Dec 06, 2024  
2021-2022 Course Catalog 
    
2021-2022 Course Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

CVF 2200 - Advanced IDS Techniques Using SAMPA (Snort, Apache, MySQL, PHP, and ACID)

Credits: 3
Hours/Week: Lecture 1 Lab 2
Course Description: This course addresses the issues associated with open source LAMP (Linux, Apache, MySQL, PHP) stacks with a focus on security and Intrusion Detection Systems (IDS). Topics include the installation, configuration, management of LAMP resources, Snort IDS, ACID and Zenoss threat analytical software, and other IDS related tools as well as the practical test firing of IDS resources.
MnTC Goals
None

Prerequisite(s): CVF 1085  with a grade of C or higher OR instructor consent.
Corequisite(s): None
Recommendation: System administration experience on Microsoft Windows or Linux operating systems.

Major Content

  1. Introduction to Linux, Apache, MySQL and PHP (LAMP) Stacks.
  2. Configure lab LAMP stack for basic web server functionality.
  3. Further configure lab LAMP stack for full LAMP web server functionality.
  4. Create simple PHP pages for database interaction.
  5. Further develop test PHP pages utilizing more SQL queries.
  6. Examine local files, processes and services running on the LAMP stack and how to ensure uptime.
  7. Sensitive data handling.
  8. Introduction to JavaScript.
  9. Further work with JavaScript.
  10. Introduce Cross-Site Scripting (XSS) attacks.
  11. Introduce SQL Injection attacks.
  12. Further XSS/SQL Injection analysis.
  13. Encompass concepts.
  14. Introduction to Intrusion Detection Systems (IDS’) and Snort
  15. Installing and Configuring Snort
  16. Working with Snort rules

Learning Outcomes
At the end of this course students will be able to:

  1. configure and manage server network information and simple database interactive PHP page.
  2. create and use PHP web pages to execute SQL query and display resultant information.
  3. demonstrate practical knowledge of SQL queries.
  4. demonstrate practical knowledge of common website exploits (SQL Injection, XSS, etc).
  5. install and configure Apache, MySQL, PHPMyAdmin and PHP.
  6. install and configure a Linux server.
  7. manage MySQL database structure (create and modify multiple databases/tables.) using PHPMyAdmin.
  8. analyze an exploited LAMP stack.
  9. analyze web pages/web servers for exploit vulnerabilities and possible attack vectors.
  10. conduct SQL Injection, XSS and other common attacks against web pages.
  11. implement IDS analytics software.
  12. install and configure Snort for use with MySQL.
  13. install, configure and manage Snort + dependencies.
  14. manage Snort plugins and rules.
  15. manage and configure LAMP stack critical local files, services and processes.

 

 
Competency 1 (1-6)
None
Competency 2 (7-10)
None


Courses and Registration



Add to Portfolio (opens a new window)