EECS 4770—Computer
Hacking & Forensic Analysis
Documents
1) SYLLABUS
2) PPT Presentation for 8/31/09
3) PHP Login Script
4) Decoding Data Strings (reference: “The Strings Decoding Process,” by Marco Ramilli, Hacking , Issue 4/2009,
Vol. 4, No. 4, pp. 46 – 50)
5) PPT Presentation for 9/14/09
6)
PPT Presentation for
9/16/09
7)
PPT Presentation for
9/28/09
8)
Review for Semester
Exam #1
9)
PPT Presentation for 10/16/09
10)
PPT Presentation for
10/26/09
11)
PPT Presentation for
10/30/09
Lectures
8/24/09 Syllabus, Albert Gonzales, Hacking’s Holy Grail, get books, Robin Hood.
8/26/09 Hacking CAPTCHAs (Source: “CAPTCHA Security—A Case Study,” IEEE Security & Privacy, July/Aug. 2009, pp. 22 – 28)
8/28/09 Definition of “hacking;” Hacking Ethics, personal story.
8/31/09 Phishing—reference: “Phishing,” by James Broad, Hacking, Isssue 4/2009, Vol. 4, No. 4, pp. 18 – 22.
9/2/09 Determining data coding methods from raw data; “The Strings Decoding Process,” by Marco Ramilli, Hacking , Issue 4/2009,
Vol. 4, No. 4, pp. 46 – 50; also, episode 208, www.twit.tv, topic: the credentials of the U.S. CIO.
9/4/09 Strings decoding refined (see document at #4 above).
9/9/09 Hashing standards; assignment on hashing.
9/11/09 Assembly language review.
9/14/09 Command-line arguments; segments; stack frames.
9/16/09 Introduction to program exploits; buffer overflow vulnerabilities; auth_overflow.c program from text.
9/23/09 Assignment #2 given; details of the exploitation.
9/25/09 Places for shellcode—local variables; environment variables.
9/28/09 “A New Era for Buffer Overflow,” Justin Sunwoo Kim, Hacking, Issue 3/2009
9/30/09 www.shellcode.org/Shellcode/tutorial; “Smashing The Stack For Fun and Profit”
Intro. to extreme programming; www.twit.tv FLOSS #87
10/2/09 Extreme programming, continued; http://ootips.org/xp.html; video: STAREAST 2008: Testing Lessons from Extreme Programmers,
Elisabeth Hendrickson
10/7/09 Review for 1st Mid-Semester Exam (See review document link above)
10/9/09 1st Mid-Semester Exam
10/12/09 Handed back exam and worked it in class.
10/14/09 Assigned Semester Project.
10/16/09 SYN flood; Denial-of-Service; Estonia Cyber War; http://www.rferl.org/content/article/1076805.html
10/19/09 Ping of Death, Teardrop,
10/23/09 Students choose Semester Project topics.
10/26/09 TCP/IP hijacking
10/30/09 rst_hijack.c program; Port Scanning
11/2/09 Kevin Mitnick--#1 notorious hacker; Social Engineering
11/4/09 Social engineering document; “Top Five (5) Best Criminal Computer Hackers of All Time”
http://www.marvquin.com/blog/top-five-5-best-criminal-computer-hackers-all-time
“The Robin Hood Hacker,” (from “The Art of Intrusion,” by Kevin Mitnick and William L. Simon)
http://hackaday.com/2008/08/25/dan-kaminskys-dns-black-hat-video/
11/6/09 Definition and begin material on Computer Forensics.
11/9/09 Viewed “60 Minutes” video “Cyber War: Sabotaging the System”
http://www.cbsnews.com/stories/2009/11/06/60minutes/main5555565.shtml
11/11/09 No class (Veteran’s Day)
11/13/09 Chapter 2 in Forensics text book.
11/16/09 Handed back Assignment # 3 and Project Progress Reports; discussed both.
11/18/09 Tracking Internet addresses; Summary information on Internet packet resources
11/20/09 Plan for the remainder of the semester; Digital forensics video (on youtube.com, search for “Andrew Immerman”)
Pdf slides: http://layerone.info/archives/2006/Digital_Forensics-LayerOne-Andrew_Immerman.pdf
Assignments
Assignment #1 Assigned 9/9/09; Due 9/16/09
Assignment #2 Assigned 9/23/09; Due 10/9/09
Semester Project Assigned 10/14/09
Assignment #3 Assigned 10/30/09; Due 11/9/09
Helpful Hints:
Booting
with the CD.
Links
· http://www.eecs.utoledo.edu - EECS Department Main home page
· http://www.eng.utoledo.edu - University of Toledo Engineering Home page
Back
to Dr. Standley’s
Home page.