Reference no: EM133043459

ECE 4490 Computer Network Security - Clemson University

RRB

Install Fedora Core or Ubuntu under VMWARE or VirtualBox to make your own virtual machine. The grader will give you instructions as to how to use virtual machines and how to access the necessary ISO files. Use one of the designated workstations in the security laboratory. Make certain that the Linux virtual machine can access the network in the laboratory. Be certain that it allows remote sessions to be initiated using both telnet and ssh. Be certain that Wireshark is installed. Find a partner, have the partner give you access to their machine. This project needs a partner. Note that the Fedora ISO contains all the software packages you will need. This makes life much easier for you, since you will not have to search for compatible software versions and transfer them to your virtual machine. You probably will have to disable the VM firewall and activate Telnet on your Linux virtual machine. Use Wireshark to collect network traffic information for telnet and ssh sessions between the two virtual machines. See how and why ssh is more secure using data collected from live sessions. Install a VPN to connecting the two workstations in the laboratory. Choose one VPN package from the following (note that some of these may not have distributions compatible with the version of Linux you are using):
• CIPE
• TINC
• SWAN
• SSH
• OPENVPN
• TUN

Your partner needs to use a different VPN package than you do. Create scripts that allow the VPN to be started and stopped with minimal effort. In the demonstrations be prepared to start, stop, and change VPN packages. Changing VPN packages will let your partner demonstrate their VPN after you do your demo. Be able to use Wireshark to show that the VPN is active and working correctly. Have your partner use another VPN. Note that a VPN needs to have a private IP address space in order to be a VPN. Simply using passwordless ssh is not sufficient.

Report:
1. Briefly explain what you did.
2. Explain how Wireshark works.
3. Explain the security differences between telnet and ssh. Include example traces.
4. Give the filter you use in Wireshark to collect the minimal1 amount of traffic necessary to grab the password from a given insecure application.
5. Explain how your VPN works.
6. Provide startup and shutdown scripts.
7. Contrast the efficiency of the VPN you set up with the VPN your partner set up. Provide data and statistical analysis to support your claim.

Demonstration:

1. Demonstrate to the instructor proficiency in using Wireshark. Be able to collect network traffic data and filter the data to maintain the minimal amount of information needed to compromise telnet or email traffic on the network segment.

2. Use Wireshark to show the security features of your VPN.

3. Start and stop your VPN.

Hints:

1. If you plan on waiting until the weekend before the assignment is due to start working on this, please drop the course now. There is no way you will be able to do the assignments.

2. The assignments are designed to have you think. It is expected that you will have questions and ask for advice. Allow yourself, and us, time for this to be done. It is unreasonable to expect the instructors to respond with advice on the last weekend before the assignment is due.

3. Rehearse your presentation so that it can be done in 5 minutes and show that you have done all that has been requested. That will also leave time for me to ask questions.

4. This assignment is much easier than the others. You want a good grade on this to make up for issues with the later assignments.