Fall 2021
Prof. Charles Nicholas
410-455-2594
nicholas@umbc.edu
ITE 356
Office hours: MW 2:30-4pm, subject to change
I'll be holding all office hours over WebEx: https://umbc.webex.com/meet/nicholas
but it's a good idea to send email before trying to meet with me, since my schedule may change at short notice.
We have several Undergrad Teaching Fellows for this course.
The TA and UTFs will hold office hours in the Discord site, as shown below. Subject to change, see the entries for specific weeks below.
Discord details are TBD at this moment.
UTF Name |
Email Address |
Office Hours |
Richard Baldwin |
richardbaldwin@umbc.edu |
Thu 10:30am-12:30pm |
Henry Budris |
hbudris1@umbc.edu |
Wed 1-3pm |
Nikola Bura |
nbura1@umbc.edu |
Wed 5:15-7pm, AND |
Chris Hamer |
chamer1@umbc.edu |
Fri 5-7pm |
Robert Shovan |
rshovan1@umbc.edu |
Mon 4-6pm |
Chris Skane |
chrisk3@umbc.edu |
Tue 3-5pm |
Course information
Class begins on Wednesday, September 1, 2021, 7:10-9:25pm,
The class will meet entirely on-line, over a combination of WebEx and Discord.
The WebEx link is https://umbc.webex.com/umbc/j.php?MTID=mc04f2831da4876220e6d1a3d2442c2cb
The WebEx portion(s) of each class will be recorded automatically, and made available after each class session.
Course website: https://www.csee.umbc.edu/courses/undergraduate/CMSC491activeCyber/
No face-to-face activity is expected. If I agree to meet yoiu in person in my office, we'll both be wearing masks, vaccinated or not. That's UMBC policy at this time.
If illness of any kind keeps you from finishing an assignment on time, let me know, and we'll try to be helpful.
Prerequisites:
Interest in cyberdefense, including inter-collegiate competition. Computer Science background equivalent to Data Structures CMSC 341 is assumed.
This is a large class this semester! You may attend the class sessions even if you are not enrolled. The Cyberdefense club meets in the same place and time.
This is NOT an entry-level systems or security course. Students are expected to have a working knowledge of the Windows and Unix operating systems, networks, and/or software development techniques, along with interest if not experience in planning and conducting both penetration testing and countermeasures development.
Abuse of the knowledge or experience you gain in this course may subject you to discipline under UMBC policy and/or criminal prosecution. Do not expect your status as a student to protect you if you break the law! Hacking into campus computers (other than systems approved for such a purpose) is a violation of UMBC policy, and may result in disciplinary action possibly including expulsion, in addition to possible criminal charges.
Overview
- The purpose of this course is to provide a means of awarding academic credit to those who intend to participate in the UMBC CyberDefense Club weekly meetings.
- CyberDawgs website: http://umbccd.umbc.edu/
- Mailing list: https://groups.google.com/a/umbc.edu/g/umbccd-group (request)
- This is a HANDS ON course. You will need a laptop - or desktop - computer!
- Everybody will be required to participate in some fashion in the cyberdefense competition that the Cyberdawgs will be organizing this fall. Performance in that event may qualify you for membership in our Cyberdefense Team, which has won several regional and national competitions in recent years.
- Everybody is welcome at this and future class meetings, even if not enrolled in the class.
- This class was taught for the first time in Fall 2017, and the web sites for Fall 2017, Fall 2018, Fall 2019, and Fall 2020 are still available.
Notes on the Schedule (Subject to Change)
- Meeting 1 INTRODUCTION September 1
Before trying to particpate in class, test these...
The class WebEx link is https://umbc.webex.com/umbc/j.php?MTID=mc04f2831da4876220e6d1a3d2442c2cb
The class Discord: https://discord.gg/68VSqMp which will be used for post-lecture discussion.
Since many of you will be participating from off campus, it is necessary for you to access the campus network usig a VPN. Or participate as a Guest, but that means I will have to let you joiu the meeting...
Instructions for using the VPN are found here:
https://wiki.umbc.edu/display/faq/Getting+Connected+with+the+New+UMBC+GlobalProtect+VPN
You will need to establish the VPN connection before you will be able to access our WebEx or Discord links. This is to prevent the rest of the world from accessing the instructional material that you are paying for with tuition dollars! and to make it more difficult for others to disrupt the class via WebEx-bombing.
This will be an introduction and orientation session.
You are welcome to attend if that helps you decide whether to enroll in the class, or if it helps you decide if you want to be involved in the Cyberdefense club.
Discuss how grades will be assigned, what homeworks might be given, and so forth. Attendance but also active participation are important!
People who master the material to the point where they can effectively help others are likely to be awarded a good grade.
I anticipate giving many As, many Bs, and few if any lower grades.
