Security Lab Manual

User Manual:

Open the PDF directly: View PDF PDF.
Page Count: 52

DownloadSecurity Lab Manual
Open PDF In BrowserView PDF
RAJALAKSHMI ENGINEERING COLLEGE, THANDALAM
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

CS6711 – SECURITY LAB MANUAL
Regulations 2013
B.E. Computer Science & Engineering Course

_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

INDEX

S. NO.

TOPICS

PAGE NO.

1

Vision and Mission

3

2

PEO, PEO, CO mappings

4

3

Course Syllabus

10

4

List of Experiments

11

5

Lab Plan

12

6

Algorithms and Codings

13

7

Viva Questions

52

_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Department of Computer Science and Engineering
Vision
To promote highly ethical and innovative computer professionals through excellence in
teaching, training and research.

Mission
To produce globally competent professionals, motivated to learn the emerging
technologies and to be innovative in solving real world problems.
To promote research activities amongst the students and the members of faculty that
could benefit the society.
To impart moral and ethical values in their profession.
Programme Educational Objectives (PEOs)
PEO I
To equip students with essential background in computer science, basic electronics
and applied mathematics.
PEO II
To prepare students with fundamental knowledge in programming languages and
tools and enable them to develop applications.
PEO III
To encourage the research abilities and innovative project development in the field
of networking, security, data mining, web technology, mobile communication and also
emerging technologies for the cause of social benefit.
PEO IV
To develop professionally ethical individuals enhanced with analytical skills,
communication skills and organizing ability to meet industry requirements.

_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Programme Outcomes (POs)
(a) The graduates will demonstrate knowledge of Mathematics, Science and Engineering.
(b) The graduates will demonstrate an ability to design and conduct experiments, analyze
and interpret data.
(c) The graduates will demonstrate knowledge in C, C++ and Java programming.
(d) The graduates will demonstrate their skill in applying software engineering
methodologies in their project work.
(e) The graduates will be able to develop applications in networking using network
simulators.
(f) The graduates will be able to comprehend the concepts of security threats and
mechanisms to overcome them.
(g) The students will be able to groom themselves to the requirement of corporate
challenges.
(h) The graduates will be capable of developing web based applications in specific
verticals.
(i) The students will be able to understand and develop mobile applications and value
added services for the 3G systems.
(j) The graduates will be able to demonstrate their understanding in the emerging areas of
data mining and web mining.
(k) The graduates will be able to develop software components using emerging
technologies like JAVA, .NET, PYTHON, PERL, PHP etc.
(l) The graduates will be able to demonstrate their competitive skills among their peers.
Mapping of PEO’s with Programme Outcomes (PO’s)
PEOs
I
II
III
IV

a


b




c




d




Programme Outcomes
e
f
g
h










i

j






k


l







_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Graduate Attributes
 Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialisation for the solution of complex
engineering problems.
 Problem analysis: Identify, formulate, research literature, and analyse complex
engineering problems reaching substantiated conclusions using first principles of
mathematics, natural sciences, and engineering sciences.
 Design and development solutions: Design solutions for complex engineering
problems and design system components or processes that meet the specified needs
with appropriate consideration for public health and safety, and cultural, societal, and
environmental considerations.
 Investigation of complex anslysis: Use research-based knowledge and research
methods including design of experiments, analysis and interpretation of data, and
synthesis of the information to provide valid conclusions.
 Modern tool usage: Create, select, and apply appropriate techniques, resources, and
modern engineering and IT tools, including prediction and modelling to complex
engineering activities, with an understanding of the limitations.
 Engineer and society: Apply reasoning informed by the contextual knowledge to
assess societal, health, safety, legal, and cultural issues and the consequent
responsibilities relevant to the professional engineering practice.
 Environment and sustainability: Understand the impact of the professional
engineering solutions in societal and environmental contexts, and demonstrate the
knowledge of, and need for sustainable development.
 Ethics: Apply ethical principles and commit to professional ethics and responsibilities
and norms of the engineering practice.
 Individual and team work: Function effectively as an individual, and as a member or
leader in diverse teams, and in multidisciplinary settings.
 Communication: Communicate effectively on complex engineering activities with the
engineering community and with t h e society at large, such as, being able to
comprehend and write effective reports and design documentation, make effective
presentations, and give and receive clear instructions.
 Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a
member and leader in a team, to manage projects and in multidisciplinary
environments.

_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

 Lifelong learning: Recognise the need for, and have the preparation and ability to
engage in independent and life-long learning in the broadest context of technological
change.

