January 27th, 2004, 05:14 AM
A Little Advice, please...
I'm a COSC major at UT Permian Basin, and I've enrolled in a research class this semester... My topic -Internet Security - I picked the subject because I know that there is an abundance of free information out there on this topic. But, now I feel a little overwhelmed. I'm not really sure which direction I want to take my research. Currently, I'm considering taking a "lab rat" computer up to the school lab, and illustrating how trojans and worms work by first using the dial-up on the lab rat to get online, and then using one of the school's network computers to send a trojan (probably something simple and well known, like the Sub7 via e-mail, I guess) and a worm, and then execute them on the lab rat. Obviously, I'll have to disable the lab-rat's antivirus software. That's a good start, I guess - then I could illustrate how to fix the lab-rat, and talk about precautionary measures (namely not downloading anything that you weren't expecting to be sent to you). I don't know - I mean, all of this would work, but Internet Security is far more advanced than just trojans and worms and not downloading things... I have until late May to come up with a fifteen minute presentation, and I'd really appreciate it if some of you 'AOers' would throw a little advice my way on some interesting security topics I could research to "spice up" my project. Thanks a lot...
- Wiski C.
January 27th, 2004, 05:25 AM
If it's for a research project, I say build a honeypot. You'll learn tons of stuff.
www.honeynet.org is a great place to start.
Get a copy of HoneyD and go.
January 27th, 2004, 11:54 AM
Please don't use school computers to inject the virus/worm/trojan with.
Two boxes hooked up together, however not on any school network will suffice. The honeypot idea is much wiser. You'll get plenty of info to use for your project.
January 27th, 2004, 12:11 PM
Like you said you were a bit overwelmed right? well everyone is, in this subject the more you learn, the more you realize you have so much more to learn.
But as it is a research project, you should of researched yourself a bit, come up with a few topics then ask for suggestions.
Good luck with it
p.s. Hey, checking out the honeypot project now for the first time now, really kool, thanx for the link!
January 28th, 2004, 12:33 AM
Thanks for the advice - Really appreciate it. I'll check out the honeypot project tonight - sounds intriguing... Thanks again - by the way - why not use school computers to inject worms, etc.? Just curious....
January 28th, 2004, 12:41 AM
Well, the obvious reason would be that your school probably has a computer use policy that prohibits thoe types of actions and they also probably carry a stiff penalty, such as loss of access or expultion.
That aside, even if given permission to infect a school computer, which is highly unlikely that any such permission would be given, if it made it into the general population of the school's LAN, it could cause a lot of damage and result in you losing all computer access privelages or expultion from the school.