Computer and Network Security

Computer And Network Security [3350704] Computer Engineering[Semester – 5]
Computer And
Network
Security
Lab Manual
K.D POLYTECHNIC COMPUTER DEPARTMENT

Practical 1
List and practice various “network”

Commands on DOS.

1. Arp
ARP stands for Address Resolution Protocol. Arp displays and modifies entries in the
Address Resolution Protocol (ARP) cache, which contains one or more tables that are used
to store IP addresses and their resolved Ethernet or Token Ring physical addresses.


2. Hostname
The hostname command is used to show or set a computer's host name and domain name.

3. Ipconfig
Ipconfig is designed to be run from the Windows command prompt. This utility allows you
to get the IP address information of a Windows computer. It also allows some control over
active TCP/IP connections.





4. Ping
The ping command is a command prompt command used to test the ability of the source
computer to reach a specified destination computer.


5. Nslookup
Nslookup is a command line tool included with most operating systems that allows a user to
look up a network name server, as well as return IP addresses and domain names for a
network server.

6. Tracert
The tracert command is used to visually see a network packet being sent and received and
the amount of hops required for that packet to get to its destination.

7. Netstat
The netstat command is used to display the TCP/IP network protocol statistics and
information.


Practical 2
Configure a system for various security

experiments.
.

A. Basic - Set a password
1. To add or change your password,go to User Accounts and Family Safety.
2. Select User Accounts.

3. Click on Create a password for your account.
4. Now type any strong password so that any extruder could not start your system
without your permission.
And if you want to provide any hint you can provide here.

B. Restricts other user accounts.
1. To restrict other user accounts, go to user accounts .

2. Here click on Manage another account .
3. Click on Create New Account.

4. Provide name and select type of that user account as Standard user and click on Create
account.
5. Now set password for that account. For this click on create a password.

6. Now just type the password for that account and click on create password.
7. Now login from that standard user and you can see that whenever you want to set
anything from control panel or any software installation, there is a pop-up box appearing
which says “Do you want to allow the following program to make changes to this
computer?” “To continue, type an administrator password.”

Practical 3
Configure Web browser security

settings.
.

1. Open Google Chrome. Go to the Setting area, which can be accessed from the top right corner
of the browser.
2. If you are logged into Chrome, there is an option as Sync, click on it.

3. Under encryption section, you can find “Encrypt synced data with your own passphrase”. It
works as double password.

4. Now go to the bottom of the setting page, you find “Show advanced settings”, click on it.

5. In the privacy section, you will see an option as “send a “Do not track” request with your
browsing traffic”. Now turn on this setting.
6. Now you can see a pop-up box of “Do not track”. Here click on confirm.

7. Go to the password section.
8. Turn off “Autofill forms ”.

9. Turn off “offer to save your web passwords”.

10. Again in privacy section, click on “content setting “.

11. In the “cookies section” select “keep local data only until you quit your browser”. Also check
the “block third party cookies and site data” option.

12.You can also turn off “allowed” in javascript.

13. In the Plugin section, turn on“Ask when a site wants to use a plugin to access your computer”.

14. In the Downloads section, turn on “Ask where to save each file before downloading” option.

Practical 4
Draw Diagram of DoS, backdoors/

trapdoors.

 In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator

seeks to make a machine or network resource unavailable to its intended users by temporarily or
indefinitely disrupting services of a host connected to the Internet. Denial of service is typically
accomplished by flooding the targeted machine or resource with superfluous requests in an
attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

 A backdoor in a system is a method of bypassing normal authentication and gain access. The
backdoor access method is sometimes written by the programmer who develops the program. It
is found in multi network scenario. A network administrator may intentionally create or install a
backdoor program for troubleshooting or other official use. Hackers use backdoors to install
malicious software files or programs, modify code or detect files and gain system access .

Practical 5
Draw diagrams of sniffing, spoofing, man

in the middle & replay attacks.

