Comprehensive Security Assessment: Virtual Machine Image File Project

Verified

Added on 2023/02/01

AI Summary

This project undertakes a security evaluation of virtual machine (VM) image files, aiming to identify and address potential security threats. It begins with the installation of VMware and the setup of a VM, followed by an exploration of system security through inspection of user access and account vulnerabilities. The project utilizes tools like Kali Linux to simulate attacks and identify weaknesses, including password cracking and potential network-related issues. It describes the inspection process, emphasizing the importance of regular security checks, encryption, and hardening techniques. The project details the use of tools like SSH Audit and Lynis for security assessment, along with hardening compilers, checking for malware, and securing web servers. The project also covers the importance of software updates and configuration of Nginx, ensuring secure data transmission and overall system security. The project concludes with proposed security plans to enhance the system's resilience against various threats.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

University
Semester
Computer Security
Student ID
Student Name
Submission Date

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Table of Contents
Part 1 - Project Goal..............................................................................................................................1
Part 2 - Installation of VMware.............................................................................................................1
Part 3 - Inspection of System Security...................................................................................................6
Part 4 - Description of Investigation Results.......................................................................................10
Part 5 - Security System Proposals......................................................................................................12
References...........................................................................................................................................14

Part 1 - Project Goal
A new Project or a Research starts with a particular aim to fulfil or test. Our Project
also has a purpose for which we shall be performing a series of Tests, collecting the test
results, analysing these data and then preparing a Report based on the overall exercise. Now,
this Project’s objective is to carry out a Security Evaluation for a System involving “Virtual
Machine image files”.(Virtual Machine (VM) is an operating system (OS) or application
environment that is installed on software, mimics a dedicated hardware and gives experience
just like a dedicated hardware).
We have identified our Project Objective. Now to reach our destination (Objective) we
shall have a plan. This Project plan will consist of Assessing, Investigate, Collecting data,
Tests, Methods of Analysing Information and finally presenting a detailed Report of our
whole process. The idea is to “pinpoint” the areas which are unsafe and which are the spots
for potential Security threats. Our Project will identify these loop holes (Security), segregate
them, analyse, group them and then aim for their eradication. These security soft spots shall
be identified in the Computers, Operating System, Servers, Hardware, and anywhere within
the framework where a potential threat is identified. Here our specific target is “Virtual
Machine image files” and Security assessment based around it.
The whole process will have the below steps and same will be covered here,
1) System’s Security Inspection details.
2) Security Tools for Inspection, their usage and results.
3) Proposed Security Plan for the System and vulnerable security areas.
We shall explain and present a detailed report, covering all the above points and how best it
shall lead to give the Best Security for our System.
Part 2 - Installation of VMware
Below given steps have to be followed for Installing the VMWare,
1. Download the VMware on the selected Portal.
2. Start the installation process for the VMware work station.
3. Once the Installation has been completed, open it.The above steps have been shown in
the below image (VMWare Workstation 14 Pro)(Ali and Heriyanto, 2011),
1

Click on the “Open a Virtual Machine” and select our Virtual Machine File which
shall be used for this Project. It is displayed as shown in the below image(Bosworth, Kabay
and Whyne, n.d.),
2

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Now, by clicking on the Power On icon, open “Ubuntu” as shown in the below image,
3

This will complete the installation of the Virtual Machine image file “Ubuntu” on the system.
As our aim is to crack the system we shall make use of “Kali Linux” and crack the username,
password and the IP address. This can be done by the below command
hydra–L user.txt –P pass.txt ftp://192.168.1.100
The Identified IP address, user name and password are illustrated as below(Buchanan, 2014).
After, enter the user name as admin and password as password and the identified IP
address 192.168.1.100. Thepasswordand user name is hacked because this project is to hack
the credentials of Virtual Machine.After, enter the Ubuntu VM to do the credentials of
Virtual Machine by use the below steps,
o Reboot the system while it is in recovery mode.
o In the shell prompt, drop the rooting.
o Apply the write access and remount the root.
o Now during the “user name” and “password” resetting process, the below
error will be displayed on the screen,
Authentication manipulation error
5

