FIT5044 Network security - Semester 1, 2010

Caulfield

Prohibitions

Teaching approach

Teaching methods are done by conducting lectures and lab exercises. Lab exercises include network set-up and configurations, firewall set-up and configurations, cryptographic exercises. Students will attend a two hour lecture and a two hour tutorial or lab per week. The lectures will provide students with the fundamental theories. The practical assignments and lab series will provide students with the opportunity to implement the theories, develop research and problem solving knowledge, and gain practical skills. The test will verify students' understanding of the theory.

You need to take this unit seriously from the first week. When you get behind you have no time to catch up. There will be lab work every week.

Timetable information

For information on timetabling for on-campus classes please refer to MUTTS, http://mutts.monash.edu.au/MUTTS/

Tutorial allocation

On-campus students should register for tutorials/laboratories using the Allocate+ system: http://allocate.its.monash.edu.au/

Unit Schedule

*Please note that these dates may only apply to Australian campuses of Monash University. Off-shore students need to check the dates with their unit leader.

Prescribed text(s) and readings

Recommended text(s) and readings

Required software and/or hardware

Equipment and consumables required or provided

Students will be provided removable hard-drives,Linux software and cryptographic packages for lab exercises.

Student will need to do some preparation before a lab session and spend 2 hours per week at the lab to be able to finish a lab exercise.
Besides the lab time, students will also need to have access to a computer for self-study at least 8 hours a week to successfully complete the unit.

Study resources

Study resources we will provide for your study are:

Study resources we will provide for your study are:

• Weekly detailed lecture notes outlining the learning objectives, discussion of the content, required readings and  exercises;
• Weekly laboratory exercises with guide to complete the exercises;
• Assignment specifications and guide to complete the assignments;
• Sample test questions before the test;
• Weekly consultation.

Overview

Faculty assessment policy

To pass a unit which includes an examination as part of the assessment a student must obtain:

• 40% or more in the unit's examination, and
• 40% or more in the unit's total non-examination assessment, and
• an overall unit mark of 50% or more.

If a student does not achieve 40% or more in the unit examination or the unit non-examination total assessment, and the total mark for the unit is greater than 50% then a mark of no greater than 49-N will be recorded for the unit.

There is no formal examination for this subject. Students must pass the practical assignments (total 80%) and theoretical test (20%) to pass this unit. Students must attend all the lab sessions.

Assignment tasks

Assignment coversheets

Assignment coversheets are available via "Student Forms" on the Faculty website: http://www.infotech.monash.edu.au/resources/student/forms/
You MUST submit a completed coversheet with all assignments, ensuring that the plagiarism declaration section is signed.

Assignment submission and return procedures, and assessment criteria will be specified with each assignment.

• Assignment task 1

  Title:

  Secure your computer system with private key, public key, hash functions and digital certificates

  Description:

  You are required to learn the GPG/PGP package and implement a security policy to protect your network communications, stored data, and secure email messages and documents.
  
  You will need to be able to answer the following questions:
  
  1. How to generate private and public keys
  
  2. How to protect your private key and public key
  
  3. How to protect public keys from tampering
  
  4. How to secure messages exchanged between you and your friends
  
  5. How RSA was practically implemented in the package
  
  6. How secure RSA is in practice

  Weighting:

  20%

  Due date:

  Fri of week 8 (teaching week)

• Assignment task 2

  Title:

  Set up and configure firewalls

  Description:

  Your group is required to set up, configure, and test your firewall using IPTABLES. You need to do the research and readings to be able to complete this assignment.
  
  Check your system services such as Web service, email service, ftp service, telnet, and ssh service to make sure they are installed and run.
  
  Then configure your firewall to:
  
  1. reject all ftp packets from external networks, but still allow internal ftp.
  
  2. allow ssh remote connections but deny telnet.
  
  3. deny ping.
  
  4. reject all traffic coming to port 21 and 80.
  
  5. reject all traffic coming to all UDP ports
  
  6. block all email coming in and out of your network. Internal email is allowed.
  
  7. block all traffic from two particular networks. You can pick any two networks you like and.
  
  8. allow traffic coming to port 80 but reject traffic coming out through port 80.
  
  Describe in detail how you test 1,2,3,4,5,6,7 with real practical tests and/or with your gathered information from reliable sources.
  
  Discuss the advantages and disadvantages of firewalls with iptables.

  Weighting:

  40 %

  Due date:

  Fri of week 12 (teaching week)

• Assignment task 3

  Title:

  Write a security policy for Monash computer network and propose an implementation to secure the network

  Description:

  You are required to study Monash computer network in detail, write a security policy to protect the network which includes hardware, software, data and users.
  
  The security policy will be for both wired and wired networks.
  
  Propose a practical implementation to secure the whole network.

  Weighting:

  20%

  Due date:

  Fri of week 12 (teaching week)

Due dates and extensions

Please make every effort to submit work by the due dates. It is your responsibility to structure your study program around assignment deadlines, family, work and other commitments. Factors such as normal work pressures, vacations, etc. are not regarded as appropriate reasons for granting extensions. Students are advised to NOT assume that granting of an extension is a matter of course.

Students requesting an extension for any assessment during semester (eg. Assignments, tests or presentations) are required to submit a Special Consideration application form (in-semester exam/assessment task), along with original copies of supporting documentation, directly to their lecturer within two working days before the assessment submission deadline. Lecturers will provide specific outcomes directly to students via email within 2 working days. The lecturer reserves the right to refuse late applications.

A copy of the email or other written communication of an extension must be attached to the assignment submission.

Refer to the Faculty Special consideration webpage or further details and to access application forms: http://www.infotech.monash.edu.au/resources/student/equity/special-consideration.html

Late assignment

Assignments received after the due date will be subject to a penalty of 10% for one day late, 20% for two days late, 40% for three days late, 80% for four days late and 100% for five or more days late. 

Return dates

Students can expect assignments to be returned within two weeks of the submission date or after receipt, whichever is later.