Experienced club members will be able to talk about how to get started
There is a UMBCCD email list, which you can join from the club web page UMBC CyberDefense Club.
The slides for this evening. (We use Google Slides.)
The Kali VM is found here. You won't need this during class tonight, but you'll need it next week!
The recordings of class sessions for this semester will be found here. You will need to use the UMBC VPN, or authenticate with myUMBC.
- Meeting 2 Linux Administration September 8
Announcements from Dr. Nicholas and others?
By now you should be more comfortable with VirtualBox. Because you will need it!
The personal version of VirtualBox, including Guest Additions, is free for students. The Extensions pack is not necessary, and it is NOT free.
You may have heard of the NSA Codebreaker Challenge. This counts towards the class competition requirement.
The slides for this evening.
The lab for this evening. Due at 7pm on September 15. Submission through Blackboard.
The recordings of class sessions for this semester will be found here.
- Meeting 3 Windows Administration September 15
Charles to announce change in schedule for December...and dropping attendance as a grading criteria.
The class WebEx link from before should still work and that was:
https://umbc.webex.com/umbc/j.php?MTID=mc04f2831da4876220e6d1a3d2442c2cb
Please install this OVA file, which is a Windows 2016 server: https://drive.google.com/file/d/1Y1jpg4fpD39wfuR8GZbs7ZoKsO8gD06F/view?usp=sharing
For this VM, the username is Administrator and the password is Sqordfish0!
You can view this evening's slides here.
The lab for this week. Due at 7pm next Wednesday, September 22.
This homework may be just a bit longer than last week's lab, so plan accordingly.
We are aware of upcoming religious holidays, just let Dr. Nicholas know if you need extra time.
For those celebrating Yom Kippur this evening and tomorrow, Blessings of the Day!
The recordings of class sessions for this semester will be found here.
- Meeting 4 Host-based Firewalls September 22
The slides for tonight.
A networking overview on YouTube
The drawing tool https://app.diagrams.net/
The network diagram example
Firewall vendors offer lots of documentation, for example Palo Alto
We described an open-source firewall called pfSense
Check out this CIDR Calculator
The homework being assigned tonight.
The grading criteria for the course have changed a bit. Homework 80%, competition 20%, attendance not tracked.
For the competition requirement, we need a 2-page writeup. Discuss your experience in the competition, how this course did or did not help you, and any lessons learned. More on this later, I suspect.
The recordings for this class session are ALREADY available here. It will be this same link for the whole semester.
- Meeting 5 September 29
Linux Hardening
The slides for tonight
The homework being assigned tonight.
CDE signups: https://forms.gle/PQJv8GZxE71GN2vx5
Some of us recommend the documentation for Arch as a general Linux reference
The study guides for the Red Hat certification(s) are useful, if you prefer reading a book! Consider this example.
For information on lots of Linux distributions, see Distro Watch
The recordings of class sessions for this semester will be found here.
- Meeting 6 October 6
Windows Hardening
The slides for tonight.
The homework being assigned tonight.
Last spring's session on Windows Shenanigans
Dr. Steve Bagley explains Monday's Facebook outage on Computerphile. The YouTube clip starts at about 30 seconds in.
The recordings of class sessions for this semester will be found here.
- Meeting 7 October 13
Incident Response
You will need this VM before class tonight
The slides for tonight
The homework being assigned tonight. You'll have two weeks to do this one, which will be in TWO parts.
Sysinternals documentation from HowToGeek
The recordings of class sessions for this semester will be found here.
- Meeting 8 October 20
Guest Speaker! Chris Gardner from Mandiant will be speaking on "Point-off-Sale Malware Analysis"
No new homework tonight.
Rob Shovan will be discussing the upcoming CDE competition.
Preparing for CDE.
The recordings of class sessions for this semester will be found here.
- Meeting 9 October 27
CDE comments
Ten Minute Power Hour - several short and interesting talks!
The poster for Nicholas's power hour talk
NO new homework this week!
We have a high opinion of TryHackMe
RJ's Windows XP malware from last year (mp4) (vtt)
The recordings of class sessions for this semester will be found here.
- Meeting 10 November 3
Web Hacking
A guest speaker, Mr. Nicholas Zajciw, from HackerOne
The slides should now be available.
The homework for this week is ready. We plan to devote some class time to this...
The recordings of class sessions for this semester will be found here.
Dr. Nicholas hopes to talk about the competition writeup:
Competition Writeup is worth 20% of the grade. We expect no more than two pages of text, PDF please.
- What competition did you participate in? If there's a specific date, e.g. the CDE held on 23 October, mention that.
- What was the format of the competition? CTF, Red vs. Blue, or something else?
- What part of the competition did you enjoy the most? what part did you enjoy the least?
- Is there a topic or a cyber-skill that you found most useful?
- Is there a topic or a cyber-skill that you wished you had more of?
