Lab Exercises on Digital Security Fundamentals, Cryptographic Principles, Symmetric Encryption, Asymmetric Encryption, and Secure Hash Functions


Added on  2019-09-30

33 Pages6001 Words366 Views
Week 01 - Lab Exercise Digital Security FundamentalsReflection questions:1. What does promiscuous mode mean?Promiscuous mode is a network security and monitoring technique thatenables access to entire network data packets by any configured networkadapter on a host system.It sets the mode for both a wired network interfacecontroller (NIC) or wireless network interface controller (WNIC) that causesthe controller to pass all traffic it receives to the central processing unit (CPU)rather than passing only the frames that the controller is specificallyprogrammed to receive. This mode is normally used for packet sniffing thattakes place on a router or on a computer connected to a wired network or onebeing part of a wireless LAN. Some Applications that use the Promiscuousmode are NetScout Sniffer, Wireshark (formerly Ethereal),VMware’s VMnetbridging ,Cryptanalysis.. etc2. How do you set promiscuous mode in Linux?To set the promiscuous mode on the physical NIC, run the followingcommand:# ifconfig eth0 promiscDisable Promiscuous ModeTo disable promiscuous mode on the physical NIC, run the followingcommand:# ifconfig eth0 –promisc

3.Does a network interface card on a sniffer need an IP address? And Why?No, the sniffer doesn't require an IP address, it wants to remain invisible to theother machines in order to intercept messages undetected.4. What is APR traffic?ARP stands for Address Resolution Protocol. When you try to ping an IPaddress on your local network, say, your system has to turn theIP address into a MAC address. This involves using ARP toresolve the address, hence its name.Systems keep an ARP look-up table where they store information about whatIP addresses are associated with what MAC addresses. When trying to senda packet to an IP address, the system will first consult this table to see if italready knows the MAC address. If there is a value cached, ARP is not used.5.How do you start Wireshark from a terminal in Linux?To start Wireshark enter the command wireshark -kThe -k option specifies that Wireshark should start capturing packetsimmediately. This option requires the use of the -i parameter to specify theinterface that packet capture will occur from.6.How do you choose the interface to capture traffic on in Wireshark?To choose the interface to capture traffic we can do it by getting an overviewof available interfaces.

To get an overview of the available interfaces we can use the “CaptureInterfaces” dialog box (Capture → Options...).We can start a capture using the current settings by selecting Capture →Start or by clicking the first toolbar button.If you already know the name of the capture interface you can start Wiresharkfrom the command line:$ wireshark -i eth0 -k7.How do you display web traffic captured in Wireshark?

To display the capture traffic, click your wireless interface. You can configureadvanced features by clicking Capture > Options,As soon as you click the interface’s name, you’ll see the packets start toappear in real time. Wireshark captures each packet sent to or from yoursystem.8. Are FTP username and passwords encrypted?No,In FTP both the command and data channels are unencrypted.Theusername and passwords are unencrypted .So any data sent over thesechannels can be intercepted and read.9.Why would a network admin use a sniffer?Network admin uses the Sniffer for the following reasons.To monitor and analyse data packets flowing over computer networks. To examine traffic on the network and to prevent traffic bottlenecks.To determine the health of network and diagnose network related issue.

10. What is the DVL Virtual Machine?Damn Vulnerable Linux (DVL)is a learning tool for security. It is broken, ill-configured, outdated, and exploitable software that makes it vulnerable toattacks.DVL is a live CD available as a 150MB ISO.It contains older, easilybreakable versions of Apache, MySQL, PHP, and FTP and SSH daemons, aswell as several tools available to help you compile, debug, and breakapplications running on these services, including GCC, GDB, NASM, strace,ELF Shell, DDD, LDasm, LIDa, and more.11.What did you do in today’s lab?In todays lab i have learnt about promiscuous mode in Linux, Wireshark,Sniffers.Week 02 - Lab Exercise Introduction to Cryptographic PrinciplesReflection questions:1.Why is NMAP useful for people working in network security?Open-source tool for vulnerability scanning and network discovery.To identify what devices are running on their systems.To discover hosts that are available and the services they offer.To find open ports and detecting security risks.To monitor single hosts as well as vast networks2. Compare and contrast UDP with TCP.

3. What is the syntax to scan a remote machine for open TCP ports?To scan for TCP connections Type:sudonmap-sTremote_host4.What is the syntax to scan a remote machine for open UDP ports?To scan for UDP connections, type:sudo nmap -sU remote_host5.What is ZENMAP?

Zenmap is the officialgraphical user interface(GUI) for the NmapSecurity Scanner. It is a multi-platform, free and open-source applicationdesigned to make Nmap easy for beginners to use while providing advancedfeatures for experienced Nmap users.Typical Zenmap screenshot 6.What did you do in today’s lab?In todays lab I learnt about NMAP, ZenMap Interface,TCP and UDP Ports. Week 03 - Lab Exercise Symmetric EncryptionReflection questions:1.What is the command to add a group to the system, in Linux?The groupadd command can be used in Linux to add groups to the system.The basic syntax of Linux groupadd command is groupadd <groupname>. If

no command-line options are used, the group is created with the nextavailable Group ID number (GID) above 499. To specify a GID, use thegroupadd -g <gid> <group-name>command.[root@RHEL2~]#groupaddengineering2.What is the command to give a user a password, in Linux?CreatepasswordforanuserPasswdusernameExample command:root@linuxnix.com:/home/surendra# passwd krishanEnter new UNIX password: Retype new UNIX password: passwd:passwordupdatedsuccessfully3.What is the command to add a user to the system, in Linux?

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Wireless Technologies: Wireshark, Cain and Abel

Network Security Analysis - Doc

IT Wireless: WLAN Tools, Packet Capture, and Wireless Technologies

Wireshark Network Traffic Analysis


Wireshark Live Capture of Websites