COMP1561: Network Security PDF
13 Pages5312 Words229 Views
Added on 2022-01-21
COMP1561: Network Security PDF
Added on 2022-01-21
ShareRelated Documents
A laboratory and research-based
exploration of network Security concepts
K H P M Kariyawasam
COMP1561: Network Security
Banner ID = 001074746
University of Greenwich
Abstract
This is a report of a laboratory and research-
based exploration of network Security concepts.
The generalization of the report can be
summarized as follows. Lab number 2 explains
how to restrict incoming and outgoing traffic on
the network through the access list. Also, lab
number 3 explains how to work with the
backdoor server and how to install a key logger
on a victim computer. How to get user name and
password through SQL injection is described in
lab number 4. Lab number 5 describes, by
learning how to perform the vulnerability
assessment of the way to identify the network’s
weaknesses. Lab number 6 also describes
different ways in which the domain obtains DNS
information. Lab number 7 discusses methods
for filtering data from the Google search engine
by running the Google script. The important
laboratory, lab number 8 explains how to works
with many hacking tools and do exercises from
them. The last lab of lab number 9 explains how
to monitor the traffic from the wire shark
network monitoring tool and finally, do
exercises like DDOS attack under ping of death
are performed at this lab.
Introduction
Managing security manner know-how the risks
and identifying how a lot of hazards are
acceptable. Different degrees of safety are
suitable for extraordinary agencies. No
community is a 100% secure, so don’t goal for
that stage of protection. If you attempt to live
up-to-date on every new threat and every virus,
you’ll quickly be a quivering ball of anxiety and
stress. Look for the predominant vulnerabilities
that you may address together with your present
resources. Many companies are storing their data
in data centers. So such companies run the
security applications and used 7 layers filtering
firewalls to protect their network. But this is not
100% successful. Because the reason is this
depends on the attacker’s talent. But by
establishing policies, can provide a very high
level of security to the network. So working
with this laboratory, can get a good knowledge
of how to Searching for weaknesses in the
network, how to attacking through those
weaknesses and how to fill in these deficiencies.
exploration of network Security concepts
K H P M Kariyawasam
COMP1561: Network Security
Banner ID = 001074746
University of Greenwich
Abstract
This is a report of a laboratory and research-
based exploration of network Security concepts.
The generalization of the report can be
summarized as follows. Lab number 2 explains
how to restrict incoming and outgoing traffic on
the network through the access list. Also, lab
number 3 explains how to work with the
backdoor server and how to install a key logger
on a victim computer. How to get user name and
password through SQL injection is described in
lab number 4. Lab number 5 describes, by
learning how to perform the vulnerability
assessment of the way to identify the network’s
weaknesses. Lab number 6 also describes
different ways in which the domain obtains DNS
information. Lab number 7 discusses methods
for filtering data from the Google search engine
by running the Google script. The important
laboratory, lab number 8 explains how to works
with many hacking tools and do exercises from
them. The last lab of lab number 9 explains how
to monitor the traffic from the wire shark
network monitoring tool and finally, do
exercises like DDOS attack under ping of death
are performed at this lab.
Introduction
Managing security manner know-how the risks
and identifying how a lot of hazards are
acceptable. Different degrees of safety are
suitable for extraordinary agencies. No
community is a 100% secure, so don’t goal for
that stage of protection. If you attempt to live
up-to-date on every new threat and every virus,
you’ll quickly be a quivering ball of anxiety and
stress. Look for the predominant vulnerabilities
that you may address together with your present
resources. Many companies are storing their data
in data centers. So such companies run the
security applications and used 7 layers filtering
firewalls to protect their network. But this is not
100% successful. Because the reason is this
depends on the attacker’s talent. But by
establishing policies, can provide a very high
level of security to the network. So working
with this laboratory, can get a good knowledge
of how to Searching for weaknesses in the
network, how to attacking through those
weaknesses and how to fill in these deficiencies.
LAB 2-Configuring Named Access
List
Lab 2 key
findings
Purpose of
applying
access
control list
into
enterprise
network level is to limit the network
connectivity whether they are necessary or not.
The access list can be used to control network
connection receive to inside and send to outside
by applying a protocol, port number, or IP
address. Otherwise, this will help to reduce the
network congestion blocking unnecessary data
packets.
GAD(config)# line vty 0 15
GAD(config-line)# password cisco
GAD(config-line)# login
GAD(config-line)# exit
GAD(config)# enable secret class
This scenario line configuration has been done
as “line vty 0 15”, which means it will allow
connecting with the router by up to 16 lines
(away from hosts). After that typing “enable
secret” that will help to ask and encrypt the
“class” password to when router login. All the
previous configuration completed.
