Why should you do any of these? Well:
Nr. | Aim | involves | Further info | Project status |
1a | Satan (a Security scanner) is based on Perl
and a WWW browser and allows a large number of hosts to be scanned on a net-work for
weaknesses in network services. Update Satan to check for all the latest holes, including SMB based holes. Satan was designed to be easily extensible and it would be interesting to extend it to cover other know weaknesses and recognise other architectures and list Operating Systems by version. Actually, Nessus (see below) is way ahead and might be abetter option. |
Lots of Perl hacking, maybe HTML, detailed security attacks research. | http://ftp.win.tue.nl/pub/security/satan.tar.Z
The book "Protecting Networks with Satan" Tanya's Extensions: www.compapp.dcu.ie/~treill.ca4/funcspec.html
|
Tanya Reilly of Dublin City University has finished (June '99) a new set of
extensions as part of her final year project. the extensions use NMAP for OS identification, added a DoS category
and detect Netbus & Back-Orifice and SMB shares/printer weaknesses. Visit the Project site |
1b | Port Satan or Saint to NT | Perl, html, UNIX-NT porting. | see above | |
2 | - Create Nessus plugins - Update NT version |
www.Nessus.org is the best free scanner available. Interesting. Contribute by developing plugins to check for new weaknesses, or update the NT version, which is pretty old. | ||
3 | Automatic and manual intrusion detection
(ID) systems need to be in place so that attacks (especially successful ones) are
recognised. NFR (Network Flight Recorder) is a freeware and commercial intrusion
detection system. Extend NFR with lots more attack
profiles. |
Learn "n-code", some HTML, detailed security attacks research | www.nfr.com
www.nswc.navy.mil/ISSEC/Docs/intrusion.html Intrusion Detection type filters from www.nswc.navy.mil/ISSEC/CID/ (nfr.id.tar.gz) www.l0pht.com/NFR/ Results of E.Osipov's work:
If you are considering developing NFR backends, Evgeniy's work will be a definite help (1.7MB zip). |
Project by Evgeniy Osipov, doctoral school
student at EPFL Lausanne, Switzerland. Finished June'99 Results: zip file (1.7MB) |
4 | Create a free S/MIME toolkit (SDK) based on
the free Crypto libraries such as Crypto++, which provides C++ implementation of most
encryption algorithms, but not the PKCS standards. C++, crypto, S/MIME. |
Learn S/MIME PKCS standards, write code to apply them. Learn how to use free crypto libraries. | http://www.eskimo.com/~weidai/cryptlib.html
www.rsa.com/smime/ www.ietf.org/html.charters/smime-charter.html support.rsa.com/Standards_/standards_.html www.jgvandyke.com/services/infosec/sfl.htm www.fokus.gmd.de/ovma/freeware/snacc/ |
|
4a | If the above point 4. turns out to be too
easy..... do the following as a sweetener: Develop an S/MIME
based crypto Plugin for Lotus Notes. |
Notes API, programming in Windows
environment. Learn how to apply crypto. |
Results of James' work:
|
James
Cooper of Dublin City University created a
Notes 4.6 S/MIME client as part of his final year project, but had many problems with
crypto libraries. Finished June'99 |
5 | Develop a PGP5/OpenPGP based crypto Plugin for Lotus Notes. Use PGP crypto libraries. | Know PGP (another secure email standard)
and Notes API, programming in Windows environment. Learn how to apply crypto. |
www.pgi.com | |
6 | Develop a Perl module for S/MIME and/or PGP5 email signing/ decryption. Perl Modules already exist for actual crypto algorithms. | Know PGP or S/MIME, program in Perl5. Learn how to apply crypto. |
See point 4. above also. www.perl.org/CPAN/ |
|
7a | Port SSH2 or SSH1 server to NT. | Port leading edge public domain crypto
software to NT. Learn how to apply crypto. |
sean's SSH notes www.cs.hut.fi/ssh www.ietf.org/html.charters/secsh-charter.html www.zip.com.au/~roca/ttssh.html |
|
7a | Create a free UNIX SSH2 client/server. (SSH1 is free, but SSH2 only exists commercially so far) | as above and www.OpenSSH.org the OpenBSD gang had this idea and have already implemented it. | ||
