Software system Security Tool

Submitted by:
Ananda RAJ
(RA1552001020070)
Pramodh kiran varma (RA1552001020085)
Sivaram kumar
(RA1552001020083)

Acknowledgement
Working on this project has been a really good and challenging
experience and has been a great source of increasing knowledge
in various subjects. So, it is quite obvious that this had been just on
papers without the guidance of our teachers and mentors.

Introduction
This software is developed for a technical person who wants
to take the system security in his own hands ensuring that his
system gets the best of security and good enough to escape
from hackers and spam attacks to the system.

Software Requirement
Python
Linux
Google Earth
AWT libraries for http

Hardware Requirement
One Computer/Laptop with internet

Software Features
Port scanning
Honey pot
Hackdoor Detection
Detects ip for websites
ip location on geo locator
Sniffing
Spoofing

Port scanning
The act of systematically scanning a computer's ports. Since a port
is a place where information goes into and out of a computer, port
scanning identifies open doors to a computer. Port scanning has
legitimate uses in managing networks, but port scanning also can be
malicious in nature if someone is looking for a weakened access
point to break into your computer.

Port scanning

Honeypot
In computer terminology, a honeypot is a trap set to
detect, deflect, or, in some manner, counteract attempts
at unauthorized use of information systems. Generally, a
honeypot consists of a computer, data, or a network
site that appears to be part of a network, but is actually i
solated and monitored, and which seems to contain
information or a resource of value to attackers. This is
similar to the police baiting a criminal and then
conducting undercover surveillance.

Honeypot

Backdoor Detection
Backdoors is a term describing unauthorized access
to your computer system. Usually a backdoor lies in
the program code and is created by a programmer.
Backdoors in your computer may be accessed by
attackers without your knowledge or consent.
Backdoors are considered to be real security threats.

BackDoor Key advantage for hackers:

Easy command and control of the server even after the
original exploit that enabled activating the backdoor was
patched.
Common usages of backdoors:
Maintain site/server access for the purposes of distribution
of malware & spam, credit card or other sensitive data theft,
perpetrating DDoS attacks.

The Challenge of Detecting Website Backdoors

Searching for a website backdoor is like looking for a needle

in a haystack. A backdoor can be installed anywhere on the s
erver under any name or alias.
The only currently feasible method to detect a backdoor is
by searching every directory & sub-directories on the
website, attempting to find a file/s that should not be there.

The complexity of doing this is compounded due to the fact

that most websites are built on 3rd party frameworks and
include other 3rd party extensions. Thus, detecting a single
file that should not be there is virtually impossible.
Website scanners that scan websites from the outside are
practically unable to detect such backdoors because the
possible location and filename of a backdoor is infinite and
cannot be determined from the outside.

Sniffing
A packet sniffer is a utility that has been used since the original relea
se of Ethernet. Packet sniffing allows individuals to capture data as it
is transmitted over a network. Packet sniffer programs are commonl
y used by network professionals to help diagnose network issues an
d are also used by
malicious users to capture unencrypted data lik
e passwords and usernames in network traffic. Once this information
is captured, the user can then gain access to the system or network.
If you want to keep information confidential or are concerned about
packet sniffing, it is advised that you work on encrypted protocols
and encrypt all sensitive data, such as e-mails, being sent over the
Internet or network. A great encryption program is PGP, users who
are using Telnet should consider using SSH instead.

Sniffing Diagram

Spoofing

In networking, the term is used to describe a variety of ways in which

hardware and software can be fooled. IP spoofing, for example, involves
trickery that makes a message appear as if it came from an authorized IP
address. Also see e-mail spoofing.
Spoofing is also used as a network management technique to reduce
traffic. For example, most LAN protocols send out packets periodically to
monitor the status of the network. LANs generally have enough bandwidt
h to easily absorb these network management packets. When computers
are connected to the LAN over wide-area network (WAN) connections,
however, this added traffic can become a problem. Not only can it
strain
the bandwidth limits of the WAN connection, but it can also b
e expensive because many WAN connections incur fees only when they
are
transmitting data. To reduce this problem, routers and other
network devices can be programmed to spoof replies from the remote
nodes.
Rather than sending the packets to the remote nodes and
waiting for a reply, the devices generate their own spoofedreplies.

Spoofing Diagram

Future Orientation:
We would like to provide tkinter library to this
software to make it a GUI based software and
to make it portable so that it can be available
on different operating systems.