Spring 2007

Clay Shields

front | classes | research | personal | contact

Information Assurance

Schedule of Presentation

back to class page

Date
Presenter 1
Topic
Presenter 2
Topic
March 20 Daniel Colligan Remote exploit in OpenBSD    
March 22        
March 27        
March 29 Tom Daniels Linux Kernel DCCP Memory Disclosure Vulnerability    
April 3 Jason Park xWindows ANI Stack Overflow Exploit John Lancaster   APOP Vulnerability
April 10 Dave Schachner AOL Nullsoft Winamp Remote Heap Memory Corruption Elizabeth Esswein AOL AIM and ICQ File Transfer Path-Traversal Vulnerability
April 12 Michael Fitz Nowlan Integer Overflow in PHP Mitch Beard OpenOffice StarCalc Buffer Overflow
April 17 Khaled Baqer Steganos Exploit    
April 19 Grey Schober Yahoo! Messenger Authentication Bypass Vulnerability John Kazuba Sun Solaris and Java Web Console Format String Vulnerability
April 24 Joe Smith Macrovision InstallAnywhere Password and Serial Number Bypass Christina Kawka Windows DNS Cache Poisoning by Forwarder DNS Spoofing
April 26 Douglas Finley Exploit on the 1st floor computer lab    

IA Class Presentation Guidelines

Over the course of the semester, we will be reading material from the bugtraq and RISKS mailing lists. The purpose of this is for you to be aware of and understand the current state of information assurance and to gain an understanding of common vulnerabilites.

To this end, each student will choose a date to present a topic of their choice from a recent Bugtraq item. You may also choose an item out of RISKS or other media if it strikes you as interesting and relevant, but you need to get permission from me ahead of time. Please feel free to talk to me ahead of time if you have questions or concerns about presenting.

For the presentation, I will expect you to spend about 3-4 minutes on:

  • What the problem is
  • What could have prevented it
  • What can be done to work around it
  • What can be done to prevent it from occurring in the future
Note that this is very general, applies more to bugtraq entries than RISKS entries, and that you should feel free to change or expand it as necessary for the topic you choose.

For RISKS or other media entries, assuming you have permission to present those, you might choose to do something like:

  • What the issue is
  • Whether or not it is even an issue
  • What the possible problems and benefits are
  • What we can learn from seeing the problem

IA Class Web Entry

After you have completed your presentation, you will complete a short web page about the material in your presentation and send it to me so I can put it up for everyone in the class to see and review. This is due within five days of your presentation.

Please use this blank page as a basis for consistency. Look at the HTML for some comments as to what to do. Please send your submission via e-mail, with the topic as the subject line.