7c | SSH1: Add a secure file copy function to TTSSH | would be very useful.. should not be too difficult.. | sean's SSH
notes www.zip.com.au/~roca/ttssh.html |
|
8 | Build a VPN based on SSH2, IPsec or SKIP. Could be done in Java to maximise portability. | for the ambitious | www.skip.org
www.ietf.org
www.cs.hut.fi/ssh www.OpenBSD.org Linux IPsec VPN: FreeS/WAN |
|
9 | Build a VPN server that provides RADIUS (or maybe only SecurID) authentication and Firewall like rule access control. | for the ambitious | www.cs.hut.fi/ssh ftp://ftp.merit.edu/radius/releases ftp://ftp.livingston.com/pub/radius Linux IPsec VPN: FreeS/WAN Sun have done something similar with the i-Planet Webtop. See also www.iplanet.com/products/hosting_prod/webtop/index.html |
|
10 | Build a HTTP reverse proxy with SSL (Apache
module) that also includes RADIUS authentication (or only SecurID) with session
management. Example drawing. |
Learn Apache API, mod ssl, proxying, RADIUS, probably programming in Perl. | www.apache.org
www.modssl.org perl.apache.org www.c2.net ftp://ftp.merit.edu/radius/releases ftp://ftp.livingston.com/pub/radius see ACE.pm on CPAN |
Angus Lee of City University of Hong Kong is planning to start a project (Aug.'99) |
11 | Build a (Java) tool for analysis of various firewalls logs, alerting, statistics etc. | Web GUI for analysis of several logs. | F1, Sunscreen, fwtk logs.. or maybe via Opsec: www.opsec.net |
|
12 | Extend ipfilter to be a real state based filtering engine (free). | Low level packet analysis & network programming. | cheops.anu.edu.au/~avalon/ip-filter.html ftp://coombs.anu.edu.au/pub/net/ip-filter/ | |
13 | Samba: Help with the development of the free UNIX SMB/NetBIOS file server. Contact the development team and see if you can get a module to complete. | SMB, C, UNIX. Meaty stuff. | Contribute to this great project which has
produced Samba the SMB/NetBIOS client/server for UNIX. SAMBA Web Pages |
|
14 | Apache: Help with the development of the leading WWW server (free). Contact the development team and see if you can get a module to complete. | HTTP, Apache module API. | www.apache.org www.modperl.org | |
15 | Port tripwire to NT. It is used to see if any files or directories have changed on the system by checking file signatures using several algorithms. |
C or Perl?, Win32, NT | ftp://cert.org/pub/tools/tripwire www.tripwire.org |
This has been done in the commercial
tripwire version, but it's not free.. |
16 | Contribute to an OpenSource SSL project | C/C++, PKI, crypto.... Ambitious |
www.openldap.org www.openca.org www.openssl.org www.modssl.org | |
17 | Contribute to the development of Secure operating systems | www.OpenBSD.org
www.bastille-linux.org |
||
18 | Improve tcpdump | tcpdump is a great packet sniffer for both
UNIX and NT. - A UNIX and PC gui could make it easier to use - A unified version that understands SMB (file, printer, authentication), Microsoft RPC, SKIP, Ipsec, PPTP, SSH packets would be useful for network administrators. - Support for dial-up networking on NT would be useful. References. ftp://ftp.ee.lbl.gov http://netgroup-serv.polito.it/windump/ |
http://www.cs.hut.fi/crypto/ | ||
ftp://ftp.funet.fi/pub/crypt | [excellent: a "must visit"] | |
http://www.counterpane.com/ | [Schneier: Blowfish, Twofish] | |
ftp://ftp.psy.uq.oz.au/pub/Crypto/
www.openldap.org www.openca.org www.openssl.org www.modssl.org |
[E.Young's DES, SSL & derivates] | |
http://www.systemics.com/ | [cryptix Java, C, Perl] | |
http://www.eskimo.com/~weidai/cryptlib.html | [Wei Dai's C++ lib] | |
http://www.cs.hut.fi/ssh/ | [Tatu Ylonen's SSH] | |
http://cwis.kub.nl/~frw/people/koops/lawsurvy.htm | [Crypto+Law] | |
www.rsa.com | [S/MIME & PKCS] | |
www.baltimore.ie www.sse.ie | [Strong S/MIME products] | |
IT Security Cookbook www.boran.com/security. | ||
University Project pages:
|
Goto Boran.com