your exercise iLab 1+2 info event online Tell your friends! - - PowerPoint PPT Presentation

you set the focus

The iLab Experience

a blended learning hands-on course concept

Final Lecture

Marc-Oliver Pahl, Jul 25, 2017

your exercise

iLab 1+2 info event online

• Tell your friends!
• https://www.net.in.tum.de/teaching/ws1718/ilab_information.html

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2

DIY1 - Smart Space HW DIY2 - Smart Space SW Kick Off, Mini Labs, IPv6 - part I World-Wide-Web Security Holes Your Exercise Mad Brainstorming Advanced Wireless Playground YE 1st Lecture YE Review Presentation YE Final Presentation, Wrap-Up

25.4. 2.5. 9.5. 16.5. 23.5. 30.5. 8.6. 13.6. 20.6. 27.6. 4.7. (11.7.) 18.7.

IPv6 - part II, Mini Lab Lectures MiniLabs, BGP YE Topic Presentation and Voting, Modern Cryptography YE Didactics and Techniques summer term 2017

15

25.7.

Giving good Feedback

your exercise

*

Somehow “Stable” Internal Tests Student Run

Feedback Revision

~2h Introductory Lecture

~30-35h Team Prepares Exercise

~2h First Lecture Presentation

~20-25h Review

~2h Final Presentation

~2h Received Feedback Pres.

~20-25h Revising new lab

I give you some tools and experience

wikimedia: Biser Todorov

Learn from each other…

Topic Brainstorming Result May 16, 2017

Topic Voting Event May 23, 2017

2017-07-04 First Lecture - What was good? What could be improved?

2017-07-04 Giving Feedback - What do you know about Feedback?

2017-07-04 Giving Feedback - What are your open Challenges?

2017-07-18 Review Reporting - What are your main Points for PreLab, Lab, and other aspects?

• 2 slide decks for your two

topic presentations (each talks one topic!)

• Slide deck lecture (2 talk!)
• Ready PreLab, Lab
• Review report
• Slide on review feedback &

planned improvements

• Final lecture slides
• Final PreLab, Lab, Peer Grade

Expected Artefacts

your exercise

Creation of Lecture, PreLab, Lab Revision

peer grading

• Week -5:
• Prepare your 2x3 min talks
• Week -4:
• Plan the structure and content of your lab, prelab, and lecture.
• Week 1:
• Lecture Preparation (most relevant concepts?)
• Prelab Preparation (detailing the lecture content + tools + more)
• Practical Part Lab Preparation (no cooking recipe)
• Week 2+3:
• Work on your content.
• Week 4:
• Review other team
• Get reviewed by other team
• Start improving based on the feedback
• Week 5:
• Improve your exercise based on the feedback
• Week 6:
• Finish your lab and the review reports.

19.6. 26.6. 11.7. 25.7. 22.5. 18.7.

• 30.7.

Deadline

• X

X X X X X X

The Peer Review

You will grade your reviewed team.

you set the focus

The iLab Experience

a blended learning hands-on course concept

Your Final Lecture

15(+1) Minutes

You make it interesting…

Flickr:nist6dh

Order of Presentations

Team Topic 201 Email spoofing 202 War Rooms! 203 Hiding in plain sight

create your own exercise

EMAIL SPOOFING MY BANK NEEDS MY PASSWORD

Armin Baur & Moritz Kellermann

1

Motivation

• Email Spoofing – My Bank needs my Password
• Sender email address can be spoofed easily

– People trust the sender address – Spam can be send on behalf of others

• Messages can be manipulated

2

SMTP

• Simple Mail Transfer Protocol (SMTP)
• First RFC published August 1982
• Original design of SMTP has no facility to

authenticate sender

3

SMTP

4

MUA Mail User Agent MSA Mail Submission Agent MTA Mail Transmission Agent MDA Mail Delivery Agent

