The course begins with the introduction to the security of TCP/IP networks in general and the methods of network scanning including demonstration of various attacks. Examination of methods of (Internet) network securing going from traffic filtration, over proxies and address translation, firewall, so far to tunnelling and VPN, then the introduction to electronic certificates and PKI infrastructure, its application, and in the end of the course the selected encrypted aplication protocols like eg. IPsec, DNSSec, SSL/TLS (OpenSSL) or SSH are covered. In practices students first try to do some simple attack on non-secured (local) network and then they learn how to apply the methods of its securing and deploying secured protocols. 1. Intro: intro to cryptography and authentization, network secutiry (TCP/IP) in general, attacks (DoS), detection of attacks (IDS) 2. Security of network technologies: network scanning (Wireshark, nmap), data integrity, attacks, wireless networks (WiFi), tunnelling, VPN 3. Internet security: filtration, proxies, address translation (NAT), firewall and DMZ 4. Internet security: tunnelling, VPN, aplication proxies and gates, SOCKS 5. PKI infrastructure: certificates, certificate authorities and PKI infrastructure 6. Application of PKI: elektronic signature and banking 7. Encrypted and authentization protocols: IPsec, RADIUS, LDAP, Kerberos, DNSSec 8. Encrypted and authentization protokols: SSL/TLS (OpenSSL), S/MIME, SSH
|
-
Barken L. (2004). Wi-Fi: jak zabezpečit bezdrátovou síť (How secure is your wireless network?). Computer Press.
-
Cole E. (2009). Network Security Bible. Wiley.
-
Dostálek L. a kolektiv. (2003). Velký průvodce protokoly TCP/IP: Bezpečnost (2. aktualizované vydání). Computer Press.
-
Dostálek L., Vohnoutová M. (2010). Velký průvodce infrastrukturou PKI a technologií elektronického podpisu (2. aktualizované vydání). Computer Press.
-
Kizza J. M. (2005). Computer network security. Springer.
-
Kretchmar J. M., Dostálek L. (2004). Administrace a diagnostika sítí pomocí OpenSource utilit a nástrojů (Open source network administration). Computer Press.
-
Orebaugh A. (2008). Wireshark a Ethereal: kompletní průvodce analýzou a diagnostikou sítí (Wireshark & Ethereal network protocol analyzer toolkit). Computer Press.
-
Satrapa P. (2019). Internetový protokol IPv6 (4. vydání). CZ.NIC.
-
Scambray J., McClure S., Kurtz G. (2001). acking bez tajemství (Hacking exposed : network security secrets and solutions). Computer Press.
-
William Stallings. (2016). Network Security Essentials: Applications and Standards (6th Edition). Pearson.
-
Wm. Arthur Conklin, Greg White, Chuck Cothren, Roger L. Davis, Dwayne Williams. (2015). Principles of Computer Security, Fourth Edition (Official Comptia Guide) 4th Edition. McGraw-Hill Education.
|