Figure : Sniffing the Network
 Sniffing is the process of monitoring and capturing all the packets passing through a given
network using sniffing tools. It is a form of “tapping phone wires” and get to know about the
conversation. It is also called wiretapping applied to the computer networks.
 There is so much possibility that if a set of enterprise switch ports is open, then one of their
employees can sniff the whole traffic of the network. Anyone in the same physical location can
plug into the network using Ethernet cable or connect wirelessly to that network and sniff the
total traffic.
 In other words, Sniffing allows you to see all sorts of traffic, both protected and unprotected. In
the right conditions and with the right protocols in place, an attacking party may be able to
gather information that can be used for further attacks or to cause other issues for the network or
system owner.

 IP address spoofing or IP spoofing is the creation of Internet Protocol (IP) packets with a false
source IP address, for the purpose of hiding the identity of the sender or impersonating another
computing system.[1] One technique which a sender may use to maintain anonymity is to use a
proxy server.
Figure : Man in the Middle Attack
 In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where

the attacker secretly relays and possibly alters the communication between two parties who
believe they are directly communicating with each other. One example of man-in-the-middle
attacks is active eavesdropping, in which the attacker makes independent connections with the
victims and relays messages between them to make them believe they are talking directly to each
other over a private connection, when in fact the entire conversation is controlled by the attacker.
The attacker must be able to intercept all relevant messages passing between the two victims and
inject new ones. This is straightforward in many circumstances; for example, an attacker within
reception range of an unencrypted wireless access point (Wi-Fi) could insert himself as a man-
in-the-middle.

Figure : Replay attack
A replay attack (also known as playback attack) is a form of network attack in which a valid data
transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the
originator or by an adversary who intercepts the data and re-transmits it, possibly as part of
a masquerade attack by IP packet substitution. This is one of the lower tier versions of a "Man in
the middle attack."
Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity,
which Alice dutifully provides (possibly after some transformation like a hash function);
meanwhile, Eve is eavesdropping on the conversation and keeps the password (or the hash). After
the interchange is over, Eve (posing as Alice) connects to Bob; when asked for a proof of identity,
Eve sends Alice's password (or hash) read from the last session which Bob accepts, thus granting
Eve access.

Practical 6
write caesar’s cipher aLgorithm & soLve

various examples based on Encryption &
Decryption.

How to Encrypt:
For every letter in the message M :
1. Convert the letter into the number that matches its order in the alphabet starting from 0, and call
this number X. ( A=0, B=1, C=2, ...,Y=24, Z=25)
2. Calculate: Y = (X +3) mod 26
3. Convert the number Y into a letter that matches its order in the alphabet starting from 0.
(A=0, B=1, C=2, ...,Y=24, Z=25)
How to decrypt:
For every letter in the cipher text C :
this number Y. (A=0, B=1, C=2, ..., Y=24, Z=25)
2. Calculate: X= (Y - 3) mod 26
3. Convert the number X into a letter that matches its order in the alphabet starting from 0. (A=0,
B=1, C=2, ..., Y=24, Z=25).

Practical 7
Write a program to perform encryption

using Caesar Cipher.

#include<stdio.h>
#include<conio.h>
void main()
clrscr();
int i;
char pt[30],et[30];
printf("Enter plain text");
gets(pt);
for(i=0;pt[i]!=NULL;i++)
if(pt[i]== ' ')
et[i]=' ';
else
if(pt[i]>='a'&& pt[i]<='z')
et[i]=pt[i]+3;
if (et[i]>'z')
et[i]=et[i]-26;
else
et[i]=pt[i]+3;
if(et[i]>'Z')
et[i]=et[i]-26;
et[i]=NULL;
printf("\n plain text is:\t%s",pt );
printf("\n encrypted text is:\t%s",et);
getch();
OUTPUT
Enter plain text: ABC def
plain text is: ABC def
encrypted text is: DEF ghi

Practical 8
Write a program to perform decryption

using Caesar Cipher.
.

