Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Computer Security - Assignment

Verified

Added on 2021/06/17

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Contents
1. Introduction.......................................................................................................................................2
2. Security Investigation........................................................................................................................3
3. Tools and Techniques........................................................................................................................8
4. Results obtained...............................................................................................................................14
5. Steps to Secure the System..............................................................................................................19
6. Security Issues found in the designed system................................................................................15
7. Conclusion........................................................................................................................................22
8. References........................................................................................................................................23
1

1. Introduction
This project is going to evaluate the security of the system which is provided by the WidgetsInc.
The Benny VandergastInc provided the VMware virtual machine for testing the security of the
software. The evaluation process of security of the system will be performed on the virtual
machine image which was given. In this project, various types of tools and techniques will be
used to investigate the security of the system. After investigating the security of the system, the
security issues encountered in the given system will be removed and explained. The
resultobtained from the investigation of the security of the system will be explained. Then, how
to enhance the system security and its efficiency will be proposed.
2

2. Security Investigation
Security investigation is needed to ensure the authorization, privacy, authenticity, and
integrity of the system. Authorization means the only authorized person should access the
system. Privacy means the private information should be secured in a correct manner(nixCraft,
2018). Authenticity means verifying the intended users. Integrity means giving assurance of the
data. This security investigation helps to find whether the system is hacked or not. By
investigating the security of the system, user can find the problems encountered in their
systems(Linux Hint, 2018). It leads the user to resolve the problems in appropriate way. It will
enhance the security and efficiency of the system.
For investigating the security of WidgetsInc system, Ubuntu with linux 3.11.0-15-generic
software is used. This is shown in below screenshot.
After starting the ubuntu with Linux software in VMware Workstation Player, the system will
ask for the login to it. For login purpose, the username is given as root. Because root is
commonly used as a username in Linux system. Then the password given to the system is
WidgetsInc. By giving this username and password, the system will log in.
3

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

The below screenshot shows the system is logged in.
The command ‘pwd’ is used to know about the current directory of the system and ‘who’
command is used to check the person who logged into the system. Then ‘df’ command is used to
know about the available and used disk space of the file system.
4

Minimize Software to Minimize Vulnerability
To minimize the vulnerabilities and number of software usages, ‘yum’ command is used. At
first, ‘yum’ command is not installed. So it shows the below screenshot.
Then by giving ‘apt-get install yum’ command, the yum is installed in the Linux which is shown
in below screenshot.
After giving this yum command, it shows all the software packages in the system. Delete the
unwanted packages in it. The completion of displaying packages is shown below.
5

The below screenshot shows the list of packages in a file format named as dpkg.txt
6

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Unwanted Processors on the machine
By using ‘ps aux’ command, all running processes in the WidgetsInc machine are displayed with
their Process ID (PID). It is shown in the below screenshot. If the user wants to remove the
unwanted processes in the system, then ‘kill’ command is used to remove it along with its PID.
From below screenshot, if the user wants to remove the process named ‘whoopsie’ from the
system, then the following command is used. ‘# kill 1418’. It results in the removal of the
whoopsie process from the system.
3. Tools and Techniques
Security Tool
The encryption, firewalls, authentication, detection, and filters are the security tools for Linux.
Encryption used for encoding the hidden files in the form of IP security and it also analyzes the
sender and the communications between sender and receiver and nowadays more technologies
are developed as encrypted file sharing systems (Uprit, 2018). And then firewalls work as a filter
used to block the traffic and it also worked against worms and crackers. While traffic occurs, the
filters are used for blocking and the intruders’ detection is used when the attacker hack the
7

system and honeypots are used to protect from the attacker (Anon, 2018). And the virtual
machine is used for running multiple computers on the same system.
VMware Workstation Player
VM ware player is a tool which runs multiple software and products for virtualization. It allows
running the second OS in a single system. It allows the user to create a virtual machine and it can
able to work without disturbing the normal system simultaneously. It is useful for testing client-
server environments.
Virtual machine performs all the operations in a logical manner. The virtual machine can be
affected by underlying programs in computers (nixCraft, 2018). Using this type of computer
system we can easily degrade the performance of the virtual machine. The one processor can do
the complete control of all virtual machines. (Ieeexplore.ieee.org, 2018). The two steps are
followed to build the security system. One is the antivirus detection system and the other is the
intrusion detection system. All the hackers are vulnerable to the system of security. The special
type of operating system now we are using is the modern operating system.
In the modern operating system, it has a various number of processor. The User can make the
impact of the isolation process between two different processes. In the virtual machine, the
underlying software’s is used (Linux capability vulnerability, 2000). The virtual machines have
an ability to control computers.
Nikto
Nikto is a web server testing tool and it is also an open source web server scanner. NIKTO is a
web server testing tool which is used for finding all sorts of hidden issues in a web application. It
also is known as ‘web vulnerability scanner’(Kali Linux – Assuring Security by Penetration
Testing, 2014). NIKTO web server scanning is a straightforward process which means that from
a single command user can get whether there are vulnerabilities or not in the server. This
command is given with the IP address of the machine. This is given in below screenshot.
8

At first, it shows like, Nikto is not installed. Then, it can be installed by giving apt-get install
Nikto command. After installation, the output will look like the below screenshot.
Httrack
It is one of the web – application analysis. In penetration testing, Httrack is the webpage/website
cloner. It is used to create the fake website. This command is executed in VM machine by giving
‘httrack’. At first, it is not installed. It is shown in the below screenshot.
After installing this command, the below screenshot is obtained.
9

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Nmap
Nmap means Network Mapper. It is used for the discovery of the network and for the audition of
security. The task which is performed by Nmap is invented the network, service management,
schedules upgrading and militarization of the host system. The raw IP packets are used to
identify the availability of hosts in the network, services offered by those hosts. It is also used to
identify the OS of the host, the packet firewalls used by the host and some other characteristics.
Nmap runs on all operating systems and it is available in binary packages for Linux, Windows
OS. It is powerful, flexible, portable, well documented and supported to use. This Nmap
command is executed in the OS. It is shown in below window.
After executing the nmap command, it ask to install the Nmap tool in it. After installation, the
output will look like in the below screenshot.
10

After installation of Nmap tool in Linux, give the command nmap which is shown in below screenshot.
Traceroute
Trace route gives the information about the path in which the data packet is transferred from the
source to destination in the system. It is used to gather the information.The trace route command
is used to show the detail about the path of a packet which sends from the source to the
destination address, including path traffic and delays take to reach the
website(Ieeexplore.ieee.org, 2018). The Trace route’s purpose is to identify the problematic
servers which are causing the error. It is a resource consuming operation so it will slow down the
operation of the servers if users do this command all the time. It is also used to measure the
transmission delay of the packets in networks.
11

After giving the traceroute command in Linux, the below output is obtained.
Johnthe Riper:
It is used to check the security of the Linux system. It is the password testing command in the
Linux. This command is given in the Linux OS(Aip.scitation.org, 2018). It is package of number
of password crackers. At first, it shows like there is no such tool and ask to install. It is shown in
below screenshot.
Then this tool is installed by giving installation command. Then, it installed and test the
password in the machine.
12

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4. Results obtained
 It was found that the username and Password are easily identified. The user name is given
as root and password is given as the company name as widgetsInc. So it is easy to hack
the company VM machine. Therefore, the username and password need to be strong to
secure the data. The below screenshot shows the username and password execution in
linux.
 To find the IP address of the machine, the ‘if config’ command is used. It is shown in the
below screenshot.
13