- Was the competition a learning experience? If so, how?
- The writeup will be submitted using BlackBoard, as usual, due date 11:59pm Sunday December 5, 2021.
- What competition did you participate in? If there's a specific date, e.g. the CDE held on 23 October, mention that.
- Meeting 11 November 10
Offensive Security
The slides for this week.
Prof. Nicholas will present some slides on Password Cracking
This week's lab assignment.
The Ubuntu VM for the lab.
The recordings of class sessions for this semester will be found here.
- Meeting 12 November 17
Capture The Flag
Although this is just another homework, anybody who does well on this in-class CTF will have reason to hope for a good grade in the class!
The slides for this week
You will have TWO weeks to work on this CTF.
You need to register here. Upon successful registration, you will have access to the challenges.
The recordings of class sessions for this semester will be found here.
- November 24
Campus will be closed on this date, it being Thanksgiving Eve.
At some point, you will get an email from the campus, asking you to fill out the SEEQ. Please do this!
Recall that the Student Evaluation of Educational Quality (SEEQ) is a standardized course evaluation instrument used to provide measures of an instructor’s teaching effectiveness. The Direct Instructor Feedback Forms (DIFFs) were designed to provide feedback to instructors.
The responses to the SEEQ and the DIFFs will be kept confidential and will not be distributed until final grades are posted.
- Meeting 13 December 1
Round Table Discussion
No new homework tonight.
We are interested in hearing from students on any topic relevant to the course, broadly speaking. Feel free to share comments and insights that you put into your competition write-ups.
If you were not able to attend tonight's meeting or would like to provide additional feedback to us (there are a few additional questions), please fill out this form. We would really appreciate your feedback to improve the class and club meetings in the future!
The Student Course Evaluation web site for this semester has been opened.
Competition Writeup will be due 11:59pm December 5, Sunday following this Wednesday. See details under November 3.
The recordings of class sessions for this semester will be found here.
PLEASE, be sure to complete the course survey for CMSC 491/691, which provides valuable feedback for me, the TAs. and the university. We appreciate the time that you take to complete these surveys, and the department and I take them seriously as a way to keep improving CS courses.
While you're at it, please complete the course surveys for all of your courses, and ask your friends to do the same! The administration actually does look at the data and we do our best to work with departments and faculty both to address problems, and to recognize excellent teaching.
- Meeting 14 December 8
Guest Speaker! Drew Barrett from Percival. UMBC alum and former CyberDawg!
The recordings of class sessions for this semester will be found here.
PLEASE, be sure to complete the course survey for CMSC 491/691, if you have not yet done so!
- There is NO final exam in this class...but anybody who does well on the in-class CTF held in late November will have reason to hope for a good grade!
Textbook(s): None
The following book(s) are not required, but may be helpful:
Cyberoperations, by Mike O'Leary, second edition
Windows Internals, Parts 1 and 2, by Mark Russinovich
Hacking: the art of exploitation, by Jon Erickson.
Be careful when dowloading "free" copies of this or similar books! Additional resources, varying in quality, can be found on Wikibooks and other places.
Course Policies
Grading
Students enrolled in CMSC 491 will be expected to attend and participate in the weekly Cyberdawg meetings, including the prep work that may be announed before or after each class session. Also, to suggest resources that could be added to this site, such as on-line tutorials, tools, YouTubes, and so forth. Students enrolled in CMSC 691 will be subject to the same expectations as students in 491.
Grading Scheme: 20% competition participation, 80% homeworks. Homeworks are equal weight, and there will be 8-10 of them. There are no exams.
You will be given time to work on each lab during the meetings. Some labs may have a group portion and an individual portion. You may collaborate with other students or CyberDawgs club members on the group portion of such labs. However, you must still complete the lab on your own virtual machine. You may not work on the individual portions of the labs with any other students or club members. Labs must be submitted by 7:00pm the following Wednesday. Whatever the number of lab assignments, the lowest lab grade will be dropped.
You are required to participate in at least one CTF or red team/blue team competition during the semester. At this time, we expect all such events to be online. Events hosted during regular club meetings do not count towards this requirement. Recommended competitions will be discussed in class. If you would like to compete in a competition that has not been mentioned, please email Dr. Nicholas.
Accessibility and Disability Accommodations, Guidance and Resources
Accommodations for students with disabilities are provided for all students with a qualified disability under the Americans with Disabilities Act (ADA & ADAAA) and Section 504 of the Rehabilitation Act who request and are eligible for accommodations. The Office of Student Disability Services (SDS) is the UMBC department designated to coordinate accommodations that creates equal access for students when barriers to participation exist in University courses, programs, or activities.
If you have a documented disability and need to request academic accommodations in your courses, please refer to the SDS website at sds.umbc.edu for registration information and office procedures. If you would like to help ADA students, I understand that the SDS office hires students for this purpose...
