PricingBlogAbout Us

CO4509 Computer Security: Detailed Report on Security Analysis Tools

Verified

Added on  2022/10/02

|17
|1746
|3
Report
AI Summary
This report investigates several security analysis tools, including THC Hydra, John the Ripper, RainbowCrack, and OphCrack. It details the setup, configuration, and practical application of each tool, demonstrating an understanding of their utility in assessing system security. The report covers how Hydra is used for password cracking against various protocols, the installation and use of John the Ripper for identifying weak passwords, and the functionalities of RainbowCrack, which employs time-memory tradeoff techniques for hash cracking. Furthermore, it explores OphCrack, including its use of password tables, and its application in recovering Windows passwords. The report also provides an overview of system security frameworks, control measures such as backups and physical access control, and the importance of IT security policy evaluations. The student's work fulfills the assignment requirements by demonstrating hands-on experience with the tools and providing a comprehensive analysis suitable for a computer security course.
Document Page
1
System security
Student’s Name:
Institution Affiliation:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
2
Introduction
Security analysis alludes to the central, specialized or quantitative procedures connected on
different tradable money related instruments (resources with some budgetary worth) so as to
decide the reasonable estimation of benefits and help speculators settle on better venture choices.
THC Hydra
When you need to creature power break a remote check organization, Hydra is normally the
gadget of choice. It can perform quick word reference ambushes against more than 50 shows,
including telnet, ftp, http, https, smb, a couple of databases, and significantly more(Damodaran,
2016).
Introducing THC Hydra in Ubuntu
After installation you should see the following on your Ubuntu screen
Document Page
3
Use of RDP
And these are the results on the screen

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
4
On viewing Miscrosoft Windows using RDP here are the events
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
5
When the PC restarts you will almost certainly associate with it utilizing Remote Desktop
Connection as ordinary yet you presently need to include a colon (:) then the new port toward the
finish of the location like presented underneath.
Document Page
6
John the ripper
Security of your significant information is the most vital concern, John the Ripper is a free
device generally utilized by moral programmers and security analyzers to check and break
passwords(Farash, 2016). It gives you a chance to distinguish powerless passwords and take
measures to solidify your security. Because of the ubiquity of this instrument, it is a piece of
security centered Linux circulations like Kali Linux. We should perceive how we can introduce
and utilize this device on Linux working framework. We tried the accompanying referenced
establishment technique on Ubuntu 16.04, Fedora 21 and Linux Mint(Fernandes, Jung, &
Prakash, 2016, May).
Here are the commands to run while installing John the ripper
(i) Change directory to /opt

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
7
(ii) Run the command below to download the zip file of John the ripper
(iii) Extract the downloaded command with the command below
(iv) You can rename the extracted folder to something that can be easily remembered for our
case we will name it John
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
8
John the Ripper is accessible in both free and paid forms; Paid variant is known as John the
Ripper Pro and accompanies many propelled highlights. In any case, free form should do the
trick for the requirements of the greater part of the clients.
Rainbowcrack
RainbowCrack is a general propose usage of Philippe Oechslin's quicker time-memory exchange
off procedure. It break hashes with rainbow tables.
Document Page
9
RainbowCrack uses time-memory tradeoff calculation to split hashes. It contrasts from beast
power hash wafers.
Passwords are regularly secured single way hashes. Exactly when a mystery expression is made,
the customer types the mystery word in what is characterized "plain substance", since it is in a
plain, unhashed structure. In any case, after a mystery expression is made, the PC stores a
solitary course hash of the mystery key that clutters it. Hashes are made to be single bearing,
which means algorithmic reversal is limitless. This suggests we have to break those hashes!
Normally, when you split a mystery expression hash, your PC forms a word, delivers the hash,
by then takes a gander at to check whether there is a match. If there is, the mystery key is correct;
if not, it will keep theorizing(Wurm, Hoang, Arias, Sadeghi, & Jin, 2016, January). Rainbow
tables tackle the standard of a period memory trade off. This suggests hashes are pre-made by a
PC and set away in a tremendous rainbow table archive with most of the hashes and words that
identify with them. This strategy works especially well for people with moderate processors,
since you don't have to figure much. Rainbow breaking can altogether reduce the proportion of
time it takes to part a mystery expression hash, notwithstanding you can keep the tables, so you
simply need to deliver them once!
Ventures of downloading rainbowcrack
(i) Download it from this link http://project-rainbowcrack.com/index.htm#download
(ii) Extract the downloaded file

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
10
(iii) Change to the new directory from your terminal and configure the Rainbowcrack
(iv) The next step is to compile the source code through the command shown below;
Generation of the rainbow table
We use MD5 for generating tables in rainbow crack
We run the command show below to generate rainbow tables
After that we use MD5 to split the generated table
We then break the table using MD5 also
The results are as shown in the table below
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
11
OphCrack
There are stores of purposes behind somebody to need to recover a Windows mystery key, and
there are lots of different strategies for doing it. My most adored of these ways is to use a touch
of programming called Ophcrack
I'm going to state now that Ophcrack isn't impeccable. By chance a mystery expression won't be
broken, there will be issues running it (anyway are definitely not hard to fix; I will explain the
key one later in this guide), and it won't split meandering passwords from a client.
Download Ophcrack
My preferred approaches to clear out or split a Windows secret key is to utilize a Linux Live CD.
Document Page
12
These are uncommon circulations of Linux that run legitimately from the CD (no establishment
required) and are extraordinarily intended for splitting Windows passwords. You can peruse the
documentation to figure out how to utilize it.
Essentially copy the ISO and boot utilizing the CD and the program will get appropriate to work.
It may not work, be that as it may, on convoluted passwords since it really attempts to decide the
secret word as opposed to reset it. My amigo over at the How-To Geek site has an extraordinary
instructional exercise on utilizing Ophcrack.
Additionally, Ophcrack utilizes secret word tables to animal power break the client passwords.
You can download their free tables, yet that won't break long passwords. For those cases, you
can buy bigger secret word tables that range from $100 to $1000.
Installing to CD or DVD

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 17
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.