the configured defenses

How do you know your defenses work

Testing (software/hardware)

Homework/Lab 3:
netcat traffic through firewall
Week 7,8

Engineering challenges

Engineering principles

Follow up on the concept of trust

Connecting trust to protcol development/software development

Secure services/apps/os/protocols/networks

Homework/Lab 4:
ARP Spoof, DHCP rogue server man in the middle attack
Week 9,10

(pg 211-235) (pg 487-507)




Cryptographic vulnerabilities

Homework/Lab 5:
DOS attack
Week 11,12

Circular problems / assumptions

Homework/Lab 6:
Use Host based IDS to detect attacks from previous labs
Week 13,14

(pg 348-405) (pg 407-460)
Wireless vs wired

Protocol analysis

Homework/Lab 7:
RIP/BGP attack update packet generation