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

The file was mounted on the system with “read access only” setting and thus the error
code occurs. But this can be overridden and the file can be remounted onto the system. Once
that is completed, we can enter the new “user name” and “password”. Once the user has got
access into the “Ubuntu Virtual Machine”, security related problems that the user can face
are,
a. Security Patches
b. Open SSL (Secure Sockets Layer) Problems
c. VM image platform facing Network related issues
d. Problems in password setting
e. Malware problems
f. Server System Hardening problems
g. Backup Issues
h. Data is transmitted via network, during which the Encrypted data can get
hacked which can also affect the user information/ password settings.
Part 3 - Inspection of System Security
Now comes the most important part of this Project, the Inspection portion. We shall
describe the procedure for Inspecting a Virtual Machine Image File.
By inspecting all the users who have access to the Network and accounts have to be
examined. They have to be given access only after a thorough check as there is always a risk
of Sensitive data, Information etc. So we have to keep a check and take safety measures to
protect all these data on our virtual machine image file.
The Security Evaluation of the system helps in understanding the whole system and
the specifications, components, related models, software’s, tools interconnected within the
framework of the unit as a whole. The Security loopholes and potholes will be identified and
same will be analysed(Gollmann, 2011). It will study the system behaviour and the points for
entering into the framework. It has to comply with standards maintained on an international
level to obtain a Security Certificate(Certification Standards for the computer system and
6

security checks and requirements are governed by the United States Government Department
of Defence (DoD)).This evaluation helps in making the appropriate changes in the security
settings, use additional configurations, remove unwanted and weak sectors from the System
so that it will enhance the security of the entire system. Ubuntu 18.04 is the software that we
are using and this will be updated for protecting it against any malware, virus, bugs, etc.
Additional, encrypting the entire Disk along with any peripherals connected within the
system shall boost the security standard. The configuration of these encrypted data code will
only be given to the admin so that unreliable persons do not tamper with the encrypted code.
Now, let us do the Hardening of the Ubuntu system, which shall benefit the overall security system as
mentioned below(Halton and Weaver, 2016),
Open SSH security along with Hardening
SSH Security is a widely used tool in security and safety protection of the Linux
System. Widely used all over the globe, SSH, also known as Secure Shell or Secure Socket
Shell, is a network protocol that gives users, particularly system administrators, a secure way
to access a computer over an unsecured network. . This tool shall examine the Ubuntu
software and understand the overall system, take decisions that will be best suited to that
system network. And all this will be by default as the tool runs on default settings of the
system. Typically it will include a remote command-line login and remote command
execution, but any network service can be secured with SSH.This shall result in not only the
system getting checks but also the SSH Status getting updated. The details of the
configuration test and its outcome will be used in the Functioning/ Non-functioning services
on the system framework.X11-Forwarding is a secure shell feature, which allows to
forward/tunnel X11 connections through an existing SSH shell session. This is used to run
X11 programs on a server while the SSH-client displays the graphical window through the
user's X11-server. Thus VNC connection to the VM image file can also be given through the
X11 forwarding.The below mentioned points is some of the information required for SSH
setting:
1) Disabling the Hosts.
2) Checkinghostname of DNS.
3) Disallow root login
4) Using X11 forwarding.
5) Disallow empty passwords.
6) Increasing the attempts of authentication.
7) Restricting Access.
7

