Network Application Protocols Security Risks Report
VerifiedAdded on 2025/06/23
|10
|1587
|481
AI Summary
Desklib provides solved assignments and past papers to help students succeed.
Contents
Introduction.................................................................................................................................................2
Vulnerabilities of DNS protocol...................................................................................................................3
Vulnerabilities of WEP protocol...................................................................................................................4
Vulnerabilities of the SMTP protocol...........................................................................................................5
Vulnerabilities of the SMTP protocol...........................................................................................................5
Testing HTTPS with Apache.......................................................................................................................6
Conclusion...................................................................................................................................................9
References.................................................................................................................................................10
List of figures
Figure 1: Create topology............................................................................................................................6
Figure 2: Nodes of topologies......................................................................................................................6
Figure 3: SSL..............................................................................................................................................6
Figure 4: SSL certificate..............................................................................................................................7
Introduction.................................................................................................................................................2
Vulnerabilities of DNS protocol...................................................................................................................3
Vulnerabilities of WEP protocol...................................................................................................................4
Vulnerabilities of the SMTP protocol...........................................................................................................5
Vulnerabilities of the SMTP protocol...........................................................................................................5
Testing HTTPS with Apache.......................................................................................................................6
Conclusion...................................................................................................................................................9
References.................................................................................................................................................10
List of figures
Figure 1: Create topology............................................................................................................................6
Figure 2: Nodes of topologies......................................................................................................................6
Figure 3: SSL..............................................................................................................................................6
Figure 4: SSL certificate..............................................................................................................................7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
This report is based on the security and risks presented in different network application protocols. This
report will include vulnerabilities of DNS, WEP and SMTP protocols along with the description and
caused attacks by those vulnerabilities.
This report is based on the security and risks presented in different network application protocols. This
report will include vulnerabilities of DNS, WEP and SMTP protocols along with the description and
caused attacks by those vulnerabilities.
Vulnerabilities of DNS protocol
DNS protocol is used to convert the domain name into IP address and vice versa. This is helpful for
internet users as a human mind cannot remember the IP address of all the websites. Remembering the
name is easier than remembering numbers. There are following vulnerabilities associated with the DNS
protocol. Some of the areas are given below:
The queries of DNS do not include or carry the data or information about the source client who
initiated this. It is the main reason that DNS is a landscape for the attackers. This is because the
Receiver server-side can only view the IP address of the source from the query came and this can be
modified by the hackers or attackers.
The servers of DNS follow the slave and master approach. This refers that if the master server gets
compromised or manipulated by the attackers then it will become difficult to access the database
and web pages hosted on that particular server. This vulnerability of the DNS system can be used by
the attackers to compromise the server and redirect the authorize client to another page. Use of this
method, allow the attackers to gain sensitive information of the user (5 Advantages and
disadvantages of using DNS in networking 2018).
Another vulnerability of the DNS protocols is that IP addresses and the server names are held by the
DNS server and can be shared with anyone. Thus, the DNS server does not have any authentication
mechanism to assure data security.
Covert channels can be created by the attackers as the DNS relay query data to outside servers from
inner workstations.
Some DNS servers support recursive lookups that can be used by the attacker to perform the DNS
amplification attack. This vulnerability can be used to spread this attack to the other connected DNS
servers in the network (Petters 2019).
DNS cache positioning is another vulnerability of the DNS protocol. In this data or information is
spread to the caching resolvers that pose a trustworthy origin server. This allows the attacker to
redirect the actual request to the malicious network.
DNS protocol is used to convert the domain name into IP address and vice versa. This is helpful for
internet users as a human mind cannot remember the IP address of all the websites. Remembering the
name is easier than remembering numbers. There are following vulnerabilities associated with the DNS
protocol. Some of the areas are given below:
The queries of DNS do not include or carry the data or information about the source client who
initiated this. It is the main reason that DNS is a landscape for the attackers. This is because the
Receiver server-side can only view the IP address of the source from the query came and this can be
modified by the hackers or attackers.
The servers of DNS follow the slave and master approach. This refers that if the master server gets
compromised or manipulated by the attackers then it will become difficult to access the database
and web pages hosted on that particular server. This vulnerability of the DNS system can be used by
the attackers to compromise the server and redirect the authorize client to another page. Use of this
method, allow the attackers to gain sensitive information of the user (5 Advantages and
disadvantages of using DNS in networking 2018).
