Hawassa University

Institute of Technology
Department of Electrical and Computer Engineering

Computer Network and Security

Security Lab Manual and Report

By:

Behailu Gobanti

May 11, 2022

Table of Contents
Experiment no: 1 a..........................................................................................................................................................1
Experiment title: Caesar Cipher......................................................................................................................................1
Experiment no: 1 b..........................................................................................................................................................3
Experiment title: Play Fair Cipher..................................................................................................................................3
Experiment no: 1 c..........................................................................................................................................................7
Experiment title: Hill Cipher..........................................................................................................................................7
EX. NO: 1(D).................................................................................................................................................................9
Experiment title: Implementation Of Vigenere Cipher..............................................................................................9
EX. NO: 1(E)...............................................................................................................................................................11
Experiment title: Implementation Of Rail Fence-Row and Column Transformation Technique................................11
EX.NO:2(A)..................................................................................................................................................................13
Experiment title: Implementation OF DES...................................................................................................................13
EX.NO:2(B)..................................................................................................................................................................16
Experiment title: Implementation of RAS....................................................................................................................16
EX. NO: 2(C)...............................................................................................................................................................18
Experiment title: Implementation Of Diffie Hellman Key Exchange Algorithm.........................................................18
EX. NO: 2(D)...............................................................................................................................................................20
Experiment title: Implementation of MD5................................................................................................................20
Experiment no: 2.E.......................................................................................................................................................22
Experiment title: implementation of SHA-1(secure hash algorithm-1)........................................................................22
Experiment no: 3...........................................................................................................................................................25
Experiment title: implementation of digital signature standard....................................................................................25
Experiment no: 4...........................................................................................................................................................29
Experiment title: secure data storage, secure data transmission and for creating digital signatures (GnuPg)............29
Experiment no: 5...........................................................................................................................................................43
Experiment title: Working With KF Sensor for Creating and Monitoring Honey Pot.................................................43
Experiment no: 6...........................................................................................................................................................45
Experiment title: Installation of Rootkit.......................................................................................................................45
Experiment no: 7...........................................................................................................................................................46
Experiment title: Working With Net Stumbler to Perform Wireless Audit on a Router..............................................46
Experiment no: 8...........................................................................................................................................................48
Experiment title: Working With Snort Tool to Demonstrate Intrusion Detection System.......................................... 48

I
Experiment no: 1 a

Experiment title: Caesar Cipher

Objective
To implement a simple mono-alphabetic substitution cipher named Caesar cipher using c programming
language.
Description
The Caesar cipher is a mono alphabetic substitution cipher, where each letter is replaced by another
letter located a little further in the alphabet (therefore shifted but always the same for given cipher
message).The shift distance is chosen by a number called the offset, which can be right (A to B) or left
(B to A).
Example:

Plaintext: ABCDE
Shift Key: 3
Cipher Text: DEFG
ALGORITHM:
STEP-1: Read the plain text from the user.
STEP-2: Read the key value from the user.
STEP-3: If the key is positive then encrypt the text by adding the key with each character in the plain text.
STEP-4: Else subtract the key from the plain text.
STEP-5: Display the cipher text obtained above.
PROGRAM:

#include <stdio.h>
#include<string.h>
#include<conio.h>
#include <ctype.h>
void main()
{
char plain[10],cipher[10];
intkey,i,length;
int result;
printf("\nEntertheplaintext:");
scanf("%s",plain);
printf("\nEnterthekeyvalue:");
scanf("%d",&key);
printf("\n\n\t PLAIN TEXt:%s",plain);
printf("\n\n\t ENCRYPTED TEXT:");
for(i = 0, length = strlen(plain); i< length; i++)
{

1
cipher[i]=plain[i] + key;
if(isupper(plain[i])&&(cipher[i]>'Z')) cipher[i] = cipher[i]-26;
if(islower(plain[i])&&(cipher[i]>'z')) cipher[i] = cipher[i] -26;
printf("%c", cipher[i]);
}
printf("\n\n\t AFTER DECRYPTION :");
for(i=0;i<length;i++)
{
plain[i]=cipher[i]-key;
if(isupper(cipher[i])&&(plain[i]<'A')) plain[i]=plain[i]+26;
if(islower(cipher[i])&&(plain[i]<'a')) plain[i]=plain[i]+26;
printf("%c",plain[i]);
}
getch();
}
OUTPUT:

RESULT:
Caesar cipher substitution technique had been implemented successfully using C programming Language.
We insert input plain text “caesar” and key “4” then the program outputs the plain text “caesar” ,
encrypted text “geiwev” and text after decryption “caesar”.