 The usage of tools such as VMware workstation, Nikto, Httrack, Nmap, Traceroute and
John in the widgestInc machine are explained in the tools and techniques topic of the
report.
 The security of the machine such as usage of disk space of the system and the processors
used in the system is also investigated in the Security investigation topic of the report.
 These are all the results obtained while checking the security of the WidgetsInc company
VM machine image.
5. Security Issues found in the designed system
Security issues found in the system are executed by Linux commands. The output obtained
from the Linux are explained below(Raheja, Munjal and , 2016). Here, the following points are
checked as the security issues. First username and password are in an easy manner. Then the
number of unwanted processors are used in the system(Maxwell, 2002). It is given under the
topic of the security investigation.
The below steps are also used in the Linux system for security purposes.
Check the Open ports in the system
A user can list out all open ports in the system and network services by using below commands.
The user can stop the unwanted network services and also close the ports which are open with
help of this command.
14

The ‘ss-tulpn’ can also be used to list the open ports in linux machine. It is shown in below
screenshot.
To make sure no Non-root accounts
In the computer, the only root account/user has the full access permission. The root account has
UID value as 0.UID is (Unique ID) an exclusive name or number that is assigned to a person or
device for identification purposes. The execution of the command is shown in the below
screenshot.
Fail2ban as IDS:
15

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Fail2ban acts as IDS. IDS mean Intrusion Detection System. It is the combination of both
hardware and software which monitors a system or a network and also used to detect any
malicious activities in the system or network. For detecting vulnerability exploits against a
computer, it was built as a network security technology. It only monitors path traffic and reports
it to the administrator but it will not take any control actions automatically to prevent a detected
problem from the system. The fail2ban command is used in this machine to secure the system
from the attacks such as Brute- force attacks. Usage of this commands shown in below
screenshot.
The command is used to edit the file. The below screenshot shows the content of the file. Here
the contents of the file can be edited.
Update the Software package
Whenever the latest versions of security fixes and patches released, it has to be updated to keep
the system secured and it makes the system to work effectively. After giving the command ‘yum
updates’ the below screenshot is obtained as the output.
16

Turn on SELinux
SELinux means Security-Enhanced Linux. It is a compulsory access control security mechanism.
It is provided in the Kernel. Turning off the SELinux means removing or disabling access control
security mechanism from the system. There are three basic modes of operation in the SELinux.
They are enforcing, permissive and disabled.
For viewing the current status of SELinux mode, ‘system-config-selinux‘, ‘getenforce‘ or
‘sestatus‘ commands are used.
After installation, it shows as disabled for sestatus command. It is shown in below screenshot.
If it is disabled, then enable the SELinux by giving command ‘setenforce enforcing’
17

6. Various Steps to Secure the System
NIC bonding
There are two modes of NIC bonding. They are mode 0 and mode1. Mode 0 represents Round
Robin and Mode 1 represents Active and Backup. This bonding avoids the single point of failure
in the machine. By this bonding, if one NIC is down meant another NIC helps to communicate
the data in the system (Garfinkel, Spafford and Schwartz, 2011).
Firewall
The usage of the firewall reduces the unauthorized access to the system. It prevents the system
from attacks and hackers. It plays the major role in a system to send and receive the packets of
data over the internet(Garfinkel, Spafford and Schwartz, 2011). Linux uses IP tables as a
standard firewall to secure the information in the system.
Updated the system
Whenever the latest versions of security fixes and patches released, it has to be updated to keep
the system secured and it makes the system to work effectively.
Avoiding the previous password
By avoiding the usage of the previous password, the system data can be secured. If one user is
resigned from the office, after that the password for that system should be changed (Medium,
2018). It should be different from the old password, because the resigned user may hack the
system information in future. So restrict the usage of the old password to secure the VM
machine.
Non detection of USB stick
If a user wanted to restrict other users from using USB stick in systems, the USB stick should be
disabled to secure and protect data from stealing(Rovelli and Rovelli, 2018). By using ‘install
usb-storage /bin/true’ command, the USB stick will not be detected.
18