Another vulnerability of the DNS protocols is that IP addresses and the server names are held by the
DNS server and can be shared with anyone. Thus, the DNS server does not have any authentication
mechanism to assure data security.
Covert channels can be created by the attackers as the DNS relay query data to outside servers from
inner workstations.
Some DNS servers support recursive lookups that can be used by the attacker to perform the DNS
amplification attack. This vulnerability can be used to spread this attack to the other connected DNS
servers in the network (Petters 2019).
DNS cache positioning is another vulnerability of the DNS protocol. In this data or information is
spread to the caching resolvers that pose a trustworthy origin server. This allows the attacker to
redirect the actual request to the malicious network.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Vulnerabilities of WEP protocol
There is much vulnerability in the WEP that allows the attackers to compromise the security of WLAN.
Some of them are given below:
While using WEP, the user usually forgets to modify the keys. A wireless network has many clients
and in such a network, sharing of the unique keys for a long time is well-known security
vulnerability.
Another vulnerability of the WEP protocol is that it does not provide key management provisions.
This key could be easily compromised by the attacker. This can also affect all the computers in the
network that are connected with this shared key.
Another major vulnerability of the WEP protocol is associated with the WEP algorithm. The IV is a
24-bit field that is sent in the plain text in the message. This is really small to ensure the security of
the data. The IEEE 802.11 standard does not describe the setting of IVs. This means that each
wireless adapter sole by a similar vendor may have the same IV sequences. It may be possible that
the wireless adapter possesses a constant IV. This vulnerability allows the attacker to monitor and
record the traffic and identify the key stream in order to decrypt the cipher text.
Another vulnerability of the WEP protocol is that it does not offer cryptographic protection to
maintain the integrity of the data. Although CRC is used by the 802.11 MAC protocols, to ensure the
data packet integrity, the combination of stream ciphers with the checksums that are non-
cryptographic, can be disastrous (Beaver & Davis 2019).
There is much vulnerability in the WEP that allows the attackers to compromise the security of WLAN.
Some of them are given below:
While using WEP, the user usually forgets to modify the keys. A wireless network has many clients
and in such a network, sharing of the unique keys for a long time is well-known security
vulnerability.
Another vulnerability of the WEP protocol is that it does not provide key management provisions.
This key could be easily compromised by the attacker. This can also affect all the computers in the
network that are connected with this shared key.
Another major vulnerability of the WEP protocol is associated with the WEP algorithm. The IV is a
24-bit field that is sent in the plain text in the message. This is really small to ensure the security of
the data. The IEEE 802.11 standard does not describe the setting of IVs. This means that each
wireless adapter sole by a similar vendor may have the same IV sequences. It may be possible that
the wireless adapter possesses a constant IV. This vulnerability allows the attacker to monitor and
record the traffic and identify the key stream in order to decrypt the cipher text.
Another vulnerability of the WEP protocol is that it does not offer cryptographic protection to
maintain the integrity of the data. Although CRC is used by the 802.11 MAC protocols, to ensure the
data packet integrity, the combination of stream ciphers with the checksums that are non-
cryptographic, can be disastrous (Beaver & Davis 2019).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Vulnerabilities of the SMTP protocol
The SMTP protocol is used to send the mails to the receiver. This is an application layer protocol. This is
only used to send the email. There are many issues associated with this protocol. Some of them are
listed below:
The SMTP protocol has no inherent encryption mechanism. Unencrypted connections are able to
expose the content of the mail as well as the credentials of users such as user name and passwords.
To avoid this secure version of this protocol (SSMTP) should be used.
Prior SMTP versions did not have an authentication mechanism. This SMTP server is transporting
and accepting data packets without the need for authentication. It can cause an open relay that is
prone to blocking.
Account enumeration is another vulnerability of the SMTP protocol. In this attacker gets able to
check whether the account of email exists on the server by using telnet feature on the SMTP port
25. The data is in plain text, thus it allows the attacker to check whether the specific mail ID exists on
the server or not (Silgado 2017).