2
Experiment no: 1 b
Experiment title:Play Fair Cipher
Objective
To implement a substitution cipher named play fair cipher using c programming language.
Description
The Play fair cipher starts with creating a key table. The key table is a 5×5 grid of letters that will act as
the key for encrypting your plaintext. Each of the 25 letters must be unique and one letter of the alphabet
is omitted from the table (as there are 25 spots and 26 letters in the alphabet).
To encrypt a message, one would break the message into diagrams (groups of 2 letters) such that, for
example, "Hello World" becomes "HE LL OW OR LD", and map them out on the key table. The two
letters of the diagram are considered as the opposite corners of a rectangle in the key table. Note the
relative position of the corners of this rectangle. Then apply the following 4 rules, in order to each pair of
letters in the plain text:
1. If both letters are the same (or only one letter is left), add an "X" after the first letter.
2. If the letters appear on the same row of your table, replace them with the letters to their immediate right
respectively.
3. If the letters appear on the same column of your table, replace them with the letters immediately below
respectively.
4. If the letters are not on the same row or column, replace them with the letters on the same row
respectively but at the other pair of corners of the rectangle defined by the original pair.
ALGORITHM:
STEP-1: Read the plain text from the user.
STEP-2: Read the keyword from the user.
STEP-3:Arrangethekeywordwithoutduplicatesina5*5matrixintheroworderand
filltheremainingcellswithmissedoutlettersinalphabeticalorder.Notethat ‘i’ and ‘j’ takes the samecell.
STEP-4: Group the plain text in pairs and match the corresponding corner letters by forming a rectangular
grid.
STEP-5: Display the obtained cipher text.
PROGRAM:
#include<stdio.h>
#include<conio.h>
#include<string.h>
#include<ctype.h>
#define MX 5
voidplayfair(char ch1,char ch2, char key[MX][MX])
{
inti,j,w,x,y,z;

3
FILE *out;
if((out=fopen("cipher.txt","a+"))==NULL)
{
printf("File Currupted.");
}
for(i=0;i<MX;i++)
{
for(j=0;j<MX;j++)
{
if(ch1==key[i][j])
{
w=i;
x=j;
}
else if(ch2==key[i][j])
{
y=i;
z=j;
}}}
//printf("%d%d %d%d",w,x,y,z);
if(w==y)
{
x=(x+1)%5;z=(z+1)%5;
printf("%c%c",key[w][x],key[y][z]);
fprintf(out, "%c%c",key[w][x],key[y][z]);
}
else if(x==z)
{
w=(w+1)%5;y=(y+1)%5;
printf("%c%c",key[w][x],key[y][z]);
fprintf(out, "%c%c",key[w][x],key[y][z]);
}
else
{
printf("%c%c",key[w][z],key[y][x]);
fprintf(out, "%c%c",key[w][z],key[y][x]);
}
fclose(out);
}
void main()
{
inti,j,k=0,l,m=0,n;
char key[MX][MX],keyminus[25],keystr[10],str[25]={0};
char
alpa[26]={'A','B','C','D','E','F','G','H','I','J','K','L'
,'M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'}
;
printf("\nEnter key:");
gets(keystr);
printf("\nEnter the plain text:");
gets(str);
n=strlen(keystr);
//convert the characters to uppertext
for (i=0; i<n; i++)
{

4
if(keystr[i]=='j')keystr[i]='i';
else if(keystr[i]=='J')keystr[i]='I';
keystr[i] = toupper(keystr[i]);
}
//convert all the characters of plaintext to uppertext
for (i=0; i<strlen(str); i++)
{
if(str[i]=='j')str[i]='i';
else if(str[i]=='J')str[i]='I';
str[i] = toupper(str[i]);
}
j=0;
for(i=0;i<26;i++)
{
for(k=0;k<n;k++)
{
if(keystr[k]==alpa[i])
break;
else if(alpa[i]=='J')
break;
}
if(k==n)
{
keyminus[j]=alpa[i];j++;
}
}
//construct key keymatrix
k=0;
for(i=0;i<MX;i++)
{
for(j=0;j<MX;j++)
{
if(k<n)
{
key[i][j]=keystr[k];
k++;}
else
{
key[i][j]=keyminus[m];m++;
}
printf("%c ",key[i][j]);
}
printf("\n");
}
printf("\n\nEntered text :%s\nCipher Text :",str);
for(i=0;i<strlen(str);i++)
{
if(str[i]=='J')str[i]='I';
if(str[i+1]=='\0')
playfair(str[i],'X',key);
else
{
if(str[i+1]=='J')str[i+1]='I';
if(str[i]==str[i+1])
playfair(str[i],'X',key);

5
else
{
playfair(str[i],str[i+1],key);i++;
}}
}
getch();
}
OUTPUT:

RESULT:
Play fair substitution technique had been implemented successfully using C programming Language.
We insert input plain text “electrical” and key “play” then the program outputs the Entered text
“ELECTRICAL”, encrypted text “DAFDOSHYDA”.

6
Experiment no:1 c

Experiment title:Hill Cipher

Objective
To implement a substitution cipher named Hill cipher using c programming language .
Description
Each letter is represented by a number modulo 26. Often the simple scheme A = 0, B=1...Z=25,isused,but
this is not an essential feature of the cipher.To encrypt a message, each block of n letters is multiplied by
an invertible n × n matrix, against modulus 26. To decrypt the message, each block is multiplied by
the inverse of the matrix used for encryption. The matrix used for encryption is the cipher key, and it
should be chosen randomly from the set of invertible n × n matrices (modulo 26).

ALGORITHM:

STEP-1: Read the plain text and key from the user.
STEP-2:Splittheplain text into groups of length three.
STEP-3: Arrange the keyword in a 3*3matrix.
STEP-4: Multiply the two matrices to obtain the cipher text of length three.
STEP-5: Combine all these groups to get the complete cipher text.
PROGRAM:
#include<stdio.h>
#include<conio.h>
#include<string.h>
int main(){
unsigned int a[3][3]={{6,24,1},{13,16,10},{20,17,15}};
unsigned int b[3][3]={{8,5,10},{21,8,21},{21,12,8}};
inti,j, t=0;
unsigned int c[20],d[20];
charmsg[20];
printf("Enter plain text \n");
scanf("%s",msg);
for(i=0;i<strlen(msg);i++)
{ c[i]=msg[i]-65;
printf("%d ",c[i]);
}
for(i=0;i<3;i++)
{ t=0;
for(j=0;j<3;j++)
{

7
t=t+(a[i][j]*c[j]);
}
d[i]=t%26;
}
printf("\nEncrypted Cipher Text :");
for(i=0;i<3;i++)
printf(" %c",d[i]+65);
for(i=0;i<3;i++)
{
t=0;
for(j=0;j<3;j++)
{
t=t+(b[i][j]*d[j]);
}
c[i]=t%26;
}
printf("\nDecrypted Cipher Text :");
for(i=0;i<3;i++)
printf(" %c",c[i]+65);
getch();
return 0;
}
OUTPUT:

RESULT:
Hill cipher substitution technique had been implemented successfully using C programming Language.
We insert input plain text “ECE” and key “4” then the program encrypted text “YUS” and text after
decryption “ECE”.

8
EX. NO: 1(D)

Experiment title: Implementation Of Vigenere Cipher

AIM:

To implement the Vigenere Cipher substitution technique using C program.

DESCRIPTION:

To encrypt, a table of alphabets can be used, termed a tabula recta, Vigenère square, or Vigenère
table. It consists of the alphabet written out 26 times in different rows, each alphabet shifted
cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar
ciphers. At different points in the encryption process, the cipher uses a different alphabet from one of
the rows. The alphabet used at each point repeating keyword.

ALGORITHM:

STEP-1: Arrange the alphabets in row and column of a 26*26 matrix.

STEP-2: Circulate the alphabets in each row to position left such that the first letter is attached to last.

STEP-3: Repeat this process for all 26 rows and construct the final key matrix.

STEP-4: The keyword and the plain text is read from the user.

STEP-5: The characters in the keyword are repeated sequentially so as to match with that of the plain
text.

STEP-6: Pick the first letter of the plain text and that of the keyword as the row indices and column
indices respectively.

STEP-7: The junction character where these two meet forms the cipher character.

STEP-8: Repeat the above steps to generate the entire cipher text.

9
OUTPUT:

RESULT:Thus the Vigenere Cipher substitution technique had been implemented successfully.

10
EX. NO: 1(E)

Experiment title: Implementation Of Rail Fence-Row and Column Transformation Technique

AIM:

To write a C program to implement the rail fence transposition technique.

DESCRIPTION:

In the rail fence cipher, the plain text is written downwards and diagonally on successive "rails"
of an imaginary fence, then moving up when we reach the bottom rail. When we reach the top
rail, the message is written downwards again until the whole plaintext is written out. The
message is then read off in rows.

ALGORITHM:

STEP-1: Read the Plain text.

STEP-2: Arrange the plain text in row columnar matrix format.

STEP-3: Now read the keyword depending on the number of columns of the plain text.

STEP-4: Arrange the characters of the keyword in sorted order and the corresponding
columns of the plain text.

STEP-5: Read the characters row wise or column wise in the former order to get
the cipher text.

11
 OUTPUT:

RESULT:Thus the rail fence algorithm had been executed successfully.

12
EX.NO:2(A)

Experiment title: Implementation of DES

AIM:

To write a C program to implement Data Encryption Standard (DES) using C Language.

DESCRIPTION:

DES is a symmetric encryption system that uses 64-bit blocks, 8 bits of which are used for parity
checks. The key therefore has a "useful" length of 56 bits, which means that only 56 bits are actually
used in the algorithm. The algorithm involves carrying out combinations, substitutions and
permutations between the text to be encrypted and the key, while making sure the operations can be
performed in both directions. The key is ciphered on 64 bits and made of 16 blocks of 4 bits,
generally denoted k1 to k16. Given that "only" 56 bits are actually used for encrypting, there can be
256differentkeys.