SDS email: disAbility@umbc.edu
SDS phone: (410) 455-2459
If you will be using SDS approved accommodations in this class, please contact Dr. Nicholas to discuss implementation of the accommodations. During remote instruction requirements due to COVID, communication and flexibility will be essential for success.
Sexual Assault, Sexual Harassment, and Gender Based Violence and Discrimination
UMBC’s Policy on Sexual Misconduct, Sexual Harassment and Gender Discrimination and Federal Title IX law prohibit discrimination and harassment on the basis of sex, sexual orientation, and gender identity in University programs and activities. Any student who is impacted by sexual harassment, sexual assault, domestic violence, dating violence, stalking, sexual exploitation, gender discrimination, pregnancy discrimination, gender-based harassment or retaliation should contact the University’s Title IX Coordinator to make a report and/or access support and resources:
Mikhel A. Kushner, Title IX Coordinator (she/they)
410-455-1250 (direct line), kushner@umbc.edu
You can access support and resources even if you do not want to take any further action. You will not be forced to file a formal complaint or police report. Please be aware that the University may take action on its own if essential to protect the safety of the community.
If you are interested in or thinking about making a report, please see the Online Reporting/Referral Form. Please note that, while University options to respond may be limited, there is an anonymous reporting option via the online form and every effort will be made to address concerns reported anonymously.
Notice that Faculty are Responsible Employees with Mandatory Reporting Obligations:
All faculty members are considered Responsible Employees, per UMBC’s Policy on Sexual Misconduct, Sexual Harassment, and Gender Discrimination. Faculty are therefore required to report possible violations of the Policy to the Title IX Coordinator, even if a student discloses something they experienced before attending UMBC.
While faculty members want encourage you to share information related to your life experiences through discussion and written work, students should understand that faculty are required to report past and present sexual assault, domestic and interpersonal violence, stalking, and gender discrimination that is shared with them to the Title IX Coordinator so that the University can inform students of their rights, resources and support.
If you need to speak with someone in confidence, who does not have an obligation to report to the Title IX Coordinator, UMBC has a number of Confidential Resources available to support you:
- The Counseling Center: 410-455-2472 / After-Hours 410-455-3230 [Monday – Friday; Academic Year: 8:30 a.m. – 5 p.m; Summer: 8:30 a.m. – 4:30 p.m. ]
- University Health Services: 410-455-2542 [Monday – Friday 8:30 a.m. – 5 p.m.]
- Pastoral Counseling via Interfaith Center: 410-455-3657; interfaith@umbc.edu [7 days a week; Fall and Spring 7 a.m. – 11 p.m.; Summer and Winter 8 a.m. – 8 p.m.]
Other Resources:
- Women’s Center (for students of all genders): 410-455-2714; womenscenter@umbc.edu. [Monday-Friday; Spring 10 a.m.-4 p.m.]
- Shady Grove Student Resources, Maryland Resources, National Resources.
Child Abuse and Neglect: Please note that Maryland law and UMBC policy require that the faculty report all disclosures or suspicions of child abuse or neglect to the Department of Social Services and/or the police.
Pregnancy
UMBC’s Policy on Sexual Misconduct, Sexual Harassment and Gender Discrimination expressly prohibits all forms of Discrimination and Harassment on the basis of sex, including pregnancy. Resources for pregnant students are available through the University’s Office of Equity and Inclusion. Pregnant and parenting students are encouraged to contact the Title IX Coordinator to discuss plans and assure ongoing access to their academic program with respect to a leave of absence or return following leave related to pregnancy, delivery, or the early months of parenting.
In addition, students who are pregnant may be entitled to accommodations under the ADA through the Student Disability Service Office, and/or under Title IX through the Office of Equity and Inclusion.
Religious Observances and Accommodations
UMBC Policy provides that students should not be penalized because of observances of their religious beliefs, students shall be given an opportunity, whenever feasible, to make up within a reasonable time any academic assignment that is missed due to individual participation in religious observances. It is the responsibility of the student to inform the instructor of any intended absences for religious observances in advance, and as early as possible. For questions or guidance or to request an accommodation, please contact the Office of Equity and Inclusion at oei@umbc.edu.
Hate, Bias, Discrimination and Harassment
UMBC values safety, cultural and ethnic diversity, social responsibility, lifelong learning, equity, and civic engagement.
Consistent with these principles, UMBC Policy prohibits discrimination and harassment in its educational programs and activities or with respect to employment terms and conditions based on race, creed, color, religion, sex, gender, pregnancy, ancestry, age, gender identity or expression, national origin, veterans status, marital status, sexual orientation, physical or mental disability, or genetic information.
Students (and faculty and staff) who experience discrimination, harassment, hate or bias or who have such matters reported to them should use the online reporting/referral form to report discrimination, hate or bias incidents; reporting may be anonymous.
Thanks!