This work presents a set of hands-on educational activities designed to teach some cyber security concepts in the classroom. The experimental configuration used an ad-hoc wireless and wired network, and a Raspberry Pi implementing a Web and an SSH server. Students were connected using their own devices (laptops or tablets). Initially the students tested DoS attacks to the Web server using various tools. Next, the students had to create SSH accounts to the server and a pair of RSA keys; using their SSH accounts, the students had to transfer their public keys to the server. Finally, students had to attack the SSH service from Kali Linux running on virtual machines in teams, each team using a different tool. The scenario was implemented in parts during a series of lessons and was positively accepted and evaluated by the students, who got familiar with a number of concepts and tools of computer networking and network security. In the end, the students informally assessed the Kali Linux SSH attack tools. Ways to assess the students qualitatively and quantitatively based on their participation are also presented. These lab exercises used a series of open source software, as well as low-cost equipment.
Read full abstract