The main parts of the algorithm are as follows:

➢ Fractioning of the text into 64-bitblocks

➢ Initial permutation of blocks

➢ Break down of the blocks in to two parts: left and right, named L and R

➢ Permutation and substitution steps repeated 16times

➢ Re-joining of the left and right parts then inverse initial permutation

ALGORITHM:

STEP-1: Read the 64-bit plain text.

STEP-2: Split it into two 32-bit blocks and store it in two different arrays.

STEP-3: Perform XOR operation between these two arrays.

STEP-4: The output obtained is stored as the second 32-bit sequence and the original second 32-bit sequence forms
the first part.

13
STEP-5: Thus the encrypted 64-bit cipher text is obtained in this way. Repeat the same process for the remaining
plain text characters.

OUTPUT:

14
RESULT:Thus the data encryption standard algorithm had been implemented successfully using C
language.

15
EX.NO:2(B)

Experiment title: Implementation of RAS

AIM:

To write a C program to implement the RSA encryption algorithm.

DESCRIPTION:

RSA is an algorithm used by modern computers to encrypt and decrypt messages. It is an

asymmetric cryptographic algorithm. Asymmetric means that there are two different keys. This
is also called public key cryptography, because one of them can be given to everyone . A basic
principle behind RSA is the observation that it is practical to find three very large positive
integers’ e, d and n such that with modular exponentiation for all integer:

ALGORITHM:

STEP-1: Select two co-prime numbers as p and q.

STEP-2: Compute n as the product of p and q.

STEP-3: Compute (p-1)*(q-1) and store it in z.

STEP-4: Select a random prime number e that is less than that of z.

STEP-5: Compute the private key, d as e * mod -1(z).

STEP-6: The cipher text is computed as message e * mod n.
STEP-7: Decryption is done as cipherdmod n.

16
OUTPUT

RESULT:Thus the C program to implement RSA encryption technique had been implemented
successfully

17
EX. NO: 2(C)

Experiment title: Implementation Of Diffie Hellman Key Exchange Algorithm

AIM: To implement the Diffie-Hellman Key Exchange algorithm using C language.

DESCRIPTION:

Diffie–Hellman Key Exchange establishes a shared secret between two parties that can be used
for secret communication for exchanging data over a public network. It is primarily used as a
method of exchanging cryptography keys for use in symmetric encryption algorithms like
AES.Thealgorithminitselfisverysimple.Theprocessbeginsbyhavingthe two parties, Alice and
Bob. Let's assume that Alice wants to establish a shared secret with Bob.

ALGORITHM:

STEP-1: Both Alice and Bob shares the same public keys g and p.

STEP-2: Alice selects a random public key a.

STEP-3: Alice computes his secret key A as ga mod p.

STEP-4: Then Alice sends A to Bob.

STEP-5: Similarly Bob also selects a public key b and computes his secret key as B and sends the same
back to Alice.

STEP-6:Nowbothofthemcomputetheircommonsecretkeyastheotherone’ssecret key power of a modp.

18
OUTPUT

RESULT:Thus the Diffie-Hellman key exchange algorithm had been successfully implemented
using C.

19
EX. NO: 2(D) IMPLEMENTATION OF MD5

AIM: To write a C program to implement the MD5 hashing technique.

DESCRIPTION:

MD5processesavariable-lengthmessageintoafixed-lengthoutputof128bits.The input message is

broken up into chunks of 512-bit blocks. The message is padded so thatits length is divisible by
512. The padding works as follows: first a single bit, 1, is appended to the end of the message.
This is followed by as many zeros as are required to bring the length of the message up to 64
bits less than a multiple of 512. The remaining bits are filled up with64 bits representing the
length of the original message, modulo 264.

ALGORITHM:

STEP-1: Read the 128-bit plain text.

STEP-2: Divide into four blocks of 32-bits named as A, B, C and D.
STEP-3: Compute the functions f, g, handy with operations such as, rotations, permutations, etc.
STEP-4: The output of these functions are combined together as F and performed circular
shifting and then given to key round.
STEP-5: Finally, right shift of ‘s’ times are performed and the results are combined together to
produce the final output.

OUTPUT

20
RESULT: Thus the implementation of MD5 hashing algorithm had been implemented successfully
using C.

21
Experiment no: 2.E
Experiment title: implementation of SHA-1(secure hash algorithm-1)
Objective: to implement SHA-1(secure hash algorithm-1) using java programing;
Compiler: NetBeans IDE 8.2
Description:
In cryptography, SHA-1(SecureHashAlgorithm1) is a cryptographic hash function. SHA-1
produces a 160-bit hash value known as a message digest. The way this algorithm works is that
for a message of size 264 bits it computes a 160 bit condensed output called a message digest.
The SHA-1 algorithm is designed so that it is practically in feasible to find two input messages
that hash to the same output message. A hash function such as SHA-1 is used to calculate an
alphanumeric string that serves as the cryptographic representation of a file or a piece of data.
This is called a digest and can serve as a digital signature. It is supposed to be unique and non-
reversible.

