TIES327 Network Security

Would it be possible to spend some more time preparing these slides? They have a lot(!) of typos (e.g. I could find 15 of them in the "Introduction.." -slides just by reading through them). In addition to the poor English and misaligned pictures they don't really ease the learning experience. In my opinion in case of a university level course with only written material it would be crucial to have better quality.

06 Sep 23

no, all human resources have been spent on preparing the practical part :)

29 Sep 23

General instructions

The course is completed by doing the assignments linked on this page below. Points for each question are granted once you have clicked its "Save" button. The amount of points you can obtain for completing one assignment is at maximum 5. Questions in every assignment are divided into three parts:

  • Preliminary: you answer these to get familiar with the topic; maximum amount of points: 1
  • Basic: as a rule these are based on the tutorial alone; maximum amount of points: 2
  • Advanced: these may require searching for additional information; maximum amount of points: 2

In order to pass the course with the minimum grade, you need to complete at least preliminary and basic parts of each assignment and receive at least 2.5 points for your answers (except for the introduction: in the introduction you must score 100% of the points available). The points obtained for each assignment as well as ECTS credits earned will also be shown on the points page which will be updated sometime at the morning of the first working day after the assignment deadline.

Students are encouraged to work in groups. Group size limit is 3. If working in a group, each member of the group has to submit the same answers in TIM, i.e. it is not enough that only a single member of the group submits the answers.

There are "demo clinics" every Tuesday and Thursday at Zoom between 12:15-14:00 (starting at the 12th of September) where assignments can be done together and possible problems related to the assignments can be checked:

  • Zoom link: https://jyufi.zoom.us/j/61760583520
  • Meeting ID: 617 6058 3520
  • Passcode: 882090

You are also welcome to comment the instructions in case you find an error or a typo in the text, but only if you are 100% positive that there is an error. An example of a comment can be found at the beginning of the first tutorial. If you have a problem with the assignments, you can also ask others for help using the comments or the chat page. However, before doing that, double-check that you are actually following the assignment instructions properly.

Answering some questions in the assignments requires you to read scientific papers:

  • If you are in JYU-net, i.e. 130.234.0.0/16, you can get access to them directly using the links provided.
  • Otherwise, you can use "ezproxy.jyu.fi", the links in the tutorials are adjusted for this purpose, so simply click those and they should work. If you are not in JYU-net, you will be asked to enter your JYU credentials to be able to view and/or download the article.
  • Alternatively, you can first establish a VPN connection to JYU-net. This should allow you to use web sites that host those articles directly, i.e. the links will work without prompting for your credentials.
  • You can also use JYKDOK service to find and read the articles, it does not require VPN to JYU-net.

Workload and credits*

*These are based on the statistics collected during the last two years. The course assignments have undergone some changes since then, so this year the numbers might differ. In any case, be prepared to spend around one working day to complete one assignment.

You can obtain 3 - 7 ECTS for this course as follows:

  • 3 ECTS: assignments 1 - 8
  • 4 ECTS: assignments 1 - 8 + any 2 from the rest
  • 5 ECTS: assignments 1 - 8 + any 4 from the rest
  • 6 ECTS: assignments 1 - 8 + any 6 from the rest
  • 7 ECTS: assignments 1 - 16

Assignments (grouped by deadline)

Week 1 (no strict deadline): Introduction
Week 3 (21.9.2023): Virtual Network Configuration and Pentesting
  1. Virtual network configuration
  2. Pentesting with Kali Linux

Week 2 seems to be missing from this list. When it is told that assignments 1-4 + others need to be done, this situation can be confusing. Additionally, in the "Assignments" menu from the upper margin, the assignments are shown only with numbers. One might think that to pass the course, it is anough to do a lot less than truly is required.

Answering the comment: In the starting slides: https://tim.jyu.fi/files/571305/start2023.pdf.

16 Oct 23 (edited 24 Oct 23)
Week 4 (28.9.2023): Intrusion and Data Exfiltration
  1. Reverse TCP attack
  2. Data exfiltration with DNS tunnelling

Week 2 is missing because the deadline was extended; "assignments 1-4 + others"? where is it told?

Edit: Yeah, those should be updated...

17 Oct 23 (edited 25 Oct 23)
Week 5 (5.10.2023): Man-In-The-Middle and VPN
  1. Man-in-the-middle attacks
  2. Virtual private networking
Week 8 (29.10.2023): WiFi Security Cracking
  1. WPA encryption cracking by dictionary attack
  2. WiFi "evil twin" attack
Week 9 (29.10.2023): Routing Protocol Vulnerabilities
  1. Attacks against IPv6
  2. BGP hijacking
Week 10 (12.11.2023): SDN Vulnerabilities
  1. MITM in the control plane
  2. Switch saturation and topology poisoning
Week 10 (12.11.2023): Attacks in the Cloud
  1. Openstack controller saturation
  2. DNS spoofing in Kubernetes
All files used for the assignments can be found at:

Auxiliary tutorials*

*Completing these is not required, but they are worth reading especially for students less experienced in Linux and virtualization.

These are the current permissions for this document; please modify if needed. You can always modify these permissions from the manage page.