Confirm
529
edits
Changes
no edit summary
This project is an opportunity for a group of students to take a close look at memory forensic across all operating systems.
=== Network & System Security ===
==== Cross-platform firewall driver in Go ====
* Mozilla Advisor: Julien Vehent
This project is an opportunity for a group of students to take a close look at firewall management on the major operating systems.
=== System Security =Passive vulnerability scanning ====* Mozilla Advisor: Michal Purzynski* difficulty: high* language: english or polish The vulnerability management process needs a knowledge to prioritize patching. Many large organizations cannot patch everything and there is always a decision to be made - what gets patched in the first place? In order to make such a decisions, one needs to learn what kind of vulnerable software is running on systems and talking over the network. The traditional way of doing it is by logging into each server and running a query against the software database and compare versions with a vulnerability list. This does not work well for a few reasons, such as leaving out potentially vulnerable systems that one can’t log into (appliances, unmanaged legacy systems, unsupported operating systems, etc). End users systems are also often left out, and with the days of BYOD, one cannot assume that all clients are managed. The goal of this project is to use passive network monitoring to discover softwares (and versions) on the network, and build a reliable database that can be used as the input to the patching process. There is a lot of information on the network layer, such as user agents, versions, etc. One of the bigger challenges here will be to filter out the noise without losing data in the process - there is no such a thing as ’standardized user agent format’. Classic network monitoring techniques coupled with statistical methods might help here as well.
=== Cryptography ===
==== Compliance checking of TLS configuration ====
