diff --git a/scenarios/labs/authentication_and_access_controls/ads_1_authentication.xml b/scenarios/labs/authentication_and_access_controls/ads_1_authentication.xml index 8578926b3..13cbee969 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_1_authentication.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_1_authentication.xml @@ -26,6 +26,20 @@ A Hackerbot lab. Work through the lab instructions, then when prompted interact lab-sheet intermediate + + Authentication + identity management + user authentication + facets of authentication + Cryptography and authentication (hashes and attacks against authentication schemes / passwords) + + + Primitives for Isolation and Mediation + authentication and identification + Linux authentication + Types of user accounts + + desktop diff --git a/scenarios/labs/authentication_and_access_controls/ads_2_pam.xml b/scenarios/labs/authentication_and_access_controls/ads_2_pam.xml index e1f83605a..71462391f 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_2_pam.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_2_pam.xml @@ -24,6 +24,19 @@ A short lab this week, exploring PAM. Work through the labsheet, then when promp lab-sheet intermediate + + Authentication + identity management + user authentication + facets of authentication + + + Primitives for Isolation and Mediation + authentication and identification + Linux authentication + Authentication frameworks (PAM) + + desktop diff --git a/scenarios/labs/authentication_and_access_controls/ads_3_access_controls.xml b/scenarios/labs/authentication_and_access_controls/ads_3_access_controls.xml index 59384fed3..9b47b91f3 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_3_access_controls.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_3_access_controls.xml @@ -24,6 +24,26 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac lab-sheet intermediate + + Authorisation + access control + enforcing access control + ACCESS CONTROL - DAC (DISCRETIONARY ACCESS CONTROL) + Vulnerabilities and attacks on access control misconfigurations + + + Primitives for Isolation and Mediation + Access controls and operating systems + Linux security model + Unix File Permissions + filesystems, inodes, and commands + umask + + + Role of Operating Systems + mediation + + shared_desktop diff --git a/scenarios/labs/authentication_and_access_controls/ads_4_suid.xml b/scenarios/labs/authentication_and_access_controls/ads_4_suid.xml index 59729c993..7a2fc8024 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_4_suid.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_4_suid.xml @@ -24,6 +24,22 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac lab-sheet intermediate + + Authorisation + access control + Elevated privileges + Real and effective identity + Vulnerabilities and attacks on access control misconfigurations + + + Primitives for Isolation and Mediation + Access controls and operating systems + Linux security model + Unix File Permissions + setuid/setgid + Hardlink protections + + shared_desktop diff --git a/scenarios/labs/authentication_and_access_controls/ads_5_facls.xml b/scenarios/labs/authentication_and_access_controls/ads_5_facls.xml index ceb9ad871..afa9ddd48 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_5_facls.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_5_facls.xml @@ -25,6 +25,19 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac lab-sheet intermediate + + Authorisation + access control + ACCESS CONTROL LIST (ACL) + Vulnerabilities and attacks on access control misconfigurations + + + Primitives for Isolation and Mediation + Access controls and operating systems + Linux security model + Linux Extended Access Control Lists (facl) + + shared_desktop diff --git a/scenarios/labs/authentication_and_access_controls/ads_6_containers.xml b/scenarios/labs/authentication_and_access_controls/ads_6_containers.xml index 46f694079..295ba39fe 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_6_containers.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_6_containers.xml @@ -24,6 +24,28 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac lab-sheet intermediate + + Authorisation + SANDBOX + Application-based access controls: user-based access controls insufficiently limit privileges + + + Primitives for Isolation and Mediation + capabilities + Container-based sandboxes: chroot, Docker + Rule-based controls: Course grained: Linux capabilities + Vulnerabilities and attacks on sandboxing misconfigurations + + + Role of Operating Systems + isolation + CONTAINERS + + + Fundamental Concepts and Approaches + sandboxing + + desktop @@ -51,7 +73,7 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac true - + mysecret diff --git a/scenarios/labs/authentication_and_access_controls/ads_7_apparmor.xml b/scenarios/labs/authentication_and_access_controls/ads_7_apparmor.xml index 24146c0f3..3cb28c3a3 100644 --- a/scenarios/labs/authentication_and_access_controls/ads_7_apparmor.xml +++ b/scenarios/labs/authentication_and_access_controls/ads_7_apparmor.xml @@ -29,6 +29,23 @@ A Hackerbot lab. Work through the labsheet, then when prompted interact with Hac lab-sheet intermediate + + Authorisation + ACCESS CONTROL - MAC (MANDATORY ACCESS CONTROL) + ACCESS CONTROL - NDAC (NON-DISCRETIONARY ACCESS CONTROL) + Application-based access controls: user-based access controls insufficiently limit privileges + Rule-based sandboxes + + + Primitives for Isolation and Mediation + Rule-based controls: Fine grained: AppArmor + Vulnerabilities and attacks on sandboxing misconfigurations + + + Mitigating Exploitation + limiting privileges + + desktop