Three years ago when I was asked to create the content for the IT3700 (Network Defense and Countermeasures) course I knew the curriculum would change. What I didn’t know is how much – and how quick – the subject matter would change. Each semester I’ve discovered about 1/3 of the material evolves or morphs in one way or another. This year is no exception.
Perhaps it has something to do with the sites I follow. Places like ComputerWorld’s Cybercrime and Hacking Topic Center, SearchSecurity.com, or the Dark Reading web site substitute for the morning paper at breakfast. There are tweets from the InfoSec community; people like Bruce Schneier (schneierblog), Richard Bejtlich (taosecurity), Dan Kaminsky (dakimi) and securityninja have forgotten more about security than I’ll ever know.
It could also be my trip to both BlackHat and DefCon. When you’re immersed in APT, Wireless attacks, Malware, horror stories of BotNet takedowns, and war stories from Jennifer Granick and the Electronic Frontier Foundation you get a different perspective on all things hacker related.
So what does it all mean? It means I have to scramble to find funding for a high-end video card to demo GPU-based password cracking. It means my personal skills are pushed to the edge, I’m running one step ahead of the students, and assignments can be rough around the edges. And while I have to apologize to the students for some things, I won’t ask forgiveness for the fact that they’re on the leading edge of the cyber war.