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Stop the unused IP protocol
If the server is not using IPv6 protocol, it would be better to turn it off because most of the
policies and applications do not need IPv6 protocol.
Reduce the vulnerability
If a system has more web services or software which is not necessary, cause the system being
attacked. Installing too many unwanted packages in the system increases the vulnerability of the
system(Support.rackspace.com, 2018). The vulnerability is a weakness that can be exploited by
an attacker, to perform unauthorized actions within a computer system. RPM package manager is
used to review or remove the installed and unwanted packages.
Risk assessment
In the risk management, it has the techniques or methods to reduce the risk in the security while
doing the penetration testing.
Avoid the ICMP request
ICMP means Internet Control Message Protocol. ICMP echo is used to determine whether a
networked system is responsive which is commonly known as ‘Ping’. ICMP echo messages are
the messages used by the "ping" command (folio3, 2018). Usually, malicious attacks begin with
a ping scan. The system will not respond when someone tries to ping a broadcast address to find
subnet or all the hosts available on the network at the same time by ignoring ICMP or Broadcast
request. That means it prevents system’s discovery with a ping command.
Iptables in Firewall
By enabling IPtables or Linux firewall, the server can be secured from the unauthorized access.
It is highly preferable. Administrator of the system can apply rules in IPtables to filters or selects
incoming, outgoing and forwarding packets and also can specify the source and destination
addresses which are allowed and denied in a particular UDP/TCP port number.
19

Remove X Windows
The server security and performance is improved by disabling and removing X Windows. There
is no reason to run that on the web server and mail server(Pluralsight.com, 2018). The servers do
not require X Windows. For removing the X Windows system from the server, use below
command.
#yum groupremove “X Windows System”
Strong username and Password
The user can create and maintain user accounts by using ‘useradd / usermod’ commands. The
system gets more secured by giving the strong passwords to it. Strong passwords mean a
password should contain an uppercase and lowercase letters, special characters, numbers. The
letters are should be chosen in a random manner. It should not be the company name or well-
known name of others. The user can find out weak passwords on the server or workstation by
means of ‘John the Ripper’ tool(Process Street, 2018). It acts as a fast password cracker software
and free-Open Source software which runs on UNIX, Linux, and Windows operating system.
File Access Permission
In Linux based machine every input and output is in file format. To open and access the file
certain conditions are needed to be followed. For this, the read, write and execute options are
there. If any file created in a machine means, it needs to give the permissions. The permissions
for the file are given based on the user. The correct permissions are given to the intended user to
use the file. All the permissions should not give to all the users. For a particular user who is
responsible to work on the file has all the three permissions. If some files are meant for the
public user’s means, it will be in the read mode alone (Bobcares.com, 2018). Because of this
permission option, the file can be secured from unauthorized person’s access.
Duration of Password
The password duration means the lifetime of the password which is used in the machine to
secure the data. It should be of fixed time. After that, the password needs to be changed. It helps
to avoid the unauthorized person access. ‘change’ command is used to change the password for
existing users.
20

7. Conclusion
WidgetsInc Company checks the security of the VM machine by giving its image. In this
project, the system security is tested for that VM machine and also explained the tools and
techniques used to analyze the security. Then, the results obtained from the tools are explained.
After that, the steps to secure the VM system are also explained. The open services of the VM
are investigated using NMAP command from a Linux system. The possible security issues of the
VM system also explained in this project. The various steps to secure the system is also
explained in this project.
21

