Summer 2013: Syllabus for CNT-4603-01
The reading schedule for the class is here.
What to emphasize in the first week's reading assignment
What to emphasize in the second week's reading assignment
What to emphasize in the third week's reading assignment
What to emphasize in the fourth week's reading assignment
What to emphasize in the fifth week's reading assignment
Assignment 2, assigned May 30, due June 6
Assignment 3, assigned June 6, due June 13
Assignment 4, assigned June 25, due July 2nd
Assignment 5, assigned July 9, due July 16th
Assignment 6, assigned on July 18, due July 23rd
Pentest assignment, assigned on July 23, due August 2
Some developments in networking
I highly recommend reading the ACM's Risks Digest (you can read it in rdf format at http://catless.ncl.ac.uk/rdigest.rdf, or via email — instructions are at http://www.csl.sri.com/users/risko/risksinfo.html) or adding its RSS feed at http://catless.ncl.ac.uk/risksatom.xml to your feed browser. Also, you might want to join the FSU Nolenet mailing list.
Reference to the Tanenbaum-Torvalds discussion of micro versus macro: Open Sources: Voices from the Open Source Revolution; Appendix A, The Tanenbaum-Torvalds Debate
The Evolution of the Unix Time-sharing System
Reddit's Linux Administration Forum
2008-06-09: An Email About A SAN here at FSU: SAN Issue -- root cause explanation
2008-06-09: An Email about a Mailman problem here at FSU: Mailman problem
2008-06-11: An Email about a ClamAV problem with respect to Selinux: ClamAV/Selinux problem
2008-06-13: Reference for enjoyable book on networking:
Network Warrior
by Gary A. Donahue
Publisher: O'Reilly
Pub Date: June 01, 2007
Print ISBN-10: 0-596-10151-1
Print ISBN-13: 978-0-59-610151-0
Pages: 598
2008-06-16: Morgan Stanley and AFS: When Your Business Depends On It: The Evolution of a Global File System for a Global Enterprise
2008-06-16: Relatively recent (2006) NFS operations resource: Linux NFS-HOWTO
2008-06-27: Recent article on top-level domains in the New York Times: New Flavors for Addresses on the Web Are on the Way
2008-07-07: Recent article on consumer views of service downtimes in the New York Times: As Web Traffic Grows, Crashes Take Bigger Toll
2008-07-09: Recent article on patching DNS flaw: Vendors form alliance to fix DNS poisoning flaw
2008-07-09: DNS patches prove fatal for some software: MS DNS patch snuffs net connection for ZoneAlarm users
2008-08-08: Press release from Dr. Bernstein on DNS cache poisoning: DNS still vulnerable, Bernstein says
2008-08-11: Plastic Keys to Physical Locks: Researchers Crack Medeco High-Security Locks With Plastic Keys
2008-08-20: An Email about an administrator failing to set permanent state after setting temporary state: Blocked Hosts List?
2008-08-22: An Email about an intrusion at Redhat's Fedora: Infrastructure report, 2008-08-22 UTC 1200
2009-01-05: Backup woes: Hard Lessons in the Importance of Backups: JournalSpace Wiped Out
2009-01-22: NSA Selinux link: http://www.nsa.gov/research/selinux/.
2009-02-10: Data breach at FAA: FAA reports 45,000 data records pilfered from server
2009-02-26: Man-in-the-middle attack that looks viable: SSL Strip
2009-03-06: Finally, a vulnerability found in DJBDNS: Security Issue in DJBDNS Confirmed
2009-03-06: And a second vulnerability also found in DJBDNS: Rapid DNS Poisoning in DJBDNS
2009-04-01: Spam Back to 94% of All E-Mail
2009-04-06: Carbonite loses customer backups, sues Promise Technology
2009-05-15: Backup woes at Avsim: Hackers 'destroy' flight sim site
2009-05-20: Microsoft IIS hole fells university server
2009-05-21: Microsoft IIS6 bug exposes sensitive files sans password
2009-07-15: U.S. Postal Service Gives Stamp of Approval to FOSS
2009-07-15: DHCP server can take over client
2009-07-21: More on the DD-WRT story mentioned brought up in class: Open-source firmware vuln exposes wireless routers
2009-07-23: Adobe Flash woes: New attacks exploit vuln in (fully-patched) Adobe Flash
2009-07-29: Major BIND bug: BIND crash bug prompts urgent update call
2009-07-29: FSU's response to the BIND bug: [Nolenet] DNS server code upgraded
2009-07-30: Data Exposure in the U.S. government: US Congress probes accidental top secret file sharing
2009-07-30: Hardware security: Intel warns over bare-metal BIOS bug
2009-07-31: DNS: Wildcard certificate spoofs web authentication
2009-07-31: iPhone: How To Hijack 'Every iPhone In The World'
2009-07-31: Details on the Linux 2.30 NULL pointer problem: Fun with NULL pointers, part 1
2009-08-31: Warming server rooms: Intel says data centers much too cold: Frozen assets a waste of cash
2009-08-31: IIS bug gives attackers complete server control
2009-09-02: Why Gmail Failed Today
2009-09-09: Windows unpatchable: Microsoft: Patching Windows 2000 'infeasible'
2009-09-16: The Curious Case of the Failing Connections, The Curious Case of the Failing Connections, Part 2
2009-09-16: Microsoft starts warnings of support phase-out for older Windows Server releases
2009-10-07: A practical example of why you do not want to still be using 512-bit RSA keys: TI-83 Plus OS Signing Key Cracked
2009-10-12: Linux saves Aussie electrical grid
2009-10-16: Big-Box Breach: The Inside Story of Wal-Mart's Hacker Attack
2009-10-16: Maybe all's well that ends well? Microsoft recovers 'most, if not all' Sidekick users' data
2009-12-04: Test setup leaks into production: Bing dies (briefly) after Microsoft hits wrong button
2010-08-23: Why RAID 5 stops working in 2009
20109-09-07: Part one of Doomsday Weekend: who can you trust?