#include<string.h>
void main()
clrscr();
char ip[20],c[20]={0},p[10]={0};
int i,l,m;
printf("Enter Cipher Text for Decryption \n");
scanf("%s",ip);
l=strlen(ip);
for(i=0;i<li++)
if((ip[i]>=65 && ip[i]<=90 || ip[i]>=97 && ip[i]<=122))
if(ip[i]<=90)
if((ip[i]==65 || ip[i]==66 || ip[i]==67))
c[i]= (ip[i]+23);
else
c[i]= (ip[i]-'A'-3)%26+'A';
else
if(ip[i]>=97 && ip[i]<=122)
{
if((ip[i]==97 || ip[i]==98 || ip[i]==99))
c[i]= (ip[i]+23);
else
c[i]= (ip[i]-'a'-3)%26+'a';
printf("Plain text for given Cipher text is \n %s",c);
getch();
OUTPUT:-
Enter Cipher Text for Decryption
OMS
Plaintext for given Cipher Text is
LJP

Another Program
#include<stdio.h>
#include<conio.h>
void main()
clrscr();
int i;
char pt[30],et[30];
printf("Enter encrypted text\t");
gets(et);
for(i=0;et[i]!=NULL;i++)
if(et[i]== ' ')
pt[i]=' ';
else
if(et[i]>='a'&& et[i]<='z')
pt[i]=et[i]-3;
if (pt[i]<'a')
pt[i]=pt[i]+26;
else
{
pt[i]=et[i]-3;
if(pt[i]<'A')
pt[i]=pt[i]+26;
pt[i]=NULL;
printf("\n Your encrypted text is:\t%s",et );
printf("\n plain text is: \t%s",pt);
getch();
OUTPUT
Enter encrypted text DEF ghi
Your encrypted text is: DEF ghi
plain text is: ABC def

Practical 9
Write algorithm/steps for Shift Cipher &

solve various examples on it.

How to Encrypt:
For every letter in the message M :
this number X. ( A=0, B=1, C=2, ...,Y=24, Z=25)
2. Calculate: Y = (X + K) mod 26
3. Convert the number Y into a letter that matches its order in the alphabet starting from 0.
(A=0, B=1, C=2, ...,Y=24, Z=25)
For Example: We agree with our friend to use the Shift Cipher with key K=19 for our message. We
encrypt the message "KHAN", as follows:
So, after applying the Shift Cipher with key K=19 our message text "KHAN" gave us cipher text
"DATG".
We give the message "DATG" to our friend.
How to decrypt:
For every letter in the cipher text C :
this number Y. (A=0, B=1, C=2, ..., Y=24, Z=25)
2. Calculate: X= (Y - K) mod 26
3. Convert the number X into a letter that matches its order in the alphabet starting from 0. (A=0,
B=1, C=2, ..., Y=24, Z=25)
Our friend now decodes the message using our agreed upon key K=19. As follows:

So, after decrypting the Shift Cipher with key K=19 our friend deciphers the cipher text "DATG"
into the message text "KHAN".

Practical 10
Write algorithm/steps for Hill Cipher

and solve examples on it.

1. Treat every letter in the plain-text message as a number, so that A=0, B=1,…, Z=25.
2. The plain-text message is organized as a matrix of number, based on the above conversion.
For example, if our plain-text is CAT. Based on the above step, we know that C=2, A=0 and
T=19. Therefore, our plain-text matrix would look as follows:
2
[0]
19
3. Now, our plain-text matrix is multiplied by a matrix of randomly chosen keys. The key
consists of size n*n where n is the number of rows in our plain-text matrix. For example, we
take the following key matrix:
6 24 1
[13 16 10]
20 17 15
4. Now, multiply the two matrices, as shown below:
2 6 24 1 31
[0] * [13 16 10 ] = [216]
19 20 17 15 325
5. Now, compute a mod 26 value of above matrix. That is, take the remainder after dividing the
above matrix values by 26. That is
31 5
[216] mod 26 = [ 8 ]
325 13
6. (This is because: 31/26 = 1 with a remainder of 5: which goes in the above matrix, and so
on).
7. Now, translating the numbers to alphabets 5=F, 8=I, and 13=N. Therefore, our cipher text is
FIN.
8. For decryption, take the cipher-text matrix and multiply it by the inverse of our original key
matrix (explained later). The inverse of our original key matrix is
8 5 10
[21 8 21]
21 12 8
9. For decryption, take the cipher-text matrix and multiply it by the inverse of our original key
matrix (explained later). The inverse of our original key matrix is
8 5 10 5 210
[21 8 21] * [ 8 ] = [442]
21 12 8 13 305
10. Now, we need to take modulo 26 of this matrix, as follows.

210 2
[442] mod 26 = [ 0 ]
305 19

11. Thus, our plain-text matrix contains 2, 0, 19; which corresponds to 2=C, 0=A, and 19=T.
This gives is the original plaintext back successfully.

Practical 11
Write algorithm/steps for playfair

cipher and solve examples on it.
.

Creation and population of matrix

The playfair cipher makes uses of a 5x5 matrix, which is used to store a “keyword” or “phrase” that
becomes the “key” for encryption and decryption
1) Enter the keyword in the matrix row-wise left to right and top to bottom
2) Drop duplicate letters
3) Fill remaining space in matrix with the rest of English alphabet (A-Z) that were not a part of our
keyword, combine i and j in same cell of table.
Encryption process
For encryption using Playfair technique following rules are followed.
1) If both alphabets are same (or only one is left), add an x after the first alphabet. Encrypt that
new pair and continue.
2) If both alphabets in pair appear in same row of our matrix, replace them with alphabet to their
immediate right respectively
3) If both the alphabets in the pair appears in same column of matrix, replace them with alphabets
immediately below them respectively.
4) If two letters in the pair are in different row and column then make a rectangle including this
two letters and write the cipher text letter which is at the end corner of the letter in the plaintext.
Decryption process
For decryption using Playfair technique following rules are followed.
1) If both alphabets in pair appear in same row of our matrix, replace them with alphabet to their
immediate left respectively.
2) If both the alphabets in the pair appears in same column of matrix, replace them with alphabets
immediately above them respectively.
3) If two letters in the pair are in different row and column then make a rectangle including this
two letters and write the cipher text letter as a letter which is at the end corner of the letter in the
plaintext respectively.

Practical 12
Write algorithm/steps for Vernam

Cipher & solve various examples on it.
.

Encryption
1. Treat each plain text alphabet as a number in an increasing sequence i.e. A=0,B=1,….,Z=25.
2. Take plaintext and write down the number equivalent to each plaintext letter.
3. Take key and write down the number equivalent to each key letter.
4. Now add each letter in plaintext and key.
5. Write the alphabet associated with the number which is the result of the addition, this is the
cipher text
6. If the result of the addition is greater than 25 then subtract 26 from it, and write the alphabet
associated with that number, this is the cipher text.
Decryption
1. Write the number associated with each letter in the cipher text.
2. Write down the number equivalent to each key letter.
3. Now subtract each letter in key from cipher text.
4. Write the alphabet associated with the number which is the result of the subtraction, this is the
plain text.
5. If the result of the subtraction is negative number then add 26 to that number and write down the
alphabet associated with result number, this is the cipher text.

Practical 13
Write algorithm/steps for Vigenere

Cipher & solve various examples on it.

1. This cipher uses multiple one character keys.

2. Each of the keys encryption one plaintext character.
3. The first key encrypts first plaintext character; the second key encrypts the Second plain text
character and so on.
4. After all the keys are used they are recycled.
5. Thus if we have 30(thirty) "one-latter" keys, every 30th character in the plaintext would be
placed with the same key.
6. This number (in this Case, 30) is called us the period of the cipher.

Example:
Key :deceptivewearediscoveredsav
Plaintext : wear discovered save yourself
Ciphertext :zicvtwqngkzeiigasxstslvvwla

Practical 14
Draw diagram of public key

infrastructure (PKI)
.

 A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures
needed to create, manage, distribute, use, store, and revoke digital certificates.
 In cryptography, a PKI is an arrangement that binds public keys with respective user identities
by means of a certificate authority (CA). The user identity must be unique within each CA
domain. The third-party validation authority (VA) can provide this information on behalf of CA.
The binding is established through the registration and issuance process, which, depending on
the assurance level of the binding, may be carried out by software at a CA or under human
supervision. The PKI role that assures this binding is called the registration authority (RA),
which ensures that the public key is bound to the individual to which it is assigned in a way that
ensures non-repudiation.

Practical 15
Draw diagram of Centralized/

Decentralized Infrastructure.

 In Public Key Infrastructure (PKI) keys are used for authentication and encryption.
There are two approaches for generating keys in PKI environment
1. Centralized 2. Decentralized
Centralized approach is used under following situations
1. If a company uses an asymmetric algorithm that is resource-intensive to generate the

public/private key pair.
2. If large and resource-intensive key sizes are needed.
3. When individual computers may not have the necessary processing power to produce the keys in
an acceptable fashion.
In centralized infrastructure very high-end server with powerful processing abilities is used along
with a hardware-based random number generator.
Advantages of Centralized Infrastructure
1. It is much easier to back up the keys.
2. Implementation of key recovery procedures is easier with central storage than with a
decentralized approach.

Disadvantages of Centralized Infrastructure
1. In centralized infrastructure the keys will be generated on a server, this keys need to be securely
transmitted to the individual clients that require them. This is difficult to accomplish.
2. A technology needs to be employed that will send the keys in an encrypted manner, ensure the
keys’ integrity, and make sure that only the intended user is receiving the key.
3. Server that centrally stores the keys needs to be highly available.
4. Since all the keys are in one place, the server is a prime target for an attacker, if the central key
server is compromised, the whole environment is compromised.
5. Single point of failure.

Practical 16
Demonstrate Cross Site Scripting (XSS)

.

Basic Concept of XSS

 Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are
injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker
uses a web application to send malicious code, generally in the form of a browser side
script, to a different end user. Flaws that allow these attacks to succeed are quite
widespread and occur anywhere a web application uses input from a user within the
output it generates without validating or encoding it.
 An attacker can use XSS to send a malicious script to an unsuspecting user. The end
user’s browser has no way to know that the script should not be trusted and will execute
the script. Because it thinks the script came from a trusted source, the malicious script can
access any cookies, session tokens, or other sensitive information retained by the browser
and used with that site.
Types of XSS
1. Reflected XSS
2. Stored XSS
3. DOM-based XSS
1. Reflected XSS
Reflected cross-site scripting (or XSS) arises when an application receives data in an
HTTP request and includes that data within the immediate response in an unsafe way.
Suppose a website has a search function which receives the user-supplied search term
in a URL parameter:
https://insecure-website.com/search?term=gift
The application echoes the supplied search term in the response to this URL:
<p>You searched for: gift</p>
Assuming the application doesn't perform any other processing of the data, an attacker
can construct an attack like this:
https://insecure-website.com/search?term=<script>/*+Bad+stuff+here...+*/</script>
This URL results in the following response:
<p>You searched for: <script>/* Bad stuff here... */</script></p>
If another user of the application requests the attacker's URL, then the script supplied
by the attacker will execute in the victim user's browser, in the context of their session
with the application.

2. Stored XSS
Stored XSS (also known as persistent or second-order XSS) arises when an
application receives data from an untrusted source and includes that data within its
later HTTP responses in an unsafe way.
The data in question might be submitted to the application via HTTP requests; for
example, comments on a blog post, user nicknames in a chat room, or contact details
on a customer order. In other cases, the data might arrive from other untrusted
sources; for example, a webmail application displaying messages received over
SMTP, a marketing application displaying social media posts, or a network
monitoring application displaying packet data from network traffic.
Here is a simple example of a stored XSS vulnerability. A message board application

lets users submit messages, which are displayed to other users:
<p>Hello, this is my message!</p>
The application doesn't perform any other processing of the data, so an attacker can
easily send a message that attacks other users:
<p><script>/* Bad stuff here... */</script></p>
3. DOM-based XSS
DOM-based XSS (also known as DOM XSS) arises when an application contains
some client-side JavaScript that processes data from an untrusted source in an unsafe
way, usually by writing the data back to the DOM.
In the following example, an application uses some JavaScript to read the value from
an input field and write that value to an element within the HTML:
var search = document.getElementById('search').value;

var results = document.getElementById('results');
results.innerHTML = 'You searched for: ' + search;
If the attacker can control the value of the input field, they can easily construct a
malicious value that causes their own script to execute:
You searched for: <img src=1 onerror='/* Bad stuff here... */'>

In a typical case, the input field would be populated from part of the HTTP request,
such as a URL query string parameter, allowing the attacker to deliver an attack using
a malicious URL, in the same manner as reflected XSS.

Practical 17
Draw various Security Topologies.

DMZ (Demilitarized Zone)

 The DMZ is a military term for ground separating two opposing forces, by agreement and for the
purpose of acting as a buffer between the two sides. A DMZ in a computer network is used in the
same way; it acts as a buffer zone between the Internet, where no controls exist, and the inner
secure network, where an organization has security policies in place . To demarcate the zones
and enforce separation, a firewall is used on each side of the DMZ. The area between these
firewalls is accessible from either the inner secure network or the Internet. The firewalls are
specifically designed to prevent access across the DMZ directly, from the Internet to the inner
secure network. Special attention should be paid to the security settings of network devices
placed in the DMZ, and they should be considered at all times to be compromised by
unauthorized use. A common industry term, hardened operating system, applies to machines
whose functionality is locked down to preserve security. This approach needs to be applied to the
machines in the DMZ, and although it means that their functionality is limited, such precautions
ensure that the machines will work properly in a less-secure environment.
Figure : DMZ Architecture

Extranet
 An extranet is an extension of a selected portion of a company's intranet to external partners. This
allows a business to share information with customers, suppliers, partners, and other trusted
groups while using a common set of Internet protocols to facilitate operations. Extranets can use
public networks to extend their reach beyond a company's own internal network, and some form
of security, typically VPN, is used to secure this channel. The use of the term extranet implies
both privacy and security. Privacy is required for many communications, and security is needed
to prevent unauthorized use and events from occurring. Both of these functions can be achieved
through the use of technologies. Proper firewall management, remote access, encryption,
authentication, and secure tunnels across public networks are all methods used to ensure privacy
and security for extranets.
VLANs
 A local area network (LAN) is a set of devices with similar functionality and similar
communication needs, typically co-located and operated off a single switch. This is the lowest
level of a network hierarchy and defines the domain for certain protocols at the data link layer for
communication. Virtual LANs use a single switch and divide it into multiple broadcast domains
and/or multiple network segments, known as trunking. This very powerful technique allows
significant network flexibility, scalability, and performance.
Trunking
 Trunking is the process of spanning a single VLAN across multiple switches. A trunk-based
connection between switches allows packets from a single VLAN to travel between switches.
VLAN 10 is implemented with one trunk and VLAN 20 is implemented by the other. Hosts on
different VLANs cannot communicate using trunks and are switched across the switch network.
Trunks enable network administrators to set up VLANs across multiple switches with minimal
effort. With a combination of trunks and VLANs, network administrators can subnet a network
by user functionality without regard to host location on the network or the need to recable
machines.

Practical 18
Demonstrate traffic analysis of

different network protocols using
Wire-shark.

Introduction
 Wireshark is a network packet analyzer. A network packet analyzer will try to capture network
packets and tries to display that packet data as detailed as possible.
 You could think of a network packet analyzer as a measuring device used to examine what’s
going on inside a network cable, just like a voltmeter is used by an electrician to examine what’s
going on inside an electric cable (but at a higher level, of course).
 In the past, such tools were either very expensive, proprietary, or both. However, with the
advent of Wireshark, all that has changed.
Wireshark is perhaps one of the best open source packet analyzers available today.
Purpose
Here are some examples people use Wireshark for:
1. Network administrators use it to troubleshoot network problems
2. Network security engineers use it to examine security problems
3. Developers use it to debug protocol implementations
4. People use it to learn network protocol internals
Beside these examples Wireshark can be helpful in many other situations too.
Capturing Packets
After downloading and installing Wireshark, you can launch it and click the name of an interface
under Interface List to start capturing packets on that interface. For example, if you want to
capture traffic on the wireless network, click your wireless interface. You can configure
advanced features by clicking Capture Options, but this isn’t necessary for now.

Figure: Wireshark Interface
As soon as you click the interface’s name, you’ll see the packets start to appear in real time.
Wireshark captures each packet sent to or from your system. If you’re capturing on a wireless
interface and have promiscuous mode enabled in your capture options, you’ll also see other the
other packets on the network.
Click the stop capture button near the top left corner of the window when you want to stop
capturing traffic.
Figure: Captured Traffic using Wireshark

Color Coding
You’ll probably see packets highlighted in green, blue, and black. Wireshark uses colors to help
you identify the types of traffic at a glance. By default, green is TCP traffic, dark blue is DNS
traffic, light blue is UDP traffic, and black identifies TCP packets with problems — for example,
they could have been delivered out-of-order.
Figure : Color coding used in Wireshark

Filtering Packets
 The most basic way to apply a filter is by typing it into the filter box at the top of the window
and clicking Apply (or pressing Enter). For example, type “dns” and you’ll
see only DNS packets. When you start typing, Wireshark will help you autocomplete your filter.
 You’ll see the full conversation between the client and the server.

 Wireshark is an extremely powerful tool, and this tutorial is just scratching the surface of what
you can do with it. Professionals use it to debug network protocol implementations, examine
security problems and inspect network protocol internals.

Practical 19
Configure your e-mail account against

various threats. i.e. spam attack,
phishing, spoofing etc.

1. Two step Authentication-
1. Sign in to your Gmail account.

2. Click Sign in & Security .
3. Under 2-Step Verification, check Allow to turn on 2-step verification.
4. This makes 2-Step Verification available for your Gmail account.
2. Never click on any link provided on the suspected mail. This will lead to provide your private
information to that site or to the sender.
3. Set priority inbox-

i. Go to settings on your Gmail.
ii. Select the inbox tab.
iii. In inbox type select priority inbox.

4. Disabling POP and IMAP

5. Creating filters
I. On any mail you want to create filter, just select it. Then click on More and select
filter messages like these.
II. Click on create filter.

III. Select any action you want to perform for them. And then click on create filter option.
IV. Now you can see a message “your filter is created”.

Practical 20
Draw diagram Host-based intrusion

detection system.

❖ Host Based Intrusion Detection (HIDS)
 A host-based intrusion detection system computer system on which it is installed to detect an

intrusion and/or misuse, and responds by logging the activity and notifying the designated
authority.
Figure : Host Based Intrusion Detection System
Advantages of HIDS
1. They can be very operating system specific and have more detailed signatures.
2. They can reduce false positive rates.
3. They can examine data after it has been decrypted.
4. They can be very application specific.
5. They can determine whether or not an alarm may impact that specific system.
Disadvantages of HIDS
1. The IDS must have a process on every system you want to watch.
2. The IDS can have a high cost of ownership and maintenance.
3. The IDS uses local system resources.

4. The IDS has a very focused view and cannot relate to activity around it.
5. The IDS, if logged locally, could be compromised or disabled.

Practical 21
Draw diagram Network-based intrusion

detection system.

❖ Network Based Intrusion Detection (NIDS)
 Network-based IDS is a system for examining network traffic to identify suspicious, malicious,
or undesirable behavior.
 NIDS has visibility only into the traffic crossing the network link it is monitoring and
typically has no idea of what is happening on individual systems.
Figure : Network Based Intrusion Detection (HIDS)
Advantages of NIDS
1. Providing IDS coverage requires fewer systems.

