Scribd
Upload
433 views

Advance Computer Security Assignment

Advance Computer Security (ACS) Individual Assignment – 40% Due Date For this assignment, student should have configure the following environment. 01. Microsoft windows 7 or later OS as host OS 02. Configure Virtual environment on Host OS 03. Create a Guest OS on virtual environment. Guest OS Must be a Linux flavour 04. Install Apache on Guest OS 05. Host a simple web page at your web server. The page name MUST be index.htm 06. Install packet sniper at Host OS

Uploaded by

Promethius
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
433 views

Advance Computer Security Assignment

Advance Computer Security (ACS) Individual Assignment – 40% Due Date For this assignment, student should have configure the following environment. 01. Microsoft windows 7 or later OS as host OS 02. Configure Virtual environment on Host OS 03. Create a Guest OS on virtual environment. Guest OS Must be a Linux flavour 04. Install Apache on Guest OS 05. Host a simple web page at your web server. The page name MUST be index.htm 06. Install packet sniper at Host OS

Uploaded by

Promethius
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

Advance Computer Security (ACS) Individual Assignment 40% Due

Date

For this assignment, student should have configure the following environment.
01. Microsoft windows 7 or later OS as host OS 02. Configure Virtual
environment on Host OS 03. Create a Guest OS on virtual environment. Guest
OS Must be a Linux flavour 04. Install Apache on Guest OS 05. Host a simple
web page at your web server. The page name MUST be index.htm 06. Install
packet sniper at Host OS

Contents
Installation.................................................................................................................. 3
Question 01................................................................................................................ 4
Answer.................................................................................................................... 4
Question 02................................................................................................................ 5
Answer.................................................................................................................... 5
Question 03................................................................................................................ 6
Answer.................................................................................................................... 6
Question 04................................................................................................................ 8
Answer.................................................................................................................... 8
Disabling the server signature............................................................................. 8
Testing Result....................................................................................................... 9
Disabling directory listening................................................................................. 9
Testing Results................................................................................................... 10
Evidence................................................................................................................... 11
Reference................................................................................................................. 12

Installation
CentOS 7 was installed in a virtual environment, and apache was installed in
CentOS 7.

Apache was added to the services

Default apache web page

My sample web page

Wireshark was used as the packet capturing software in the host machine which is a
windows 7 host.

Question 01
While running packet capture software, ping the web server and collect packets.
Inspect the packets. Identify the following fields. IPv4 Header information and
protocol information. You must describe the findings.

Answer
Figure below shows data of an ICMP packet capture by the software wireshark.
The first box shows the internet protocol version as IPv4
And the second box show the protocol used as ICMP (1)

Question 02
While running the packet capture, access the web page and collect packets
pertaining ONLY to the transaction you made. Identify the following. Three way
handshake. You must describe the findings.

Answer
The below figure shows the TCP 3 way handshake of the web server and the host
machine.
1. Fist the host machine with IP address 192.168.1.7 sends a [SYN] to the
webserver which is 192.168.1.6.
2. The webserver sends back a [ACK] as an acknowledgment of receiving the
[SYN] from the host machine.
3. The webserver also sends a new [SYN] to the host.
4. The host the sends a [ACK] to acknowledge the [SYN] sent by the webserver.
At this point the 3 way hand shake is completed

Question 03
While running the packet capture, access the following URL
URL: http://your_web_server_IP/test
Collect packets pertaining ONLY to the transaction you made. Identify the following.
Error code, server information and version information

Answer
Identifying the error code

Identifying server information and version information


HTTP v1.1
Apache 2.4.6
OS : CentOS

Question 04
Disable the following options in web server.
Retuning the server signature
Directory Listing
Limit the no of HTTP request to 1 you must show the evidence of pre and post
configurations

Answer
Disabling the server signature
Access the httpd.conf configuration file for apache

Add the lines

SeverSignature Of
ServerTokens Prod

Testing Result

The server information, OS information, version information cannot be seen

Disabling directory listening


Fist more directories were added to the webserver.
A folder with name PIC was added to the webserver and the web page is
accessing a picture from the directory to display it in the web page.
The Path to the PIC folder can be viewed as show below.

In the httpd.index configuration file the symlinks option should be modified as


follows

Save and restart th apache, and test on the directory listening.

Testing Results

The PIC folder cannot be accessed as earlier. But the picture will be accessed by the
web server to display it in the webpage.

Evidence

Packet capture of ping


PING Cap.pcapng

Packet capture of accessing the webpage


PAGE Cap.pcapng

Packet capture of ERROR page


ERROR cap.pcapng

Packet capture of version information removing


removed apache
version.pcapng

Reference
Apache Software Foundation (December 2, 2005) 'Apache HTTP Server Documentation ', pp.
[Online]. Available at: http://archive.apache.org/

You might also like