EXAMPLE:

ALGORITHM:
STEP-1: Read the 256-bit key values.
STEP-2: Divide into five equal-sized blocks named A, B, C, D and E.
STEP-3: The blocks B, C and D are passed to the function F.
STEP-4: The resultant value is permuted with block E.
STEP-5: The block A is shifted right by ‘s’ times and permuted with the result of step-
4.

STEP-6: Then it is permuted with a weight value and then with some other key pair
and taken as the first block.
STEP-7: Block A is taken as the second block and the block B is shifted by ‘s’
times and taken as the third block.

22
 STEP-8: The blocks C and D are taken as the block D and E for the final output.
PROGRAM: for implementing SHA-1
importjava.security.*;

public class SHA1 {

public static void main(String[] a)
{ try {
MessageDigest md = MessageDigest.getInstance("SHA1");
System.out.println("Message digest object info: ");
System.out.println(" Algorithm = " +md.getAlgorithm());
System.out.println(" Provider = " +md.getProvider());
System.out.println(" ToString = " +md.toString());
String input = "";
md.update(input.getBytes());
byte[] output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") = " +bytesToHex(output));
input = "abc";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1(\""+input+"\") = " +bytesToHex(output));
input = "this is serurity lab report";
md.update(input.getBytes());
output = md.digest();
System.out.println();
System.out.println("SHA1( \"" +input+"\") = " +bytesToHex(output));
System.out.println("");
}
catch (Exception e)

23
 {
System.out.println("Exception: " +e);
}
}
public static String bytesToHex(byte[] b)
{
char hexDigit[] = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
StringBufferbuf = new StringBuffer();
for (int j=0; j<b.length; j++)
{
buf.append(hexDigit[(b[j] >> 4) & 0x0f]);
buf.append(hexDigit[b[j] & 0x0f]);
}
returnbuf.toString();
}
}
OUTPUT:

RESULT:
 For input “abc” the output is A9993E364706816ABA3E25717850C26C9CD0D89D.
 For input “this is security lab report” the output is
25844D8A492DDBA138556B59A99C75EA99C75EA03ECDAD.
 Thus the SHA-1 hashing technique had been implemented successfully.

24
Experiment no: 3
Experiment title: implementation of digital signature standard
Objective: to implement the signature scheme named digital signaturestandard (Euclidean
Algorithm) using java program.
Compiler: NetBeans IDE 8.2
Algorithm:
STEP-1: Alice and Bob are investigating a forgery case of x and y.
STEP-2: X had document signed by him but he says he did not sign that document
digitally.
STEP-3: Alice reads the two prime numbers p and a.
STEP-4: He chooses a random co-primes alpha and beta and the x’s original
signature x.
STEP-5: With these values, he applies it to the elliptic curve cryptographic
equation to obtain y.
STEP-6: Comparing this ‘y’ with actual y’s document, Alice concludes that y is a
forgery.

PROGRAM:
importjava.util.*;
importjava.math.BigInteger;

classdsaAlg {
final static BigInteger one= new BigInteger("1");
final static BigInteger zero= new BigInteger("0");

public static BigIntegergetNextPrime(String ans)

{
BigInteger test=new BigInteger(ans); while(!test.isProbablePrime(99))
e:
{
test = test.add(one);

25
 }
return test;
}
public static BigIntegerfindQ(BigInteger n)
{
BigInteger start=new BigInteger("2"); while(!n.isProbablePrime(99))
{
while (!((n.mod(start)).equals(zero)))
{
start = start.add(one);
}
n = n.divide(start);
}
return n;
}
public static BigIntegergetGen(BigIntegerp,BigInteger q, Random r)
{
BigInteger h=new BigInteger(p.bitLength(),r); h =h.mod(p);
returnh.modPow((p.subtract(one)).divide(q), p);
}
public static void main(String[]args)throws java.lang.Exception
{
Random randObj = new Random();
BigInteger p=getNextPrime("10600"); /*approximate prime*/
BigInteger q=findQ(p.subtract(one)); BigInteger g =getGen(p,q,randObj);
System.out.println("\nsimulation of Digital Signature Algorithm\n");
System.out.println("\nglobal public key components are:\n");
System.out.println("\npis:"+p); System.out.println("\nqis:"+q); System.out.println("\
ngis:"+g);
BigInteger x=new BigInteger(q.bitLength(),randObj); x =x.mod(q);

