Spring 2004

Clay Shields

front | classes | research | personal | contact

Information Assurance

Schedule of Presentation

Date	Presenter	Topic
Feb 10	Zico Kolter	Buffer Overflow Vulnerabilities in Gaim
Feb 12	Ily Zislin	Remote exploit in Gallery photo gallery software
Feb 17	Daniel Castro	Microsoft Internet Explorer Unauthorized Clipboard Contents Disclosure Vulnerability
Feb 19	John-Michael Bastos	Serv-U FTP Server: Long Filename Stack Overflow Vulnerability
Feb 24	Jan VerEecke	ActiveX Vulnerability in IE and AIM
Feb 26	Nick Bennett	Gamespy Bug
Mar 23	Jonathan Alston	Flex Watch
Mar 25	Amy Sliva	LiveJournal XSS Vulnerability
Mar 30	Haojia Chu
Apr 1	Chris Piro	Remote heap overflow in http input module of MPlayer
Apr 6	Charles Nailen	Malicious Form exploit in Outlook Express/Internet Explorer
Apr 15	Jeff Mendoza	Microsoft Internet Explorer BMP file memory
Apr 20	Kenneth Lee	Half-Life Server ver. 1.1.1.0 Vulnerability

IA Class Presentation Guidelines

Over the course of the semester, we will be reading material from the bugtraq and RISKS mailing lists. The purpose of this is for you to be aware of and understand the current state of information assurance and to gain an understanding of common vulnerabilites.

To this end, each student will choose a date to present a topic of their choice from a recent Bugtraq item. You may also choose an item out of RISKS or other media if it strikes you as interesting and relevant, but you need to get permission from me ahead of time. Please feel free to talk to me ahead of time if you have questions or concerns about presenting.

For the presentation, I will expect you to spend about 5 minutes on:

What the problem is
What could have prevented it
What can be done to work around it
What can be done to prevent it from occurring in the future

Note that this is very general, applies more to bugtraq entries than RISKS entries, and that you should feel free to change or expand it as necessary for the topic you choose.

For RISKS or other media entries, assuming you have permission to present those, you might choose to do something like:

What the issue is
Whether or not it is even an issue
What the possible problems and benefits are
What we can learn from seeing the problem

IA Class Web Entry

After you have completed your presentation, you will complete a short web page about the material in your presentation and send it to me so I can put it up for everyone in the class to see and review. This is due within five days of your presentation.

Please use this blank page as a basis for consistency. Look at the HTML for some comments as to what to do. Please send your submission via e-mail, with the topic as the subject line.