Configure gigabit Ethernet on the router,
GAD(config)# interface g 0/0
GAD(config-if)# ip address 192.168.14.1
255.255.255.0
GAD(config-if)# no shutdown
Previously mentioned router Gigabit Ethernet
interface IP address, act as default gateway of
this network. By default, router interface was
Administratively down and “no shutdown”
command will up it.
IP configuration of two hosts
Connectivity confirm between host and
router by pinging
HOST 1
HOST 2
Configuring Access Control List
In here we created named extended access
control list on the router, follow the below
command.
Assign ACL to router port
List
Lab 2 key
findings
Purpose of
applying
access
control list
into
enterprise
network level is to limit the network
connectivity whether they are necessary or not.
The access list can be used to control network
connection receive to inside and send to outside
by applying a protocol, port number, or IP
address. Otherwise, this will help to reduce the
network congestion blocking unnecessary data
packets.
GAD(config)# line vty 0 15
GAD(config-line)# password cisco
GAD(config-line)# login
GAD(config-line)# exit
GAD(config)# enable secret class
This scenario line configuration has been done
as “line vty 0 15”, which means it will allow
connecting with the router by up to 16 lines
(away from hosts). After that typing “enable
secret” that will help to ask and encrypt the
“class” password to when router login. All the
previous configuration completed.
Configure gigabit Ethernet on the router,
GAD(config)# interface g 0/0
GAD(config-if)# ip address 192.168.14.1
255.255.255.0
GAD(config-if)# no shutdown
Previously mentioned router Gigabit Ethernet
interface IP address, act as default gateway of
this network. By default, router interface was
Administratively down and “no shutdown”
command will up it.
IP configuration of two hosts
Connectivity confirm between host and
router by pinging
HOST 1
HOST 2
Configuring Access Control List
In here we created named extended access
control list on the router, follow the below
command.
Assign ACL to router port
The access list created earlier need to be applied
into router specific interface. Therefore should
have configured by “IP access-group acl2 in”
command. In this status, we are going to apply
ACL to router gigabit 0/0 port, acl2 is access list
name we created earlier and “in” means it will
be applied to the inbound connection.
Ping the router from each of the hosts
Were these pings were successful?
No, those pings were not successful and it said
the destination host unreachable. As bellowed
Why or why not?
Because we applied ACL on the router Gigabit
interface, and worked as a default rule. It is
denied from any host to any host from it is
ignored by any type of packets which coming
through from router.
Can you ping from the router to PCs?
Cannot ping, the reason is we just put the ACL
command that we created and it blocks the
incoming connection.
Lab 2 research
Akin, T., 2002. Hardening Cisco Routers. 5th ed. Gravenstein Highway North, Sebostopol: O'Reilly
Media.
Sandhu, R. S. & Samarati, P., 1994. Access Control: Principle and Practice. IEEE Comunications
Magazine, September, 32(9), pp. 40-48.
Sedayao, J., 2001. Cisco IOS Access Lists. 5th ed. United States of America: O'Reilly & Associates.
Lab 2 reflection
This lab contained a lot of things about the
improved basic part of the access control list.
This is very helpful to do named access list and
the numbered access list. Also very useful for
the enterprise network to control their user’s
inbound and outbound connection what should
be allowed or not. ACL is reducing the network
traffic and provide a stable and secure network.
But ACL has some difficulties about when
going to lager type of enterprise network. Then
it causes a lot of trouble about configuring ACL
by applying that type of scenario. There should
be some improvement in this lab.
LAB 3-Back Door Servers
Lab 3 key findings
Back door servers are used by the hacker to
control the victim computers by remotely for
one or many devices. This case hacker will
connect to back door server and they control
victim’s device one up to any numbers of
devices by door server. This is a sort of remote
administration tool. Back door server use an
algorithm to connect the victim’s computer to
hack their password and security method. These
are created by software engineers or developers.
Configuration
Back door server’s lab, we used back orifice
server install on a computer. The computer
should be two, because I have installed VMware
on my pc, and there I have installed two virtual
machines running on Windows 95. Those
machine name victim and attacker.
Configuring IP setting in Virtual PC
into router specific interface. Therefore should
have configured by “IP access-group acl2 in”
command. In this status, we are going to apply
ACL to router gigabit 0/0 port, acl2 is access list
name we created earlier and “in” means it will
be applied to the inbound connection.
Ping the router from each of the hosts
Were these pings were successful?
No, those pings were not successful and it said
the destination host unreachable. As bellowed
Why or why not?
Because we applied ACL on the router Gigabit
interface, and worked as a default rule. It is
denied from any host to any host from it is
ignored by any type of packets which coming
through from router.
Can you ping from the router to PCs?
Cannot ping, the reason is we just put the ACL
command that we created and it blocks the
incoming connection.
Lab 2 research
Akin, T., 2002. Hardening Cisco Routers. 5th ed. Gravenstein Highway North, Sebostopol: O'Reilly
Media.
