Title Tele-Lab - virtual IT Security Lab
Project Number LLP-LdV-TOI-2009-LT-0037
Project Type Transfer of Innovation
Marketing Text Tele-Lab is a Virtual IT Security Lab and provides a really advanced eLearning tool. Students and any other persons interested in getting practical hands-on experiences in IT-security relevant questions can learn and experiment with various techniques and methods to protect IT-systems and digital information.
Summary Recently, Awareness Creation in terms of IT security has become a big thing – not only for enterprises. Campaigns for students try to highlight the importance of IT security even in the user’s early years. Common practices in security education – as seen in computer science courses at universities – mainly consist of literature and lecturing. In the best case, the teaching facility offers practical courses in a dedicated isolated computer lab. Additionally, there are some more or less interactive e-learning applications around. Most existing offers can do nothing more than impart theoretical knowledge or basic information. They all lack of possibilities to provide practical experience with security software or even hacker tools in a realistic environment. The only exceptions are the expensive and hard-to-maintain dedicated computer security labs. Those can only be provided by very few organizations. Tele-Lab IT-Security idea is to offer hands-on experience exercises in IT-security without the need of additional hardware or maintenance expenses. The existing implementation of Tele-Lab even provides access to the learning environment over the Internet – and thus can be used anytime and anywhere. The main aims are to transfer and adapt IT security Virtual Laboratory for training: The Tele-Lab project provides a novel e-learning system for practical security training in the WWW and inherits all positive characteristics from offline security labs. The Tele-Lab server basically consists of a web-based tutoring system and a training environment built of virtual machines. It could be used by students in university and students with disabilities. The consortium of this project - two universities with IT security programs for students and two IT companies (one-professional IT creator of e-learning systems, other is IT WWW security company). This consortium is high level of IT-security (theoretical and practical knowledge, science and private sectors), also key stuff of this consortium is expert of project management, studies, IT-security, e-learning and virtual systems. Together they form a strong group of the project. The intangible outcomes are communication between countries in IT security level, changing their information about virtual machines, IT security systems in their countries, changing with experience between universities and IT companies, creating systems together. The tangible outcomes are different in each countries, but general outcome is that will be created (transfer) a virtual IT security laboratory, in the presence of high level partners and the use of each partner's strength in the field will be the benefits gained at the party to which the transfer, but each partner will benefit from specific activities. The impact - new generation e-learning to use in the education sector. Due to the close cooperation between public educational institutions and companies, this successful system is considered to be worldwide one of the most exemplary.
Description The Tele-Lab project provides a novel e-learning system for practical security training in the WWW and inherits the positive characteristics from offline security labs. The Tele-Lab server basically consists of a web-based tutoring system and a training environment built of virtual machines. The tutoring system offers three kinds of content: information chapters, introductions to security- and hacker tools and finally practical exercises. The concentration on hacker tools is respective to the offensive teaching paradigm realized within Tele-Lab.
Open and distance learning
Information and Communication
Professional, Scientific and Technical Activities
open and distance learning
Symmetric Encryption - Learn about cryptography and symmetric encryption. Exercises message encryption/decryption using GnuPG.
Public-Key Encryption - Exercise how to use GunPG and OpenSSL to create key pairs and certificates.Exercise encrypting and signing with both tools.
Secure Email - Learn about email security standards, SMIME and OpenPGP.Exercise signing /encrypting messages via the Mozilla Thunderbird client using SMIME and Enigmail (PGP) tools.
Password-based Authentication - Learn about password security and exercise decoding passwords with the John-the-Ripple cracker.
Access Control - Demonstrate how access control mechanisms in Linux are breached by Buffer Overflow.
Port Scanning - Exercise how to find services on the target host with Nmap and close unnecessary services.
Firewalls - Exercise configuring an iptable packet filter and setting up a firewall in Linux.
Intrusion Detection - Exercise setting up the Snort IDS program.Detecting attacks from the Snort log files.
Security Scanning - Exercise to scan the target server to find system vulnerabilities.Patching up systems or close vulnerable services.
Man-in-the-Middle - Demonstrate how man-in-the-middle attacks compromise the SSL sessions.
WLAN security - Learn about WEP related sniffers and crackers.