2010-09-07: A series of disorderly events
2010-09-08: DNSSEC versus DNSCurve OpenDNS adopts DNSCurve
2010-09-15: Stuxnet attackers used 4 Windows zero-day exploits
2010-09-16: Intel eats crow on software RAID
2010-09-20: Siemens: Stuxnet worm hit industrial systems
PSN was running on unpatched Apache server with no firewall .
2011-05-10: Why Sony's PSN problem won't take down cloud computing
2011-05-10: Summary of the Amazon EC2 and Amazon RDS Service Disruption in the US East Region
2011-05-10: Global CIO: Why The Amazon Cloud Outage Is Irrelevant
2011-05-31: BIND Named woes again: Large RRSIG RRsets and Negative Caching can crash named
2011-06-06: How a cheap graphics card could crack your password in under a second
2011-08-02: Anatomy of a Unix breach
2011-08-30: Fixing a CGI-like Script
2011-09-12: Rent-a-Bot Networks Tied to TDSS Botnet
2011-11-04: Chaos Computer Club analyzes government malware
2011-11-14: Et tu, Boeing? FACT CHECK: SCADA Systems Are Online Now
2011-11-14: Underground call-centre for identity theft uncovered by security researchers
2011-11-14: The Dark Side Of Biometrics: 9 Million Israelis' Hacked Info Hits The Web
2011-11-14: The Underground Economy of Fake Antivirus Software (PDF)
2011-11-14: The Perfect Scam
2011-11-14: Who killed the fake-antivirus business?
2011-11-14: Russian police take a bite out of online crime
2011-11-28: Japan's continuing cybersecurity problems: Upper House confirms falling victim to cyber-attacks
2011-11-28: Japan's continuing cybersecurity problems: Only 45% of lawmakers changed passwords after cyber-attack
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Silence Security Research Exposing Its Rootkit, gets Pinned Down by the EFF
2011-11-30: Carrier IQ saga: The Rootkit Of All Evil — CIQ
2011-11-30: Carrier IQ saga: Carrier IQ Tries to Censor Research With Baseless Legal Threat
2011-11-30: Carrier IQ saga: Smartphone Invader Tracks Your Every Move
2011-11-30: Carrier IQ saga: CarrierIQ
2011-11-30: Carrier IQ saga: Proof Published that Carrier IQ is Recording Key Presses and Location Data
2011-11-30: Carrier IQ saga: The Storm Is Not Over Yet — Lets Talk About #CIQ
2012-04-19: OpenSSL flaw
2012-06-11: US Navy buys Linux to guide drone fleet
2012-08-31: Finspy: Software Meant to Fight Crime Is Used to Spy on Dissidents
2012-08-31: Finspy: Egypt, FinFisher Intrusion Tools and Ethics
2012-08-31: Finspy: From Bahrain With Love: FinFisher's Spy Kit Exposed?
2012-08-31: Finspy: The SmartPhone Who Loved Me: FinFisher Goes Mobile?
2012-09-24: DNT: Why Do Not Track is worse than a miserable failure
2013-01-16: "Red October" Diplomatic Cyber Attacks Investigation
2013-02-18: U.S. said to be target of massive cyber-espionage campaign
2013-02-20: APT1: Exposing One of China's Cyber Espionage Units
2013-02-25: Code certificate laissez-faire leads to banking Trojans
2013-03-04: Where Apps Meet Work, Secret Data Is at Risk
2013-03-22: How whitehats stopped the DDoS attack that knocked Spamhaus offline
2013-04-08: How a banner ad for H&R Block appeared on apple.com - without Apple's OK
2013-05-14: The Case of the 500 Mile Email
2013-05-16: Network outage here at FSU
2013-07-11: US agency baffled by modern technology, destroys mice to get rid of viruses
2013-07-11: Netragard's Hacker Interface Device (HID).
2013-07-16: Fraudsters trick people into handing over cards on doorstep
2013-08-01: Trusting iPhones plugged into bogus chargers get a dose of malware