CSCI 4830/7000 - Ethical Hacking Seminar - Fall 2012
Course Information Sheet
Aug 27, 2012
You are responsible for everything on this handout. Please read it.
What's This Course About??
This is a hands-on course about computer security. Security is a vast
area, so we cannot hope to cover more than a fraction of introductory
material, but we will be ambitious. Expect to work hard.
MWF 11:00am-11:50am (Room ECCR 1B28)
There will be occasional homeworks. There will be occasional quizzes.
The final is a live exercise.
Graduate students will additionally be required to complete a project.
More details will be given later in the course.
Grade weights for undergrads: 45% homework, 25% quizzes, 20% final exam,
participation. For grads: 35% homework, 20% quizzes, 20% final exam,
15% project, 10% class participation.
This is primarily a graduate course. We have it cross-listed as an
undergraduate course so as not to exclude advanced undergraduates who
are nearly finished or who have taken the initiative to learn substantially
more than what their classes teach them.
Given the above, the prerequisites for this class are pretty severe: you
should have at LEAST an undergraduate education in computer science. This
Ideally, you will have some exposure and experience with the following as
- Architecture (you know assembly language and computer organization),
- Networks (you know what ARP, DHCP, DNS, UDP, TCP/IP, ICMP do and how they
work; you know the basics of Ethernet and 802.11, you know what a NAT box is,
what a gateway is, what a firewall is, and the difference between a switch
and a router)
- Operating Systems (you know what a kernel is, you understand processes,
threads, virtual memory, file systems, dynamic linkers, machine virtualization,
- Programming Languages (you know how high-level languages are converted
into machine code, how parameters are passed; you've seen and are familiar
with a wide-variety of languages)
- Web technology (you know the basic set-ups for common web-technology
Finally, you have the heart of a hacker. That is, you are not afraid to
dive in and learn something even if you know nothing about it. You love
computers and technology and are willing to spend hours rooting out the
tiniest details in order to find what you need.
- System Administration (you have administered at least your own machine
and perhaps a few others; you have experience with Windows and Unix/Linux)
- Security Issues (you know the basics of password strength, perhaps
you know how /etc/passwd works on Unix; you know what a DoS attack is)
- Application Frameworks (you know how most major network services work
like SMTP, FTP, HTTP, SSH; you know web-based technology)
- Polyglot (you know a few languages like Bourne/bash, C, C++, Java, Perl,
There is no way any of us (myself included) have mastered everything in the
list above. But students who find themselves with major gaps in the
first list (basic CS background) are probably going to have a rough time in
this class; I reserve the right to refuse admission to the class for those
who lack the appropriate background.
If you want to do a self-assessment, try the hacking test
Gray Hat Hacking
Course Web page
We will maintain useful information on the course
Visit the above page regularly to see what's new.
If you miss a handout, get it from here.
Make John Happy
There are several ways to make me happy:
- Come to my office only during office hours or with an appointment.
(I have a one-track mind and don't handle interruptions well; if
people are constantly dropping by without an appointment, I'll never
get anything done.)
- Before you ask me or the TA for help, make sure you have made a
significant effort to answer the question for yourself; it is obvious
when a student has worked hard to resolve her/his problem before
coming to office hours, and I am far more likely to be helpful for
- Don't try to ply me for more points.
(If there is an obvious grading error,
I'm happy to correct it immediately, but if you constantly argue
for more partial credit in some gray area, I will exhibit very
- Come to class on time. (I don't mind people coming in
late once in a while, but please don't make a habit of it: it's