5

Email Header

Security Mechanisms

• Sender Policy Framework (SPF)
• DomainKeys Identifed Mail (DKIM)
• Domain-based Message Authentication,

Reporting and Conformance (DMARC)

6

SPF

• Checks that incoming mail from a domain

comes from a host authorized by that domain

• Authorizes hosts by IP addresses via DNS

– TXT Resource Record – SPF Resource Record (obsolete)

7

source.tld TXT= "v=spf1 ip4:192.0.2.0/24 mx a –all"

Spoofing MTA (Return-Path)

8

SPF

9

DKIM

• Cryptographic signing of outgoing email
• Prevents email manipulation
• Public key is published via DNS

– TXT Resource Record

10

unknown._domainkey.source.tld TXT= "DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeo/3jmZJii2wKBBpCiE

DMARC

• Prevents spoofing of email addresses
• Requests reports about spoofed email
• Publishes the DKIM signing policy of a domain

– TXT Resource Record

11

_dmarc.source.tld TXT= "v=DMARC1; p=reject;"

Spoofing Sender Email (From)

12

DMARC/DKIM

13

Lab

• Analysing email headers
• Spoofing MTA host address
• Spoofing email address
• Configure SPF, DKIM and DMARC

14

Teaser Practical Part

15

Alice (MTA + MDA) Eve (MTA) Bob (MTA + MDA) Switch (DNS)

Order of Presentations

Team Topic 201 Email spoofing 202 War Rooms! 203 Hiding in plain sight

create your own exercise

WAR ROOMS!

Andreas Janiak and Donika Mirdita

1

What is War Rooms?

Is inspired from the game over the wire, and was meant to learn and practice security concepts within a secure environment. The name was derived from the rooms = current pc and the battle against the system to win the victory file.

2

http://overthewire.org

Motivation

• Be comfortable working with the command line
• Know how to debug and explore

– Incomplete knowledge of networks – Handle unknown environments

• Learn to use new tools
• Improve skills with the old tools

3

Lecture Overview

1.IPv4/IPv6 Recap 2.Systemd-Networkd deamon 3.Linux tools 4.OverTheWire Demo

4

IPv4/IPv6 Recap

Networks need to be able to interact with a variety of host configurations:

• IPv4 and IPv6 compatibility
• Dual Stack IPv4/IPv6 support
• Gateway and Broadcast addresses
• Routing for the Internet

5

Introduction to Systemd

Linux service and system manager.

• Runs as PID 1; starts the rest of the system
• Enables control over daemons
• Built-in daemons for logging and system

configuration

6

https://wiki.archlinux.org/index.php/systemd

Systemd Tools

1.Systemctl - manager for systemd 2.Journalctl - logging system 3.Systemd-networkd - network manager 4.Hostnamectl - system hostname manager 5.Services - Service Unit Configuration

7 https://www.freedesktop.org/software/systemd/man/

Linux tools

• ssh, sshpass → secure shell
• find → search data
• grep → searches content
• | → pipelines
• nmap → network discovery and security tool

8

Over the wire demo

Demo...

9

Teaser Practical Part

10

1 2 3 6 5 4

Order of Presentations

Team Topic 201 Email spoofing 202 War Rooms! 203 Hiding in plain sight

https://www.youtube.com/watch?v=4vIu8ld68fc

https://www.youtube.com/watch?v=4vlu8ld68fc

reate your own exercise

Hiding in plain sight

Yoav Schneider

2

Covert Channels

 De%nition  How to encode and decode data  Examples  Detection and Prevention

3

Covert Channels

„In computer security, a covert channel is a type of computer security attack that creates a capability to transfer information objects between processes that are not supposed to be allowed to communicate by the computer security policy” https://en.wikipedia.org/wiki/Covert_channel

4

Scenario

 Leak Data  Control computers in a botnet  Distribute Malware

5

„The Medium is the Message”

 Protokol  Data  Timing  Physical  Fan speed  Blinking leds

6

Marshall McLuhan, 1964

„The Medium is the Message”

