Name : Arin Bisht

Sem and Sec : 4C

Enrollment no. : 35817702023

Network Security Practical Assignment

Ques 1) Demonstrate & Implement Security Monitoring Tools (Any two).

Ans ) 1. Snort - Intrusion Detection & Prevention System (IDS/IPS)
Purpose: Snort monitors network traffic in real-time and detects malicious activities.
Step 1 : Installing snort on Linux

Step 2 : Writing local rule

Step 3 : Run Command

Step 4 : Result
2. Wireshark - Network Packet Analyzer
Purpose: Wireshark captures and analyzes network traffic in detail.
Step 1 : Install Wireshark on Linux

Step 2: Demonstration
Write command Ping google.com
And this is how the screen will look like

(input ICMP in filter to get this output)

Ques 2) WAP to demonstrate Password Cracking Techniques (Any two).
Ans 2) Brute Force Attack : A brute force attack is a hacking method that uses trial and error to
crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for
gaining unauthorized access to individual accounts and organizations' systems and networks.
Program :

Dictionary Attack : an attempt to gain unauthorized access to a computer system by using a

very large set of words to generate potential passwords.
Program :
Output :

Ques 3 ) WAP to implement Cipher Techniques (Any two).

Ans ) Caesar Cipher : The Caesar Cipher is one of the simplest encryption techniques. It is a type
of substitution cipher where each letter in the plaintext is shifted a fixed number of places in the
alphabet.
Program :

Output :
Substitution Cipher : The Substitution Cipher is a more advanced cipher where each letter in
the plaintext is replaced by another letter based on a secret key. Instead of shifting, a fixed
random mapping is used.
Program :

Output :
Ques 4) WAP to implement Public Key cryptographic systems. (RSA)
Ans ) Program :

Output :
Ques 5) WAP to implement Deffie Hellman key exchange Algorithm.
Ans ) The Diffie-Hellman Key Exchange is a method for two parties to securely share a secret key
over a public channel.
Program :

Output :
Ques 6) What the steps involved in configuring Windows Firewall and to implement for
user management.
Ans ) 1. Configuring Windows Firewall
Step 1: Open Windows Firewall
 Press Win + R, type firewall.cpl, and press Enter.
 This opens the Windows Defender Firewall settings.

Step 2: Allow or Block an Application

 Click "Allow an app or feature through Windows Defender Firewall" on the left panel.
 Click "Change settings", then check/uncheck the apps you want to allow/block.
 Click "OK" to apply the changes.
Step 3: Create Custom Inbound/Outbound Rules
 Click "Advanced settings" on the left panel.
 In the Windows Defender Firewall with Advanced Security window:
o Click Inbound Rules → "New Rule" to manage incoming traffic.

(Inbound Rules)
o Click Outbound Rules → "New Rule" to manage outgoing traffic.

(Outbound Rules)
 Choose between Program, Port, Predefined, or Custom Rule.
 Select Allow, Block, or Prompt for action based on requirements.
 Click "Next" → "Finish" to save the rule.
Step 4: Enable or Disable Windows Firewall
 In the main Windows Defender Firewall window, click "Turn Windows Defender Firewall
on or off."
 Select:
o Turn on (recommended for security).
o Turn off (not recommended, unless troubleshooting).
 Click OK to apply the settings.

2. Implementing User Management in Windows

Step 1: Open User Management Settings
 For Windows Home users, go to Settings → Accounts → Family & other users.

Step 2: Add a New User

 In lusrmgr.msc, click "Users", then right-click and select "New User."
 Enter the Username, Password, and other details.
 Configure additional options like password expiration or password change requirements.
 Click "Create" to add the user.
Step 3: Assign User Roles
 Go to Control Panel → User Accounts → Manage another account.
 Select the user and click "Change the account type."
 Choose between Administrator or Standard User, then click OK.
Step 4: Set User Permissions
 Right-click any folder or file → Properties → Security Tab → Edit.
 Select the user and modify permissions such as Read, Write, Modify, or Full Control.
 Click Apply → OK to save the changes.

Ques 7 ) Demonstrate any one honeypot tools for preventing intrusion detection.
Ans ) A honeypot is a decoy system designed to attract attackers, study their behavior, and
protect real systems. Cowrie is a popular honeypot tool that simulates a fake SSH and Telnet
server to log malicious activities.
Step 1) Install cowrie

Step 2) change directory to cowrie

Step 3) install requirements

Step 4) Configuring Cowrie

(Setting up fake SSH (Secured Shell) port to 2222 real port is 22 so it cannot be used as it
might be in use by other real SSH server.)
Step 5) Start Cowrie

Step 6) Simulating Attack

Step 7) Checking Logs

(Logs)