8) Change the port number.
9) Setting the SSH protocols.
Now coming to the tools and methods used to perform the System Security on Ubuntu 18.04,
SSH uses the below mentioned tools. Manually conduct the Hardening of Ubuntu and the
system, check the necessary settings required for the system security, scan for potential
threats etc. This security scanning should be conducted on regular basis; outcomes should be
implied to improve the overall security of the system:
a) SSH – Audit:
“SSH Audit” is an excellent tool for checking the security of SSH services, either
during client engagements or for server hardening.
b)Lynis:
 Lynis is a Security Evaluation Tool used on Linux based Operating systems for
Security checks and assessment. Lynis is an Open-source Security auditing tool
used by system administrators or security professionals with a goal of achieving a
more secured state. It is used for Security Auditing, Compliance Testing,
Vulnerability detection, System Hardening etc and helps in checking the overall
Health of the System in relation to security.The Audit report helps the user to
understand the weak areas and take additional measures strengthening the security.
Hardening of Compilers and Development tools
A Compiler is a software program that transforms high-level source code that is
written by a developer in a high-level programming language into a low level object code
(binary code) in machine language, which can be understood by the processor. The Audit
compilers and related software tools can be used conduct the hardening of the compilers in a
system.
Same Hardening process can be done on Development tools for the system security,
Hackers who always are looking for loop holes and security soft spots, which can be removed
by utilizing these compilers and their codes.
Check for Malware
Malware is any software intentionally designed to cause damage to a computer,
server, client, or computer network. These are potentially big threats for the system and same
can same has to be checked. Common Malware threats encountered on Linux networks
include Ransom ware, Trojan worms, bugs, viruses etc.Thus as for other computer systems,
so as for Linux Anti-Virus tools and software is essential.
8

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Web Server Hardening
Server security and hardening are the important aspects of any server. By using the
hardening of the server, we can deploy more secured parameters and enhance the overall
security level of the System. The parameters which are tweaked during the web server
hardening process are SSL (Secure Sockets Layer) and TLS (Transport Layer Security),
thus ensuring that the web dealings are secured. These are positioned above the TCP in the
protocol stack, where TCP is used to ensure the safety of the network traffic at the transport
layer. SSL/ TLS are employed basically to carry out the below mentioned tasks:
 High goal settings: There is always a risk involved when data is kept on a
web server system. Hardening is one of the most basic processes to improve
the overall security level of the system. SSL/ TSL certification thus has to be
procured to have a effective Hardening of the system.
 Nginx Configuration: NGINX is a lightweight, high-performance web
server designed for high-traffic use cases. One of NGINX's strongest features
is the ability to efficiently serve static content such as HTML and media files.
Unlike traditional servers, NGINX doesn't rely on threads to handle requests.
Instead it uses a much more scalable event-driven (asynchronous) architecture.
NGINX is used for hardening the Web server. It forcefully removes all the
unwanted old protocols within the web system. It tunes the system, maintains
the safe status of the system, protects the encrypted information on the server,
look outs for potential malware, etc.
It is used in HTTPS features to ensure the safety of the web.
a) Use monitoring parameters for file integrity
b) Check and control unwanted traffic over the system.
c) Backups have to be categorized.
d) Use Security related tools and regularly conducts Audits to enhance
the overall security status.
Software updates
Security should always be considered when installing, deploying, and using any type
of computer system. Software Updates is an ongoing process, which can be used in both
manual updates and automatic updates options. Now this can be selected when the Software
was installed on the system.
System software is an automatic process (most likely option to be selected by the user
during the procedure). Although there is always an option to manual select the software
9

update option, it is preferable to use the auto option. System Hardening is the first step in the
process of Ubuntu Security System.
Part 4 - Description of Investigation Results
Now we come to the topic of understanding the outcome of the System Security
Investigation.Lynis is a security auditing tool for Linuxand other systems based on UNIX.
The tool checks the system and the software configuration, to see if there is any room for
improvement the security defences. All details are stored in a log file. Findings and other
discovered data is stored in a report file.It will fully inspect and analyse the Ubuntu 18.04
system for the VM in use. Lynis shall perform extensive security scans and will display and
give information of this scans. System Administrators and Web Server auditors can then take
the necessary steps to enhance the security. Thus without any doubt, it proves that Ubuntu
suits this system(Halton et al., 2017).
Lynis: Installation
As Lynis is open source code software, installation is simple.Installing Lynis via a package
manager is one option to get started with Lynis. Source code can also be used for this
installation. The file is downloaded and then the binary on the system is copied. It is easy to
do Lynis installation. Use the below mentioned command for “Lynis” softwareinstallation on
Ubuntu 18.04 as mentioned below:
Sudo apt-get installs Lynis
The below image shows the output of the above steps,
10

