lOMoARcPSD|31622326

Instructions for formatting file:

1.Add footer as subject name and page no. on right side.

2.Font size should be same for heading and sub heading and so on.
 Format of the lab record to be prepared by the students

The front page of the lab record prepared by the students should have a cover page as displayed
below.

NAME OF THE LAB

Paper Code
Font should be(Size 20”, italics bold, Times New Roman)

Faculty name: Student name:

Roll No.:
Semester:

Font should be (12”, Times Roman)

College logo –centre alligned

College name
Font should be (18”, Times Roman)
 Introduction to Information Security Lab

Objective
In the vast area of Information Technology, security is an important aspect as without this the
entire systems would fall. The course helps in understating the basic concepts of the Information
security from basics of wireless communication to advance VPN implementation using
simulation tools.

Lab Requirements

System Configuration:
H/W Intel i3/2 GB RAM/500GB HDD/Motherboard (LGA1150)/Lan
Detail
Card/Key Board/ Mouse/CD Drive/15” LED Monitor/ UPS

Printer:
LaserJet Printer

Operating System:
Linux (Fedora\Ubuntu\Kali), Windows
7+ Programming Tools:
S/W
Detail Codeblocks/DevC++, Java
Tools:
Winbox, Wireshark, PCAP, OPNET
 INDEX

List of experiments Page no.

1. Make an experiment to implement WEP/WPA2 PSK, 802.1x EAP security protocol.

2. To implement Firewall using Iptables/Windows Firewall.
3. Broken Authentication and Session Management
4. Implement RSA algorithm.
5. Implement DES algorithm
6. Implement Diffie-Hellman algorithm
7. Make a study of anyone simulation tool based on parameters of information security
8. Implement VPN through Packet-Tracer or any other network simulator tool.
 Experiment 1 Aim: To implement WEP/WPA 2 PSK, 802.1x EAP Security
Protocol.
Winbox is a small utility that allows administration of Mikrotik RouterOS using a fast and
simple GUI. It is a native Win32 binary, but can be run on Linux and MacOS (OSX) using Wine.
All Winbox interface functions are as close as possible to Console functions, that is why there
are no Winbox sections in the manual.
Some of advanced and system critical configurations are not possible from Winbox, like MAC
address change on an interface. Winbox loader can be downloaded directly from the router or
from the mikrotik download page. When downloading from the router, open a web browser and
enter router's IP address, RouterOS welcome page will be displayed.
Sample Instructions
1. Click on the menu item that says Winbox to download winbox.exe from MikroTik
download server.

Figure 1: Start Screen

 2. To connect to the router, enter IP or MAC address of the router, specify username and
password (if any) and click on Connect button. You can also enter the port number after
the IP address, separating them with a colon, like this 192.168.88.1:9999. The port can be
changed in RouterOS services menu.
3. You will be displayed the following screen along with the router associated and its
interface configurations.

Figure 2: List of configurations

4. Click on the Windows Tables and select “Security Profiles”. Press the “+” button to
create a WPA/WPA2 based profile. The following screen will be shown and you need to
configure the device settings such as ‘name, Pre-shared key, Ciphers, Authentication
Types etc.’ according to your requirements.
Figure 3: Configuring WEP/WPA2

5. After the configuration the following screen is shown and output displays the
configuration done in the previous step.

Figure 4: Final after configuration

 Experiment 2 Aim: To implement Firewall using
IPTables IP-tables
iptables is a command-line firewall utility that uses policy chains to allow or block traffic. When
a connection tries to establish itself on your system, iptables looks for a rule in its list to match it
to. If it doesn’t find one, it resorts to the default action.
iptables almost always comes pre-installed on any Linux distribution. To update/install it, just
retrieve the iptables package:
sudo apt-get install iptables
Following are the various IPtables sample instructions:
1. Set Iptables rules to deny the SSH from the system to any banking etc. sites.
2. Set Iptables rules to accept/allow the SSH from the system to any banking etc. sites.

3. Set Iptables rules to deny the PING from the system to any banking etc. sites.

Set Iptables rules to allow the PING from the system to any banking etc. sites.
4. Set Iptables rules to deny the TCP from port 80 from the system to any banking etc. sites.
5. Set Iptables rules to drop tcp from particular IP.
 Experiment 3

Implement bio-metric system to have physical security through different access control permissions.

Biometrics is a secure process that verifies a person’s identity based on their unique biological
characteristics, such as fingerprints or retinal scans. Biometric systems compare physical or
behavioral characteristics to verified real-world data. Authentication is confirmed when the two
samples of biometric data match.

Biometrics are commonly used to control access to physical and digital resources such as mobile
devices, computers, and physical facilities.

Biometric Verification Methods and Common Use Cases

Here are the primary methods used for biometric verification.

1. Fingerprint Recognition
Fingerprinting is a method of automatically identifying a person’s identity by comparing two
fingerprints. Fingerprint recognition is one of the most well-known biometric technologies and is
the most commonly used solution for identity verification in computer systems.

Fingerprints are commonly used because they are easier to acquire compared to other biometric
technologies, and have been in wide use for over a century.

Some common use cases of fingerprint recognition include:

● Smartphone and tablet security: Many smartphones and tablets now include fingerprint
scanners as a way to unlock the device and
● access sensitive information.
● Computer login: Some laptops and desktop computers now have fingerprint scanners built in,
allowing users to quickly and easily log into their accounts using their fingerprints.
● Physical access control: Fingerprint recognition can be used to control access to buildings,
rooms, and other secure areas.
● Payment systems: Some point-of-sale terminals and other payment systems now include
fingerprint scanners that can be used to authorize transactions.
● Border control: Fingerprint recognition is used by border control agencies to verify the identity
of travelers and ensure that they are authorized to enter the country.

2. Facial Recognition
Facial recognition software scans faces and analyzes the shape of each face. The software
analyzes the distance between elements of a face. For example, the distance between the eyes
or between the nose and chin. The software then creates a digital model of facial data. During
the authentication process, the software scans a face in real time and compares the resulting
model to other models previously stored in the database.
Facial recognition technology is used in a variety of applications, including:

● Security and surveillance: It can be used to identify and track individuals in real-time in
public spaces such as airports, train stations, and shopping centers.
● Law enforcement: It can be used by law enforcement agencies to identify suspects and track
criminals.
● Smartphone and device unlock: Many smartphones and other devices now use facial
recognition as an alternative to fingerprints or passcodes to unlock the device.
● Marketing and advertising: It can be used in digital advertising to track and analyze people’s
reactions to specific ads, and improve targeting of ads.
● Banking and finance: Facial recognition technology is used in banking and finance for identity
verification and fraud detection.

