Spring 2004

Clay Shields


front | classes | research | personal | contact

Information Assurance

Schedule of Presentation

back to class page

Date
Presenter 1
Topic
Presenter 2
Topic
March 29
Brent Putman
Format String Vulnerability in Apache auth_ldap module
Will Licamele
Heap-based buffer overflow: REALPLAYER
April 3
Rich Frankel
Insufficient Javascript filtering in Hotmail
Jerome Butcher Green
Topic
April 5
Matthew Steckman
Problems with Randomness
Logan Kendall
GNU Mailman Message Denial o f Service Vulnerability
April 10
Chris Belanger
Ultr@ VNC Buffer overflow
Heath Walden
Flaw in the implementation of the Georgetown University Online Directory
April 12
Ketan Bhalla
Topic
Dan Kahan
Google XSS Injection Vulnerability
April 19
Clare Schramm
Vulnerability on a Temporary Folder Creation in Avast
Daryeneh Badaly
Microsoft DNS Resolver
April 24
Ian Block
Microsoft's Silent Patches
Kevin Cherepski
Topic
April 26
Milen Dinkov
Mozilla Vulnerabilities
Robert Browning
Topic


IA Class Presentation Guidelines

Over the course of the semester, we will be reading material from the bugtraq and RISKS mailing lists. The purpose of this is for you to be aware of and understand the current state of information assurance and to gain an understanding of common vulnerabilites.

To this end, each student will choose a date to present a topic of their choice from a recent Bugtraq item. You may also choose an item out of RISKS or other media if it strikes you as interesting and relevant, but you need to get permission from me ahead of time. Please feel free to talk to me ahead of time if you have questions or concerns about presenting.

For the presentation, I will expect you to spend about 3-4 minutes on:

  • What the problem is
  • What could have prevented it
  • What can be done to work around it
  • What can be done to prevent it from occurring in the future
Note that this is very general, applies more to bugtraq entries than RISKS entries, and that you should feel free to change or expand it as necessary for the topic you choose.

For RISKS or other media entries, assuming you have permission to present those, you might choose to do something like:

  • What the issue is
  • Whether or not it is even an issue
  • What the possible problems and benefits are
  • What we can learn from seeing the problem


IA Class Web Entry

After you have completed your presentation, you will complete a short web page about the material in your presentation and send it to me so I can put it up for everyone in the class to see and review. This is due within five days of your presentation.

Please use this blank page as a basis for consistency. Look at the HTML for some comments as to what to do. Please send your submission via e-mail, with the topic as the subject line.