LIS4774 - Information Security

Welcome to the Course!

This front page - in Canvas - is the primary source of material for this course; everything you need will be available here.

That being said, many links and resources required for the course, as well as a mirror of this front page, are hosted from jrm4.com, my personal site. Please feel free to browse there as well, but again, the Canvas page is primary.

Contacting me should only be done through regular email, at jmarks@fsu.edu (Messaging through Canvas may be missed- is a better and safer tool for this purpose)

While there will be computer resources required, I will discuss these later; you don't need to do anything for the first day besides show up. The syllabus is below, and schedules and procedures will be discussed in class on the first day. See you then!

Permanent Course Link for Collaborate - Please also save elsewhere:
https://us.bbcollab.com/guest/b7196051bd17475cb1065f0fc7520782

On the first day, do not leave the class until the professor has taken attendance.

COMPLETE VM SecNet Instructions

+Syllabus
+Calendar

Week 6 - Passwords and Hashing


Password Exercise

Continuation of before:
https://blog.storagecraft.com/5-common-encryption-algorithms/

Good Comparison:
https://comodosslstore.com/resources/hashing-vs-encryption-simplifying-the-differences/

A little more on SSL
https://en.wikipedia.org/wiki/Public_key_certificate
https://stackoverflow.com/questions/6088583/which-symmetric-key-algorithm-does-ssl-use

Summary of NIST's Rules — surprised?
https://nakedsecurity.sophos.com/2016/08/18/nists-new-password-rules-what-you-need-to-know/
https://www.govtech.com/security/Widely-Used-Password-Advice-Turns-Out-to-Be-Wrong-NIST-Says.html

Well, that sucks:
https://www.schneier.com/blog/archives/2013/09/google_knows_ev.html

Speaking of.. whoa:
https://www.schneier.com/blog/archives/2008/01/my_open_wireles.html



Hashing for Verification
http://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
https://tiptopsecurity.com/what-is-cryptographic-hashing-md5-sha-and-more/



Week 5 - Encryption

The tech:
https://www.theguardian.com/technology/2013/sep/05/how-internet-encryption-works

Excellent intuitive explanation of the seemingly impossible part of cryptography.
https://www.youtube.com/watch?v=YEBfamv-_do

https://www.atlasobscura.com/places/encryption-lava-lamps

http://www.pcworld.com/article/2905995/truecrypt-audit-shows-no-sign-of-nsa-backdoors-just-some-minor-glitches.html



Week 4 Lab

First Day Secnet Lab

Lab Exercise 1

./remotelabs-linux-2.pdf


Week 4 - Information Gathering


The basics - This stuff is easy.
https://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy

https://www.comptia.org/blog/5-linux-skills-for-cybersecurity-professionals

General
https://www.lifehack.org/articles/technology/20-tips-use-google-search-efficiently.html
https://gbhackers.com/10-best-hacker-friendly-search-engines-of-2019/

IP basics
https://www.howtogeek.com/341307/how-do-ip-addresses-work/

Email
https://www.lifewire.com/how-to-find-email-server-ip-address-818402

GOOGLE DORKING
https://securitytrails.com/blog/google-hacking-techniques

Cybersec Specific
https://securitytrails.com/blog/information-gathering (don't need the trademarked tools to get the concepts)
https://securityguill.com/osint.html

What to do with it:
https://tldp.org/LDP/abs/html/textproc.html


Week 3 - Security without the Cyber


OH COME ON DUH ANIMALS DONT EVEN USE COMPUTERS
https://www.helpnetsecurity.com/2019/03/04/human-behavior-cybersecurity-risk/

HONESTY
https://www.linkedin.com/pulse/what-your-cybersecurity-based-mostly-bullshit-duncan-hart
https://www.wired.com/2009/07/three-reasons-why-us-cyber-security-sucks/

"Skin in the game"
https://economictimes.indiatimes.com/news/company/corporate-trends/reading-taleb-skin-in-the-game-more-about-sharing-disincentives-than-incentives/articleshow/63227397.cms

Liability
https://www.schneier.com/blog/archives/2004/11/computer_securi.html

BY COMPARISON
https://realestate.findlaw.com/construction-defects/legal-liability-for-construction-defects.html

Interesting
https://www.csoonline.com/article/3328555/maybe-we-have-the-cybersecurity-we-deserve.html


Week 2 - How we Got Here

Tue Sep 1 - Lecture: A Brief History of Computing

How we got here - Week 2 Slides

READINGS:
"How We Got Here"
https://hbr.org/2017/05/why-is-cybersecurity-so-hard
https://www.rethinksecurity.io/posts/none-of-us-knows-what-we-are-doing/

https://www.howtogeek.com/141944/htg-explains-why-windows-has-the-most-viruses/

What do you think of this evaluation?
https://money.cnn.com/2011/10/12/technology/microsoft_security/index.htm

https://www.kali.org/news/kali-2020-3-release/

Another Way: - https://www.inkandswitch.com/end-user-programming.html


Thu Sep 3 - LAB: Virtual Machines


Week 1 - Introductions

Tue Aug 25 - Intro
Thu Aug 27 - LAB/Discussion: What is Cybersecurity even?
+Second Day Notes

Recordings Here
2020-08-25 LIS-4774 - Information Security - recording_1
2020-08-27 LIS-4774 - Information Security - recording_2
2020-09-01 LIS-4774 - Information Security - recording_3
2020-09-03 LIS-4774 - Information Security - recording_4
2020-09-08 LIS-4774 - Information Security - recording_5
2020-09-10 LIS-4774 - Information Security - recording_6
2020-09-15 LIS-4774 - Information Security - recording_7
2020-09-17 LIS-4774 - Information Security - recording_8
2020-09-22 LIS-4774 - Information Security - recording_9
2020-09-24 LIS-4774 - Information Security - recording_10
2020-09-29 LIS-4774 - Information Security - recording_11



Backlinks: Home FSU Courses Home:Miscellany:Staging-LIS4774:Syllabus FSU Courses:LIS4774:Syllabus