3. Eye Recognition
There are two major eye-based authentication methods:

● Retina recognition involves an examiner or sensor briefly shining a light into the user’s eye,
to reveal the distinctive pattern of blood vessels in the eye. The software builds a map of this
pattern and compares the new authentication attempt to the original.
● Iris recognition works by analyzing color rings in the iris rather than blood vessel patterns.

Common use cases of eye recognition include:

● Access control: Eye recognition can be used to grant or deny access to secure areas, such
as buildings, data centers, and other facilities.
● Law enforcement: It can be used by law enforcement agencies to quickly identify suspects
and criminals.
● Time and attendance: It can be used to accurately track employee attendance and eliminate
the need for manual sign-in sheets or punch cards.
● Mobile devices: It can be used to unlock smartphones, tablets, and other mobile devices,
providing an additional layer of security beyond traditional password-based authentication
methods.

4. Voice Recognition
Speech recognition software analyzes speech. The software then uses the length of the user’s
vocal tract and the shape of the larynx, nose and mouth to determine a unique voice, and
compares the new recording to the user’s pre-recorded voice.

Voice recognition technology is used in a variety of applications, including:

● Virtual assistants: It enables virtual assistants, such as Amazon’s Alexa, Google Assistant,
and Apple’s Siri, to respond to voice commands and perform tasks such as playing music,
setting reminders, and controlling smart home devices.
● Automotive technology: Voice recognition is used in automobiles to enable drivers to control
various systems, such as the radio and navigation, hands-free.
● Home entertainment: It is used in home entertainment systems, such as televisions and
gaming consoles, to enable users to control the device and search for content with voice
commands.
● Healthcare: It is used to transcribe and analyze speech for medical research, clinical
documentation, and patient-provider communication.

5. Hand Geometry
The hand shape recognition process analyzes and measures the shape of a user’s hand. This
method is ideal if many users need to access the system on a regular basis. It is commonly used
in airports, and has relatively high accuracy.

Common use cases of hand geometry include:

● Physical access control: Hand geometry can be used to grant or deny access to secure
areas, such as buildings, rooms, or computer systems. It can be used as a standalone
authentication method or in conjunction with other forms of authentication, such as a PIN or
card.
● Voter registration: It can be used to create a unique biometric identifier for each voter, to
ensure that each person is only able to vote once in an election.
● Employment and immigration verification: It can be used to verify the identity of job
applicants or immigrants, to ensure that they are legally authorized to work or reside in a
specific country.
● Retail and banking: It can be used as a form of identification and security in retail and
banking sectors.

6. Signature Recognition
The signature recognition process attempts to identify a user by analyzing their handwriting. It
includes two main methods of signature analysis:

● Static analysis processes – compares a scanned signature to an ink signature or another

scanned signature.
● Dynamic signature processes – analysis of behavioral characteristics exhibited by
individuals when generating a signature. Digital signature scanners are commonly used by
banking institutions and retailers.

Some common use cases of signature recognition include:

● Financial transactions: It can authenticate financial transactions, such as check or credit card
transactions, to ensure that the person signing is authorized to use the account.
● Legal documents: It can be used to authenticate the signature on legal documents, such as
contracts and deeds, to ensure that the person signing is who they claim to be.

3 Ways to Integrate Biometrics with Your Applications

Today it is easier than ever to integrate biometric authentication into applications. Let’s review
several convenient APIs and standards developers can use to add biometric authentication to a
software project.

1. WebAuthn: Driving the Biometric Revolution

Now that we have covered the main benefits and characteristics of biometric authentication, it’s
time we get familiar with WebAuthn. This is basically a relatively new W3C global stansra for
secure web authentication that’s now supported by all leading web browsers and online
platforms. WebAuthn is the driving force behind the aforementioned biometric authentication
revolution.

So what is WebAuthn all about?

WebAuthn is basically an API, developed with contributions from Microsoft and Google, that
makes it easy for web services (relying parties) to integrate strong authentication into
applications. This functionality is allowing the integration of strong authentication flows with
multiple authenticator options to answer a wide(er) range of use cases. Biometric authentication
is one of the options.

You can find many WebAuthn variations today:

● Java
● JavaScript
● Python
● Ruby
● .NET
When WebAuthn is implemented properly in the ecosystem, the server has to provide data that
binds a user to a credential, which is essentially a private-public keypair. What does this data
include? First, it has identifiers for the user and the relevant organization, commonly referred to
as the “relying party”. The website then uses the Web Authentication API to prompt the user to
create a new keypair.

Everything revolves around the publicKeyCredentialCreationOptions object, which contains

some mandatory and optional fields that the server uses to create a new user credential. Here is
a list of fields that you’ll find more often than not.

● challenge: The challenge is essentially a buffer of cryptographically random bytes generated

on the server, and is needed to prevent “replay attacks”.
● rp: This is basically a short form for a relying party, describing the organization responsible for
registering and authenticating the user. The id is always a subset of the domain currently being
run in the browser.
● user: This is information about the user currently registering. The authenticator uses the id to
associate a credential with the user. For security reasons, it’s recommended not to use PII as
the id.
● pubKeyCredParams: An object array that defines acceptable public key types. Alg – a
number described in the COSE registry. Here, -7 means the server accepts Elliptic Curve
public keys with a SHA-256 signature algorithm.
● authenticatorSelection: This is an optional object that helps relying parties make further
restrictions on the type of authenticators allowed for registration.
● timeout: The time (defined in milliseconds) that the user has to respond to a prompt for
registration. After that time limit, an error is returned.
● attestation: The attestation data that is returned from the authenticator has information that
could be used to track users.
As we’ll learn in the next sections, WebAuthn is now built into all leading tech ecosystems. It
eliminates the need for passwords by using private-public keypairs (credentials). The private one
is stored on the end-user’s device, while the public one is sent to the server along with a random
credential ID for storage. The public key is of no use without the corresponding private one,
making WebAuthn very secure.

2. Face ID for Apple Users

As the name suggests, Apple’s Face ID is an advanced face-recognition technology that
launched on the iPhone X in 2017, something that replaced its old Touch ID fingerprint scanning
system. The hardware powering this technology is the “TrueDepth camera system”, a complex
system that has cameras, sensors, and a dot projector. The face is registered as a detailed 3D
map that’s used for authentication.
Besides the trivial device unlocking functionality, Face ID is now being used by Apple to log into
iOS applications, sign into online services, and protect personal information. It’s also making
iPhones and Macbooks into potent B2B end-devices.

