Category:I805 Authentication and Authorization: Difference between revisions
From ICO wiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 27: | Line 27: | ||
Tasks, not necessarily all have to be covered. Pick the one you like the most: | Tasks, not necessarily all have to be covered. Pick the one you like the most: | ||
* Play the red team: Kustas, Ender, | * Play the red team: Kustas, Ender, Mikus | ||
* Set up rocket.chat instead of IRC server: Meelis Hass | * Set up rocket.chat instead of IRC server: Meelis Hass | ||
* Set up file synchronization with NextCloud: <insert your name here> | * Set up file synchronization with NextCloud: <insert your name here> | ||
Line 33: | Line 33: | ||
* Reconfigure wiki: <insert your name here> | * Reconfigure wiki: <insert your name here> | ||
* Reconfigure mail server: <insert your name here> | * Reconfigure mail server: <insert your name here> | ||
* Reconfigure webserver/MySQL: | * Reconfigure webserver/MySQL: Joosep | ||
* Set up domain controller replication between servers | * Set up domain controller replication between servers | ||
* Set a blank smartcard as TLS client authentication token: <insert your name here> | * Set a blank smartcard as TLS client authentication token: <insert your name here> |
Revision as of 18:28, 6 February 2017
Authentication and Authorization
General information
In this course we continue where we left off with Firewalls and VPN/IPsec course.
Relevant topics for research and implementation in the lab. Lectures coming up for most of the topics:
- File based password stores eg. /etc/shadow, .htaccess
- Signing and encrypting e-mail using GPG
- Active Directory protocols: LM, NTLM, Kerberos, GSSAPI, SPNEGO, LDAP
- More TLS and client side authentication in particular
- Filesystem permissions: access control lists, selinux, apparmor
- RADIUS
- Multi-factor authentication: smartcards, Yubikey, Mobile-ID, etc
- Contactless cards
- On the web: Cookies, OAuth, OpenID, iPizza,
Intro slides & video recording:
https://docs.google.com/presentation/d/1NzY8AspqZwrYxoJ3Qi-pBWsMDdiIUeA4lgZnwZGTMVg/edit?usp=sharing
https://echo360.e-ope.ee/ess/echo/presentation/54eb478c-f6ae-4629-b1e3-c43f5a2f6842?ec=true
Tasks, not necessarily all have to be covered. Pick the one you like the most:
- Play the red team: Kustas, Ender, Mikus
- Set up rocket.chat instead of IRC server: Meelis Hass
- Set up file synchronization with NextCloud: <insert your name here>
- Reconfigure Gogs: <insert your name here>
- Reconfigure wiki: <insert your name here>
- Reconfigure mail server: <insert your name here>
- Reconfigure webserver/MySQL: Joosep
- Set up domain controller replication between servers
- Set a blank smartcard as TLS client authentication token: <insert your name here>
- NFC card backups: <insert your name here>
- OpenVPN with Estonian ID-card howto: <insert your name here>
- Set up OpenWrt wifi routers as access points with username/password authentication (like eduroam wireless network): <insert your name here>
With Lauri/Belgin from Linux/Windows admin course:
- Set up domain controller /w MS AD/Samba:
- Set up fileserver with several shares: <insert your name>
- Use iMac and HP Probook at 412/411 for joining them to domain. Needs some network rewiring first, ask Lauri.
- Set up group policies, eg install software and configure VPN for HP Probook
With Viktor from Incident management course:
- Set up incident management software, configure to authenticate with AD
ECTS: 4
Lecturers: Lauri Võsandi
Pages in category "I805 Authentication and Authorization"
This category contains only the following page.