392110 Penetrationtesting (PP+L) (SoSe 2017)

Short comment

Diese Veranstaltung wird bei Nachfrage auf Englisch angeboten. This Lecture will be held in english, if requested.

Contents, comment

Penetrationtests sind eine Methode um Schwachstellen in digitalen Systemen und Netzwerken zu finden.
Sie gehören zum Bereich des "ethical hacking" und unterliegen strengen Vorschriften.
In diesem Kurs wird es eine kurze Einführung in Penetrationtests und die rechtliche Grundlage geben.
Danach sollen die Studenten anhand von praktischen Aufgaben erste Erfahrungen in diesem Themengebiet
sammeln. Dazu wird ein extra eingerichtetes Laborsetup benutzt, das als kleines Firmennetzwerk zu
verstehen ist.
Das Ergebnis dieser Untersuchung ist ein Bericht über die gefundenen und nicht gefundenen Schwachstellen
der Testsysteme. Dieser Bericht stellt auch die Studienleistung dar. Hierbei sind jedoch die sicherheitsbedingten
Regeln zu unbedingt zu befolgen: Wer nicht autorisiert ein fremdes System untersucht
riskiert seine Zulassung als Penetrationtester. Im Falle dieses Kurses heiÿt das durchgefallen.
Aufgrund der Räumlichkeiten können jeweils 18 Studenten gleichzeitig im Labor arbeiten.
Es ist auch möglich auf den eigenen Systemen zu arbeiten, dennoch stellt dies ein nicht zu unterschätzendes
Risiko dar. Daher werden die Laborsysteme empfohlen.
Private Systeme werden auf eigene Verantwortung genutzt.

Die Laborzeiten werden zu Beginn der Vorlesungszeit bekannt gegeben und sollen den Studenten ermöglichen sich ihre Arbeitszeit frei einzuteilen.
Ein erstes Treffen wird am Donnerstag zu Beginn der Vorlesungszeit stattfnden und danach nur noch
nach Absprache.

Pentetrations tests are a method to search for security leaks inside of a digital system or network.
They belong to ethical hacking and have to follow strict rules.
This course provides a short introduction into penetration testing and it's legal foundation.
After this introduction the student should gather first experience in penetration testing via practical
exercises. Therefor a laboratory setup can be used which should be seen as a small companie's network.
The result of a pen-test is a report about the found and not-found weaknesses of the systems. This report
is the study performance needed. But therefor the rules have to be followed: Those that test a not
authorised system risk their licensure. In our terms this means they fail the course.
Due to the facilities 18 students can work simultaneausly.
It is also possible to work on your own systems but this equals a security risk. hence the laboratory
systems are highly recommended.
Private systems will be used at own risk.
The laboratory times will be published at the beginning of the lecture and will allow the students to
distribute their own time.
A first meeting will take place on Thursday at the beginning of the lecture and after this only upon
consultation.

Requirements for participation, required level

Keine besonderen Vorkenntnisse notwendig.
No special foreknowledge necessary.

Teaching staff

Dates ( Calendar view )

Frequency Weekday Time Format / Place Period  

Show passed dates >>

Subject assignments

Module Course Requirements  
39-Inf-EGMI Ergänzungsmodul Informatik vertiefendes Projekt 1 Ungraded examination
Student information
vertiefendes Projekt 2 Ungraded examination
Student information
39-Inf-MIKE Modularisierter individueller Kompetenz-Erwerb (MiKE) - Ungraded examination Student information
39-M-Inf-MIKE Modularisierter individueller Kompetenz-Erwerb (MiKE) - Ungraded examination Student information
39-M-MBT-MIKE Modularisierter individueller Kompetenz-Erwerb (MiKE) - Ungraded examination Student information

The binding module descriptions contain further information, including specifications on the "types of assignments" students need to complete. In cases where a module description mentions more than one kind of assignment, the respective member of the teaching staff will decide which task(s) they assign the students.

Degree programme/academic programme Validity Variant Subdivision Status Semester LP  
Medienwissenschaft, interdisziplinäre / Master (Enrollment until SoSe 2014) Wahl 2. 3 unbenotet  
Studieren ab 50    
No more requirements

E-Learning Space

A corresponding course offer for this course already exists in the e-learning system. Teaching staff can store materials relating to teaching courses there:

Registered number: 41
This is the number of students having stored the course in their timetable. In brackets, you see the number of users registered via guest accounts.
Address:
SS2017_392110@ekvv.uni-bielefeld.de
This address can be used by teaching staff, their secretary's offices as well as the individuals in charge of course data maintenance to send emails to the course participants. IMPORTANT: All sent emails must be activated. Wait for the activation email and follow the instructions given there.
If the reference number is used for several courses in the course of the semester, use the following alternative address to reach the participants of exactly this: VST_96818133@ekvv.uni-bielefeld.de
Coverage:
14 Students to be reached directly via email
Notes:
Additional notes on the electronic mailing lists
Email archive
Number of entries 0
Open email archive
Last update basic details/teaching staff:
Wednesday, June 28, 2017 
Last update times:
Friday, March 31, 2017 
Last update rooms:
Friday, March 31, 2017 
Type(s) / SWS (hours per week per semester)
PP+L / 5
Language
This lecture is taught in english
Department
Faculty of Technology
Questions or corrections?
Questions or correction requests for this course?
Planning support
Clashing dates for this course
Links to this course
If you want to set links to this course page, please use one of the following links. Do not use the link shown in your browser!
The following link includes the course ID and is always unique:
https://ekvv.uni-bielefeld.de/kvv_publ/publ/vd?id=96818133
Send page to mobile
Click to open QR code
Scan QR code: Enlarge QR code
ID
96818133