App developers can use valuatePolicy(_:, localizedReason:, reply:) to show the Face ID
authentication popup on a device that supports Face ID and where the user has configured Face
ID. Here’s an example of FaceID implementation with Swift:

Related: Social Logins: Is the Hype Justified?

3. Android Biometrics
The Android OS, powered by Google, is not lagging behind in the biometric front. Its
smartphones, tablets, and Chromebooks, regardless of the manufacturing company, are
powered today by face recognition and fingerprint scanning capabilities.

Here’s how it works.

First you need to use the AndroidX Biometric Library to determine compatibility:
Then, canAuthenticate() will usually return one of these outcomes:

● BIOMETRIC_SUCCESS: The device is ready to use a biometric prompt, as the hardware is

available and the user has also enrolled biometric data
● BIOMETRIC_ERROR_NONE_ENROLLED: The device has biometric capabilities, but the
user has yet to enroll their fingerprints or face.
● BIOMETRIC_ERROR_NO_HARDWARE: The device’s hardware does not support biometric
authentication.

You can also run another check to ensure enrolled biometric data:

You then follow these steps to complete the biometric implementation:

● Initiate the building of the biometric prompt

● Set PromptInfo to the message and configuration you want
● Use the calling activity and callback handlers to set up the biometric prompt
● Reopen BiometricUtil.kt
● Use the BiometricPrompt.PromptInfo.Builder builder class to generate the dialogue and
populate it with the title, subtitle, and description
● Initialize BiometricPrompt with the initBiometricPrompt() function
● To display the biometric prompt properly and bind everything together, add the BiometricUtil.kt
function
● Use the below function in your login/sign-in to use Biometric authentication

That’s how it goes on the Android side of things.

Biometric Authentication with Frontegg

Frontegg is a self-served user management platform that helps SaaS developers implement
strong authentication flows, along with other PLG-centric capabilities like billing and subscription
management, login box implementation, and more. It’s now possible to use a centralized
dashboard to manage all roles and permissions, all with just a few clicks. All of the above also
applies to biometric authentication.

Experiment 4 Aim: To Implement RSA Algorithm.

RSA algorithm is asymmetric cryptography algorithm. Asymmetric actually means that it works
on two different keys i.e. Public Key and Private Key. As the name describes that the Public Key
is given to everyone and Private key is kept private.
 An example of asymmetric cryptography:
1. A client (for example browser) sends its public key to the server and requests for some
data.
2. The server encrypts the data using client’s public key and sends the encrypted data.
3. Client receives this data and decrypts it.
Since this is asymmetric, nobody else except browser can decrypt the data even if a third party
has public key of browser. The idea of RSA is based on the fact that it is difficult to factorize a
large integer. The public key consists of two numbers where one number is multiplication of two
large prime numbers. And private key is also derived from the same two prime numbers. So, if
somebody can factorize the large number, the private key is compromised. Therefore, encryption
strength totally lies on the key size and if we double or triple the key size, the strength of
encryption increases exponentially. RSA keys can be typically 1024 or 2048 bits long, but
experts believe that 1024-bit keys could be broken in the near future. But till now it seems to be
an infeasible task.

Algorithm
Generating Public Key:
1. Select two prime numbers
a. Suppose P = 53 and Q = 59.
2. Now First part of the Public key: n = P*Q = 3127.
3. We also need a small exponent say e:
4. We need to calculate Φ(n):
a. Such that Φ(n) = (P-1) (Q-1)
b. so, Φ(n) = 3016
5. Now calculate Private Key, d:
a. d = (k*Φ(n) + 1) / e for some integer k
b. For k = 2, value of d is 2011.
Now we are ready with our – Public Key (n = 3127 and e = 3) and Private Key (d = 2011)
Now we will encrypt “HI”:
Convert letters to numbers: H = 8 and I = 9
Thus, Encrypted Data c = 89e mod n.
Thus, our Encrypted Data comes out to be 1394

Now we will decrypt 1349:

Decrypted Data = cd mod n.
Thus, our Encrypted Data comes out to be 89
8 = H and I = 9 i.e. "HI".

Sample Code
#include <math.h>
}
#include <string.h>
return 1;
#include <stdlib.h>
}
int main() {
using namespace std;
cout<< "\nENTER FIRST
PRIME NUMBER\n";
long int p, q, n, t, flag, e[100], d[100],
cin>> p;
temp[100], j, m[100], en[100], i;
flag =
char msg[100];
prime(p); if
int prime(long int);
(flag == 0) {
void ce();
cout<< "\nWRONG INPUT\
long int cd(long int);
n"; exit(1);
void encrypt();
}
void decrypt();
cout<< "\nENTER ANOTHER
int prime(long int pr)
PRIME NUMBER\n";
{ inti;
cin>> q;
j = sqrt(pr);
flag = prime(q);
for (i = 2; i<= j; i++) {
if (flag == 0 || p == q)
if (pr % i == 0) return 0;
{ cout<< "\nWRONG INPUT\
n"; exit(1);
 } }
cout<< "\nENTER MESSAGE\n"; }
fflush(stdin); }
cin>>msg; {k=k
for (i = 0; msg[i] != NULL; i++) m[i] = + t;
msg[i]; if (k % x == 0) return (k / x);
n = p * q; }
t = (p - 1) * (q - 1); }
ce(); void encrypt() {
cout<< "\nPOSSIBLE VALUES OF e AND long int pt, ct, key = e[0], k,
d ARE\n"; len; i = 0;
for (i = 0; i< j - 1; i++) cout<< e[i] << "\t" len = strlen(msg);
<< d[i] << "\n"; while (i != len)
encrypt(); {
decrypt(); pt = m[i];
return 0; pt = pt -
} 96;
void ce() k = 1;
{ int k; for (j = 0; j < key; j++)
k = 0; { k = k * pt;
for (i = 2; i< t; i++) { k = k % n;
if (t % i == 0) continue; }
flag = prime(i); temp[i] =
if (flag == 1 &&i != p &&i != q) k; ct = k + 96;
{ e[k] = i; en[i] =
flag = cd(e[k]); ct; i++;
if (flag > 0) { }
d[k] = flag; en[i] = -1;
k++; cout<< "\nTHE ENCRYPTED MESSAGE
} IS\n";
if (k == 99) break;
long int cd(long int x)
{ long int k = 1;
while (1)
 for (i = 0; en[i] != -1; i++) printf("%c", }
en[i]); pt = k +
} 96;
void decrypt() { m[i] = pt;
long int pt, ct, key = d[0], k; i i++;
= 0; }
while (en[i] != -1) m[i] = -1;
{ ct = temp[i]; cout<< "\nTHE DECRYPTED MESSAGE
k = 1; IS\n";
for (j = 0; j < key; j++) { k for (i = 0; m[i] != -1; i++) printf("%c",
= k * ct; m[i]);
k = k % n; }
Sample Input/output
 Experiment 5 Aim: Implement DES algorithm
The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National
Institute of Standards and Technology (NIST). DES is an implementation of a Feistel Cipher. It
uses 16 round Feistel structure. The block size is 64-bit. Though, key length is 64-bit, DES has
an effective key length of 56 bits, since 8 of the 64 bits of the key are not used by the encryption
algorithm (function as check bits only).

Since DES is based on the Feistel Cipher, all that is required to specify DES is −

● Round function

● Key schedule

● Any additional processing − Initial and final permutation

 Initial and Final Permutation
The initial and final permutations are straight Permutation boxes (P-boxes) that are inverses of
each other. They have no cryptography significance in DES. The initial and final permutations
are shown as follows −
 Round Function
The heart of this cipher is the DES function, f. The DES function applies a 48-bit key to the
rightmost 32 bits to produce a 32-bit output.
Expansion Permutation Box − Since right input is 32-bit and round key is a 48-bit, we first
need to expand right input to 48 bits. Permutation logic is graphically depicted in the following
illustration −

The graphically depicted permutation logic is generally described as table in DES specification
illustrated as shown −
XOR (Whitener). − After the expansion permutation, DES does XOR operation on the
expanded right section and the round key. The round key is used only in this operation.
Substitution Boxes. − The S-boxes carry out the real mixing (confusion). DES uses 8 S-boxes,
each with a 6-bit input and a 4-bit output. Refer the following illustration −

● The S-box rule is illustrated below −

● There are total of eight S-box tables. The output of all eight s-boxes is then combined in

to 32-bit section.
● Straight Permutation − The 32-bit output of S-boxes is then subjected to the straight

permutation with rule shown in the following illustration:

Key Generation
The round-key generator creates sixteen 48-bit keys out of a 56-bit cipher key. The process of
key generation is depicted in the following illustration −
 Sample Code
# include <stdio.h> # include void
<fstream> # include <string.h> # xor_tw
include <iostream> # include o();
<stdlib.h> using namespace std; void
xor_one
intkey[64]= E(int);
{ void
0,0,0,1,0,0,1,1, xor_one
0,0,1,1,0,1,0,0, D(int);
0,1,0,1,0,1,1,1, void
0,1,1,1,1,0,0,1, substitu
1,0,0,1,1,0,1,1, tion();
1,0,1,1,1,1,0,0, void
1,1,0,1,1,1,1,1, permuta
1,1,1,1,0,0,0,1 tion();
}; void
class Des keygen(
{ );
public: char *
intkeyi[16][48], total[64], Encrypt(ch
left[32], right[32], ar *); char
ck[28], *
dk[28], Decrypt(ch
expansion[48], z[48], ar *);
xor1[48], };
sub[32], void Des::IP() //Initial Permutation
p[32], {
xor2[32], int
temp[64], k=58,i
pc1[56], ;
ip[64], inv[8][8]; for(i=
0;
char final[1000]; void IP(); i<32;
void PermChoice1(); void i++)
PermChoice2(); void {
Expansion(); void inverse(); ip[i]=total[k-1];
if(k-
8>0)
k=k-
8;
else
}

k
=
5
7
;
 for( i=32; i<64; i++)
{
ip[i]=total[k-1];
if(k-
8>0)
k=k-
8;
else
}
}
void
Des::PermChoice1()
//Permutation Choice-1
{
int
k=57,i
;
for(i=
0;
i<28;
i++)
{
pc1[i]=key[k-1];
if(k-
8>0)
}

