Security Lab Manual - Print
Security Lab Manual - Print
Prepared by
V.GURUNATHAN, M.E.,
LIST OF EXPERIMENTS:
1. Implement the following SUBSTITUTION & TRANSPOSITION TECHNIQUES concepts:
a) Caesar Cipher
b) Playfair Cipher
c) Hill Cipher
d) Vigenere Cipher
e) Rail fence – row & Column Transformation
2. Implement the following algorithms
a) DES
b) RSA Algorithm
c) Diffiee-Hellman
d) MD5
e) SHA-1
3. Implement the SIGNATURE SCHEME - Digital Signature Standard
4. Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures (GnuPG).
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options
7. Perform wireless audit on an access point or a router and decrypt WEP and WPA.
(NetStumbler)
8. Demonstrate intrusion detection system (ids) using any tool (snort or any other s/w)
TOTAL: 45 PERIODS
OUTCOMES:
At the end of the course, the student should be able to
Implement the cipher techniques
Develop the various security algorithms
Use different open source tools for network security and analysis
SOFTWARE:
C / C++ / Java or equivalent compiler GnuPG, KF Sensor or Equivalent, Snort, NetStumbler or
Equivalent
HARDWARE:
Standalone desktops - 30 Nos. (or) Server supporting 30 terminals or more.
SECURITY LABORATORY
INTRODUCTION
Security means different things to different people. It is important in all protocols not just protocols
in the security area.
Security Services
Confidentiality (privacy)
Authentication (who created or sent the data)
Integrity (has not been altered)
Non-repudiation (parties cannot later deny)
Access control (prevent misuse of resources)
Availability (permanence, non-erasure)
Cryptography Terminologies
Most important concept behind network security is encryption.
Two forms of encryption:
Private (or Symmetric) Single key shared by sender and receiver.
Public-key (or Asymmetric) Separate keys for sender and receiver
Classical Techniques
Broadly falls under two categories:
1. Substitution ciphers- Each letter or groups of letters of the plaintext are replaced by
some other letter or group of letters, to obtain the cipher text.
2. Transposition ciphers-Letters of the plaintext are permuted in some form.
1.SUBSTITUTION& TRANSPOSITION TECHNIQUES
Aim:
To Write a JAVA program to generate ceaser cipher.
Algorithm :
Result:
Aim:
To Write a JAVA program to generate Playfair cipher.
Algorithm:
M O N A R
C H Y B D
E F G I/J K
L P Q S T
U V W X Z
Result:
Thus the program has been successfully executed and verified.
Ex. No: 1c.Hill Cipher
Aim:
To Write a JAVA program to generate Hill cipher.
Algorithm:
STEP 1: Start the program
STEP 2: The Hill Cipher uses matrix multiplication to encrypt a message.
STEP 3: First, you need to assign two numbers to each letter in the alphabet and also assign
numbers to space, . The key space is the set of all invertible matrices over Z26. 26 was
chosen because there are 26 characters, which solves some problems later on.
STEP 3: Encryption:
Use the table and 00 for spaces:
AB CDEF GHI J K L M N O P Q R ST U V W X Y Z
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
Consider the following message:
Herbert Yardley wrote The American Black Chamber
STEP 4: Break the message into:
herbertyar dl eywrot et he am eric an bl ac kc ha mber
Now convert letters into number-pair:
8 5 18 2 5 18 20 25 1 18 4 12 5 25 23 18 15 20 5 20 8 5 1 13 5 18 9 3 1 14 2 12 1 3
11 3 8 1 13 2 5 18
STEP 5: Now using the matrix (key)
Make the first pair a column vector (h (8) e (5)), and multiply that matrix by the key.
The ciphertext is G (7) V (22).
For the next pair r (18) b (2),
Result:
Thus the program has been successfully executed and verified.
Ex. No: 1d.VigenereCipher
Aim:
To Write a JAVA program to generate Vigenere cipher.