Mapping of Graduate Attributes with Programme Outcomes (PO’s)
GA
1
2
3
4
5
6
7
8
9
10
11
12

a


b



c

d

Programme Outcomes
e
f
g
h














j






i




































l

















k




































_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Course Objectives
1. Be exposed to the different cipher techniques.

2. Learn to implement the algorithms DES, RSA, MD5, SHA-1.
3. Have hands on experience to perform wireless security audit on access points.
4. Learn to use network security tools like GnuPG, Kismet, Snort.
5. Be familiar with firewall configuration.

Mapping of Course Objectives with Programme Outcomes
COs
1
2
3
4
5

a


b

c













d

Programme Outcomes
e
f
g
h













i



j

k


l












Mapping of Course Objectives with Programme Educational Objectives (PEO’s)
COs
1
2
3
4
5

I





Programme Educational Objectives
II
III








IV





_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Course Outcomes
On completion of this course:
a. Students are able to solve different cipher techniques.
b. Students are able to implement cryptographic algorithms.
c. Students are able to perform wireless security audit of access points.
d. Students are able to use various network security tools.
e. Students are able to configure firewalls.

Mapping of Course Objectives with Course Outcomes
Course Outcomes

COs

a



1
2
3
4
5

b




c

d

e









Mapping of Course Outcomes with Programme Outcomes (PO’s)
COs
a
b
c
d
e

a





b




c






d

Programme Outcomes
e
f
g
h













i

j

k





l






_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Mapping of Course Outcomes with Programme Educational Objectives (PEO’s)
COs

Programme Educational Objectives
II
III










I





a
b
c
d
e

IV





Mapping of Graduate Attributes with Course Outcomes (CO’s)
GAs
1
2
3
4
5
6
7
8
9
10
11
12

a




b




Course Outcomes
c
d






























e










_________________________________________________________________________
Prepared by:
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

CS6711

SECURITY LABORATORY

LT PC
0032

OBJECTIVES:
The student should be made to:
 -Be exposed to the different cipher techniques
 -Learn to implement the algorithms DES, RSA,MD5,SHA-1
 -Learn to use network security tools like GnuPG, KF sensor, Net Strumbler
LIST OF EXPERIMENTS:
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES
concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence – row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
5 Implement the SIGNATURE SCHEME - Digital Signature Standard
6.Demonstrate how to provide secure data storage, secure data transmission and for
creating
digital signatures (GnuPG).
7.Setup a honey pot and monitor the honeypot on network (KF Sensor)
8.Installation of rootkits and study about the variety of options
9.Perform wireless audit on an access point or a router and decrypt WEP and WPA.( Net
Stumbler)
10.Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45 PERIODS
LIST OF EQUIPMENT FOR A BATCH OF 30 STUDENTS:
SOFTWARE:
C / C++ / Java or equivalent compiler
GnuPG, KF Sensor or Equivalent, Snort, Net Stumbler or Equivalent
HARDWARE:
Standalone desktops- 30 Nos.
(or)
Server supporting 30 terminals or more.

_________________________________________________________________________
Prepared by:
10
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

LIST OF EXPERIMENTS
1. Write a C program to implement Caesar Cipher.
2. Write a C program to implement Playfair Cipher.
3. Write a C program to implement Hill Cipher.
4. Write a C program to implement Vigenere Cipher.
5. Write a C program to implement Rail Fence Technique.
6. Write a C program to implement DES Technique.
7. Write a C program to implement RSA Technique.
8. Write a C program to implement Diffie-Hellman Key Exchange.
9. Write a C program to implement MD5 Hash Technique.
10. Write a C program to implement SHA-1 Hash Technique.
11. Write a C program to implement Digital Signature Scheme.
12. Demonstrate secure data transmission using GnuPG.
13. To setup Honeypot and monitor in network using Honeyd.
14. Install rootkits and study various options.
15. Perform wireless audit on access point or router and decrypt WEP and WPA using
Kismet.
16. Demonstrate firewalls using Iptables.

Software Details:
Operating System – Fedora 22 Linux distribution with kernel version 4.1.3
Tools - kismet-0.0.2013.03.R1-4.fc22.i686
gnupg-1.4.19-1.fc22.i686
honeyd-1.5c-21.fc20.i686
iptables-1.4.21-14.fc22.i686

_________________________________________________________________________
Prepared by:
11
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

LAB PLAN
S. No.