 Protokol  Data  Timing  Physical  Fan speed  Blinking leds

7

„The Medium is the Message”

 Protokol  Data  Timing  Physical  Fan speed  Blinking leds

8

„The Medium is the Message”

 Protokol  Data  Timing  Physical  Fan speed  Blinking leds

9

„The Medium is the Message”

 Printer Watermarks

10

„The Medium is the Message”

 Protokol

11

„The Medium is the Message”

 Example: Send “0x12345678” using the source port

12

0x1234

„The Medium is the Message”

 Example: Send “0x12345678” using the source port

13

0x5678

Detection

Hard Pattern Based Anomally Based

14

Detection

Hard Pattern Based Anomally Based

15

Prevention

 Software Isolation (VM)  Air Gap, the ultimate defence?

16

17

The Following Learning Goals are Covered in the Lectu re PreLa b Lab Understand what covert channels are used for X X Learn about diEerent types of covert channels X X X Learn about some counter measures X X Introduce the packet manipulation tool scapy X X Create a covert channel with TCP Handshake X Bonus – Create a covert channel using DNS X

T easer Practical Part

18

FSB NSA DNS

Secret DB

Feedback

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2

DIY1 - Smart Space HW DIY2 - Smart Space SW Kick Off, Mini Labs, IPv6 - part I World-Wide-Web Security Holes Your Exercise Mad Brainstorming Advanced Wireless Playground YE 1st Lecture YE Review Presentation YE Final Presentation, Wrap-Up

25.4. 2.5. 9.5. 16.5. 23.5. 30.5. 6.6. 13.6. 20.6. 27.6. 4.7. (11.7.) 18.7.

IPv6 - part II, Mini Lab Lectures MiniLabs, BGP YE Topic Presentation and Voting, Modern Cryptography YE Didactics and Techniques summer term 2016

15

25.7.

Giving good Feedback

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

Your Mini Lab Selection…

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

• Defeat the Lag Controlled bandwidth sharing for optimizing the Internet experience in your colo.
• Virtual Private Networks with Tinc Setting up VPNs.
• HTTP/2 - Make the Web Fast Again Features of HTTP/2.
• Hacking and Defense, Black hat or White hat? You decide! Attack and secure your network.
• Let's Encrypt, just another CA? Setting up CAs.
• Multipath TCP Internet connections over multiple paths.
• Blockchain The Trust Machine: Experiencing blockchains on your own.
• The Quest Of The Mailserver Setting up email.
• MQTT - An IoT Protocol A middleware for the IoT.
• High Availability Proxy Providing availability via proxies.
• Time is Power - Quantum Insert The Quantum Insert NSA attack.

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

The topic descriptions are online. The most selected 2-3 will be done as mini labs this year. You will get a mail on how to choose. Deadline is Friday night.

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

23.5.2017 Introduction into modern cryptography.

Black Box 1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

IoT Smart Space Orchestration P2P Measurements Statistical Evaluation

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

Discover the diverse expertise in your class ;)

Your exercise madness

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

Discover the diverse expertise in your class ;)

Your exercise topic voting

1 2 3 4 5 6 7 8 9 10 11 12 13 BGP IPv6 2-3 mini labs SEC Advanced WL 14 Your Exercise S2O 1 S2O 2 15

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

your exercise

BGP IPv6 2-3 mini labs SEC Advanced WL Your Exercise S2O 1 S2O 2

*

Somehow “Stable” Internal Tests Student Run

Feedback Revision

~2h Introductory Lecture

~30-35 Team Prepares Exercise

~2h First Lecture Presentation

~20-25h

Review

~2h Final Presentation

~2h Received Feedback Pres.

