Key for Midterm 2

April 20, 2010 by


High-Level Take-Aways from Matt and Oscar’s Talk

April 16, 2010 by

Matt Woods and Oscar Salazaar (Application Security Group at HP)

They will send their presentation — look for the link  –> here.  It has details on all these examples.  There was a lot of good discussion, so please add comments to this post.

They have down-loadable tools to help check for website vulnerabilities.   A lot can be done with static analysis.

  1. The first thing to do is to look at the source code on the web page.  For example, there is a “load compressed file” command, so what else can I get them to load?  A configuration file?  Executable code?  This is useful information for a hacker:  you can put code into a web page and execute it.
  2. The Web Hacker Rule:  You can modify everything you send to  a web server, so explore and experiment to find out what you can do.
  3. Google Hacking Vectors
    1. Hacking (e.g., the xss demo; SQL injection)
    2. Misplaced Trust
    3. Resource Enumeration
    4. Session Hijacking
    5. Parameter Manipulation
  4. Client-side validation is ridiculous.  Easily defeated
  5. Clever evasive maneuvers without an underlying model is very dangerous (compare this to what we talk about in operaating system security: adhoc security through obscurity does not work).  You can’t just assume because you’ve done something complicated that the hacker will not figure it out. For example, hiding “script” in “scrscriptipt” is discovered by grepping script.

High-Level Take-Aways from Keith Watson’s Talk

April 15, 2010 by

Major disconnect between theory and practice (great minds @ GT yet not the greatest IT security)

Social engineering since the dawn of time (THIS IS SPARTA)

Users do dumb things (passwords)

Security is politics

High-level Take-Aways from Nick Feamster’s Talk

April 12, 2010 by

Hey folks,

As far as take-aways from Nick Feamster’s guest lecture last Thursday, I’d like people to be prepared to talk at a high level about what the advantages and disadvantages are of blocking connections at the network level (as opposed to content-processing of emails).

Bonus points

April 6, 2010 by

Hey folks,

Re the 5 bonus points, here’s the secret sauce, I’ll let you guys read the various man pages for more info.  Run on bastion:

sudo socat SCTP-CONNECT:candyland:19000 STDOUT
Wed Apr 7 01:02:38 2010

Wed Apr 7 01:02:38 2010

Sandia Infosec Contest this Weekend @GT ($$$)

April 5, 2010 by

Hey folks,

Check this competition out, it’s sponsored by Sandia. They’re looking for interns so please consider this if you’re interested/able to work for them.  Here’s a pretty Sandia Design Flyer

Begin forwarded message—


I am a GT graduate and an engineer at Sandia National Laboratories, and I am leading a one-day design competition next Saturday, April 10 for Juniors, Seniors, and M.S. students majoring in C.S., C.E., or E.E. (min 3.2 GPA). We are limiting participation to six four-member teams, and over $1000 worth of prizes will be awarded to the top three teams.


The design competition differs substantially from typical approaches in that the students will not physically build anything or write any code.  Rather, teams will be presented with a cyber security-related scenario at the beginning of the day and will have three hours to analyze the scenario, design a solution, and develop a presentation. The review panel (two Sandia engineers and one GT faculty member) will judge each team based on creativity, elegance, engineering feasibility, and presentation
quality. This type of competition is meant to mimic the initial design and proposal phase of an engineering project.

This is a new type of event for Sandia and we chose to pilot it this spring at Georgia Tech and the University of Michigan. Michigan successfully held their event this past weekend and received great feedback from the participants. The Sandia recruiting department has high expectations for the GT event since we have been fortunate enough to
partner with the GT chapter of IEEE.

The schedule of events is:

10:00 – 10:15 Sign-In and Welcome
10:15 – 10:30 Competition Overview and Problem Assignment
10:30 – 1:30 Team Design
1:30 – 3:30 Lunch, Sandia Presentation, and Team Presentations
3:30 – 4:00 Awards


More information on the event can be found here:



Jobs @ Sandia
Sandia is hiring! There is currently a high demand for BS, MS, and PhD-level students with CS, CE, and EE backgrounds. Internships, co-ops and full-time positions are available.

Apply online at

Note: Most positions at Sandia require the ability to obtain a DOE security clearance, which requires US citizenship.

About Sandia
Sandia National Laboratories is a premier national security laboratory that is managed by Lockheed Martin Corporation for the U.S. Department of Energy. Sandia’s core purpose is to help the nation secure a peaceful and free world through technology. We develop technologies to sustain, modernize, and protect our nuclear arsenal, prevent the spread of weapons of mass destruction, protect our national infrastructures, defend our nation against terrorism, provide new capabilities to our armed forces, and ensure the stability of our nation’s energy and water supplies.

Sandia has research focus areas in advanced computing, information systems and mathematics, bioscience and technology, combustion, chemical and plasma sciences, engineering sciences, geosciences, intelligent systems and robotics, materials science and technology, microelectronics and microsystems, nanoscience and technology, pulsed power and directed
energy, and remote sensing and satellite systems.

Bonus points available for project 3

March 30, 2010 by

What’s that service on candyland port 19000? (Hint: See the MOTD). This is just 5 bonus points, don’t worry about it if you can’t figure this out.

Project 3 submission

March 29, 2010 by

Project 3 submission will be done in similar manner as project 2. That is, only one member of the group submits the project and others simply list the names of the other group members.

Midterm 2 is on Thursday (chapters 5 and 7), redteaming project is due Tuesday

March 29, 2010 by

Hey folks,

As a reminder (per this post), midterm 2 is this Thursday. The best thing to do as far as studying goes is to know the material presented (Chapters 5 and 7) and practice with the posted midterms from previous semesters. Feel free to write to any of the course staff to meet on any questions (Rich for Rich’s material, Mike for Mike’s material).

Class 17: Protection Models

March 29, 2010 by

Here is the final version of tomorrow’s lecture on Protection in Operating Systems

CS 4235 Bell-Lapadula Model Final