Name of the Experiment

1

Caesar Cipher implementation

2

Playfair Cipher implementation

3

Hill Cipher implementation

4

Vigenere Cipher implementation

5
6

Rail Fence Technique
implementation
DES implementation

7

RSA implementation

8

Diffie- Hellman implementation

9

MD5 implementation

10

SHA-1 implementation

11

Digital Signature Scheme
implementation
a. Study of GnuPG
b. Secure Data Transmission using
GnuPG
a. Study of Honeyd
b. Honeypot setup & monitor using
Honeyd
Rootkits installation and its study

12
13
14
15
16

a. Study of Iptables
b. Firewall Demonstration using
Iptables
a. Study of Snort IDS
b. Demonstration of Snort IDS

Batch I

Batch II

*
*

* Denotes Content Beyond Syllabus

_________________________________________________________________________
Prepared by:
12
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

CAESAR CIPHER
Aim:
To write a C program to implement Caesar Cipher technique.
Algorithm:
1. Declare two arrays to store plaintext and ciphertext
2. Prompt the user to enter plaintext
3. Loop till the end-of line marker comes
a. get one plaintext character & put the same in plaintext[] array and increment i
b. apply caesar 3 key shift cipher on the character and store in ciphertext[] array and
increment x.
4. Print the ciphertext
Program Code:
#include 
int main()
{
char plaintext[100]={0}, ciphertext[100]={0};
int c;
printf("Plaintext:");
while((c=getchar()) != '\n')
{
static int x=0, i=0;
plaintext[i++]=(char)c;
ciphertext[x++]=(char)(c+3);
}
printf("Cipher text:");
printf("%s\n",ciphertext);
return 0;
}
Output:
[root@localhost security lab]# gcc caes.c -o caesar
[root@localhost security lab]# ./caesar
Plaintext: abc
Cipher text: def
_________________________________________________________________________
Prepared by:
13
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

PLAY FAIR CIPHER
Aim:
To write a C program to implement Playfair Cipher technique.
Algorithm:
1. Initialize the contents of the table to zero.
2. Get the length of the key
3. Get the key string from the user.
4. Insert each element of the key into the table.
5. Fill the remaining entries of the table with the character not already entered into the
table.
6. Enter the length of the plaintext.
7. Get the plaintext string.
8.
Program Code:
#include
int check(char table[5][5],char k)
{
int i,j;
for(i=0;i<5;++i)
for(j=0;j<5;++j)
{
if(table[i][j]==k)
return 0;
}
return 1;
}
void main()
{
int i,j,key_len;
char table[5][5];
for(i=0;i<5;++i)
for(j=0;j<5;++j)
table[i][j]='0';
printf("**********Playfair Cipher************\n\n");
_________________________________________________________________________
Prepared by:
14
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

printf("Enter the length of the Key. ");
scanf("%d",&key_len);
char key[key_len];
printf("Enter the Key. ");
for(i=-1;ikey_len)
goto l1;
flag=check(table,key[count]);
++count;
}// end of while
table[i][j]=key[(count-1)];
}// end of inner for
}// end of outer for
l1:printf("\n");
int val=97;

_________________________________________________________________________
Prepared by:
15
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

//inserting other alphabets
for(i=0;i<5;++i)
{
for(j=0;j<5;++j)
{
if(table[i][j]>=97 && table[i][j]<=123)
{}
else
{
flag=0;
while(flag!=1)
{
if('j'==(char)val)
++val;
flag=check(table,(char)val);
++val;
}// end of while
table[i][j]=(char)(val-1);
}//end of else
}// end of inner for
}// end of outer for
printf("The table is as follows:\n");
for(i=0;i<5;++i)
{
for(j=0;j<5;++j)
{
printf("%c ",table[i][j]);
}
printf("\n");
}
int l=0;
_________________________________________________________________________
Prepared by:
16
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

printf("\nEnter the length of plain text.(without spaces) ");
scanf("%d",&l);
printf("\nEnter the Plain text. ");
char p[l];
for(i=-1;i
void main()
{
int l,i,j,temp1;
int k[3][3], p[3][1], c[3][1];
char ch;
printf("\nThe cipher has a key of length 9. ie. a 3*3 matrix.\nEnter the 9 character key. ");
for(i=0;i<3;++i)
{
for(j=0;j<3;++j)
{
scanf("%c",&ch);
if(65<=ch && ch<=91)
k[i][j]=(int)ch%65;
else
k[i][j]=(int)ch%97;
}
}
for(i=0;i<3;++i)
{
for(j=0;j<3;++j)
{
printf("%d ",k[i][j]);
}
printf("\n");
}
printf("\nEnter the length of string to be encoded(without spaces). ");
scanf("%d",&l);
_________________________________________________________________________
Prepared by:
21
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

temp1=check(l);
if(temp1>0)
printf("You have to enter %d bogus characters.",temp1);
char pi[l+temp1];
printf("\nEnter the string. ");
for(i=-1;i0)
{
count=0;
for(i=flag;i
void main()
{
int I, kl, pl;
char p[pl], k[kl];
printf("Enter the length of the key stream. ");
scanf("%d",&kl);
printf("Enter the length of the plain text stream.(Without spaces) ");
scanf("%d",&pl);
printf("\nEnter the Key. ");
for(i=-1;i
#include
void main()
{
int i,j,k=0,l=0,m=0;
char s[20],a[10],b[10];
printf("enter a string:");
scanf("%s",s);
for(i=0;i
#include
#include
#include
long int p,q,n,t,flag,e[100],d[100],temp[100],j,m[100],en[100],i;
char msg[100];
int prime(long int);
void ce();
long int cd(long int);
void encrypt();
void decrypt();
void main()
{
printf("\nENTER FIRST PRIME NUMBER\n");
scanf("%d",&p);
flag=prime(p);
if(flag==0) {
printf("\nWRONG INPUT\n");
getchar();
exit(1);
_________________________________________________________________________
Prepared by:
29
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

}
printf("\nENTER ANOTHER PRIME NUMBER\n");
scanf("%d",&q);
flag=prime(q);
if(flag==0||p==q) {
printf("\nWRONG INPUT\n");
getchar();
exit(1);
}
printf("\nENTER MESSAGE\n");
fflush(stdin);
scanf("%s",msg);
for (i=0;msg[i]!=NULL;i++)
m[i]=msg[i];
n=p*q;
t=(p-1)*(q-1);
ce();
printf("\nPOSSIBLE VALUES OF e AND d ARE\n");
for (i=0;i0) {
d[k]=flag;
k++;
}
if(k==99)
break;
}
}
}
long int cd(long int x) {
long int k=1;
while(1) {
k=k+t;
if(k%x==0)
return(k/x);
}
}
void encrypt() {
_________________________________________________________________________
Prepared by:
31
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

long int pt,ct,key=e[0],k,len;
i=0;
len=strlen(msg);
while(i!=len) {
pt=m[i];
pt=pt-96;
k=1;
for (j=0;j
#include 
void main()
{
int q,alpha,xa,xb,ya,yb,ka,kb, x,y,z,count,ai[20][20];
printf("Enter a Prime Number \"q\":");
scanf("%d",&q);
printf("Enter a No \"xa\" which is lessthan value of q:");
scanf("%d",&xa);
printf("Enter a No \"xb\" which is lessthan value of q:");
scanf("%d",&xb);
for(x=0;x
#include 
#include 
void main(int argc, char *argv[])
{
EVP_MD_CTX mdctx;
const EVP_MD *md;
char input[80];
unsigned char output[EVP_MAX_MD_SIZE];
int output_len, i;
strcpy(input,argv[1]);
/* Initialize digests table */
OpenSSL_add_all_digests();
/* You can pass the name of another algorithm supported by your version of OpenSSL */
/* For instance, MD2, MD4, SHA1, RIPEMD160 etc. Check the OpenSSL documentation
for details */
md = EVP_get_digestbyname("MD5");
_________________________________________________________________________
Prepared by:
36
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

if(!md) {
printf("Unable to init MD5 digest\n");
exit(1);
}
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestUpdate(&mdctx, input, strlen(input));
/* to add more data to hash, place additional calls to EVP_DigestUpdate here */
EVP_DigestFinal_ex(&mdctx, output, &output_len);
EVP_MD_CTX_cleanup(&mdctx);
/* Now output contains the hash value, output_len contains length of output, which is 128
bit or 16 byte in case of MD5 */
printf("Digest is: ");
for(i = 0; i < output_len; i++) printf("%02x", output[i]);
printf("\n");
}
Output:
[root@localhost security lab]# gcc md5final.c -lssl -lcrypto
[root@localhost security lab]# ./a.out REC
Digest is: d6d269952320c4fb5e50f278c94a098c
[root@localhost security lab]# ./a.out IIT
Digest is: 1ce322ec4920fa4d0f5673f226fa8988

_________________________________________________________________________
Prepared by:
37
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

SHA-1
Aim:
To write a C program to implement SHA-1 hash technique.
Algorithm:
1. Get the input string from command line arguments.
2. Check if the number of arguments is not equal to 2. If so print error and return.
3. Generate hash string for argv[1] by passing it to sha1 function.
4. The value returned is stored in temp variable.
5. Loop through the contents of temp and put into buf variable.
6. Print the contents of buf variable.
Program Code:
#include 
#include 
#include 
int main(int argn, char *argv[])
{
int i = 0;
unsigned char temp[SHA_DIGEST_LENGTH];
char buf[SHA_DIGEST_LENGTH*2];
if ( argn != 2 ) {
printf("Usage: %s string\n", argv[0]);
return -1;
}
memset(buf, 0x0, SHA_DIGEST_LENGTH*2);
memset(temp, 0x0, SHA_DIGEST_LENGTH);
SHA1((unsigned char *)argv[1], strlen(argv[1]), temp);

_________________________________________________________________________
Prepared by:
38
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

for (i=0; i < SHA_DIGEST_LENGTH; i++) {
sprintf((char*)&(buf[i*2]), "%02x", temp[i]);
}
printf("SHA1 of %s is %s\n", argv[1], buf);
return 0;
}

Output:
[root@localhost security lab]# gcc sha1.c -lssl -lcrypto
[root@localhost security lab]# ./a.out REC
SHA1 of REC is 09ebb92a1478021f08e37a2ffe4ce10e8ced419f
[root@localhost security lab]#

_________________________________________________________________________
Prepared by:
39
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

DIGITAL SIGNATURE SCHEME
Aim:
To write a C program to implement digital signature scheme.
Algorithm:
1. Generate private key and public key using RSA algorithm.
2. Enable all algorithms using OpenSSL_add_all_algorithms() function.
3. Allocate empty PKEY structure to put the private key.
4. Read the private key and store in PEM format.
5. Check the read RSA private key is valid or not.
6. If valid print the details of the key.
Program Code:
#include 
#include 
#include 
#include 
#include 
#include 
int main() {
EVP_PKEY *privkey;
FILE *fp;
RSA *rsakey;
/* ---------------------------------------------------------- *
* Next function is essential to enable openssl functions
------------------------------------------------------------ */
OpenSSL_add_all_algorithms();

*

privkey = EVP_PKEY_new();
fp = fopen ("test-key.pem", "r");
PEM_read_PrivateKey( fp, &privkey, NULL, NULL);
fclose(fp);
rsakey = EVP_PKEY_get1_RSA(privkey);
if(RSA_check_key(rsakey)) {
printf("RSA key is valid.\n");
}
else {
printf("Error validating RSA key.\n");
}
_________________________________________________________________________
Prepared by:
40
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

RSA_print_fp(stdout, rsakey, 3);
PEM_write_PrivateKey(stdout,privkey,NULL,NULL,0,0,NULL);
exit(0);
}
Output:
[root@localhost security lab]# openssl genrsa -out test-key.pem 512
Generating RSA private key, 512 bit long modulus
........++++++++++++
.....++++++++++++
e is 65537 (0x10001)
[root@localhost security lab]# gcc digitalsign.c -lssl -lcrypto
[root@localhost security lab]# ./a.out
RSA key is valid.
Private-Key: (512 bit)
modulus:
00:d6:03:7a:02:19:5b:70:fb:9d:a9:f4:cc:6f:01:
35:52:48:84:b0:aa:b1:3c:5c:ab:1d:34:95:3d:bd:
fa:ca:64:ed:67:89:a2:33:83:83:2f:1f:c1:2e:9e:
d4:13:cc:df:9e:5c:1d:34:f5:60:cf:53:cd:49:01:
95:11:55:17:ef
publicExponent: 65537 (0x10001)
privateExponent:
00:af:bc:25:18:ca:27:ab:2c:02:38:48:1b:02:df:
d4:20:20:0a:4d:63:ac:ab:eb:50:5b:68:0d:50:a8:
ca:e2:1b:e3:b8:aa:41:aa:7c:5a:3e:d5:1d:82:84:
4b:d6:ea:a3:d9:0d:18:7a:d1:4d:3d:7c:65:63:18:
2e:fd:8b:eb:d1
prime1:
00:f1:89:83:42:b2:38:e6:4c:f7:1f:a7:96:76:f4:
6b:ba:33:f6:b3:ac:7f:c4:cc:28:90:78:d7:ac:76:
1b:09:b7
prime2:
00:e2:d4:0f:1a:fc:63:a5:48:92:3e:be:9c:2d:71:
17:f5:d2:aa:7a:26:58:b7:03:ab:8c:bb:da:6b:09:
3e:43:89
exponent1:
3f:3c:67:57:20:dd:f0:bd:99:bd:79:dc:d4:cb:ed:
20:54:d6:73:f7:e7:83:98:87:ce:3b:35:0b:fb:e7:
dc:45
exponent2:
1e:8a:5e:de:4b:4d:3f:5b:de:15:04:a5:12:99:3f:
98:a1:9c:c2:85:97:3c:4d:0a:34:10:b6:ff:e2:66:
b7:c1
coefficient:
76:a4:63:4d:e8:af:b3:b1:ac:81:15:13:6f:10:eb:
_________________________________________________________________________
Prepared by:
41
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

82:f9:c6:6a:b0:c6:b5:39:2e:9b:35:0a:8d:c7:38:
7d:d1
-----BEGIN PRIVATE KEY----MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEA1gN6AhlbcPudqfT
M
bwE1UkiEsKqxPFyrHTSVPb36ymTtZ4miM4ODLx/BLp7UE8zfnlwdNPVgz1PNSQGV
EVUX7wIDAQABAkEAr7wlGMonqywCOEgbAt/UICAKTWOsq+tQW2gNUKjK4hvju
KpB
qnxaPtUdgoRL1uqj2Q0YetFNPXxlYxgu/Yvr0QIhAPGJg0KyOOZM9x+nlnb0a7oz
9rOsf8TMKJB416x2Gwm3AiEA4tQPGvxjpUiSPr6cLXEX9dKqeiZYtwOrjLvaawk+
Q4kCID88Z1cg3fC9mb153NTL7SBU1nP354OYh847NQv759xFAiAeil7eS00/W94V
BKUSmT+YoZzChZc8TQo0ELb/4ma3wQIgdqRjTeivs7GsgRUTbxDrgvnGarDGtTku
mzUKjcc4fdE=
-----END PRIVATE KEY----[root@localhost security lab]#

_________________________________________________________________________
Prepared by:
42
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

SECURE DATA TRANSMISSION USING GNUPG
Aim:
To do secure data transmission using GnuPG.
Basic Workflow:
In order to encrypt the file the sender should have a private open key of the person
to whom the file is going to be sent. The open key is used by the sender to encrypt the data
and cannot be used to decrypt it. The receiver can decrypt the file using his private secret
key and a passphrase.
Algorithm:
1. Install GnuPG
2. Generate public key and private key
a. Select the algorithm for keys to be generated(RSA/DSA)
b. Set the keysize between 1024 to 4096.
c. Set validity of the key in terms of days.
d. Enter your name, email and comments.
e. Enter a secure passphrase to generate the keys finally.
3. Create a revocation certificate.
4. Import public key of receiver
5. Encrypt the data file with the option -r
6. Decrypt the encrypted data file at the receiver with option -d
Output:
[root@localhost rkhunter-1.4.2]# yum install gnupg
[root@localhost rkhunter-1.4.2]# gpg --gen-key
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
 = key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 100
_________________________________________________________________________
Prepared by:
43
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Key expires at Sat 24 Sep 2016 07:39:58 PM IST
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "
Real name: Ben
Name must be at least 5 characters long
Real name: Benedict
Email address: benedict.jn@rajalakshmi.edu.in
Comment: Message
You selected this USER-ID:
"Benedict (Message) "
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
[root@localhost ~]# gpg --gen-revoke benedict.jn@rajalakshmi.edu.in
[root@localhost ~]# gpg -r benedict.jn@rajalakshmi.edu.in topSecret.txt
[root@localhost ~]# gpg -o topSecret.txt -d topSecret.txt.gpg

_________________________________________________________________________
Prepared by:
44
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

STUDY OF HONEYPOTS
Aim:
To study the concept of honeypots and it's types.
Description:
A honeypot is a deception trap, designed to entice an attacker into attempting to
compromise the information systems in an organisation. If deployed correctly, a honeypot
can serve as an early-warning and advanced security surveillance tool, minimizing the
risks from attacks on IT systems and networks. Honeypots can also analyze the ways in
which attackers try to compromise an information system, providing valuable insight into
potential system loopholes.
Types of Honeypots:
Honeypots can be classified based on their deployment (use/action) and based on
their level of involvement. Based on deployment, honeypots may be classified as:
production honeypots and research honeypots.

Production honeypots are easy to use, capture only limited information, and are
used primarily by companies or corporations. Production honeypots are placed inside the
production network with other production servers by an organization to improve their
overall state of security. Normally, production honeypots are low-interaction honeypots,
which are easier to deploy. They give less information about the attacks or attackers than
research honeypots.

Research honeypots gather information about the motives and tactics of the Black
hat community targeting different networks. Based on design criteria, it can be classified
as- a) Pure honeypots

b) high-interaction honeypots c) low-interaction honeypots.

_________________________________________________________________________
Prepared by:
45
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Pure honeypots are full-fledged production systems. The activities of the attacker
are monitored by using a casual tap that has been installed on the honeypot's link to the
network. No other software needs to be installed. Even though a pure honeypot is useful,
stealthiness of the defense mechanisms can be ensured by a more controlled mechanism.
High-interaction honeypots imitate the activities of the production systems that
host a variety of services and, therefore, an attacker may be allowed a lot of services to
waste his time. By employing virtual machines, multiple honeypots can be hosted on a
single physical machine. Therefore, even if the honeypot is compromised, it can be restored
more quickly. In general, high-interaction honeypots provide more security by being
difficult to detect, but they are expensive to maintain. If virtual machines are not available,
one physical computer must be maintained for each honeypot, which can be exorbitantly
expensive. Example: Honeynet.
Low-interaction honeypots simulate only the services frequently requested by
attackers. Since they consume relatively few resources, multiple virtual machines can
easily be hosted on one physical system, the virtual systems have a short response time, and
less code is required, reducing the complexity of the virtual system's security. Example:
Honeyd.

Examples of Honeypots1. Deception Toolkit: DTK was the first Open Source honeypot released in 1997. It is a
collection of Perl scripts and C source code that emulates a variety of listening services. Its
primary purpose is to deceive human attackers.
2. LaBrea : This is designed to slow down or stop attacks by acting as a sticky honeypot to
detect and trap worms and other malicious codes. It can run on Windows or Unix.
3. Honeywall CDROM : The Honeywall CDROM is a bootable CD with a collection of
open source software. It makes honeynet deployments simple and
effective by automating the process of deploying a honeynet gateway known as a
Honeywall. It can capture, control and analyse all inbound and outbound honeynet activity.

_________________________________________________________________________
Prepared by:
46
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

4. Honeyd : This is a powerful, low-interaction Open Source honeypot, and can be run on
both UNIX-like and Windows platforms. It can monitor unused IPs, simulate operating
systems at the TCP/IP stack level, simulate thousands of virtual hosts at the same time, and
monitor all UDP and TCP based ports.

HONEYPOT SETUP AND MONITOR
Aim:
To setup a honeypot using honeyd in Linux machine and test from windows
machine.
Algorithm:
1. Install honeyd on one of the system.
2. Create honeyd configuration file.
3. Launch honeyd with options -d and -f after configuration files are created.
4. Ping from windows machine to the honeyd machine with it's IP address.
5. After honeyd successful deployment, check required port of honeyd machine are open
6. Use nmap to scan the open ports of honeyd machine.
7. If the required ports are open, the honeyd is functioning correctly.

Fig. A Virtual Honeypot
Output:
[root@localhost security lab]# dnf install honeyd
[root@localhost security lab]# cd /etc/
[root@localhost security lab]# vi honeyd.conf
_________________________________________________________________________
Prepared by:
47
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

create default
set default default tcp action block
set default default udp action block
set default default icmp action block
create windows
set windows personality "Microsoft Windows XP Professional SP1"
set windows default tcp action reset
add windows tcp port 135 open
add windows tcp port 139 open
add windows tcp port 445 open
set windows ethernet "00:00:24:ab:8c:12"
dhcp windows on eth0
[root@localhost security lab]# honeyd -d -f honeyd.conf
[root@localhost security lab]# nmap -p 135,139,445,1337 192.168.99.135
Starting Nmap 5.00 ( http://nmap.org ) at 2011-05-06 13:13 EDT
Interesting ports on someone (172.20.73.77):
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
1337/tcp closed waste
MAC Address: 00:00:24:26:C4:ED (Connect AS)
Nmap done: 1 IP address (1 host up) scanned in 0.37 seconds

_________________________________________________________________________
Prepared by:
48
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

STUDY OF ROOTKITS
Aim:
To study rootkits and various software to scan for it.
Description:
A rootkit is a program (or combination of several programs) designed to take
fundamental control (in Unix terms “root” access, in Windows terms “Administrator”
access) of a computer system, without authorization by the system’s owners and legitimate
managers.
Rootkit scanner is a scanning tool to ensure system is clean of nasty tools. This tool
scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
There are many different versions of rootkits that perform basically the same
function. Well known Linux rootkits include LRK, tOrn, and Adore and some
Windows Rootkits include NTROOT, NTKap, and Nullsys.
Not only are rootkits designed to hide the presence of an attacker; they are also used
to gain future administrator-level (root) access, launch distributed denial of service (ddos),
or obtain financial or confidential information. Because rootkits are designed to hide the
presence of an attacker, it is necessary to understand how a rootkit functions.
When a rootkit is installed, it overwrites many commands used on a daily basis such
as ls, ps, or netstat. By overwriting such commands, the intrusion can be masked from the
administrators.
Detecting Rootkits in Linux:
There are various tools to detect rootkits in Linux and some of these are mentioned belowZeppoo – Zeppoo allows you to detect rootkits on i386 and x86_64 architecture under
Linux, by using /dev/kmem and /dev/mem. Moreover it can also detect hidden tasks,
connections, corrupted symbols, system calls and so many other things.
Chkrootkit – chkrootkit is a tool to locally check for signs of a rootkit. It is a shell script
that checks system binaries for rootkit modification. It can also detect some well-known
LKM rootkits.

_________________________________________________________________________
Prepared by:
49
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

Rkhunter – rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits,
backdoors and possible local exploits. rkhunter is a shell script which carries out various
checks on the local system to try and detect known rootkits and malware. It also performs
checks to see if commands have been modified, if the system startup files have been
modified, and various checks on the network interfaces, including checks for listening
applications.

INSTALLATION OF ROOTKITS
Aim:
To install and explore the various options of Rkhunter rootkit scanner.
Algorithm:
1. Download rkhunter tool from https://rootkit.nl/projects/rootkit_hunter.html
or using wget from the command linehttp://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz
2. Unzip the file and install rkhunter as a root user.
3. Run the RKH updater to get the latest updates to the database
4. Setting cron job and email alerts
5. Set execute permission on the file rkhunter.sh
6. Scan the entire file system for rootkits.
Output:
[root@localhost rkhunter-1.4.2]#wget http://downloads.sourceforge.net/project/
rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz
[root@localhost rkhunter-1.4.2]# gunzip rkhunter-1.4.2.tar.gz
[root@localhost rkhunter-1.4.2]# tar xvf rkhunter-1.4.2.tar
[root@localhost rkhunter-1.4.2]# cd rkhunter-1.4.2/
[root@localhost rkhunter-1.4.2]# ./installer.sh --layout default --install
[root@localhost rkhunter-1.4.2]# /usr/local/bin/rkhunter --update
[root@localhost rkhunter-1.4.2]# /usr/local/bin/rkhunter --propupd
[root@localhost rkhunter-1.4.2]# vi /etc/cron.daily/rkhunter.sh
[root@localhost rkhunter-1.4.2]# chmod 755 /etc/cron.daily/rkhunter.sh
[root@localhost rkhunter-1.4.2]# rkhunter --check
System checks summary
=====================
_________________________________________________________________________
Prepared by:
50
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

File properties checks...
Files checked: 136
Suspect files: 0
Rootkit checks...
Rootkits checked : 383
Possible rootkits: 0
Applications checks...
All checks skipped
The system checks took: 2 minutes and 57 seconds
All results have been written to the log file: /var/log/rkhunter/rkhunter.log
One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)

_________________________________________________________________________
Prepared by:
51
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College

VIVA QUESTIONS
1. What is zero-day attacks?
2. What are rootkits?
3. What is a virus?
4. What is digital signature?
5. What is WEP and WPA?
6. What are Honeypots?
7. What are the types of Intrusion Detection System?
8. How wireless audit is done using Kismet?
9. What is message digest code?
10.How keys are exchanged in Diffie-Hellman technique?
11.Comparison of SHA1 and MD5.
12.What is playfair cipher?
13.What is Hill cipher?
14.What is Vigenere cipher?
15.What is Affine cipher?
16.What is Rail-Fence technique?
17.What is Authentication?
18.What is Authorization?
19.Compare public key and private key cryptosystem.
20.What are rules and policies?
21.What is access control?
22.What is DAC and RBAC?
23.What is avalanche affect?
24.What is confusion and diffusion?
25.What is SSH?
26.What is IPS?
27.What are the types of attacks?
29.What is a worm?
30.What is malware?
31.What is antivirus?
32.What are firewalls?

_________________________________________________________________________
Prepared by:
52
Benedict J.N. and Roxanna Samuel, C.S.E. Department, Rajalakshmi Engineering College
Source Exif Data: 
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.4
Linearized                      : No
Page Count                      : 52
Language                        : en-US
Author                          : BENEDICT JAYAPRAKASH NICHOLAS
Creator                         : Writer
Producer                        : LibreOffice 5.0
Create Date                     : 2016:06:17 11:39:16+05:30
EXIF Metadata provided by EXIF.tools

Navigation menu