k
=
6
3
;
for( i=28; i<52; i++)
{
pc1[i]=key[k-1];
if(k-
8>0)
}

k
=
2
8
;
 for(i=52; i<56; i++) z[5]=per[4];
{ z[6]=per[2];
pc1[i]=key[k-1]; z[7]=per[27];
k=k-8; z[8]=per[14];
} z[9]=per[5];
z[10]=per[20];
} z[11]=per[9];
void Des::Expansion() //Expansion Function z[12]=per[22];
applied on `right' half z[13]=per[18];
{ z[14]=per[11];
intexp[8][6],i,j,k; z[15]=per[3];
for( i=0; i<8; i++) z[16]=per[25];
{ z[17]=per[7];
for( j=0; j<6; j++) z[18]=per[15];
{ z[19]=per[6];
if((j!=0)||(j!=5)) z[20]=per[26];
{ z[21]=per[19];
k=4*i+j; exp[i] z[22]=per[12];
[j]=right[k-1]; z[23]=per[1];
} z[24]=per[40];
if(j==0) z[25]=per[51];
{ z[26]=per[30];
k=4*i; exp[i] z[27]=per[36];
[j]=right[k-1]; z[28]=per[46];
} z[29]=per[54];
if(j==5) z[30]=per[29];
{ z[31]=per[39];
k=4*i+j; exp[i] z[32]=per[50];
[j]=right[k-1]; z[33]=per[44];
} z[34]=per[32];
} z[35]=per[47];
} z[36]=per[43];
exp[0][0]=right[31]; z[37]=per[48];
exp[7][5]=right[0]; z[38]=per[38];
z[39]=per[55];
k=0; z[40]=per[33];
for(i=0; i<8; i++) z[41]=per[52];
for(j=0; j<6; j++) z[42]=per[45];
expansion[k++]=exp[i][j]; z[43]=per[41];
} z[44]=per[49];
void Des::PermChoice2() z[45]=per[35];
{
intper[56],i,k;
for(i=0; i<28; i++) per[i]=ck[i];
for(k=0,i=28; i<56; i++) per[i]=dk[k++];
z[0]=per[13];
z[1]=per[16];
z[2]=per[10];
z[3]=per[23];
z[4]=per[0];
 z[46]=per[28]; 13,8,11,5,6,15,0,3,4,7,2,12,1,10,14,
9,
z[47]=per[31]; 10,6,9,0,12,11,7,13,15,1,3,14,5,2,8,
4,
} 3,15,0,6,10,1,13,8,9,4,5,11,12,7,2,1
4
void Des::xor_oneE(int round) //for Encrypt };
{
inti; int s5[4][16]=
for(i=0; i<48; i++) {
xor1[i]=expansion[i]^keyi[round-1][i]; 2,12,4,1,7,10,11,6,8,5,3,15,13,0,14,
9,
} 14,11,2,12,4,7,13,1,5,0,15,10,3,9,8,
6,
void Des::xor_oneD(int round) //for Decrypt 4,2,1,11,10,13,7,8,15,9,12,5,6,3,0,1
4,
{ 11,8,12,7,1,14,2,13,6,15,0,9,10,4,5,
3
inti; };
for(i=0; i<48; i++)
xor1[i]=expansion[i]^keyi[16- int s6[4][16]=
round][i]; {
} 12,1,10,15,9,2,6,8,0,13,3,4,14,7,5,1
1,
10,15,4,2,7,12,9,5,6,1,13,14,0,11,3,
8,
void Des::substitution() 9,14,15,5,2,8,12,3,7,0,4,10,1,13,11,
6,
{ 4,3,2,12,9,5,15,10,11,14,1,7,6,0,8,1
3
int s1[4][16]= };
{
14,4,13,1,2,15,11,8,3,10,6,12,5,9,0,7, int s7[4][16]=
0,15,7,4,14,2,13,1,10,6,12,11,9,5,3,8, {
4,1,14,8,13,6,2,11,15,12,9,7,3,10,5,0, 4,11,2,14,15,0,8,13,3,12,9,7,5,10,6,
1,
15,12,8,2,4,9,1,7,5,11,3,14,10,0,6,13 13,0,11,7,4,9,1,10,14,3,5,12,2,15,8,
6,
}; 1,4,11,13,12,3,7,14,10,15,6,8,0,5,9,
2,
6,11,13,8,1,4,10,7,9,5,0,15,14,2,3,1
2
int s2[4][16]= };
{
15,1,8,14,6,11,3,4,9,7,2,13,12,0,5,10, int s8[4][16]=
3,13,4,7,15,2,8,14,12,0,1,10,6,9,11,5, {
0,14,7,11,10,4,13,1,5,8,12,6,9,3,2,15, 13,2,8,4,6,15,11,1,10,9,3,14,5,0,12,
7,
13,8,10,1,3,15,4,2,11,6,7,12,0,5,14,9 1,15,13,8,10,3,7,4,12,5,6,11,0,14,9,
 2,
}; 7,11,4,1,9,12,14,2,0,6,10,13,15,3,5,
8,
2,1,14,7,4,10,8,13,15,12,9,0,3,5,6,1
1
int s3[4][16]= };
{ inta[8][6],k=0,i,j,p,q,count=0,g=0,v;
10,0,9,14,6,3,15,5,1,13,12,7,11,4,2,8,
13,7,0,9,3,4,6,10,2,8,5,14,12,11,15,1, for(i=0; i<8; i++)
13,6,4,9,8,15,3,0,11,1,2,12,5,10,14,7, {
1,10,13,0,6,9,8,7,4,15,14,3,11,5,2,12 for(j=0; j<6; j++)
}; {
a[i][j]=xor1[k++];
int s4[4][16]= }
{ }
7,13,14,3,0,6,9,10,1,2,8,5,11,12,4,15,
for( i=0; i<8; i++)
{ void Des::permutation()
p=1; q=0; {
k=(a[i][0]*2)+(a[i][5]*1); j=4; p[0]=sub[15];
while(j>0) p[1]=sub[6];
{ p[2]=sub[19];
q=q+(a[i][j]*p); p=p*2; p[3]=sub[20];
j--; p[4]=sub[28];
} p[5]=sub[11];
count=i+1; p[6]=sub[27];
switch(count) p[7]=sub[16];
{ p[8]=sub[0];
case 1: p[9]=sub[14];
v=s1[k][q]; break; p[10]=sub[22];
case 2: p[11]=sub[25];
v=s2[k][q]; break; p[12]=sub[4];
case 3: p[13]=sub[17];
v=s3[k][q]; break; p[14]=sub[30];
case 4: p[15]=sub[9];
v=s4[k][q]; break; p[16]=sub[1];
case 5: p[17]=sub[7];
v=s5[k][q]; break; p[18]=sub[23];
case 6: p[19]=sub[13];
v=s6[k][q]; break; p[20]=sub[31];
case 7: p[21]=sub[26];
v=s7[k][q]; break; p[22]=sub[2];
case 8: p[23]=sub[8];
v=s8[k][q]; break; p[24]=sub[18];
} p[25]=sub[12];
p[26]=sub[29];
intd,i=3,a[4]; p[27]=sub[5];
while(v>0) p[28]=sub[21];
{ p[29]=sub[10];
d=v%2; a[i--]=d; p[30]=sub[3];
v=v/2; p[31]=sub[24];
}
while(i>=0)
{
a[i--]=0;
}