26
BigInteger y = g.modPow(x,p);
BigInteger k=new BigInteger(q.bitLength(),randObj); k =k.mod(q);
BigInteger r = (g.modPow(k,p)).mod(q);
BigIntegerhashVal=new BigInteger(p.bitLength(), randObj);
BigIntegerkInv = k.modInverse(q);
BigInteger s=kInv.multiply(hashVal.add(x.multiply(r))); s = s.mod(q);
System.out.println("\nsecret information are:\n"); System.out.println("x
(private) is:" + x); System.out.println("k(secret) is: " + k);
System.out.println("y(public) is: " + y); System.out.println("h (rndhash) is: " +
hashVal); System.out.println("\ngeneratingdigitalsignature:\n"); System.out.println("r
is : " +r);
System.out.println("sis:"+s); BigInteger w =s.modInverse(q);
BigInteger u1=(hashVal.multiply(w)).mod(q); BigInteger u2
=(r.multiply(w)).mod(q);
BigInteger v=(g.modPow(u1,p)).multiply(y.modPow(u2,p)); v = (v.mod(p)).mod(q);
System.out.println("\nverifyingdigitalsignature (checkpoints)\n:");
System.out.println("w is : " +w);
System.out.println("u1is:"+u1); System.out.println("u2is:"+u2);
System.out.println("v is : " +v);
if (v.equals(r))
{

System.out.println("\nsuccess:digitalsignatureis verified!\n " + r);

}
else
{

System.out.println("\nerror:incorrectdigital signature\n ");

}
}
}

27
Output:

Result:
 Thus the simple Code Optimization techniques had been implemented successfully.

28
Experiment no: 4
Experiment title: secure data storage, secure data transmission and for creating digital
signatures (GnuPg).
Objective: Demonstrate how to provide secure data storage, secure data transmission and for
creating digital signatures (GnuPg).
Introduction:

➢ Here’sthefinalguideinmyPGPbasicsseries,thistimefocusingonWindows
➢ The OS in question will be Windows 7, but it should work for Win8 and
Win8.1 as well
➢ Obviously it’s not recommended to be using Windows to access the
DNM, but I won’t go into the reasons here.
➢ The tool well be using isGPG4Win

Installing the software

1) Visit www.gpg4win.org. Click on the “Gpg4win 4.0.2”button

29
2) On the following screen, click the “Download”button.

3) When the “Welcome” screen is displayed, click the “Next” button.

30
4) When choose the component is displayed click ”next”.

5) Click on install

31
6) Wait for the installation, after that click on next.

7) Click on finish

32
Creating your public and private key
GPG encryption and decryption is based upon the keys of the person who will be receiving the
encrypted file or message. Any individual who wants to send the person an encrypted file or message
must possess the recipient’s public key certificate to encrypt the message. The recipient must have
the associated private key, which is different than the public key, to be able to decrypt the file. The
public and private key pair for an individual is usually generated by the individual on his or her
computer using the installed GPG program, called “Kleopatra” and the following procedure:

1) From your start bar, select the “Kleopatra” icon to start the Kleopatra certificate
management software.

33
2) The following screen will be displayed.

3) Click on the “New Key Pair” and the following screen will appear.

34
4) Enter your name and email address and check the “protect the generated key with a
passphrase” then click on “create”. The following screen will appear.

5) Enter the passphrase and click on ok and the key will be created. The following screen
will appear.

6) Click on “Make a Backup of Your Key Pair”. The following screen will appear.

35
7) Enter your passphrase then click ok. The following screen will appear.

36
8) Specify the file name and click on “save” and enter your passphrase to export the open
PGB secret key.

9) Click on finish

37
Decrypting An Encrypted E-Mail That Has Been Sent To You:

1) Open your email message

2) Select the GpgOLtab

38
3) Click the decrypt message

4) A command window will open along with a window that asks for the Passphrase to your
private key that will be used to decrypt the incoming message.

39
5) Enter your passphrase and click the “OK” button.

6) The results window will tell you if the decryption succeeded. Click the “Finish” button
top close the window.

7) Your unencrypted e-mail message body will be displayed.

40
8) When you close thee mail you will be asked if you want to save the e-mail message in
its unencrypted form. For maximum security, click the “No” button. This will keep the
message encrypted within the e-mail system and will require you to enter your
passphrase each time you re open the e-mail message.

Result: Thus the secure data storage, secure data transmission and for creating digital
signatures (GnuPG) was developed successfully.

41
Experiment no: 5
Experiment title: Working With KF Sensor for Creating and Monitoring Honey Pot

Description
Honeypot is a device placed on Computer Network specifically designed to capture malicious
network traffic. Honeypot is like a bait to attract attacks in to gaining knowledge about what the
level of the attack is and what it is the counter attack plans.
Based on deployment honeypot can be classified into two.
1. Production honeypot: - deploy less information
2. Research honeypot: - research treats to better combat them.

Objective
To familiarize our self with the concept of honey pot and software that can perfectly simulate them which
is KF Sensor in our case. KF Sensor has a great accuracy and undetectable inner working which help it
simulate the Microsoft web procedures.