Algorithm:
STEP 1: Start the program
STEP 2: Simplest polyalphabetic substitution cipher. Effectively multiple caesar ciphers
STEP 3: Key is multiple letters long K = k1 k2 ... kd.ith letter specifies ith alphabet to use
STEP 4: Use each alphabet in turn .repeat from start after d letters in message
STEP 5: Decryption simply works in reverse
STEP 6: Write the plaintext out and write keyword repeated above it .use each key letter as a
Caesar cipher key encrypt the corresponding plaintext letter
STEP 7: By using math. Equation: C= E(p) = (p+ki) mod (26)
Plaintext THISPROCESSCANALSOBEEXPRESSED
Keyword CIPHERCIPHERCIPHERCIPHERCIPHE
Ciphertext VPXZTIQKTZWTCVPSWFDMTETIGAHLH
STEP 8:Terminate the program.
Source Code:
import java.io.*;
public class vignerecipher
{
public static String encrypt(String text, final String key)
{
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++)
{
char c = text.charAt(i);
if (c < 'A' || c > 'Z')
continue;
res += (char) ((c + key.charAt(j) - 2 * 'A') % 26 + 'A');
j = ++j % key.length();
}
return res;
}
public static String decrypt(String text, final String key)
{
String res = "";
text = text.toUpperCase();
for (int i = 0, j = 0; i < text.length(); i++)
{
char c = text.charAt(i);
if (c < 'A' || c > 'Z')
continue;
res += (char) ((c - key.charAt(j) + 26) % 26 + 'A');
j = ++j % key.length();
}
return res;
}
public static void main(String[] args) throws IOException
{
BufferedReader vbr=new BufferedReader(new InputStreamReader(System.in));
String key = "VIGENERECIPHER";
System.out.println(" enter the String : " );
String message = vbr.readLine();
String encryptedMsg = encrypt(message, key);
System.out.println("String: " + message);
System.out.println("Encrypted message: " + encryptedMsg);
}
}
Output:
C:\Program Files\Java\jdk1.6.0_20\bin>javac vignerecipher.java
C:\Program Files\Java\jdk1.6.0_20\bin>java vignerecipher
String: Beware the Jabberwock, my son! The jaws that bite, the claws that catch!
Encrypted message:
WMCEEIKLGRPIFVMEUGXQPWQVIOIAVEYXUEKFKBTALVXTGAFXYEVKPAGY
Decrypted message:
BEWARETHEJABBERWOCKMYSONTHEJAWSTHATBITETHECLAWSTHATCATCH
Result:
Thus the program has been successfully executed and verified.
Ex. No: 1e.Rail fence Cipher
Aim:
To Write a JAVA program to generate Rail fence cipher.
Algorithm:
String cipherText="";
String plainText="";
class RailFence
{
public static void main(String args[])throws Exception
{
RailFenceBasic rf=new RailFenceBasic();
Scanner scn=new Scanner(System.in);
int depth;
String plainText,cipherText,decryptedText;
System.out.println("Enter plain text:");
plainText=scn.nextLine();
System.out.println("Enter depth for Encryption:");
depth=scn.nextInt();
cipherText=rf.Encryption(plainText,depth);
System.out.println("Encrypted text is:\n"+cipherText);
decryptedText=rf.Decryption(cipherText, depth);
System.out.println("Decrypted text is:\n"+decryptedText);
}
}
Output:
C:\Program Files\Java\jdk1.6.0_20\bin>javac RailFence.java
C:\Program Files\Java\jdk1.6.0_20\bin>java RailFence
Result:
Thus the program has been successfully executed and verified.
2.IMPLEMENT THE FOLLOWING ALGORITHMS
Ex.No:2a.DES Algorithm:
Aim:
To Write a JAVA program to implement the DES Algorithm.
Algorithm:
STEP 1: Start the program
STEP 2: DES algorithm is designed to encipher and decipher blocks of data consisting of 64 bits
under control of a 64-bit key
STEP 3: A block to be enciphered is subjected to an initial permutation IP and then to a complex
key-dependent computation and finally to a permutation which is the inverse of the initial
permutation IP-1.
