Staying Ahead of the Hackers
It'll be back to school next month for a Calvin College professor trying to stay one step ahead of the hackers.
Starting May 3, computer science professor Earl D. Fife will join other computer security specialists from a variety of business and industry as students in Security 504: Hacker Techniques, Exploits and Incident Handling.
The class will meet for 11, two-hour sessions on Calvin's campus and will be led by Matthew Carpenter.
Says Carpenter: "No organization can fight back against cyber attacks if their security and system administration staff does not know how the most current attacks are launched and the technical details that allow the attacks to be blocked."
Fife, a Certified Information Systems Security Professional (CISSP), agrees.
In the spring of 2002, he was a visiting scientist at CERIAS, Purdue's highly acclaimed center for computer security, and following that, he did a Calvin "externship," working for a semester for a local firm specializing in information systems security. There he worked on an intrusion detection system (a stand-alone computer designed to keep networks secure).
Fife uses his experince to benefit both his own teaching and the Calvin computer science curriculum. In addition to a recurring course in computer security, he has recently taught courses ranging from cryptography to intrusion detection, and he has a course scheduled next year that will include many of the topics from the SANS course.
"Matt, the local mentor for the course, approached me about taking the course because he knew that I have been working on developing security courses for Calvin's curriculum," he says. "I found this idea attractive since it would one way of our strengthing ties between Calvin and the local security community. I already know a number of local professionals through a local chapter of ISSA (Information Systems Security Association). I am a charter member of the chapter, and Calvin houses the web site for the organization. So I arranged for Calvin to host the course and I'm planning to take the course!"
Security 504 is offered by The SANS Institute (SysAdmin, Audit, Network, Security), and is one of their most popular courses.
Says Fife: "Although we will need be become adept at using the attack tool, the goal of the course is to understand how to defend against their use. The course will help us understand attackers' tactics and strategies in detail, give us hands-on experience in finding vulnerabilities and discovering intrusions, and equip us with a comprehensive incident handling plan."
Students study course books at their own pace. Each week students meet with other professionals in the area, and the SANS local mentor, who will lead class discussions, provide hands-on demonstrations and more.
"The SANS courses are both practical and deep," says Fife.
SANS develops, maintains and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center. It was established in 1989 as a cooperative research and education organization.