The goal of this lab is to teach students how to defend against computer security vulnerabilities through hands-on assignments. We will analyze well known security vulnerabilities, reproduce them in a controlled environment, and implement countermeasures. After doing this lab, students will know how to apply security defense principles in real life to protect computer systems.
Contents: Computer security principles and techniques provide guidelines on how computer systems can be protected against security attacks. In practice, however, it is not clear how the adherence to security principles and techniques affect the security of real life computer systems. In this lab, we demonstrate well-known practical security vulnerabilities (Unix/Linux) alongside with the underlying theory, and guide students to creative implementations of countermeasures. The lab includes hands-on activities for the analysis of and countermeasures against vulnerabilities of system libraries, system configurations, networks, and (web) applications. As a result of the practical nature of this class, the students will also learn concepts of systems administration and configuration.