Introduction:Any IT graduate involved in IT security will need t o be able to adapt and respond to unfamiliar and changing security threats and to evaluate and use n ew tools. To be capable in their p

Introduction:

Any IT graduate involved in IT security will need to be able to adapt and respond to unfamiliar and changing security threats and to evaluate and use new tools. To be capable in their profession, graduates need to be able to analyse, categorise an d report on new threats and the procedures used to evaluate them.

The assignment:

Choose 1 only: No more than 10 groups (of 1 or 2) will be permitted to work on the same topic. The process for nominating a topic will be announced on Blackboard.

1. Discover and document some deficiencies in a mod ern software system of your own choice.

2. Demonstrate and describe 10 small command-line tools used in Mac, Linux or Windows. Choose tools that are used by hackers and security testers.

3. Demonstrate and describe 4 medium-size security tools (such as Wireshark, nmap, Snort, SQLMap).

6. Demonstrate and describe the use of Metasploit f or the exploitation of vulnerable systems and services. Your work must include using Metasploit for detecting ROP gadgets and for generating payloads.

7. Demonstrate and describe the completion of 10 exercises from https://exploit- exercises.com

8. Demonstrate and describe the completion of 10 exercises from https://overthewire.org

9. Demonstrate and describe the completion of 5 exercises from https://pentesterlab.com

11. Demonstrate and describe the use of 5 tools from Samurai http://www.samurai-wtf.org/

13. Compare and evaluate security products.

14. Lock down a PC connected to the internet.

15. Using scripts and web services, trace many (over 50) spam e-mails to their source.

19. Prepare and test detailed instructions for modifying a game console.

20. Analyse and document some malware which you have caught.

21. Develop your own procedure (subject to approval by the convenor)

Submission

Submissions should be made through https://esp.swin.edu.au (ESP) before the due date. Reports should be in commonly used document formats .docx or .rtf format (NOT .mdi) and should not exceed 15 pages in length. A 2-person team may submit up to 30 pages.

•The first page should be a filled-in copy of the cover sheet available on Blackboard.

•The second page must be a title page indicating:

o the unit code and title,

o title of the assignment,

o the topic,

o the authors (by name and student ID),

o the submission date/time,

o the due date/time.

Pages must be numbered starting with the first page AFTER the cover sheet and title page.

A table of contents is not to be used.

Appendices and a list of references will not be included in the page count.

References

All externally sourced information (i.e. not common knowledge or course material) must be cited. Referencing conventions required for this unit are: Vancouver (as used by IEEE).

Helpful information on referencing can be found at http://www.ieee.org/documents/ieeecitationref.pdf

Each citation must have a corresponding reference at the back of the report. ALL REFERENCES MUST BE CITED.

There is no minimum requirement for the number of references.