STEP 4: Permutation isan operation performed by a function, which moves an element at place j
to the place k.
STEP 5: The key-dependent computation can be simply defined in terms of a function f, called the
cipher function, and a function KS, called the key schedule.
STEP 6: First, a description of the computation.
STEP 7: Next, the use of the algorithm for decipherment.
STEP 8: Finally, a definition of the cipher function f that is given in terms of selection function Si
and permutation function P.
STEP 9: LR denotes the block consisting of the bits of L followed by the bits of R.
STEP 10: Terminate the program.
Source Code:
import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES
{
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES()
{
try {
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter message to
encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data
"+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message "+decryptedMessage);
JOptionPane.showMessageDialog(null,"Decrypted Data
"+"\n"+decryptedMessage);
}
catch(Exception e)
{
System.out.println(e);
}
}
void generateSymmetricKey()
{
try
{
Random r = new Random();
int num = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e)
{
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception
{
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
SecretKey skey = kgen.generateKey();
raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[])
{
DES des = new DES();
}
}
Output:
Result:
Thus the program has been successfully executed and verified.
Ex.No:2b.RSA Algorithm:
Aim:
To Write a JAVA program to implement the RSA Algorithm.
Algorithm:
STEP 1: Start the program
STEP 2: p and q are two prime numbers.
STEP 3: n = pq
STEP 4: m = (p-1)(q-1)
STEP 5: a is such that 1 < a < m and gcd(m,a) = 1.
STEP 6: b is such that (ab) mod m = 1.
STEP 7: a is computed by generating random positive integers and testing gcd(m,a) = 1 using the
extended Euclid‟s gcd algorithm.
STEP 8: The extended Euclid‟s gcd algorithm also computes b when gcd(m,a) = 1.
STEP 9: Message M < n.
STEP 10: Encryption key = (a,n).
STEP 11: Decryption key = (b,n).
STEP 12: Encrypt => E = Ma mod n.
STEP 13: Decrypt => M = Ebmod n.
STEP 14: Terminate the program.
Source Code:
import java.io.DataInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.util.Random;
public class rsa
{
private BigInteger p;
private BigInteger q;
private BigInteger N;
private BigInteger phi;
private BigInteger e;
private BigInteger d;
private int bitlength = 1024;
private Random r;
public rsa()
{
r = new Random();
p = BigInteger.probablePrime(bitlength, r);
q = BigInteger.probablePrime(bitlength, r);
N = p.multiply(q);
phi = p.subtract(BigInteger.ONE).multiply(q.subtract(BigInteger.ONE));
e = BigInteger.probablePrime(bitlength / 2, r);
while (phi.gcd(e).compareTo(BigInteger.ONE) > 0 && e.compareTo(phi) < 0)
{
e.add(BigInteger.ONE);
}
d = e.modInverse(phi);
}
public rsa(BigInteger e, BigInteger d, BigInteger N)
{
this.e = e;
this.d = d;
this.N = N;
}
@SuppressWarnings("deprecation")
public static void main(String[] args) throws IOException
{
rsa rsa = new rsa();
DataInputStream in = new DataInputStream(System.in);
String teststring;
System.out.println("Enter the plain text:");
teststring = in.readLine();
System.out.println("Encrypting String: " + teststring);
System.out.println("String in Bytes: "
+ bytesToString(teststring.getBytes()));
// encrypt
byte[] encrypted = rsa.encrypt(teststring.getBytes());
// decrypt
byte[] decrypted = rsa.decrypt(encrypted);
System.out.println("Decrypting Bytes: " + bytesToString(decrypted));
System.out.println("Decrypted String: " + new String(decrypted));
}
private static String bytesToString(byte[] encrypted)
{
String test = "";
for (byte b : encrypted)
{
test += Byte.toString(b);
}
return test;
}
// Encrypt message
public byte[] encrypt(byte[] message)
{
return (new BigInteger(message)).modPow(e, N).toByteArray();
}
// Decrypt message
public byte[] decrypt(byte[] message)
{
return (new BigInteger(message)).modPow(d, N).toByteArray();
}
}
Output:
$ javac rsa.java
$ java rsa
Enter the plain text:
Sanfoundry
Encrypting String: Sanfoundry
String in Bytes: 8397110102111117110100114121
Decrypting Bytes: 8397110102111117110100114121
Decrypted String: Sanfoundry
Result:
Thus the program has been successfully executed and verified.
Ex.No:2c.Diffiee –Hellman Algorithm:
Aim:
To Write a JAVA program to implement the Diffiee –Hellman Algorithm
Algorithm:
Result:
Thus the program has been successfully executed and verified.
Ex.No:2d.MD5- Algorithm:
Aim:
To Write a JAVA program to implement theMD5-Alogorithm
Algorithm:
STEP 1: Start the program.MD5 algorithm can be used as a digital signature mechanism.
STEP 2: Suppose a b-bit message as input, and that we need to find its message digest.
STEP 3: append padded bits:
– The message is padded so that its length is congruent to 448, modulo 512.
Means extended to just 64 bits shy of being of 512 bits long.
– A single “1” bit is appended to the message, and then “0” bits are appended so
that the length in bits equals 448 modulo 512.
STEP 4: append length:
– A 64 bit representation of b is appended to the result of the previous step.
– The resulting message has a length that is an exact multiple of 512 bits.
STEP 5: – Initialize MD Buffer
-A four-word buffer (A,B,C,D) is used to compute the message digest.
– Here each of A,B,C,D, is a 32 bit register.
These registers are initialized to the following values in hexadecimal:
word A: 01 23 45 67
word B: 89 ab cd ef
word C: fe dc ba 98
word D: 76 54 32 10
STEP 6: Terminate the program.
Source Code:
import java.io.*;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class md1
{
public static String getMD5(String input)
{
try
{
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] messageDigest = md.digest(input.getBytes());
BigInteger number = new BigInteger(1, messageDigest);
String hashtext = number.toString(16);
// Now we need to zero pad it if you actually want the full 32 chars.
while (hashtext.length() < 32)
{
hashtext = "0" + hashtext;
}
return hashtext;
}
catch (NoSuchAlgorithmException e)
{
throw new RuntimeException(e);
}
}
public static void main(String[] args) throws NoSuchAlgorithmException
{
try
{
BufferedReader br =new BufferedReader(new InputStreamReader(System.in));
System.out.println(" --------MD5---------");
System.out.println("enter the String to Encrypt:");
String inp=br.readLine();
System.out.println("********************* ");
System.out.println("Encrypted String: ");
System.out.println(getMD5(inp));
}
catch(Exception e)
{
System.out.println("error");
}
}
}
Output:
Result:
Thus the program has been successfully executed and verified.
Ex.No:2e.SHA-1 Algorithm:
Aim:
To Write a JAVA program to implement theSHA-1 Algorithm
Algorithm:
Program1:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class sha11
{
public static void main(String[] args) throws IOException
{
BufferedReader userInput = new BufferedReader (new InputStreamReader(System.in));
System.out.println("Enter string:");
String rawString = userInput.readLine();
try
{
System.out.println("SHA1 hash of string: " + AeSimpleSHA1.SHA1(rawString));
}
catch ( NoSuchAlgorithmException | UnsupportedEncodingException e)
{
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
Program 2:
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class AeSimpleSHA1
{
private static String convertToHex(byte[] data)
{
StringBuffer buf = new StringBuffer();
for (int i = 0; i < data.length; i++)
{
int halfbyte = (data[i] >>> 4) & 0x0F;
int two_halfs = 0;
do
{
if ((0 <= halfbyte) && (halfbyte <= 9))
buf.append((char) ('0' + halfbyte));
else
buf.append((char) ('a' + (halfbyte - 10)));
halfbyte = data[i] & 0x0F;
} while(two_halfs++ < 1);
}
return buf.toString();
}
public static String SHA1(String text)
throws NoSuchAlgorithmException, UnsupportedEncodingException
{
MessageDigest md;
md = MessageDigest.getInstance("SHA-1");
byte[] sha1hash = new byte[40];
md.update(text.getBytes("iso-8859-1"), 0, text.length());
sha1hash = md.digest();
return convertToHex(sha1hash);
}
}
Output
Result:
Thus the program has been successfully executed and verified.
Ex. No: 3.Implement the SIGNATURE SCHEME- Digital Signature Standard
Aim:
To Write a JAVA program to implement the SIGNATURE SCHEME- Digital Signature
Standard
Algorithm:
The signature is ( r, s)
Verifying
The signature scheme is correct in the sense that the verifier will always accept genuine
signatures.
This can be shown as follows:
Thus
Result:
Thus the program has been successfully executed and verified.
Ex.No: 4 DEMONSTRATE HOW TO PROVIDE SECURE DATA STORAGE,SECURE
DATA TRANSMISSION AND FOR CREATING DIGITAL SIGNATURES(GnuPG)
Aim:
Demonstrate how to provide secure data storage, secure data transmission and for creating
digital signatures using GnuPG security tool.
Introduction:
GPG, or GNU Privacy Guard, is a public key cryptography implementation. This allows
for the secure transmission of information between parties and can be used to verify that
the origin of a message is genuine.
GPG relies on a security concept known as public key encryption. The idea is that you can
split the encrypting and decrypting stages of the transmission into two separate pieces.
That way, you can freely distribute the encrypting portion, as long as you secure the
decrypting portion.
This would allow for a one-way message transfer that can be created and encrypted by
anyone, but only be decrypted by the designated user (the one with the private decrypting
key). If both of the parties create public/private key pairs and give each other their public
encrypting keys, they can both encrypt messages to each other. So in this scenario, each
party has their own private key and the other user's public key.
Another benefit of this system is that the sender of a message can "sign" the message with
their private key. The public key that the receiver has can be used to verify that the
signature is actually being sent by the indicated user.
This can prevent a third-party from "spoofing" the identity of someone. It also helps to
ensure that the message was transmitted in-full, without damage or file corruption.
Using GPG correctly can help you secure your communications with different people.
This is extremely helpful, especially when dealing with sensitive information, but also
when dealing with regular, every day messaging.
Because of the way that certain encrypted communications can be flagged by monitoring
programs, it is recommended to use encryption for everything, not just "secret" data. That
will make it more difficult for people to know when you are sending important data or just
sending a friendly hello.
Installing Gpg4win
The installation assistant will start and ask you for the language to be used with the installation
process:
Choose all the program that are run on your computer and click on[Next]
The next page displays the licensing agreement – it is only important if you wish to modify or
forward Gpg4win. If you only want to use the software, you can do this right away – without
reading the license.
click on[Next]
On the page that contains the selection of components you can decide which programs you want
to install.
A default selection has already been made for you. You can also install individual components at a
later time.
Moving your mouse cursor over a component will display a brief description. Another useful
feature is the display of required hard drive space for all selected components.
click on[Next]
The system will suggest a folder for the installation, e.g.: C:nProgrammenGNUnGnuPG
You can accept the suggestion or select a different folder for installing Gpg4win.
click on[Next]
Now you can decide which links should be installed – the system will automatically create a link
with the start menu. You can change this link later on using the Windows dashboard settings.
click on[Next]
If you have selected the default setting – link with start menu – you can define the name
of this start menu on the next page or simply accept the name.
Click on [Install]
During the installation process that follows, you will see a progress bar and information on which
file is currently being installed. You can press [ Show details ] at any time to show the installation
log.
You will see the main Kleopatra screen – the certificate administration:
Choose the first option from the dialog box then press next button.
Creating an OpenPGP certificate
In the certificate option dialog, click on [ Create personal OpenPGP key pair ].
Now enter your e-mail address and your name in the following window. Name and e-mail
address will be made publicly visible later.
You also have the option of adding a comment for the key pair. Usually this field stays empty, but
if you are creating a key for test purposes, you should enter "test" so you do not forget it is a test
key. This comment becomes part of your login name, and will become public just like your name
and e-mail address.
a revocation certificate will be generated to the screen. Copy and paste this to a secure
location, or print it for later use
hQIMA/SSveuHaifyAQ//eezAB/mFe8CTELqFvIjvcB05szK89ZXd0VUslFkTic2I
hMjb0cSJYkDRqBUJBx4FD08KnAnmcTm8PVR+SNp0aiV+6li88auftUg6gq1k1SQ4
ufMBXBWV2jcpyfXqRpvneR7UwZmCBd6yAVoYHDFgxL+AIAMMMhnxtZMToPl2grt0
zYFrtJ7qY4G6pYwe4Q9Cmn3XQVoMqFzdoCJRmxPKoNqiGByWrfrLAwIR+I4LIYqJ
EGy2Wjv6A4rNXPH3143yfyYq1MtMiI6XhvJKxky41g0x54NC7ul8Wzx40vX2r1TL
Yu7zbxs2kj4fOKp4PlWApr4V6SO/EsJcIjH3cSVinNfLXSMQ0hG8npDrP0/AjSzB
FEzJ9lsvXtSfSG0Fj6g0L7Xg6qMf8kBvOmK6MnN/x1aSRLD7EC/Tc+nQeta7TydH
Xw95nBOmWll9ruUXxIdYWjeea2+9IWHIL/gDaHLhBxCTPdoAN3UqGqqJheg8hiLt
l3Y6Yhk3WA6FdXE1Y0mG3OTZEAUUzClmxun/8JFCH5uWuaHVxHdaouvdMx7K9U7S
Njh/s4Jjww2be4e+CxaIV+1TZ6N+kau3CG6I2Dm44CEGiGTWhUbNcAHDOB6XSK70
+fRAOgi1ws0iw+qlPvM08ZSic2YoBO8zk571QXxkbmOFjHymYF7URyzR4aZ485PS
rQF8mTddzuokF5LyILZMWGIi4wz1XJ8Ut3A0JlQubdWpUZ8nGJR6vljqaRcTb2wH
7LwmivYVBT5RDzyRCXmM2Eha4ErKzcS/xw/xUXXPEhtrOwzdVWTbKFhHJz5INKxf
hIODID67VRFo9pAT4SH3E4Uz1SuUPWaNfIxTbzIwolswXDx7lJeh4RoKVd0kyF9F
Oh+HLk957dxM1OCVYnA5T/oD6S79Ym88x44pv72O
=DdwB
Result:
Thus the program has been successfully executed and verified.
Ex.No: 5 SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK
Aim:
SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK using KF
Sensor Security tool.
Algorithm:
Aim:
Rootkit is a stealth type of malicious software designed to hide the existence of certain
process from normal methods of detection and enables continued privileged access to a computer.
Algorithm :
Aim:
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only compatible with
windows, this tool also a freeware. With this program, we can search for wireless network which
open and infiltrate the network. Its having some compatibility and network adapter issues.
Algorithm:
It is highly recommended that your PC should have wireless network card in order to
access wireless router.
Now Run Netstumbler in record mode and configure wireless card.
There are several indicators regarding the strength of the signal, such as GREEN indicates
Strong, YELLOW and other color indicates a weaker signal, RED indicates a very weak
and GREY indicates a signal loss.
Lock symbol with GREEN bubble indicates the Access point has encryption enabled.
MAC assigned to Wireless Access Point is displayed on right hand pane.
The next column displays the Access points Service Set Identifier[SSID] which is useful to
crack the password.
To decrypt use Wire Shark tool by selecting Edit preferences IEEE 802.11
Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5
Adding Keys: Wireless Toolbar
If you are using the Windows version of Wireshark and you have an AirPcap adapter you can add
decryption keys using the wireless toolbar. If the toolbar isn't visible, you can show it by selecting
View->Wireless Toolbar. Click on the Decryption Keys... button on the toolbar:
This will open the decryption key management window. As shown in the window you can select
between three decryption modes: None, Wireshark, and Driver:
Other Method:NetStumbler
NetStumbler is a very simple program that allows you to detect & gather information on wireless
networks (802.11 networks). This tool is a popular tool amongst Wardrivers and Script Kiddies
because it runs on Windows, is GUI based, it gathers a lot of information along with being able to
enable a GPS mode when a receiver is attached to your device.
NetStumbler will start in a record mode and will automatically configure your wireless card, so it's
as simple as launching the tool while your wireless card is enabled.
The first thing you notice is a window with a bunch of green bubbles. The green means that the
signal is strong. Other colors include yellow which indicates a weaker signal, red for a very weak
signal and grey for signal loss. You'll also see that some APs have lock symbols in the green
bubble and others don't. The lock symbol is the first indication that the AP has encryption enabled.
Along the same column you'll notice the header or title of that column is MAC. The Media Access
Control or MAC address is a unique code assigned to networking hardware, in this case the MAC
address is referring to the address assigned to the Wireless AP (WAP). So beside the green bubble
you see the 12 character MAC address for that AP.
The next column displays that APs Service Set Identifier (SSID). The SSID is basically the name
of the AP and must be known to join. If your network is a closed network for home use only then
you don't want to broadcast the SSID. This is one of your APs configuration options. As you can
see 10 of the 11 APs are broadcasting their SSID. As far as securing your network, choosing not to
broadcast your SSID wont make or break you. It just makes it a little more difficult to crack.
The SSID column can be very useful to crackers because, they will look for an easy network to
crack. If I was looking for a target network I would immediately hone in on the AP with the SSID
linksys. The SSID linksys is the Linksys routers default SSID. I also notice that encryption has not
been enabled. At this point I could attempt to get into the APs configuration page by joining the
network and typing 192.168.1.1 in my web browser. Next, I will be asked for a user name and
password. Since everything else is set to the default settings, I can try the Linksys default
username and password. The default user name and passwords are easily found for most routers on
the internet on pages such as (http://www.phenoelit.de/dpl/dpl.html). As you can see it helps to
know which version of the Linksys router is deployed. One thing I can do is look at the Speed
column. I can see that this Linksys router is running at 11Mbps. This tells me that it is NOT an
802.11G router, which eliminates some of my options. So I would try leaving the username and
password blank then entering or leaving the username blank and typing admin for the password.
Obviously, just by joining the network a cracker can do a lot of damage, but obtaining access to the
AP
configuration tool makes things so much easier. First they can go to the logs and obtain your
personal computers MAC addresses, which can later be used maliciously with a MAC spoofing
tool. They can play a prank on you and block your computers MAC addresses from joining your
own network. Now of course this is easily solved by rebooting the router, but if you don't
understand your wireless router it might be enough to make you very frustrated and maybe even
throw your router away.
Finally, let's take a look at those APs that do have encryption enabled. One of the flaws with the
latest version of NetStumbler is that all enabled encryption is displayed as WEP. This makes
cracking a little more difficult, because a cracker wouldn't know whether to perform a WEP crack
or a try a brute-force attack on WPA. Once again this is another reason why I always say
something is better then nothing. If you have WEP use it, if you have WPA (which is downloadable
for most older routers) use it. I would need to spend a lot less time cracking the linksys AP then the
Netgear AP and thus the linksys AP would be my first choice.
NetStumbler is a very simple & easy to use auditing tool. If you would like to see how your
network stacks-up to you neighbors take NetStumbler for a spin.
Result:
Thus the program has been successfully executed and verified.
Ex.No: 8 DEMONSTRATE INTRUSION DETECTION SYSTEM (IDS) USING ANY TOOL
Aim:
Demonstrate intrusion detection system (ids) using any tool eg . snort or any other s/w
Algorithm: