Announcements

Answer #4 to Sample Midterm

Posted by: Matt Bishop
Date: May 1, 2011 7:03 pm

Folks,

The TA told me that during the review in the discussion section, there was considerable discussion about whether other answers for problem 4 on the sample midterm were acceptable. Yes, they are. I expanded the answer a bit to go through some other possibilities. I have posted the expanded answers both to SmartSite and the nob.cs.ucdavis.edu web page.

Hope this helps,

Matt Bishop


Midterm on Monday, May 2, in class

Posted by: Matt Bishop
Date: Apr 29, 2011 9:39 am

Folks,

Please remember that the midterm is in class on Monday, May 2, 2011.

Good luck to all!

Hope this helps,

Matt Bishop


Cyberquest Competition

Posted by: Matt Bishop
Date: Apr 14, 2011 8:57 am

Folks,

I just received this announcement. It might be fun for those of you who want to look at networking "under the hood" . Note: I didn't write it. It's straight out of the email I got. Also, the Center for Internet Security, which is running this (according to the web page) is a legitimate group, and the folks there are quite pleasant to work with.

Hope this helps,

Matt Bishop

============

Links: http://uscc.cyberquests.org/, http://www.uscyberchallenge.org/

The USCC-sponsored Cyber Quests are a series of fun but challenging on-line competitions allowing participants to demonstrate their knowledge in a variety of information security realms. Each quest features an artifact for analysis, along with a series of quiz questions. Some quests focus on a potentially vulnerable sample web server as the artifact, challenging participants to identify its flaws using vulnerability analysis skills. Other quests are focused around forensic analysis, packet capture analysis, and more. The quests have varying levels of difficulty and complexity, with some quests geared toward beginners, while others include more intermediate and ultimately advanced material.

The second quest in the series will be released on April 18, 2011 and will remain open for about two weeks. Participants will be provided with a network packet capture file that they must analyze to identify and interpret various types of network traffic including HTTP, SMB/CIFS, DNS, ARP, and ICMP. Participants will have to answer questions about the network itself, as well as the activities of the users on the network. The quiz is designed for an intermediate skill level, and all questions can be answered using the Wireshark packet analysis tool.

The artifact for this challenge, a packet capture file, will be available to registered users for analysis for the full two weeks of April 18 through May 1. Once each player starts the quiz any time during those two weeks, he or she will have 24 hours to complete that attempt (or until 11:59pm EDT on May 1, 2011, whichever comes first). While players are given a full day for the quiz, the quests are designed to be completed in approximately one hour.

The second quest will be available from April 18, 2011 until May 1, 2011. You will have 24 hours from the time you begin the quiz to complete it, and you may take the quiz and submit your answers up to three times. If you do not submit the quiz within 24 hours of when you start, or by 11:59pm EDT on May 1, 2011 (whichever comes first), you will receive a zero score. Winners will be determined based on who achieves the highest score in the shortest amount of time.

Are you ready for the challenge? Take the Cyber Quest challenge to compete for an invitation to one of the 2011 USCC Cyber Camps, which are scheduled throughout the summer around the country. Please visit the U.S. Cyber Challenge Website for details and locations. Additional awards, prizes and scholarships will become available. While all are welcome to participate in the competition, camp invitations, awards, prizes and scholarships are available to U.S. citizens only at this time.


New Material Uploaded to SmartSite

Posted by: Matt Bishop
Date: Apr 1, 2011 9:32 am

Folks,

I have assembled a representative list of past projects, and put it in the General Information folder in the Resources area. The file is "Titles of Past Projects."

Also in the Resources area, I have created a folder called "Programs" that contains the fragile and robust coding examples from the handout. This may help with problem 3 on the homework assignment.

Hope this helps,

Matt Bishop


ECS 153, Computer Security
Spring Quarter 2011