Sandhu, R. S. & Samarati, P., 1994. Access Control: Principle and Practice. IEEE Comunications
Magazine, September, 32(9), pp. 40-48.
Sedayao, J., 2001. Cisco IOS Access Lists. 5th ed. United States of America: O'Reilly & Associates.
Lab 2 reflection
This lab contained a lot of things about the
improved basic part of the access control list.
This is very helpful to do named access list and
the numbered access list. Also very useful for
the enterprise network to control their user’s
inbound and outbound connection what should
be allowed or not. ACL is reducing the network
traffic and provide a stable and secure network.
But ACL has some difficulties about when
going to lager type of enterprise network. Then
it causes a lot of trouble about configuring ACL
by applying that type of scenario. There should
be some improvement in this lab.
LAB 3-Back Door Servers
Lab 3 key findings
Back door servers are used by the hacker to
control the victim computers by remotely for
one or many devices. This case hacker will
connect to back door server and they control
victim’s device one up to any numbers of
devices by door server. This is a sort of remote
administration tool. Back door server use an
algorithm to connect the victim’s computer to
hack their password and security method. These
are created by software engineers or developers.
Configuration
Back door server’s lab, we used back orifice
server install on a computer. The computer
should be two, because I have installed VMware
on my pc, and there I have installed two virtual
machines running on Windows 95. Those
machine name victim and attacker.
Configuring IP setting in Virtual PC
Back orifice server setup in Victim’s PC
Before victim’s computer make inclined we
need to run again orifice server and server far
away have to run client pc
As photo displayed firstly want to click on the
open server button, then it will run all regard
plugging for the server, but besides enc null
document, because it isn't the server plugin.
After running by BO2K Exe backdoor server
remote device running on victim’s computer.
Back orifice set on victim’s pc
In victim’s pc go and run BO2K.exe client and
run all files. After in configuration apply server
IP settings turns into settings dialog.
After doing some configuration, client pc will
connect with back orifice server through TCP
connection.
Process Kill
Attacker attempt to kill the process of running
on client pc it can be done simply. First, need to
run any process on a client computer, and go to
it and open notepad two or three. Then go to the
backdoor server and see the process list running
on victim’s pc and find out notepad which
processes for notepad and selects Kill Process.
After done that all notepad are run in victim’s pc
will be terminated.
Keystroke Logging
Hacker can easily view what is the victim’s
typing on his by using the backdoor server. First,
need to create notepad on victim’s pc. After
going to the server setting and select log
keystroke and give the path the log file are
wanted to be saved. In order victim’s pc
backdoor client give “send” for the keystroke.
After backdoor server can easily find in given
path log files want to save, about what user type
on his computer. This is a way to see even
username and password.
Lab 3 research
Bidgoli, H., 2006. HANDBOOK OF INFORMATION SECURITY. Threats, Vulnerabilities, Prevention,
Detection, and Management, Volume 3.
Before victim’s computer make inclined we
need to run again orifice server and server far
away have to run client pc
As photo displayed firstly want to click on the
open server button, then it will run all regard
plugging for the server, but besides enc null
document, because it isn't the server plugin.
After running by BO2K Exe backdoor server
remote device running on victim’s computer.
Back orifice set on victim’s pc
In victim’s pc go and run BO2K.exe client and
run all files. After in configuration apply server
IP settings turns into settings dialog.
After doing some configuration, client pc will
connect with back orifice server through TCP
connection.
Process Kill
Attacker attempt to kill the process of running
on client pc it can be done simply. First, need to
run any process on a client computer, and go to
it and open notepad two or three. Then go to the
backdoor server and see the process list running
on victim’s pc and find out notepad which
processes for notepad and selects Kill Process.
After done that all notepad are run in victim’s pc
will be terminated.
Keystroke Logging
Hacker can easily view what is the victim’s
typing on his by using the backdoor server. First,
need to create notepad on victim’s pc. After
going to the server setting and select log
keystroke and give the path the log file are
wanted to be saved. In order victim’s pc
backdoor client give “send” for the keystroke.
After backdoor server can easily find in given
path log files want to save, about what user type
on his computer. This is a way to see even
username and password.
Lab 3 research
Bidgoli, H., 2006. HANDBOOK OF INFORMATION SECURITY. Threats, Vulnerabilities, Prevention,
Detection, and Management, Volume 3.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Network traffic Assignment PDFlg...
|5
|1189
|38
Site “ZZZ” Challenges and Implementation.lg...
|2
|476
|160
Assignment | Cyber Securitylg...
|23
|2174
|14
Wireless Network Vulnerabilities and Security Measures - Deskliblg...
|7
|1988
|258
Lab: Configuring BGP Routinglg...
|2
|627
|393
ICTNWK509 Design and Implement a Security Perimeter for ICT Networkslg...
|11
|2802
|16