using a virtual lab to teach an online information assurance program l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Using a Virtual Lab to teach an online Information Assurance Program PowerPoint Presentation
Download Presentation
Using a Virtual Lab to teach an online Information Assurance Program

Loading in 2 Seconds...

play fullscreen
1 / 18

Using a Virtual Lab to teach an online Information Assurance Program - PowerPoint PPT Presentation


  • 293 Views
  • Uploaded on

Using a Virtual Lab to teach an online Information Assurance Program Wayne C. Summers, Bhagyavati, Carlos Martin Columbus State University 4225 University Avenue Columbus, GA 31907 {bhagyavati, martin_carlos, summers_wayne}@colstate.edu @colstate.edu Background

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Using a Virtual Lab to teach an online Information Assurance Program' - omer


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
using a virtual lab to teach an online information assurance program

Using a Virtual Lab to teach an online Information Assurance Program

Wayne C. Summers, Bhagyavati, Carlos Martin

Columbus State University4225 University AvenueColumbus, GA 31907 {bhagyavati, martin_carlos, summers_wayne}@colstate.edu

@colstate.edu

InfoSecCD 2005

background
Background
  • Programs are being expected to offer online courses for our students.
  • Many departments of computing are expanding their course offerings in computer security and information assurance.
  • In an online class, students often cannot physically attend labs on campus.

InfoSecCD 2005

background3
Background
  • In a traditional course in computer security
    • lab experiences are typically conducted in an isolated computer lab where security problems that may occur are unable to affect other computers on campus.
    • students are able to experiment with security software without worry that their experiment may impact computer systems outside the isolated lab.
    • students can evaluate security of different operating systems, attempt to compromise the security of computer systems, and install additional security mechanisms without concern that their actions may affect computers outside the lab.

InfoSecCD 2005

background4
Background
  • Solution - require that students use their own computers.
  • Problem - assignments have to be designed so as not to be limited by the students’ computing resources. Students typically have access to only one computer and one operating system which limits the flexibility in the assignments.
  • Problem - unwise to allow students to use their personal computers to experiment with security software.

InfoSecCD 2005

approaches
APPROACHES
  • Most of the approaches to providing hands-on lab experiences utilize a computer lab isolated from the Internet.
  • Alternative is to develop a virtual network environment using simulators
    • Virtual Network System (VNS)
    • use virtual machines (VM) to emulate the hardware of different computers in a network
      • VMWare (http://www.vmware.com/),
      • Planetlab (http://www.planet-lab.org/),
      • Emulab (http://www.emulab.net/)

InfoSecCD 2005

security and assurance of information lab sail
Security and Assurance of Information Lab (SAIL)
  • Virtual security lab
  • Collection of computers accessible by any student who has Internet access
  • Authentication into the lab using a Virtual Private Network (VPN) concentrator
  • Once authenticated into the lab, students are able to access any of the computers in the lab and complete their assignments without fear that there actions will affect computer systems outside the lab

InfoSecCD 2005

sail configuration
SAIL Configuration

InfoSecCD 2005

vpn 3000 concentrator
VPN 3000 Concentrator

InfoSecCD 2005

security and assurance of information lab sail9
Security and Assurance of Information Lab (SAIL)
  • Authentication by the Concentrator through two different passwords (group and user).
  • Students “in the lab” have access to all of the devices physically located in the lab.
  • Access the network remotely without requiring physical access to the lab and the devices in the lab.
  • Able to access the SAIL lab network securely.
  • Traffic “in the lab” is isolated from the Internet so if any malware is released in the SAIL lab, it is isolated to the lab.
  • Only Internet connection in the lab is to the VPN Concentrator which is configured to prevent the transmission of executables between the Internet and the SAIL lab.

InfoSecCD 2005

security and assurance of information lab sail10
Security and Assurance of Information Lab (SAIL)
  • Students access the Windows computers using RealVNC (http://www.realvnc.com/).
  • The RealVNC client on the student’s computer allows the student to access the remote Windows computer as if the student was sitting at the computer.
  • Multiple use of the RealVNC client provides the student with the capability to access more than one remote computer simultaneously.
  • Students access the Linux computers using either RealVNC for a GUI interface or a SSH client for a command-line interface

InfoSecCD 2005

vnc clients
VNC clients

InfoSecCD 2005

security and assurance of information lab sail12
Security and Assurance of Information Lab (SAIL)
  • SAIL Lab consists of eight computers (Windows XP Pro, Windows 2000 Server, Windows 2003 Server, & Linux) networked with hubs,
  • VNC Concentrator (acting as the gateway),
  • KVM switch,
  • PIX firewall,
  • router.

InfoSecCD 2005

sail lab
SAIL Lab

InfoSecCD 2005

classroom experiences with sail
CLASSROOM EXPERIENCES WITH SAIL
  • Passwords (http://csc.colstate.edu/summers/NOTES/6128/passwords.html). Students are required to establish and implement password policies on a Windows XP computer as the administrator. After they have created a number of accounts with different passwords, the students are expected to audit the passwords using password cracking software.
  • Firewalls (http://csc.colstate.edu/summers/NOTES/6128/firewalls.html). Students explore the features of firewalls by configuring and testing two different firewalls in a Windows environment.
  • Host Security (http://csc.colstate.edu/summers/NOTES/6128/host.html). Students explore host hardening of both Windows and Linux computers by exploring services, managing users and groups, and inspecting various logs on the computers.

InfoSecCD 2005

classroom experiences with sail15
CLASSROOM EXPERIENCES WITH SAIL
  • Security Auditing (http://csc.colstate.edu/summers/NOTES/6128/audit.html). Students audit the security of the computers on the network by using nmap (http://www.insecure.org/nmap/) to scan for open ports. Students also use nessus (http://www.nessus.org/) to assess the vulnerabilities on the different computers in the SAIL network.
  • Traffic Analysis (http://csc.colstate.edu/summers/NOTES/6128/IDS.html) Students use Ethereal (http://www.ethereal.com/) to analyze the traffic on the network in the SAIL lab.
  • Building Systems with Assurance http://csc.colstate.edu/summers/NOTES/6136/assurance-lab.html. Students implemented policies to ensure data confidentiality, data availability, and data integrity.

InfoSecCD 2005

problems
PROBLEMS
  • One of the early assignments required that students create their own administrator account in Windows XP. New accounts have the PowerSave option turned on by default. This meant that the computers shut down a short while after the students logged off their account. We have been unable to find a way to change this default setting and had to provide the students with additional instructions to change the PowerSave setting.
  • There were a few occasions when a student accidentally shut-down one of the computers instead of logging off. This required that someone needed to drive to campus to restart the computer. We are exploring solutions that will allow us to remotely restart a computer.
  • There were times when students were unable to access a computer because all were being used by classmates. We need to improve the scheduling of the computer use.

InfoSecCD 2005

future plans
FUTURE PLANS
  • Install Virtual PC on each computer with multiple OSs
  • Create assignments
    • to configure and manage a PIX firewall.
    • to configure and manage the security of a router.
    • Explore the vulnerabilities of different network servers including email, DHCP, DNS, and ftp.
    • Explore the vulnerabilities of different application servers including SQL and web servers.
    • Install, configure and use an intrusion detection system like snort.

InfoSecCD 2005

questions
Questions?

InfoSecCD 2005