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

8. References
Ieeexplore.ieee.org. (2018). Computer Network Security and Technology Research - IEEE
Conference Publication. [online] Available at: https://ieeexplore.ieee.org/document/7263569/
[Accessed 17 Aug. 2018].
Aip.scitation.org. (2018). [online] Available at:
https://aip.scitation.org/doi/pdf/10.1063/1.4982538 [Accessed 17 Aug. 2018].
Uprit, A. (2018). Network Security Using Linux/Unix Firewall. [online] Ideas.repec.org.
Available at: https://ideas.repec.org/p/vor/issues/2014-03-22.html [Accessed 17 Aug. 2018].
Anon, (2018). [online] Available at: https://www.tecmint.com/linux-server-ha ... rity-tips/
[Accessed 17 Aug. 2018].
nixCraft. (2018). 40 Linux Server Hardening Security Tips [2017 edition] - nixCraft. [online]
Available at: https://www.cyberciti.biz/tips/linux-security.html [Accessed 17 Aug. 2018].
Linux Hint. (2018). TOP 25 BEST KALI LINUX TOOLS | Linux Hint. [online] Available at:
https://linuxhint.com/top-25-best-kali-linux-tools/ [Accessed 17 Aug. 2018].
Ieeexplore.ieee.org. (2018). Evaluating the performance and intrusiveness of virtual machines for
desktop grid computing - IEEE Conference Publication. [online] Available at:
https://ieeexplore.ieee.org/abstract/document/5161134/ [Accessed 17 Aug. 2018].
nixCraft. (2018). Kill Process in Linux or Terminate a Process in UNIX / Linux Systems -
nixCraft. [online] Available at: https://www.cyberciti.biz/faq/kill-process-in-linux-or-terminate-
a-process-in-unix-or-linux-systems/ [Accessed 17 Aug. 2018].
Linux capability vulnerability. (2000). Network Security, 2000(9), p.4.
Kali Linux – Assuring Security by Penetration Testing. (2014). Network Security, 2014(8), p.4.
Raheja, S., Munjal, G. and ,, S. (2016). Analysis of Linux Kernel Vulnerabilities. Indian Journal
of Science and Technology, 9(48).
Implementation of Security Kernel based on Linux OS. (2003). The KIPS Transactions:PartC,
10C(2), pp.145-154.
22

Maxwell, S. (2002). UNIX system administration. New York: McGraw-Hill/Osborne.
Garfinkel, S., Spafford, G. and Schwartz, A. (2011). Practical UNIX and Internet Security.
Sebastopol: O'Reilly Media, Inc.
Linux hit by another long-term flaw. (2015). Network Security, 2015(2), p.2.
Anitha, A. (2011). Network Security using Linux Intrusion Detection System. International
Journal of Research in Computer Science, 2(1), pp.33-38.
Medium. (2018). 10 steps to secure Linux Server for Production Environment. [online] Available
at: https://medium.com/viithiisys/10-steps-to-secure-linux-server-for-production-environment-
a135109a57c5 [Accessed 17 Aug. 2018].
Rovelli, P. and Rovelli, P. (2018). 5 tips to improve your Linux desktop security. [online] Naked
Security. Available at: https://nakedsecurity.sophos.com/2015/05/27/5-tips-to-improve-your-
linux-desktop-security/ [Accessed 17 Aug. 2018].
Support.rackspace.com. (2018). Linux server security best practices. [online] Available at:
https://support.rackspace.com/how-to/linux-server-security-best-practices/ [Accessed 17 Aug.
2018].
folio3. (2018). 19 Best Practices and Recommendations for Linux Server. [online] Available at:
http://www.folio3.com/blog/19-best-practices-and-recommendations-for-linux-server/ [Accessed
17 Aug. 2018].
Pluralsight.com. (2018). Linux hardening: A 15-step checklist for a secure Linux server. [online]
Available at: https://www.pluralsight.com/blog/it-ops/linux-hardening-secure-server-checklist
[Accessed 17 Aug. 2018].
Process Street. (2018). 34 Linux Server Security Tips & Checklists for Sysadmins | Process
Street. [online] Available at: https://www.process.st/server-security/ [Accessed 17 Aug. 2018].
Bobcares.com. (2018). [online] Available at: https://bobcares.com/blog/how-to-secure-linux-
server-from-hackers/ [Accessed 17 Aug. 2018].
Linux hit by another long-term flaw. (2015). Network Security, 2015(2), p.2.
23

1 out of 25

+13062052269

info@desklib.com

Computer Security - Assignment

Contribute Materials

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Computer Security-System Investigation

Investigation Procedure for Computer Security and Proposal to Secure the System

Computer Security System Investigation

Installing Enterprise-wide Operating System on Virtual Box

Computer Security System Investigation

Computer Security Project