~10-12 Revising new lab

9 10 13 14 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 BGP IPv6 2-3 mini labs SEC Advanced WL Your Exercise S2O 1 S2O 2

Giving Feedback

11

you set the focus

The iLab Experience

a blended learning hands-on course concept

Your Self-Assessment

Reported Difficulty/ Interest/ Length

• 3
• 2
• 1

IPv6 part 1 IPv6 part 2 BGP Adv_Wireless WWWSec DIY1 DIY2 DIY_Measurement

difficulty interes.ng long

2017ss

Time Reported PreLab/ Lab

IPv6 part 1 IPv6 part 2 BGP Adv_Wireless WWWSec DIY1 DIY2 DIY_Measurement

hours p weekly

2017ss prelab lab

What will you learn?

• The content:
• Become a network master
• Become a debug pro
• Work in a team
• Act in a multicultural

environment

• Read, write, and speak English
• Focus on a specific topic and master it
• Build hardware
• Create your own course. Learn how to:
• Communicate (written and orally) and teach

technical content

• Collect and give constructive feedback
• …

interactivity

Multiple-Choice Results Ranking in the Group Discussion with Others Credits Correction Comments Discussion at the Lecture Exam Feedback Exam Mark Multiple-Choice Results Feedback Interaction Lab Credits Discussion at the Lecture Oral Exam Impression

S e l f - L e a r n i n g S u p p o r t F e e d b a c k t o t h e T e a c h e r s

Feedback is important to encourage the learners to continue

• learning. It is a

main mean for motivation. Feedback is important for the teachers as well as it helps them to adapt to the needs of the current student

• group. The

student feedback is continuously used to improve the exercises.

Feedback Fachschaft

10 Minutes

What did you like most about the iLab2? What could be improved?

you set the focus

The iLab Experience

a blended learning hands-on course concept

Students wanted…

Bachelorthesis Masterthesis IDP Seminar Lectures Student Assistant

0100010101101110011010100110111101 1110010010000001110100011010000110 0101001000000110100101001100011000 0101100010010110000010000101000101 0110111001101010011011110111100100 1000000111010001101000011001010010 0000011010010100110001100001011000 1001011000001000010100010101101110 0110101001101111011110010010000001

Lab

x

Massive Open Online Course

• Worldwide
• ~6-8 weeks
• Online in edX

Moritz Sichert Edwin Cordeiro Lars Wüstrich Stefan Liebald Marc-Oliver Pahl

Preparation: Spring 2017 Run: Fall 2017

Topics

What happens if you type “Google” into Google?

Week4: Layer 4: TCP, UDP, SCTP(?), QUICK (?) − Congestion Control − Flow Control − QoS Week5: Layer 5: DNS and HTTP server − Security − Hierarchy − TLS Week6: Layer 1-8: Firewall and Proxy − iptables − vyos? ... − Transparent proxies − OWASP top 10 Week 7: Final exam − Covering our expected learning goals

Week0: Organizational stuff/ Setup Week1: Basics/ Setting/ Tools/ Layer 1+2 − Channel encoding − MAC addresses − Collision Domains − Ethernet, Token Ring, DWDM Fibre Week2: Layer 3: IPv6 and IPv4 (only as legacy) − ARP (as bridge from L2) − NDP (as bridge from L2) − SLAAC − DHCP − Headers − Fragmentation − Comparison v4 v6 Week3: Layer 3: Routing − NICs, address spaces − Static routing? − OSPF, BGP − Shortest path algorithms

Students Searched for

• content creation
• vlab setup creation for the weeks
• vlab testing
• community page
• tutoring probably in late summer

+ testing / feedback round

IDP Student Assistant (BA/ MA)

Offers mop

• iLab2 Hiwi
• We search two Hiwis.

You are perfectly qualified…

• MOOC 4 Masters about Networking (GRNVS).
• A massive open online course you could help creating.
• Improving DS2OS
• Security, Caching, Use Cases, Demos, iLab2
• Look at the website.

s 2

• .

n e t . i n . t u m . d e

it was great fun with you!

you set the focus

17

Flickr:nist6dh

all the best for you!

you set the focus

17