Network Security & Forensics Techniques

Verified

Added on 2020/05/08

AI Summary

This assignment delves into various network security concepts and practices. It covers topics such as ICMP protocol usage, IPv4 fragmentation for evasion, ARP cache poisoning for sniffing in switched environments, TCP RST attacks on telnet and SSH connections, rate limiting techniques, and iptables manipulation for defense. Students are expected to understand these concepts, demonstrate their knowledge through practical examples using tools like hping3, nc, tcpdump, and iptables, and analyze captured network traffic for malicious activity.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Network Security and
Forensics

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Sample Outputs and the outputs we got in our practical tasks are
shown below.
a) Use the command tcpdump –V
Command: Tcpdump –V
1

b) Use tcpdump -D to list all of your available interfaces.
c) Ping 2130706433 and watch the traffic flow with tcpdump.
user@Ubuntu1:~$ ping 2130706433
PING 2130706433 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.018 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.027 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.033 ms
64 bytes from 127.0.0.1: icmp_seq=4 ttl=64 time=0.034 ms
64 bytes from 127.0.0.1: icmp_seq=5 ttl=64 time=0.034 ms
64 bytes from 127.0.0.1: icmp_seq=6 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=7 ttl=64 time=0.029 ms
64 bytes from 127.0.0.1: icmp_seq=8 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=9 ttl=64 time=0.032 ms
64 bytes from 127.0.0.1: icmp_seq=10 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=11 ttl=64 time=0.032 ms
64 bytes from 127.0.0.1: icmp_seq=12 ttl=64 time=0.032 ms
64 bytes from 127.0.0.1: icmp_seq=13 ttl=64 time=0.031 ms
64 bytes from 127.0.0.1: icmp_seq=14 ttl=64 time=0.032 ms
2130706433 is nothing but the self IP / Loop back IP.
user@Ubuntu1:~$ ping -c1 2130706433
PING 2130706433 (127.0.0.1) 56(84) bytes of data.
2

64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.025 ms
--- 2130706433 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.025/0.025/0.025/0.000 ms
Task 2:
Already installed proftpd
Started the proftpd service
3

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Created one user account ftpuser using useradd command
Changed the password of the ftpuser to password
Tried to FTP the new installed FTPServer from another client
Captured the pocket using tcpdump
Stored the pcap file as Activity2.pcap
Got the following screen which clearly shows the password of the
ftpuser
5

Task 3 :
hping3 is already installed in the system
6