Intro Lab: The purpose of this lab is to familiarize the students with the Xen Worlds environment and learn to set up root access using public/private key authentication so a teaching assistant can log into their virtual machine for grading. [PDF]
Access Control Lab - Part 1: The purpose of this lab is for students to (a) learn how to use Unix-style permissions to enforce a security policy and (b) to make decisions regarding aspects of the security policy that cannot be implemented Unix permissions. [PDF]
Access Control Lab - Part 2: A continuation of the previous access control lab, this lab allows students to use access control lists to enforce the security policy given in the previous lab assignment. [PDF]
Break-in Lab: The goal of this lab is to have students review source code to a remote access server and client for potential vulnerabilities, and then exploit those vulnerabilities to gain root access on a VM. The second part of the assignment involves a server with some error checking, and an executable client, but no source code, in order for them to handle a more realistic penetration testing scenario. [PDF] [Server Source] [Client Source]
Firewall Lab: In this lab, students are provided 3 VMs, networked in series. The purpose of this lab is for students to use iptables to enable forwarding between the other 2 VMs and to enforce a variety of firewall rules. [PDF]
Piratesoft Lab: In this lab, students utilize the attack techniques described in the paper: "Inoculating SSH Against Address Harvesting" by Schechter, Jung, Stockwell and McLain to traverse a fictitious company network and find the various parts of a secret project currently under development. [PDF]
If you would like a solution to these assignments, please contact Benjamin Anderson at: hawklan@iastate.edu
However, solutions will only be sent to educators or professionals. No requests from current students will be granted.