for(i=0;
i<4;
i++)
sub[
g+
+]=a
[i];
}
}
} '
;
void Des::xor_two()
{ k
inti; e
for(i=0; i<32; i++) y
{ g
xor2[i]=left[i]^p[i]; e
} n
} (
T )
e ;
x for(iB=0,nB=0,m=0;
t m<(strlen(Text)/8); m++)
[ //Repeat for TextLenth/8 times.
i {
] for(iB=0,i=0; i<8; i++,nB++)
= {
' n=(int)Text[nB];
\ for(K=7; n>=1; K--)
0 {
char *Text=new char[1000];
void Des::inverse() strcpy(Text,Text1);
{ i=strlen(Text); int
int p=40,q=8,k1,k2,i,j; mc=0; a1=i%8;
for(i=0; i<8; i++) if(a1!=0) for(j=0; j<8-a1; j++,i++)
{ Text[i]=' ';
k1=p; B[K]=n%2; //Converting 8-
k2=q; Bytes to 64-bit Binary Format
for(j=0; j<8; j++) n/=2;
{ }
if(j%2==0) for(; K>=0; K--)
{ B[K]=0; for(K=0;
inv[i][j]=temp[k1-1]; K<8; K++,iB++)
k1=k1+8; total[iB]=B[K]; //Now `total' contains
} the 64-Bit binary format of 8-Bytes
else if(j%2!=0) }
{ IP(); //Performing initial
inv[i][j]=temp[k2-1]; permutation on `total[64]'
k2=k2+8; for(i=0; i<64; i++) total[i]=ip[i];
} //Store values of ip[64] into total[64]
}
p=p-1; for(i=0; i<32; i++) left[i]=total[i];
q=q-1; // +-->
} left[32]
} // total[64]--|
for(; i<64; i++) right[i-32]=total[i];
char * Des::Encrypt(char *Text1) // +--> right[32]
{ for(round=1; round<=16; round++)
inti,a1,j,nB,m,iB,k,K,B[8],n,t,d,round; {
 Expansion(); //Performing
expansion on `right[32]' to get
`expansion[48]'
xor_oneE(round); //Performing
XOR operation on expansion[48],z[48]
to get xor1[48]
substitution();//Perform
substitution on xor1[48] to get sub[32]
permutation();
//Performing Permutation on
sub[32] to get p[32]
xor_two(); //Performing XOR
operation on left[32],p[32] to get
xor2[32]
for(i=0; i<32; i++) left[i]=right[i];
//Dumping right[32] into left[32]
for(i=0; i<32; i++) right[i]=xor2[i];
//Dumping xor2[32] into right[32]
 } B[K]=0; for(K=0; K<8;
for(i=0; i<32; i++) temp[i]=right[i]; // K++,iB++)
Dumping -->[ swap32bit ] total[iB]=B[K]; //Now `total' contains
for(; i<64; i++) temp[i]=left[i-32]; the 64-Bit binary format of 8-Bytes
// left[32],right[32] into temp[64] }
IP(); //Performing initial
inverse(); //Inversing the bits of permutation on `total[64]'
temp[64] to get inv[8][8] for(i=0; i<64; i++) total[i]=ip[i];
/* Obtaining the Cypher-Text into //Store values of ip[64] into total[64]
final[1000]*/
k=128; for(i=0; i<32; i++) left[i]=total[i];
d=0; // +--> left[32]
for(i=0; i<8; i++) // total[64]--|
{ for(; i<64; i++) right[i-32]=total[i];
for(j=0; j<8; j++) // +--> right[32]
{ for(round=1; round<=16; round++)
d=d+inv[i][j]*k; {
k=k/2; Expansion(); //Performing
} expansion on `right[32]' to get
final[mc++]=(char)d; `expansion[48]'
k=128; xor_oneD(round);
d=0; substitution();//Perform
} substitution
} //for loop ends here on xor1[48] to get sub[32]
final[mc]='\0'; permutation();
return(final); //Performing
} Permutation on sub[32] to get
char * Des::Decrypt(char *Text1) p[32] xor_two();
{ //Performing XOR
inti,a1,j,nB,m,iB,k,K,B[8],n,t,d,round; operation on left[32],p[32] to get
char *Text=new char[1000]; xor2[32] for(i=0; i<32; i++)
unsigned char ch; left[i]=right[i];
strcpy(Text,Text1); //Dumping right[32] into left[32]
i=strlen(Text); for(i=0; i<32; i++) right[i]=xor2[i];
keygen(); //Dumping xor2[32] into right[32]
int mc=0; } //rounds end here
for(iB=0,nB=0,m=0; m<(strlen(Text)/8); for(i=0; i<32; i++) temp[i]=right[i];
m++) //Repeat for TextLenth/8 times. // Dumping -->[ swap32bit ]
{ for(; i<64; i++) temp[i]=left[i-32];
for(iB=0,i=0; i<8; i++,nB++) // left[32],right[32] into temp[64]
{
ch=Text[nB]; inverse(); //Inversing the bits
n=(int)ch;//(int)Text[nB]; of temp[64] to get inv[8][8]
for(K=7; n>=1; K--) /* Obtaining the Cypher-Text
{ into final[1000]*/
B[K]=n%2; //Converting 8- k=12
Bytes to 64-bit Binary Format 8;
n/=2; d=0;
}
for(; K>=0; K--)
 for(i=0; i<8; i++) {
{ PermChoice1();
for(j=0; j<8; j++)
{ inti,j,k=0;
d=d+inv[i][j]*k; for(i=0; i<28; i++)
k=k/2; {
} ck[i]=pc1[i];
final[mc++]=(char)d; k=128; }
d=0; for(i=28; i<56; i++)
} {
} //for loop ends here dk[k]=pc
final[mc]='\0'; 1[i]; k++;
char *final1=new char[1000]; }
for(i=0,j=strlen(Text); i<strlen(Text); intnoshift=0,round;
i++,j++) for(round=1; round<=16; round++)
final1[i]=final[j]; {
if(round==1||round==2||round==9||
roun
final1[i]='\0'; return(final);
d==16) noshift=1;
} ];
intmain() for(i=0; i<28;
{ i++)
Des d1,d2; ck[i]=ck[i+
char *str=new char[1000]; char 1];
*str1=new char[1000]; ck[27]=t;
//strcpy(str,"PHOENIX it &ece t=dk[0];
solutions."); for(i=0; i<28;
cout<<"Enter a string : "; i++)
cin>>str; dk[i]=dk[i
str1=d1.Encrypt(str); +1];
cout<<"\ni/p Text: "<<str<<endl; dk[2
cout<<"\nCypher : "<<str1<<endl; 7]=t
// ofstreamfout("out2_fil.txt"); ;
fout<<str1; fout.close(); nosh
cout<<"\no/p Text: ift--;
"<<d2.Decrypt(str1)<<endl; }
} PermChoice2
(); for(i=0;
void Des::keygen() i<48; i++)
else keyi[round-1][i]=z[i];
noshift= }
2; }
while(noshi
ft>0)
{
int
t;
t=c
k[0
Sample Input/output
 Experiment 6 Aim: Implement Diffie-Hellman algorithm
Diffie-Hellman is a way of generating a shared secret between two people in such a way that the
secret can't be seen by observing the communication. That's an important distinction: You're not
sharing information during the key exchange, you're creating a key together.
This is particularly useful because you can use this technique to create an encryption key with
someone, and then start encrypting your traffic with that key. And even if the traffic is recorded
and later analysed, there's absolutely no way to figure out what the key was, even though the
exchanges that created it may have been visible. This is where perfect forward secrecy comes
from. Nobody analysing the traffic at a later date can break in because the key was never saved,
never transmitted, and never made visible anywhere.