The SMTP protocol is used to send the mails to the receiver. This is an application layer protocol. This is
only used to send the email. There are many issues associated with this protocol. Some of them are
listed below:
The SMTP protocol has no inherent encryption mechanism. Unencrypted connections are able to
expose the content of the mail as well as the credentials of users such as user name and passwords.
To avoid this secure version of this protocol (SSMTP) should be used.
Prior SMTP versions did not have an authentication mechanism. This SMTP server is transporting
and accepting data packets without the need for authentication. It can cause an open relay that is
prone to blocking.
Account enumeration is another vulnerability of the SMTP protocol. In this attacker gets able to
check whether the account of email exists on the server by using telnet feature on the SMTP port
25. The data is in plain text, thus it allows the attacker to check whether the specific mail ID exists on
the server or not (Silgado 2017).
Testing HTTPS with Apache
The HTTP stands for HyperText Transfer Protocol. This is HTTPrequest/response this helps for
communication between client/servers.To make the webserver secure in Ubuntu using Apache there is
need of the certificate with the open SSL and this will allow for the testing in HTTPS. This can be
explaining by an example which is packets capturing and observing TLS/SSL works. The whole testing is
performed over the VirtualBox virtual network (Httpd, 2019).
There is a need fortopology which used to create and installed in vibrant.
Figure 1: Create topology
Figure 2: Nodes of topologies
There are many other topologies which can be used but this should have at least three nodes and the
subnets which are client, server and router.
The web serves to need to be secure therefore there is a digital certificate which enables to
communicate between the three topologies such as client and server, router and server, client and
router. TO have the actual server there is a need to have the certificate Authority which means that
there will be support by the Brower of HTTP and also will help in the operating system. When a
certificate is created then their allowance for the testing with the Apache. Because this will only enable
in HTTP with apache. This will include the certificate and there will be needed for the proper directories
for the Apache to read (Httpd, 2019).
Figure 3: SSL
The HTTP stands for HyperText Transfer Protocol. This is HTTPrequest/response this helps for
communication between client/servers.To make the webserver secure in Ubuntu using Apache there is
need of the certificate with the open SSL and this will allow for the testing in HTTPS. This can be
explaining by an example which is packets capturing and observing TLS/SSL works. The whole testing is
performed over the VirtualBox virtual network (Httpd, 2019).
There is a need fortopology which used to create and installed in vibrant.
Figure 1: Create topology
Figure 2: Nodes of topologies
There are many other topologies which can be used but this should have at least three nodes and the
subnets which are client, server and router.
The web serves to need to be secure therefore there is a digital certificate which enables to
communicate between the three topologies such as client and server, router and server, client and
router. TO have the actual server there is a need to have the certificate Authority which means that
there will be support by the Brower of HTTP and also will help in the operating system. When a
certificate is created then their allowance for the testing with the Apache. Because this will only enable
in HTTP with apache. This will include the certificate and there will be needed for the proper directories
for the Apache to read (Httpd, 2019).
Figure 3: SSL
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
When this will add there will be SSL which enables the website to go for testing. Here all the files will be
converted into the SSL certificate.
Figure 4: SSL certificate
Load CA certificate in Client
Now when the testing process starts there is certificated needed by the node but here although CA has
signed the certificate Node does not trust on the sign due to cybercrime, therefore, there is proper
verification done by adding the CA certificate to the list. The Ubuntu accept the certificate and after
that, the lynx will only give access to the CA certificate. This will run the program and after running the
program there will be dpkg-reconfigure command will give the several options to trust the CA certificate
and the default has to be chosen. Scroll down to the bottom the user will find the cert-steveca.crt which
will have the pressing spaces then the user have to click ok. Then after this, the work of user is finished
and there will be lynx which will find no errors/warning to the secure web server (Httpd, 2019).
For testing, there is also a method by using the OpenSSL which is directly giving access to the node. This
will also have the eg, window or lynx but as this uses the OpenSSL which is already trusted by the
operating system. This will consist of the chain certificate which has authority to aces the emails. This
will have the server certificate which begins with the encrypted message and then ends with the end
certificate. For SSL exchange between the server and Brower, the user has to use tcpdump on the router
to node 2 for taking all the packets while using OS on a node to website.
converted into the SSL certificate.
