News: |
Die Vorlesung wird über das OLAT organisiert. |
Vorlesung: |
Montag, 16:00 - 17:30, 46-210 |
Übungen: |
<Werden über das OLAT organisiert> |
Klausur: |
TBA |
Kontakt: |
Prof. Dr.-Ing. Jens Schmitt |
Diese Vorlesung soll die Aufgaben, der Aufbau und die Arbeitsweise moderner Kommunikationssysteme näher bringen. Insbesondere liegt dabei der Fokus auf der Architektur und den Protokollen, welche heute vor allem im Internet im Einsatz sind. Anhand eines Schichtenmodells, werden von Grundlagen der Datenübertragung (z.B. Signalverarbeitung, Kodierungstheorie) bis zu Anwendungsprotokollen (z.B. HTTP, FTP, SMTP, ...) viele Aspekte vernetzter Systeme behandelt.
Der Vorlesungsaufbau ist dabei wie folgt:
Weitere Unterlagen um den Stoff er Vorlesung zu Vertiefen sind:
News: |
Die Vorlesung wird über das OLAT organisiert. |
Vorlesung: |
Montag, 15:30 - 17:00, 46-210 |
Übungen: |
<Werden über das OLAT organisiert> |
Klausur: |
TBA |
Kontakt: |
Prof. Dr.-Ing. Jens Schmitt |
Diese Vorlesung soll die Aufgaben, der Aufbau und die Arbeitsweise moderner Kommunikationssysteme näher bringen. Insbesondere liegt dabei der Fokus auf der Architektur und den Protokollen, welche heute vor allem im Internet im Einsatz sind. Anhand eines Schichtenmodells, werden von Grundlagen der Datenübertragung (z.B. Signalverarbeitung, Kodierungstheorie) bis zu Anwendungsprotokollen (z.B. HTTP, FTP, SMTP, ...) viele Aspekte vernetzter Systeme behandelt.
Der Vorlesungsaufbau ist dabei wie folgt:
Weitere Unterlagen um den Stoff er Vorlesung zu Vertiefen sind:
The exam for the Network Security lecture is approaching and by oberhearing a conversation with Matthias and his teaching assistant Yasmina, you learned that the exam is on a private web server in the DISCO network which is only accessible via a secret URL. Since you are secretly the infamous hacker H4X0R, you managed to trick Matthias into revealing his password for an SSH server in his lab by using evil social engineering techniques. Unfortunately, Matthias does not use this password for his personal computer, which is the actual target since the secret URL for the exam is only stored in Matthias' browser. The only things you know is that the web server hosting the exam and Matthias' personal computer are in the same local network as the compromised SSH server and that Matthias is a control freak and is checking the exam for updates on a very regular basis.
Since you are too lazy to study properly for the exam, you are desperately trying to get the exam from the web server. Therefore, the first steps of this hack challenge are:
While you were stealing the exam, you figured out that the webserver's configuration is really bad and allows certain denial of service attacks. Since you are an evil master mind and like to troll people, you decide to launch a denial of service attack to prevent Matthias from checking the exam. The final step of this hack challenge is:
Since H4X0R is a poser and wants to show off with what he has achieved, send an email to the teaching assistant This email address is being protected from spambots. You need JavaScript enabled to view it. with the secret exam attached (do not change the filename!) and the time when you launched the denial of service attack. Also mention the IP addresses of Matthias' PC and the Webserver in the mail.
You can still work in the same group as for the PhyLiSec workshop. To make sure that groups do not interfere with each other while hacking on the server, we have to make sure that only one group is working on it at a time. Therefore, we have randomly assigned four 1h timeslots to your group over the next 3 weeks. You should receive an email with the timeslots upfront.
Note that it is your responsibility to organize your group to work on the challenge during your timeslots. If you need more time after these four slots, please contact This email address is being protected from spambots. You need JavaScript enabled to view it.. You will receive further information, the IP of the target, and the credentials for your timeslot via email when your session starts.
Once you finished the challenge, one of your group must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. as a proof of success. The email must contain the names of your group mates, the stolen PDF, the date and time when you launched the DoS attack, and the IP addresses of Matthias' PC and the secret URL. When we received this email and verified your success, you passed this part of the Network Security exercise and you are one step closer to the exam.
If you encounter any problems or if you get stuck, first check the Network Security slides and try using Google. Only if you really tried solving the problem yourself without success, ask Yasmina. She can give you hints or (if necessary) meet with you and assist you in solving the challenge.
To provide you a starting point, here is a list of linux commands and tools installed on the compromised server:
If you want to know how these tools work, enter "man COMMAND" or use Google. There is plenty of good documentation around! Also "COMMAND --help" usually gives you a good overview of the respective tool.
The exam for the Network Security lecture is approaching and by oberhearing a conversation with Matthias and his teaching assistant Yasmina, you learned that the exam is on a private web server in the DISCO network which is only accessible via a secret URL. Since you are secretly the infamous hacker H4X0R, you managed to trick Matthias into revealing his password for an SSH server in his lab by using evil social engineering techniques. Unfortunately, Matthias does not use this password for his personal computer, which is the actual target since the secret URL for the exam is only stored in Matthias' browser. The only things you know is that the web server hosting the exam and Matthias' personal computer are in the same local network as the compromised SSH server and that Matthias is a control freak and is checking the exam for updates on a very regular basis.
Since you are too lazy to study properly for the exam, you are desperately trying to get the exam from the web server. Therefore, the first steps of this hack challenge are:
While you were stealing the exam, you figured out that the webserver's configuration is really bad and allows certain denial of service attacks. Since you are an evil master mind and like to troll people, you decide to launch a denial of service attack to prevent Matthias from checking the exam. The final step of this hack challenge is:
Since H4X0R is a poser and wants to show off with what he has achieved, send an email to the teaching assistant This email address is being protected from spambots. You need JavaScript enabled to view it. with the secret exam attached (do not change the filename!) and the time when you launched the denial of service attack. Also mention the IP addresses of Matthias' PC and the Webserver in the mail.
You can still work in the same group as for the PhyLiSec workshop. To make sure that groups do not interfere with each other while hacking on the server, we have to make sure that only one group is working on it at a time. Therefore, we have randomly assigned four 1h timeslots to your group over the next 3 weeks. You should receive an email with the timeslots upfront.
Note that it is your responsibility to organize your group to work on the challenge during your timeslots. If you need more time after these four slots, please contact This email address is being protected from spambots. You need JavaScript enabled to view it.. You will receive further information, the IP of the target, and the credentials for your timeslot via email when your session starts.
Once you finished the challenge, one of your group must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. as a proof of success. The email must contain the names of your group mates, the stolen PDF, the date and time when you launched the DoS attack, and the IP addresses of Matthias' PC and the secret URL. When we received this email and verified your success, you passed this part of the Network Security exercise and you are one step closer to the exam.
If you encounter any problems or if you get stuck, first check the Network Security slides and try using Google. Only if you really tried solving the problem yourself without success, ask Yasmina. She can give you hints or (if necessary) meet with you and assist you in solving the challenge.
To provide you a starting point, here is a list of linux commands and tools installed on the compromised server:
If you want to know how these tools work, enter "man COMMAND" or use Google. There is plenty of good documentation around! Also "COMMAND --help" usually gives you a good overview of the respective tool.
The exam for the Network Security lecture is approaching and by oberhearing a conversation with Matthias and his teaching assistant Lukas, you learned that the exam is on a private web server in the DISCO network which is only accessible via a secret URL. Since you are secretly the infamous hacker H4X0R, you managed to trick Matthias into revealing his password for an SSH server in his lab by using evil social engineering techniques. Unfortunately, Matthias does not use this password for his personal computer, which is the actual target since the secret URL for the exam is only stored in Matthias' browser. The only things you know is that the web server hosting the exam and Matthias' personal computer are in the same local network as the compromised SSH server and that Matthias is a control freak and is checking the exam for updates on a very regular basis.
Since you are too lazy to study properly for the exam, you are desperately trying to get the exam from the web server. Therefore, the first steps of this hack challenge are:
While you were stealing the exam, you figured out that the webserver's configuration is really bad and allows certain denial of service attacks. Since you are an evil master mind and like to troll people, you decide to launch a denial of service attack to prevent Matthias from checking the exam. The final step of this hack challenge is:
Since H4X0R is a poser and wants to show off with what he has achieved, send an email to the teaching assistant This email address is being protected from spambots. You need JavaScript enabled to view it. with the secret exam attached (do not change the filename!) and the time when you launched the denial of service attack. Also mention the IP addresses of Matthias' PC and the webserver in the mail.
You can still work in the same group as for the PhyLiSec workshop. To make sure that groups do not interfere with each other while hacking on the server, we have to make sure that only one group is working on it at a time. Therefore, we have randomly assigned four 1h timeslots to your group over the next 3 weeks. You should receive an email with the timeslots upfront.
Note that it is your responsibility to organize your group to work on the challenge during your timeslots. If you need more time after these four slots, please contact This email address is being protected from spambots. You need JavaScript enabled to view it.. You will receive further information, the IP of the target, and the credentials for your timeslot via email when your session starts.
Once you finished the challenge, one of your group must send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. as a proof of success. The email must contain the names of your group mates, the stolen PDF, the date and time when you launched the DoS attack, and the IP addresses of Matthias' PC and the secret URL. When we received this email and verified your success, you passed this part of the Network Security exercise and you are one step closer to the exam.
If you encounter any problems or if you get stuck, first check the Network Security slides and try using Google. Only if you really tried solving the problem yourself without success, ask Lukas. He can give you hints or (if necessary) meet with you and assist you in solving the challenge.
To provide you a starting point, here is a list of linux commands and tools installed on the compromised server:
If you want to know how these tools work, enter "man COMMAND" or use Google. There is plenty of good documentation around! Also "COMMAND --help" usually gives you a good overview of the respective tool.
We offer a variety of bachelor and master theses at any point in the academic year. Also check out some of our completed theses. Read more...