Once Lynis has been installed into the web server system, it will be ready to conduct
the Security Auditing. Lynis won't perform any system hardening automatically, but it will
offer suggestions that show you how you can go about hardening the system yourself. Lynis
audits are made possible using profiles, which are like configuration files with settings that
control how Lynis conducts an audit. This will give a full report of the vulnerable security
areas in the system.
Once the whole security and safety scanning of the system is over, a detailed Report is
created. This Report contains the analysis of the scan. Based on the scanning report of the
audit analysis, the outcome can be described as
 Hardening Index
 Reporting of warnings and suggestions
 Security System/ Audits / Improvements.
11

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Location of sectors those are vulnerable.
 Detailed logging
 Compliance tests such as HIPAA and PCI
 Regulation management
The Report also mentions areas and sectors of the web server system that require additional
examination and analysis so that they do not become weak spots and are easily exploited by
outside hackers and malicious software’s with bad intentions. It is a more in-depth Audit
report when compared to other auditing tools available. Thus, overall this leads to an
improvement for the Server Security and minimizing the security related threats and potential
attacks(Raggi, Thomas and Vugt, 2011).
Part 5 - Security System Proposals.
In the last step of this Project, we shall give additional details for the security measures to be
taken for a better and stronger Secured System. The additional measures that have been suggested for
a better and efficient Security System includes(Henry, 2012),
a) PHP Vulnerabilities
b) Pacemaker Vulnerabilities
c) System Vulnerabilities
d) Libxslt vulnerability
e) Wget Vulnerability
Understanding these additional issues in the Security System, we have a few suggestions have
been noted and pointed out to help in closing all the loop holes in the Security System,
1. Planned regular Up-dates for the System.
Frequent and planned updates/ Upgrades will help in the efficiency of the Security System.
2. Less User accounts in use
Minimum User accounts will help in less security threats to the system.
3. Removal of problematic areas of Network
Areas/ Sectors that are creating issues to security of the system should be removed or
even discarded out. This shall benefit in two ways, less security threats and overall efficiency
in the systems performance as the processing power will be less distributed towards
unwanted sectors. The following process could be implemented(Lehtinen and Sr, 2011):
 Identify running services for instance TCP etc.
 Identify the service to be discarded.
12

 Uninstallation of the listening services.
4. Remove of Unused Network facing services
The point is removal of areas in the Network which are not used and are wasting the
resources of the System. These can be discarded and removed out. This process is used to
reduce the attack surface both running processes and installed packages. This shall contain
the following,
 Determine the running services like TCP and UDP
 Select the services to be removed
 Uninstall programs/ Services which are just lying for no use.
In the end, after undergoing all the above processes we have come to the conclusion
that the System is secured and the threat of potential attacks on this Web Server is minimum.
Our Ubuntu System is very Safe and Highly Secured(Najera-Gutierrez, 2018).
13

References
Ali, S. and Heriyanto, T. (2011). BackTrack 4. Birmingham, U.K.: Packt Open Source.
Bosworth, S., Kabay, M. and Whyne, E. (n.d.). Computer security handbook.
Buchanan, C. (2014). Kali Linux CTF Blueprints. Birmingham: Packt Publishing.
Gollmann, D. (2011). Computer Security. Hoboken: Wiley Textbooks.
Halton, W. and Weaver, B. (2016). Kali Linux 2. Birmingham, UK: Packt Publishing.
Halton, W., Weaver, B., Ansari, J., Kotipalli, S. and Imran, M. (2017). Penetration Testing.
Birmingham: Packt Publishing.
Henry, K. (2012). Penetration testing. Ely, Cambridgeshire, U.K.: IT Governance Pub.
Lehtinen, R. and Sr, G. (2011). Computer Security Basics. Sebastopol: O'Reilly Media.
Najera-Gutierrez, G. (2018). Kali Linux Web Penetration Testing Cookbook. Birmingham:
Packt Publishing Ltd.
Raggi, E., Thomas, K. and Vugt, S. (2011). Beginning Ubuntu Linux. Berkeley, CA: Apress.
14