Network & Computer Security (Reti e Sicurezza Informatica)
Professor: Giovambattista Ianni - http://www.gibbi.com
Office hours and Exams registration: Monday 15:00-17:00
Teaching assistant: Davide FuscĂ Office hours: by appointment
Facebook Group.
Starting from the academic year 2015-16, this course is no more active and has been split in the separate courses of Network And Security and Secure Software Design
For students following an old study curriculum (people enrolled to the Master in Computer Science up to and no later than academic year 2014-15): the exam (to be taken on the old course topics) can be taken up to exhaustion of students which require that. DON'T WORRY!
You missed the course or you want to follow the course again? Then I suggest you to follow the two new courses of "Network and Security (1st year)" and "Secure Software Design (2nd year)"
- This course is given in English. Material in italian is available but it can be slightly or severely outdated
General information
Detailed course description sheet here/qui
News
- None, at the moment.
Projects assignments
Teaching Material
Introductory lecture - Download (Last update: Oct 2020)
Cryptography and Digital signature
All slide sets from the book "Criptography and Network Security" download
Symmetric Cryptography - Download (Last update: Oct 2021)
DES Encryption - Download (Last update: Oct 2021)
AES Encryption - Download (Last update: Oct 2021)
Block Cipher Modes - Download (Last update: Oct 2021)
Random Numbers and stream ciphers - Download (Last update: Oct 2021)
Asymmetric Encryption - Download (Last update: Oct 2021)
Diffie-Helmann like key exchange - Download (Last update: Oct 2021)
Cryptographic Hash Functions - Download (Last update: Oct 2021)
Key Distribution and PKI - Download (Last update: Dec 2020)
SSL+TLS infrastructure
Layer 2 Security
Security of Layer 2 Links - Download (Last update: Jul 2023)
IT (old version 2012 in Italian)
WLAN technologies and security
Most popular MITM attacks on layer 2
Layer 2 & 3: Virtual Private Networks
Info = <class 'urllib2.HTTPError'> HTTP Error 404: Not Found <traceback object at 0x900e70c><-->Line = 54URL = https://www.mat.unical.it/ianni/RSI-Web/slides/VPN.ppt
VPN with SSH Tunneling
Linux VPN Technical Analysis
How to setup a PPTP/GRE server on Linux
How to setup a L2TP/IPSec server on Linux -
Common VPN security flaws
Layer 4 & 5 Security
SSL+TLS infrastructure
Laboratory: OpenSSL in practice - Download (Last update: Oct 2020)
How to configure an Apache server with a SSL certificate - Download
Laboratory sessions
Laboratory session 1 - primaParte.pdf secondaParte.pdf
Laboratory session of 24 March 2011 -esercizio1.pdf esercizio2.pdf
Laboratory session of April 3d 2013 - PKI and SSL
Laboratory session of April 16th, 2013, Aircrack - WEP EN - IT
Aircrack - WPA - Download (Last update: Oct 2020)
Ettercap MITM - Download (Last update: Oct 2020)
SSL-Attack (HeartBleed) - Download (Last update: Oct 2020)
SSL Attack (SSLStrip) - Download (Last update: Oct 2020)
- Instructions on how to build a SSH VPN on the above lab
Laboratory IPsec
Info = <class 'urllib2.HTTPError'> HTTP Error 404: Not Found <traceback object at 0x9015914><-->Line = 54URL = https://www.mat.unical.it/ianni/RSI-Web/laboratorio/NETKIT-VPN/ipsec/ipsec.txt -
Info = <class 'urllib2.HTTPError'> HTTP Error 404: Not Found <traceback object at 0x9015a54><-->Line = 54URL = https://www.mat.unical.it/ianni/RSI-Web/laboratorio/NETKIT-VPN/ipsec/ipsec-fullconf.txt
Info = <class 'urllib2.HTTPError'> HTTP Error 404: Not Found <traceback object at 0x9015b6c><-->Line = 54URL = https://www.mat.unical.it/ianni/RSI-Web/laboratorio/exploit-exercise/exploit-exercise.rar
Laboratory session of 12 April 2011 -esercitazione_12_aprile_2011.zip
Laboratory session of 20 April 2011 -appunti_esercitazione_20_4_2011.txt
Laboratory session of 3 May 2011 - labRSIclean.tar.gz
Laboratory session of 18 May 2011 - esercitazione_18_maggio_2011_new.tar.gz
Host security and other selected topics
Physical Security - download
Software integrity, buffer overflow, SQL injection - http://www.mat.unical.it/ianni/storage/SoftSecSQLInj.ppt
Windows Internals and its security - download
Rule-based IDSs: Snort
Malware analysis - here
Demo of Functions for accessing the registry & Software integrity - here
Password storage, MSChap-v2, SRP - Download (Last update: Jul 2023)
How to install Netkit
Netkit consists of three files that are here.
Then apply the patch 2 as described here
Netkit web site - http://www.netkit.org/
WebGoat Solution
- Access Control Flaws:
- Injection Flaws:
- XSS:
- Parameter Tampering: