Panimalar Engineering College Department of Computer Science and Engineering
Panimalar Engineering College Department of Computer Science and Engineering
Aim:
To write a program to demonstrate how to provide secure data storage, secure data
transmission and how to create digital signatures.
GnuPG Description:
GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880
GnuPG allows to encrypt and sign our data and communication, features a versatile key
management system as well as access modules for all kinds of public key directories. GnuPG,
also known as GPG, is a command line tool with features for easy integration with other
applications.
Procedure:
i) Generate the Key
1. Open GPA (GNU Privacy Assistant) from StartGPA.
2. Open Key Manager, by selecting WindowKeyring Manager.
3. Select New Key, by selecting KeysNew key.
4. Generate key by Selecting Algorithm, Key Size and specify Name, Email also check
Expires if you want to specify key expiry date and Click Ok.
5. Enter ‘passphrase’ a secret key to protect your keys. (ex: cnslab)
6. Re-enter ‘passphrase’ to confirm.
7. If the ‘passphrase’ is not strength, a dialog will be shown.Click “Take this one anyway”
if you do not want to change phrase key. Otherwise if you want to change the
“passphrase”, click “Enter new passphrase”.
8. Repeat steps 1 to 8 to create keys for another user. (Ex:[email protected])
ii) Encrypt and Sign Text
1. Open GPA (GNU Privacy Assistant) from StartGPA.
2. Type the message to encrypt and sign in Clipboard.
3. Click Encrypt, in the tool bar,
4. Select the public key of the receiver to Encrypt and for sign select the sender private key.
And click Ok.
5. Enter the ‘passphrase’ keyword of the sender.
6. The Encrypted and signed message will be shown,
7. Copy and save the encrypted message in text file.(message.txt)
iii) Decrypt and verify Message received.
1. Open GPA (GNU Privacy Assistant) from StartGPA.
2. Under Clipboard paste the content of the message.txt.
3. Click Encrypt menu in tool bar,
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
4. Enter the receivers “passphrase” to decrypt the message.
5. The Decrypted message will be shown in, GNU Privacy assistant – Clipboard.
iv) Encrypt and Sign a File
1. Create a folder SEND and copy the file to be encrypted in it(Ex:Input.txt)
2. Open GPA (GNU Privacy Assistant) from StartGPA.
3. Open the file manager by selecting, menu “Files” in toolbar,
4. Open the file “Input.txt” by clicking “Open” menu in Tool bar,
5. The select the file will be loaded in file Manager.
6. Select the file in File manager window and click Encrypt.
7. Select the Public Key of the receiver and select the sign key.
8. Enter the “passpharse” of the sender to Sign.
9. The new encrypted file(Input.txt.gpg) will be generated in the same folder contains the
extension .gpg.
10. The file Input.txt.gpg is the Encrypted and digitally signed.
v)Decrypt and Verify Encrypted Signed File
1. Copy the Encrypted file Input.txt.gpg in new folder “Receive”.
2. Open File manager, and select the file Input.txt.gpg in folder “Receive”.
3. Select the File, Input.txt.gpg in the file manager, and click Decrypt.
4. Enter the “passphrase” of the receiver, and click Ok.
5. The sender Signature will be verified, and the status is shown as valid.
6. The Decrypted file “Input.txt” will be in the folder “Receive”.
Sample Output:
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Generation of Keys:
Encryption:
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Decryption:
EX.NO: 07
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
INSTALL ROOTKITS AND STUDY VARIETY OF OPTIONS
Rootkit is a stealth type of malicious software designed to hide the existence of certain process
from normal methods of detection and enables continued privileged access to a computer.
Download Rootkit Tool.
This displays the Processes, Modules, Services, Files, Registry,
RootKit/Malwares, Autostart, CMD of local host.
Select Processes menu and kill any unwanted process if any. Modules menu
displays the various system files like .sys, .dll
Services menu displays the complete services running with Autostart, Enable,
Disable, System, and Boot.
Files menu displays full files on Hard-Disk volumes.
Registry displays Hkey_Current_user and Hkey_Local_Machine.
Rootkits/Malawares scans the local drives selected.
Autostart displays the registry base Autostart applications.
CMD allows the user to interact with command line utilities or Registry.
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
EX.NO: 08
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
SETUP A HONEY POT AND MONITOR THE HONEYPOT ON NETWORK
Honey Pot is a device placed on Computer Network specifically designed to capture malicious
network traffic.
KF Sensor is the tool to setup as honeypot when KF Sensor is running it places a siren icon in the
windows system tray in the bottom right of the screen. If there are no alerts then green icon is
displayed.
Download KF Sensor Evaluation Set File. Install with License Agreement and
appropriate directory path. Reboot the Computer now.
The KF Sensor automatically starts during windows boot Click Next to setup
wizard. Select all port classes to include and Click Next.
Send the email and Send from email enter the ID and Click Next.
Select the options such as Denial of Service [DOS], Port Activity, Proxy
Emulsion, Network Port Analyzer, Click Next.
Select Install as System service and Click Next.
Click finish.
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
EX.NO: 09
NetStumbler (also known as Network Stumbler) is a tool for windows that facilitates detection
of Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards. It is one of the Wi-
Fi hacking tool which only compatible with windows; this tool also a freeware. With this
program, we can search for wireless network which open and infiltrate the network. It’s having
some compatibility and network adapter issues.
Steps to be followed:
2. It is highly recommended that your PC should have wireless network card in order to access
wireless router
4. There are several indicators regarding the strength of the signal, such as GREEN indicates
Strong, YELLOW and other color indicates a Weaker signal, RED indicates a Very Weak and
GREY indicates a Signal Loss.
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
5. Lock symbol with GREEN bubble indicates the Access point has encryption enabled.
7. The next column displays the Access Points Service Set Identifier [SSID] which is useful to
crack the password.
In using the Windows version of Wireshark and you have an AirPcap adapter you can add
decryption keys using the wireless toolbar. If the toolbar isn’t visible, you can show it by
selecting View Wireless Toolbar. Click on Decryption keys button on the toolbar.
This will open the decryption key management window. As shown in the window you can
select between three decryption modes: None, Wireshark and Driver.
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Snort is an open source network intrusion detection system (NIDS) has the ability to perform
real-time traffic analysis and packet logging on internet protocol (IP) networks. Snort performs
protocol analysis, content searching and matching.
Snort can be configured in three main modes: sniffer, packet logger, and network intrusion
detection.
SNIFFER MODE
In sniffer mode, the program will read network packets and display them on the console.
In packet logger mode, the program will log packets to the disk.
In intrusion detection mode, the program will monitor network traffic and analyze it against a
rule set defined by the user. The program will then perform a specific action based on what has
been identified.
Steps to be followed
2. Get Started [Download the latest version] from the windows tab at this point the lastest
version is snort_2_9_8_2_installer.exe
ipvar HOME_NET 192.168.1.2/24 [you could get the ip of the system using ipconfig command]
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Rule Path
In the last line config logdir: add config logdir: C:\Snort\log [remove # symbol]
include $RULE_PATH\app-detect.rules
include $RULE_PATH\attack-responses.rules
.
.
.
include $RULE_PATH\x11.rules
Change backward slash to forward slash in the following codes [also remove # symbol in the
below three lines]
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
# decoder and preprocessor event rules
include $PREPROC_RULE_PATH\preprocessor.rules
include $PREPROC_RULE_PATH\decoder.rules
include $PREPROC_RULE_PATH\sensitive-data.rules
Check whether you have the line threshold.conf in the last line of snort.conf
alert icmp any any -> any any (msg:"PING PING PING"; sid:1000000001;)
Now you will get the reply from google to your system ip
Step 1: Move to log folder in snort create a blank text file name it as say sample.txt
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Step 3: Open zenmap type the google ip obained from ping command in target
PANIMALAR ENGINEERING COLLEGE
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
REG NO:
Step 5: Click the scan check whether the profile is intense scan in Zenmap GUI
The list of scan runs in the Zenmap GUI as shown.
To stop snort type ctrl+c in snort window it shows the result as snort exiting as shown in fig