User Account

All Pages

Analysis of Protocols with Wireshark

Assignment Help Computer Network Security
Reference no: EM132937185

COIT20262 Advanced Network Security - Central Queensland University

Question 1. Analysis of Protocols with Wireshark

For this question you must use virtnet (as used in the workshops) to study Internet applications with Wireshark. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and performing the attack.
Your task is to:
• Create topology 5 in virtnet where:
o node1 will be referred to as the client
o node2 will be the router
o node3 will be the server
• Start capturing packets using tcpdump on the router (node2)
• While capturing, perform the following operations in order:
1. Start netcat TCP server using assigned port on the server (node3)
2. Start netcat TCP client on the client (node1)
3. On the client (node1) type:
COIT20262 Assignment 1<press ENTER>
My ID is <type in your actual student ID><press ENTER>
4. On the server (node3) type:
Hello <type in your actual student ID>. I am the server.<press ENTER>
5. On the client (node1) type:
Goodbye server.<press ENTER>
<Ctrl-D>
You need to perform steps 3-5 in the correct sequence, switching from client to server to client.
• Stop the capture and save the file as netcat.pcap
Server port numbers must be assigned based on the last three (3) digits of your student ID, xyz, as defined below. Examples are given for a student ID of 12345678.
• For netcat TCP server use port 6xyz. Example port: 6678
After performing and understanding the above steps, answer the following sub-questions

(a) Submit your capture file as netcat.pcap on Moodle. The single file must contain all packets of the TCP exchange using your assigned port and using your ID and name.

(b) Draw a message sequence diagram that illustrates all the TCP packets generated by using netcat (do not draw any packets generated by other applications or protocols, such

as ARP, DNS or SSH). A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale.

(c) Based on your capture only, identify the following information, and give the packet that the information is found in. If the information is found in multiple packets, give the first packet from the capture. For example, if the information is found in packet numbers 3, 5 and 7, you would give the packet as 3.

Question 2. Web Application Attacks

Use virtnet, perform an SQL injection attack on the demo grading website. The general steps for performing an SQL injection attack with virtnet are described at:
However you must follow these specific steps when performing the attack:
1. Before performing the attack, add two new student users to the database with the following details:
a. New student 1: username is your ID, password is your ID
b. New student 2: username is 12037777, password is hacker
2. For both of the new students add the following courses and grades:
a. New student 1: coit20262, D
b. New student 1: coit20263, C
c. New student 2: coit20262, HD
d. New student 2: coit20263, F
3. Perform the SQL injection attack as new student 2, i.e. logged in as 12037777
4. Take a screenshot of the attacker web browser showing the form the attacker uses to perform the attack. Make sure the screenshot clearly shows the fields/data entered by the attacker. Save the screenshot as screenshot-attack.png.
5. Take a screenshot of the attacker web browser showing a successful attack, i.e. the
grades of other students. Save the screenshot as screenshot-success.png.
Answer the following questions.
(a) Give a general explanation of an SQL injection attack. (This explanation should NOT reference the attack you performed in virtnet; it should be for any SQL injection attack).

(b) Explain two general approaches that can be used to avoid or minimise SQL injection attacks. (This explanation should NOT reference the attack you performed in virtnet; it should be for any SQL injection attack).

For this specific attack on www.myuni.edu:
(c) Explain the limitation/weakness in the MyUni website that allowed the SQL injection attack to be successful. In your explanation refer to the file(s) and line(s) of code, and give samples of the code in your answer.

(d) Explain what the attacker, 12037777, had to do in their web browser to perform the attack. In your explanation include the screenshot screenshot-attack.png and refer to the information shown in that screenshot.

(e) Submit your screenshot screenshot-attack.png as a separate file. That is, you must both embed the screenshot in the report AND submit the file separately. The reason for this is that it makes it easier for the marker in reading the report to have an embedded image, but sometimes the quality is hard to read (hence the additional file submission).

(f) Explain what the attacker, 12037777, could learn or gain from performing the SQL injection attack. In your explanation include the screenshot screenshot-success.png and refer to the information shown in that screenshot.

(g) Submit your screenshot screenshot-success.png as a separate file.

(h) Explain what the website developer could do to prevent this SQL injection attack. In your explanation, give exact code or steps the developer should use.

Question 3. Cryptography Concepts

A simple symmetric encryption algorithm can be written as follows:

1: Input message M and 64 bit key K
2: Divide M into 64 bit size blocks B1...Bn
3: Get first block B1 and perform bit-wise XOR with K
to produce encrypted block E1
4: Repeat
Get next block Bi and perform bit-wise XOR with
Ei-1 to produce encrypted block Ei
5: Until End of message

Based on the above algorithm, answer the following questions:

(a) Explain the weaknesses of the above algorithm if the first input block is identical to the key.

(b) Give a modified algorithm that corrects the problem(s) identified in part (a).

Question 4. Network Attacks Research

Recent progress in artificial intelligence (AI) technologies have prompted massive growth in innovation and automation and their potentialities have expanded from smart buildings, smart transportation, smart grids, smart governances to smart anything. These technologies are already being used to defend network attacks; however, they can be used maliciously. For example, DeepLocker has shown the intentional use of AI for a harmful purpose. Threat actors are constantly changing and enhancing their attack approach with a unique emphasis on the application of AI-driven techniques inside the attack process which can be used in conjunction with traditional attack techniques to cause greater damage. Your task is to study how AI technologies can be used maliciously to perform network attacks and what measures should be taken to mitigate these attacks.

You must write a short report that answers the following questions:

(a) As a network security analyst, why is it important that you have knowledge of AI- based network attacks?

(b) Select three examples of AI-based network attacks and describe them.

(c) What are the defensive strategies you can take to prevent any two of the these attacks?

You should structure your report into a section for each of the above parts.
There is no minimum/maximum length of the report. Support you finding by quoting reputable sources of information. You may draw diagrams if needed. Including pictures from other sources, or including pictures that do not help with the explanation will not gain marks and may lead to reduced marks.

You may assume the audience of the report has a similar background on network security as you. You should give sufficient technical detail to demonstrate you understand the issues.

Attachment:- Advanced Network Security.rar

Reference no: EM132937185

Questions Cloud

What is the ear for a apr with continuous compounding : What is the EAR for a 13.8% APR with continuous compounding? Express your answer as a percentage, with 3 decimals, such as 4.123 percent.
How much the client has to put up himself for the purchase : For a security, How much the client has to put up himself for this purchase transaction (if he borrows the allowable maximum loan value)?
What is the amount of the interest portion of first monthly : If the stated (nominal)annual interest rate is 12.48percent, what is the amount of the INTEREST portion of the FIRST monthly installment?
Make the statement of changes in equity for the company : Prepare the statement of changes in equity for this company for the year ended 30 June 2020. Land was revalued by $800 000 during the year.
Analysis of Protocols with Wireshark : Analysis of Protocols with Wireshark - Draw a message sequence diagram that illustrates all the TCP packets generated by using netcat (do not draw any packets
How prepare all journal entries required for a consolidation : Prepare all journal entries required for a consolidation worksheet for the preparation of the consolidated financial statements of Kumar Ltd at 30 June 2021
Prepare the statement of changes in equity for the company : Statement of Comprehensive Income & Changes in Equity, Prepare the statement of changes in equity for this company for the year ended 30 June 2020
Does president have an obligation to be concerned with issue : Rick was hired as Controller to help sort out, Does the President have an obligation to be concerned with issues beyond the survival of the firm at this point?
Information retrieval techniques problem solving task : Information Retrieval Techniques Problem Solving Task - Demonstrate data retrieval skills in the context of a data processing system

Reviews

Write a Review

Computer Network Security Questions & Answers

  Explain how to determine a systems categorization

Explain how to determine a Systems Categorization and why is this important - Determine the minimum security requirements for a system.

  Advantages of layer 3 multi-layer switch traditional router

In your opinion, what are the advantages of a layer 3 multi-layer switch over a traditional router? Complete the main portion of this assignment as outlined below. When applicable, adhere to APA formatting and reference guidelines.

  Describe routing attacks

Briefly describe what routing attacks are. Provide two examples, highlighting their main characteristics. Can you explain what are routing attacks and show the main characteristics of this attacks.

  What applications of computer networks can you identify

What other applications of computer networks can you identify that aren''t as commonplace or well-known? Identify and describe at least three uses for computer

  Chance to break a cryptosystem

Your task is to show that breaking the scheme is roughly as difficult as a brute-force attack against single DES. Suppose you have a few pairs of plaintext

  Tools and techniques for computer systems security

Prepare a comprehensive report which incorporates results of investigation, discussion, implementation and analysis - Organize your report for readability

  Analysis of a small publishing company

A small magazine publisher wishes to determine the best combination of 2-possible magazines to print for the month of July. Backyard magazine, which he has published for years, is a contant seller.

  What is the difference between a threat agent and a threat

What is the difference between a threat agent and a threat? What are the three components of the C.I.A. triangle? What are they used for

  Assignment on web server application attacks

Web Server Application Attacks

  Review critical considerations to prepare procedure guide

Review the critical considerations to prepare the procedure guide. Organize all steps necessary for a malware-free environment.

  Determine the level of necessary controls to mitigate risks

Describe how an organization determines the level of necessary controls to mitigate the risks while considering the value of its assets.

  Write udp programs to establish communication channel

Write UDP programs allowing two parties to establish a secure communication channel. For simplicity, let us call the programs "Host" and "Client", which are executed by Alice and Bob, respectively.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd