Scott Granneman

 Contact | Site Map | Search
HomeWritingPresentationsTeachingWeb DevTech InfoUseful LinksPersonal

Practical Security Syllabus

U82 275 - Practical Security: Protecting Yourself Online
Washington University University College
Scott Granneman

Spring 2007
Wednesdays 5:30 - 8 p.m.
Eads 13

Instructor: Scott Granneman

Adjunct Professor
Washington University in St. Louis
Webster University
Author
Don't Click on the Blue E!: Switching to Firefox (O'Reilly: 2005)
Hacking Knoppix (Wiley & Sons: 2005)
Linux Phrasebook (Pearson: 2006)
Podcasting with Audacity: Creating a Podcast with Free Audio Software (Prentice Hall: 2007)
Contributor, Ubuntu Hacks (O'Reilly: 2006) & Microsoft Vista for IT Security Professionals (Syngress: 2007)
Columnist for SecurityFocus & Linux Magazine
Professional Blogger for Download Squad The Open Source Weblog (also see personal blog)
Full list of publications at http://www.granneman.com/pubs
Consultant
Principal, WebSanity
Contact Info
scott at granneman dot com
http://www.granneman.com
314-644-4900 (office)
314-780-0489 (cell)

Course Description

Internet users are at risk from viruses, worms, phishing, hackers, spyware, and identify theft. This course will help you determine if you or your business is vulnerable, and then teach you to safeguard your computer, your network, your business, your personal data, and even your identity. Topics include passwords, spyware, phishing, port scanning, vulnerability testing, packet sniffing, wi-fi protected access (WPA), secure sockets layer (SSL), and backup.

Required Texts

Readings will consist of articles, analyses, & ephemera from the Internet. Virtually all software used will be free and open source.

Grading

Your grade will be based on the following factors:

  • Class attendance and participation in discussion (20%): You are expected to attend class prepared to contribute to the ideas & techniques we bring up in lectures and discussions, as well as react to any assigned readings. We may also work on in-class exercises, and you are expected to take an active part in those as well.
  • In-class presentation (10%): You will give one 10 minute presentation to the class on a topic you choose that is appropriate to a dayâ╢Ë˙s topic
  • Online participation on class readings discussion board (15%): 5 comments per week on the discussion board
  • One midterm paper (30%): Your midterm paper will be a 1500 word essay on a security topic that interests you and that you have cleared with me.
  • One final paper (50%): Your final paper will be a 2000 word essay. Pick an aspect of your work environment involving a security technology weâ╢Ë˙ve discussed; analyze its problems & weaknesses, propose an alternative solution, & explain the benefits of that solution

Grades will be based on an average of the above as follows:

100 A+
94-99 A
89-93 A-
86-88 B+
83-85 B
79-82 B-
76-78 C+
73-75 C
69-72 C-
66-68 D+
63-65 D
59-62 D-
0-58 F

Accommodation of disabilities: If you have a disability that might affect your ability to complete the required assignments, please contact me during the first week of class to discuss an accommodation.

Academic Integrity

Policy regarding academic dishonesty: This course will follow Washington University's policies concerning academic dishonesty. Academic dishonesty will result in failure for the assignment in question and/or referral to the college's Academic Integrity Office, which has discretion to impose a stricter penalty. While academic dishonesty includes cheating on exams and quizzes, it also includes plagiarism in written assignments. Plagiarism is not only passing off someone else's work as your own, but also giving your work to someone else to pass off as their own. It also includes submitting work from another course. While I strongly encourage you to discuss your work with each other in and out of class, and while you may research issues together, your writing should be your own. The papers you submit must be your work alone, and must include citations to all references in your work. Please include the URL, or web address, for articles and resources found on the Internet.

Any illegal or unethical use of the technologies or software taught or discussed in this course will be dealt with harshly.

Netiquette

It is paramount that we respect each other online, in both email and the discussion group. Follow this simple rule: disagree with the idea, but not the person. In other words, it's OK to say "That's a bad idea, because ...", and it's not OK to say "You're a bad/stupid/inconsiderate person, because ...". If you have an issue with a classmate's behavior online, please bring it to me privately by emailing me at scott@granneman.com. If you'd like to find out more, please feel free to read The Core Rules of Netiquette, by Virginia Shea.

Tentative Schedule

Wed. Aug. 29 ~ Defining security

Wed. Sept. 5 ~ Dangers

Wed. Sept. 12 ~ Testing for vulnerabilities 1

Wed. Sept. 19 ~ Testing for vulnerabilities 2
Mid-term essay due

Wed. Sept. 26 ~ Hardening your computer

Wed. Oct. 3 ~ Hardening your network

Wed. Oct. 10 ~ Coffee shop Wifi

Wed. Oct. 17 ~ Safety nets
Final essay due