Figure 4: SSL certificate
Load CA certificate in Client
Now when the testing process starts there is certificated needed by the node but here although CA has
signed the certificate Node does not trust on the sign due to cybercrime, therefore, there is proper
verification done by adding the CA certificate to the list. The Ubuntu accept the certificate and after
that, the lynx will only give access to the CA certificate. This will run the program and after running the
program there will be dpkg-reconfigure command will give the several options to trust the CA certificate
and the default has to be chosen. Scroll down to the bottom the user will find the cert-steveca.crt which
will have the pressing spaces then the user have to click ok. Then after this, the work of user is finished
and there will be lynx which will find no errors/warning to the secure web server (Httpd, 2019).
For testing, there is also a method by using the OpenSSL which is directly giving access to the node. This
will also have the eg, window or lynx but as this uses the OpenSSL which is already trusted by the
operating system. This will consist of the chain certificate which has authority to aces the emails. This
will have the server certificate which begins with the encrypted message and then ends with the end
certificate. For SSL exchange between the server and Brower, the user has to use tcpdump on the router
to node 2 for taking all the packets while using OS on a node to website.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Conclusion
Security of the protocols is necessary to protect the integrity and confidentiality of the data. Different
protocols have their own set of vulnerabilities that can be removed using proper precautions and
countermeasures. Most of the vulnerabilities occurred due to the non-encryption of the data.
Security of the protocols is necessary to protect the integrity and confidentiality of the data. Different
protocols have their own set of vulnerabilities that can be removed using proper precautions and
countermeasures. Most of the vulnerabilities occurred due to the non-encryption of the data.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
References
5 Advantages and disadvantages of using DNS in networking 2018, tinydns.org, viewed 10 Aug 2019, <
https://tinydns.org/advantages-and-disadvantages/>.
Petters J. 2019, What is DNS, How it works + vulnerabilities, varonis.com, viewed 10 Aug 2019, <
https://www.varonis.com/blog/what-is-dns/>.
Beaver, K & Davis, PT 2019, Understanding WEP weaknesses, Dummies.com, viewed 10, Aug 2019, <
https://www.dummies.com/programming/networking/understanding-wep-weaknesses/>.
Silgado A. 2017, what is SMTP? Advantages and disadvantages of an SMTP server, Blog.mailrelay.com,
viewed 10 Aug 2019, < https://blog.mailrelay.com/en/2017/04/25/what-is-smtp-advantages-and-
disadvantages-of-an-smtp-server>
Httpd.apache.org. 2019, SSL/TLS Strong Encryption: How-To - Apache HTTP Server Version 2.4. Viewed
11 Aug. 2019, < https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html>
Sandilands.info. (2019). Testing HTTPS and Certificates with Apache, OpenSSL and tcpdump in a Virtual
Network. [online] Available at: https://sandilands.info/sgordon/https-and-certificates-with-apache-
openssl-tcpdump [Accessed 11 Aug. 2019].
5 Advantages and disadvantages of using DNS in networking 2018, tinydns.org, viewed 10 Aug 2019, <
https://tinydns.org/advantages-and-disadvantages/>.
Petters J. 2019, What is DNS, How it works + vulnerabilities, varonis.com, viewed 10 Aug 2019, <
https://www.varonis.com/blog/what-is-dns/>.
Beaver, K & Davis, PT 2019, Understanding WEP weaknesses, Dummies.com, viewed 10, Aug 2019, <
https://www.dummies.com/programming/networking/understanding-wep-weaknesses/>.
Silgado A. 2017, what is SMTP? Advantages and disadvantages of an SMTP server, Blog.mailrelay.com,
viewed 10 Aug 2019, < https://blog.mailrelay.com/en/2017/04/25/what-is-smtp-advantages-and-
disadvantages-of-an-smtp-server>
Httpd.apache.org. 2019, SSL/TLS Strong Encryption: How-To - Apache HTTP Server Version 2.4. Viewed
11 Aug. 2019, < https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html>
Sandilands.info. (2019). Testing HTTPS and Certificates with Apache, OpenSSL and tcpdump in a Virtual
Network. [online] Available at: https://sandilands.info/sgordon/https-and-certificates-with-apache-
openssl-tcpdump [Accessed 11 Aug. 2019].
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.