Procedure
STEP-1: Download KF Sensor Evaluation Setup File from KF Sensor Website.
STEP-2: Install with License Agreement and appropriate directory path.
STEP-3: Reboot the Computer now. The KF Sensor automatically starts during windows boot.
STEP-4: Click Next to setup wizard.
STEP-5: Select all port classes to include and Click Next.
STEP-6: “Send the email and Send from email”, enter the ID and Click Next.
STEP-7: Select the options such as Denial of Service [DOS], Port Activity, Proxy Emulsion, Network
Port Analyzer, Click Next.
STEP-8: Select Install as System service and Click Next.
STEP-9: Click finish.

Observation
The software has an interface that depict in detail the different attack attempt type of the attack and the
layer in which the attacks are deployed to infiltrate. Which make it easy to use and helpful in so many
ways. But the software is only applicable in older version of windows.

Conclusion
The KF Sensor is one from many tools that is out there that provides the feature of honeypot to attract
attacks and research about their attack methods to better protect the system the software is installed on.

42
Experiment no: 6
Experiment title: Installation of Rootkit
Description
Rootkit is a malicious software that gives continuous access privileges by hiding its process or its
existence entirely. To describe it better the word is divided into to words that forms ROOT which is a
Linux/UNIX/ term that stands for administrative access, and kit is a term that stand for a program so
together rootkit is just a program that gives root access to an attacker or a gray hat hacker.
Objective
The aim of this experiment is to get our hand working and explore different uses and interfacing methods
that the rootkit can provide. And to know how to use the rootkit to intercept information from a network
or even from keyboard of the intended victim.
Procedure
STEP-1: Download Rootkit Tool from GMER website www.gmer.net.
STEP-2: This displays the Processes, Modules, Services, Files, Registry, Rootkit / Malwares, Auto Start,
CMD of local host.
STEP-3: Select Processes menu and kill any unwanted process if any.
STEP-4: Modules menu displays the various system files like .sys, .dll
STEP-5: Services menu displays the complete services running with Auto Start, Enable, Disable, System,
Boot.
STEP-6: Files menu displays full files on Hard-Disk volumes.
STEP-7: Registry displays Hkey_Current_user and Hkey_Local_Machine.
STEP-8: Rootkits / Malwares scans the local drives selected.
STEP-9: Auto Start displays the registry base Auto Start applications.
STEP-10: CMD allows the user to interact with command line utilities or Registry
Observation
The rootkit serves as a window that gives in great detail the process of one operating system and how that
system is interchanging information among different clients and also gives information on what processes
are working currently on the system and how the user is interacting with each and every one.
Conclusion
In conclusion the rootkit provides a unmeasurable impact in the wrong hand which makes it dangerous in
black hat hackers arsenal, but at the same time it is a tool that helps give insight on the inner working of
the system it is currently running which can be helpful to give information that help improve the system.

43
Experiment no: 7
Experiment title: Working With Net Stumbler to Perform Wireless Audit on a Router
Introduction
NetStumbler (Network Stumbler) is one of the Wi-Fi hacking tool which only
compatible with windows, this tool also a freeware. With this program, we can
search for wireless network which open and infiltrate the network. It’s having
some compatibility and network adapter issues. NetStumbler is a tool for
Windows that allows you to detect Wireless Local Area Networks(WLANs)
using 802.11b, 802.11a and 802.11g. It runs on Microsoft Windows operating
systems from Windows 2000 to Windows-XP. A trimmed down-version called
Mini Stumbler is available for the handheld Windows-CE operating system.
It has many uses:
✓ Verify that your network is set up the way you intended
✓ Find locations with poor coverage in your WLAN.
✓ Detect other networks that may be causing interference on your
network
✓ Detect unauthorized "rogue" access points in your workplace
✓ Help aim directional antennas for long-haul WLAN links.
✓ Use it recreationally for War Driving.
Procedure
STEP-1: Download and install Netstumbler.
STEP-2: It is highly recommended that the PC should have wireless network card in order to
access wireless router.
STEP-3: Now Run Netstumbler in record mode and configure wireless card.
STEP-4: There are several indicators regarding the strength of the signal, such as GREEN
indicates Strong, YELLOW and other color indicates a weaker signal, RED indicates a very
weak and GREY indicates a signal loss.
STEP-5: Lock symbol with GREEN bubble indicates the Access point has encryption enabled.
STEP-6: MAC assigned to Wireless Access Point is displayed on right hand pane.
STEP-7: The next column displays the Access points Service Set Identifier[SSID] which is
useful to crack the password.
STEP-8: To decrypt use Wire Shark tool by selecting Edit € preferences € IEEE 802.11.
44
STEP-9: Enter the WEP keys as a string of hexadecimal numbers as A1B2C3D4E5.
Observation
The application is helpful in a way that it can detect Wi-Fi network that might interfere with your
current networks and can detect unauthorized network trying to connect with the current
network.
Result
Thus the wireless audit on an access point or a router and decrypt WEP and WPA (Net Stumbler)
was done successfully.

45
Experiment no: 8

Experiment title: Working With Snort Tool to Demonstrate Intrusion Detection System

Introduction
INTRUSION DETECTION SYSTEM: - Intrusion detection is a set of techniques and methods
that are used to detect suspicious activity both at the network and host level. Intrusion detection
systems fall into two basic categories:
Signature-based intrusion detection systems
Anomaly detection systems.
Intruders have signatures, like computer viruses, that can be detected using software. You try to
find data packets that contain any known intrusion-related signatures or anomalies related to
Internet protocols. Based upon asset of signatures and rules, the detection system is able to find
and log suspicious activity and generate alerts.
Anomaly-based intrusion detection usually depends on packet anomalies present in protocol
header parts. In some cases these methods produce better results compared to signature-based
IDS. Usually an intrusion detection system captures data from the network and applies its rules
to that data or detects anomalies in it. Snort is primarily a rule-based IDS, however input plug-ins
are present to detect anomalies in protocol headers.

SNORT Tool
Snort is based on libpcap (for library packet capture), a tool that is widely used in TCP/IPtraffic
sniffers and analyzers. Through protocol analysis and content searching and matching, Snort
detects attack methods, including denial of service, buffer overflow, CGI attacks, stealth port
scans, and SMB probes. When suspicious behavior is detected, Snort sends a real-time alert to
syslog, a separate 'alerts' file, or to a pop-up window.
Snort is currently the most popular free network intrusion detection software. The advantages of
Snort are numerous. According to the snort website, “It can perform protocol analysis, content
searching/matching, and can be used to detect a variety of attacks and probes, such as buffer
overflow, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much
more” (Caswell).
One of the advantages of Snort is its ease of configuration. Rules are very flexible, easily written,
and easily inserted into the rule base. If a new exploiter attack is found a rule for the attack can
be added to the rule base in a matter of seconds. Another advantage of snort is that it allows for
raw packet data analysis.

46
SNORT can be configured to run in three modes:
 Sniffer mode
 Packet Logger mode
 Network Intrusion Detection System mode

Sniffer mode
 Snort –v Print out the TCP/IP packets header on the screen
 Snort–vd show the TCP/I PICMP header with application data in transmit

Packet Logger mode

 Snort –dev –l c:\log [create this directory in the C drive] and snort will automatically
know to go into packet logger mode, it collects every packet it sees and places it in log
directory.
 Snort –dev –l c:\log –h ipaddress/24: This rule tells snort that you want to print out the
data link and TCP/IP headers as well as application data in to the log directory. Snort –l
c:\log –b This is binary mode logs everything into a single file.

Network Intrusion Detection System mode

 Snort –d c:\log –h IPaddress/24 –c snort.conf this is a configuration file applies rule to
each packet to decide it an action based upon the rule type in the file.
 Snort –d –h ipaddress/24 –l c:\log –c snort.conf this will configure snort to run in its most
basic NIDS form, logging packets that trigger rules specifies in the snort.conf.

PROCEDURE:

STEP-1: Sniffer mode€ snort –v € Print out the TCP/IP packets header on the screen.
STEP-2: Snort –vd € Show the TCP/IP ICMP header with application data in transit.
STEP-3: Packet Logger mode € snort –dev –l c:\log [create this directory in the C drive] and
snort will automatically know to go into packet logger mode, it collects every packet it sees and
places it in log directory.
STEP-4: snort –dev –l c:\log –h ipaddress/24 € this rule tells snort that you want to print out the
data link and TCP/IP headers as well as application data into the log directory.
STEP-5: snort –l c:\log –b € this binary mode logs everything into a single file.

47
STEP-6: Network Intrusion Detection System mode € snort –d c:\log –h ipaddress/24 –c
snort.conf € this is a configuration file that applies rule to each packet to decide it an action
based upon the rule type in the file.
STEP-7: snort–d–hipaddress/24–lc:\log–csnort.conf€Thiswillconfiguresnorttorun in its most
basic NIDS form, logging packets that trigger rules specifies in the snort.conf.
STEP-8: Download SNORT from snort.org. Install snort with or without database support.
STEP-9: Select all the components and Click Next. Install and Close.
STEP-10: Skip the WinPcap driver installation.
STEP-11: Add the path variable in windows environment variable by selecting new class path.
STEP-12: Create a path variable and point it at snort.exe variable name €path and variable value
€c:\snort\bin.
STEP-13: Click OK button and then close all dialog boxes. Open command prompt and type the
following commands:
Observation
The snort program can sniff other networks and log results as well as can detect
intrusions on the current network successfully.
Result
Thus the demonstration of the instruction detection using Snort tool was done
successfully.

48