2. Deployment, maintenance, and upgrade costs are usually lower.
3. NIDS has visibility into all network traffic and can correlate attacks
among multiple systems
Disadvantages of NIDS
1. It is ineffective when traffic is encrypted.

2. It cannot see traffic that does not cross it.

3. It must be able to handle high volumes of traffic.

4. It doesn’t know about activity on the hosts themselves.

Practical 22
Demonstration of SQL-Injection.

❖ SQL Injection
 SQL injection is a code injection technique, used to attack data-driven

applications, in which nefarious SQL statements are inserted into an entry field
for execution.
 SQL injection is one of the most common web hacking techniques.
 SQL injection must exploit a security vulnerability in an application's software,
for example, when user input is either incorrectly filtered for string literal escape
characters embedded in SQL statements or user input is not strongly typed and
unexpectedly executed.
 SQL injection attacks allow attackers to spoof identity, tamper with existing
data, allow the complete disclosure of all data on the system, destroy the data or
make it otherwise unavailable, and become administrators of the database server.
 SQL injection usually occurs when you ask a user for input, like their
username/userid, and instead of a name/id, the user gives you an SQL statement
that you will unknowingly run on your database.
 SQL injection can generally be used to perform the following types of attacks:
1. Authentication Bypass.
2. Information Disclosure.
3. Compromised Data Integrity.
4. Compromised Availability of Data.
5. Remote Command Execution.

Practical 23
Demonstration of readymade
encryption/decryption code
code
.

Practical 23: Demonstration of readymade encryption/decryption code
#include <stdio.h>
#include <string.h>
#include <conio.h>
/*Encryption Code*/
void encrypt(char password[],int key)
{
int i;
for(i=0;i<strlen(password);++i)
{
password[i] = password[i] - key;
}
}
/*Decryption Code*/
void decrypt(char password[],int key)
{
int i;
for(i=0;i<strlen(password);++i)
{
password[i] = password[i] + key;
}
}
/*Main Function starts here*/

int main()
{
clrscr();
char password[20] ;
printf("Enter the password:\n");
scanf("%s",password);
printf("Passwrod = %s\n",password);
encrypt(password,0XAED);
printf("Encrypted value of Password is %s\n",password);
decrypt(password,0XAED);
printf("Decrypted value of Password is = %s\n",password);
getch();
}

Output

Computer and Network Security

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Computer and Network Security

Uploaded by

Copyright:

Available Formats

Computer And Network Security [3350704] Computer Engineering[Semester – 5]

K.D POLYTECHNIC COMPUTER DEPARTMENT

List and practice various “network”

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

Configure a system for various security

K.D POLYTECHNIC COMPUTER DEPARTMENT

A. Basic - Set a password

1. To add or change your password,go to User Accounts and Family Safety.

2. Select User Accounts.

K.D POLYTECHNIC COMPUTER DEPARTMENT

3. Click on Create a password for your account.

K.D POLYTECHNIC COMPUTER DEPARTMENT

B. Restricts other user accounts.

1. To restrict other user accounts, go to user accounts .

3. Click on Create New Account.

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

Configure Web browser security

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

7. Go to the password section.

8. Turn off “Autofill forms ”.

K.D POLYTECHNIC COMPUTER DEPARTMENT

9. Turn off “offer to save your web passwords”.

K.D POLYTECHNIC COMPUTER DEPARTMENT

10. Again in privacy section, click on “content setting “.

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

12.You can also turn off “allowed” in javascript.

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

Draw Diagram of DoS, backdoors/

K.D POLYTECHNIC COMPUTER DEPARTMENT

 In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator

K.D POLYTECHNIC COMPUTER DEPARTMENT

K.D POLYTECHNIC COMPUTER DEPARTMENT

Draw diagrams of sniffing, spoofing, man

K.D POLYTECHNIC COMPUTER DEPARTMENT

Figure : Sniffing the Network

K.D POLYTECHNIC COMPUTER DEPARTMENT

Figure : Man in the Middle Attack

 In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where

K.D POLYTECHNIC COMPUTER DEPARTMENT