Figure 5: Working of Diffie Hellman Key Exchange Algorithm (source: https://i.stack.imgur.com/AEx0X.png)

Sample Code
/* This program calculates .
the Key for two persons h
{
using the Diffie-Hellman >
if(b == 1) return a;
Key exchange algorithm */ #
# i
else
i n
n cl long long int P)
cl u
u d
d e
e <
< m
st at
d h
i .
o h
>

// Power function to return value of a ^ b mod

P
long long int power(long long int a, long long
int b,
return(((long long int)pow(a, b)) % P);
}

//Driver
program int
main()
{
long long int P, G, x, a, y, b, ka, kb;

// Both the persons will be agreed upon

the
// public keys G and P
P = 23; // A prime number P is taken
printf("The value of P : %lld\n", P);

G = 9; // A primitve root for P, G is taken

printf("The value of G : %lld\n\n", G);

// Alice will choose the private key a

a = 4; // a is the chosen private key
printf("The private key a for Alice :
%lld\n", a);
x = power(G, a, P); // gets the generated
key

// Bob will choose the private key b

b = 3; // b is the chosen private key
printf("The private key b for Bob :
%lld\n\n", b);
y = power(G, b, P); // gets the generated
key

// Generating the secret key after the exchange

// of keys
ka = power(y, a, P); // Secret key for
Alice
kb = power(x, b, P); // Secret key for Bob

printf("Secret key for the Alice is :

%lld\n", ka);
printf("Secret Key for the Bob is :
%lld\n", kb);

return0;
}
Sample Input/output
 Experiment 7 Aim: Nessi2 Simulation tool based on parameters of
Information Security

NeSSi consists of three distinct components, the Graphical User Interface, the simulation
backend and the result database. Each of these modules may be run on separate machines
depending on the computational requirements; furthermore, this modular design facilitates
network security researchers using NeSSi to easily exchange

Graphical User Interface

The graphical frontend of NeSSi allows the user to create and edit network topologies, attach
runtime information, and schedule them for execution at the simulation backend. On the other
hand, finished (or even currently executing, long-running) simulations can be retrieved from the
database server and the corresponding simulation results are visualized in the GUI.

Simulation Backend

The actual simulation is performed on machine with hardware dedicated solely to this purpose,
the simulation backend. At the DAI-Labor for example, the NeSSi simulation backend runs on a
Sun XFire 4600 blade server (8 blades, 8 cores per blade). Once a session is submitted for
execution from the GUI, the simulation backend parses the desired session parameters (which
event types to log, how many runs to execute etc.), creates a corresponding simulation
environment, sets up the database connection and schedules the simulation to run as soon as the
necessary processing resources are available.

Parallel Execution Model. Simulations in large-scale networks are very costly in terms of
processing time and memory consumption. Therefore, NeSSi has been designed as a distributed
simulation, allowing the subdivision of tasks to different computers and processes in a parallel-
execution model.

Discrete Event Simulation. NeSSi² is a discrete-event-based simulation tool, which allows to

plan and to schedule time-based events such as network failures, attacks, etc.
 Simulation Result Database Server

In NeSSi, we refer to a scenario where we generate traffic via pre-defined profiles on a single
network over a certain amount of time as a session. The accurate reproduction of a session
enables users to use different detection methods or various deployments of detection units for the
same traffic data set. This allows the comparison of performance and detection efficiency of
different security framework setups.

For these purposes, we use a distributed database in which the traffic generated during a
session is stored. For each session, the agents log the traffic and detection data and send it to the
database that occurs in a simulated scenario between a start and end time. The data types to be
logged are specified by the user in the session parameters. The network model is saved in an
XML file. This network file is stored and annotated with a version number based on its hash
code in order to link a network uniquely to a session. Additionally, attack related events can be
stored in the database for evaluation purposes.

Standard Components and Plugin API

NeSSi² has been designed as a modularized application. Building on the Eclipse framework, it
uses the inherent plugin mechanism to allow users to easily extend the functionality of NeSSi²
and share it with other developers.

Often, security researchers have very specific demands regarding the protocols and features the
simulation tool needs to offer. Naturally, NeSSi² provides a rich set of basic protocols and
detection unit implementations; nevertheless, the special needs of various application areas
(wireless networks, sensor networks, MPLS etc.) necessitates a plugin API to allow the user to
adapt NeSSi² to his needs and add the functionality that is not provided by NeSSi out-of-the-box.

Hence, the NeSSi² extension API allows the creation of

● New device types with user-defined properties

● New protocols defining the behaviour of the network at runtime

 ● Application definitions, allowing dynamic behaviour to be defined, attached to a device
or link, and scheduled for execution in the simulation

Sample Instructions
Figure 6 shows the steps necessary for creating a simulation. Each step will be introduced in own
section respectively.

Figure 6: Overall NeSSi2 workflow for creating and launching a simulation.

1. As a first step a NeSSi2 project has to be created using the NeSSi2 project creation
wizard. This wizard can be accessed in two ways in the NeSSi2 GUI. One way is by the
following menu sequence: File -> New -> IP Network (Project).

Figure 7: The NeSSi2 Project Creation wizard.

 2. Create Network
a. For adding content to the created network, double click on the network. This will
cause for the network to be opened in the Network Editor. The nodes and edges of
each network are grouped in subnets. Hence, the first step of creating a network is
defining some subnets for the network. The available subnet types are listed in the
palette located on the right side of the Network Editor. Via drag and drop you can
add the subnets to the network. The location of the subnets can be changed
anytime. For selecting a single network, choose the Select tool from the palette.
For simultaneous selection of multiple subnets, use the Marquee tool from the
palette. The names of the subnets will be automatically generated.

Figure 8: Adding subnets to a network in the Network Editor

b. The next step after adding subnets to the network is to add content to the subnets. In
order to do so, double click on a subnet. This will cause for a new tab to be opened
in the Network Editor. Same as with the subnets, the palette will display a list of the
available nodes and edges. By dragging and dropping nodes, they will be added to
the network. For connecting nodes, you will have to select one of the links found in
the Connections part of the palette and then clicking on the nodes that you want to
connect.
Figure 9: A simple network of nodes and edges in a subnet. Using the Connect to Subnet option subnets can be connected to one
another

3. Create Profile
a. A profile is basically a container for a set of applications. A profile can be created
in two ways. One is by accessing the context menu in the NeSSi2 Project,
Explorer and selecting New->Profile. The other way is by the using the menu
sequence File->New->Profile in the main menu. This will open a dialog where a
name has to be entered for the profile. By pressing "Finish", the dialog will close
and a file with the .profile extension will be created in the Profiles folder of the
project. Now, applications may be added to the profile.
 Figure 10: The dialog containing a list of all available applications, divided into categories.

b. By pressing the Add... button in the newly created profile, a dialog containing a list of the
available applications will open. The applications are sorted into categories. Note that an
application may belong to several categories, so it may appear in the list several times.
The search field on top of the application list can be used to filter applications according
to their name. When selecting an application, if available, a description of the application
and its configurable parameters will appear on the right side of the dialog. By pressing
OK, the dialog will close and the selected application will be added to the profile.
Figure 11: The list of application that exist in a profile. The configuration parameters for each application

b. In the profile editor, you can configure the application that you have added to the
profile. When clicking on an application name, the parameters will be become
visible. Depending on the application, different configuration parameter will be
displayed. Once the profiles have been created, they need to be mapped into the
network nodes.
4. Create Scenario
a. A scenario is the mapping of profiles onto the nodes of a specific network. Same
as with creating profiles, the Scenario Creation wizard may be accessed through
NeSSi2 Project Explorer’s context menu (New! Scenario) or through the main
menu (File->New->Scenario). A name has to be entered for the scenario.
Figure 12: A list of the available networks will be displayed in the scenario creation wizard from which one network
maybe chosen to be associated with the scenario.

b. Adding Profiles

Figure 13: Adding Profiles

5. Create Simulation
a. A simulation specifies the scenarios that are to be simulated and the duration of a
simulation. Analogous to the creation of profiles and scenarios, a simulation can
be created in NeSSi2 Project Explorer by selecting New->Session or by selecting
File-> New ->Session the main menu.

Figure 14: The Simulation Configuration Tab in the Simulation Editor.

b. In the Simulation Configuration tab, the options for the simulation can be
configured. In the top left of the editor, in the "Simulation Termination" section,
the number of replications can be specified. By pressing the select button, you can
choose a termination condition from the list of the available ones. Once a
termination condition has been chosen, its configuration parameters will appear
on the right side of the dialog. In this example, the options for the "Fixed Number
of Runs" is an integer that explicitly specifies the number of times that the
scenarios will be simulated.
Figure 15: The Network Configuration Tab in the Simulation Editor.

6. Run Simulation
a.For executing a simulation, select the simulation file in the NeSSi2 Project Explorer
and select the "Launch Simulation" action from the simulation’s context menu. This
will send the simulation to the NeSSi2 Backend for execution. Outputs from the
NeSSi2 Backend can be viewed in the console where the backend is running. In the
GUI, a dialog will appear, which proposes switching to the Simulation Perspective.
By confirming, the Simulation Perspective will open, where the results of the
simulation execution can be viewed.
Figure 16: Viewing the results of the simulation execution in the Simulation Perspective.

b.You will have to select the executed simulation replication from the list displayed in
the Recorded Simulations view, which is located by default on the left side of the
Simulation perspective. This will cause for an editor to open where the network may
be viewed. By using the play buttons in the icons bar the simulation can be reviewed.
The speed of the simulation execution can be adjusted using the playback buttons.
When a packet is sent through a network link, the link will become green. Depending
on the amount of the packets sent, the link my become wider. When a network device
or link is selected, the values logged for that network element can be viewed in the
Statistics view.
7. Evaluating Simulations
NeSSi2 allows the simulation of various security scenarios. Additionally, there is a huge
diversity in network security evaluation metrics. Here, the developer of a detection algorithm
respectively of a special security infrastructure set-up may not only be interested in detection
rates, but also in the economical assessment of a scenario. Hence, the gathering of simulation
results and the evaluation needs to be very flexible. Here, we apply an event-based approach, the
so-called Meta Attack Events. Already included events incorporate dropped packets, infected
flows, compromised machines, unavailable services etc. Those events are stored in the database
at runtime. Events belonging to the same attack refer to a global identifier to differentiate
between the impacts of different attacks. The database associates those events with a time stamp
in the simulation as well as a device and/or transmitted packets related to that specific event.
 Experiment 8 Aim: To Implement VPN through Network Simulator Tool

SoftEther VPN can construct distributed virtual Ethernet segment. If you can make some
geologically distributed computers enable to communicate each other as if they are connected to
the single Ethernet network, using SoftEther VPN is the easiest way.

First, set up a VPN Server. Next, set up VPN Clients on each member PCs. Finally start VPN
connections on each VPN client. Then each client can use any kinds of IP-based or Ethernet-
based protocols via the VPN even if they are distributed around the world.

Sample Instructions
Step 1. Set up SoftEther VPN Server
Designate a computer in the group as the VPN Server. Set up SoftEther VPN Server on that
computer. It is very easy by using Installer and Initial Setup Wizard based GUI.

Figure 17: Set up SoftEther VPN Server

Step 2. Create Users

On the VPN Server you can add several user objects on the Virtual Hub. Each user object has a
password. After that, distribute pairs of username and password to each member of the VPN.

Figure 18: Creating Users

Step 3. Set up VPN Client on Each Member's PC

On each member's PC install SoftEther VPN Client. Enter the server address, username and
password for each PC.
If a member of the VPN is Mac OS X, iPhone or Android, set up L2TP/IPsec VPN client on
each PC instead of SoftEther VPN. Another solution is to use OpenVPN Client on Mac OS X,
iPhone or Android to connect to SoftEther VPN Server.
 Figure 19: VPN Client Setup

Step 4. Set up IP Addresses

The characteristics of SoftEther's virtual private network is exactly same to a physical Ethernet
segment. So, you should decide the IP addresses of every member PCs.
Like the physical Ethernet, the simplest way is to set up private IP addresses to each PC, for
example 192.168.0.0/24. Make sure not to overlap to physical-using private IPs.
Another solution is to use DHCP server for automated IP address allocation. You can activate
Virtual DHCP Server Function on the SoftEther VPN Server and it will distribute
192.168.30.0/24 by default.
 Figure 20: Assigning IP to Devices

Step 5. Communicate Like Physical Ethernet

Once every computerare connected to the Virtual Hub on SoftEther VPN Server, all computers
and smart-phones can now communicate mutually as if they are all connected to the single
Ethernet network. You can enjoy File Sharing protocols, Remote Printing applications, Remote
Desktop applications, SQL Database applications and any other LAN-based applications despite
the distances and differences of physical location.
Figure 21: Network Sample