You are on page 1of 53

INDEX

Sr No. Topic Page Date Sign

Working with Sniffers for monitoring network


1
communication

Using OpenSSL for web server – browser


2
communication

Using GNU PGP


3

4 Configuring S/MIME for email communication

Understanding Buffer Overflow and Format


5
String Attacks

6 Using NMap

7 Socket Programming

8 Exposure to Client Server concept using TCP

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 1

Aim: Working with sniffers for monitoring network communication.

Step 1: Open WIRESHARKgo to capture tabselect Interfaces.

Step 2: In Wireshark Capture Interfaces window select Local area connection.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 3: It will capture all network traffic.

Step 4: Go to google type all site one by


onehttp://www.scf.usc.edu/~csci571/Special/HTTP/simple1.html
http://www.scf.usc.edu/~csci571/Special/HTTP/simple2.html
 http://www.scf.usc.edu/~csci571/Special/HTTP/simple3.html
http://www.scf.usc.edu/~missingflie.html

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 5: Here, it will display the site (HTTP/simple1.html) automatically through the network.

Step 6: It will capture this(HTTP/simple2.html) through the network.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 7: It will capture this(HTTP/simple3.html) through the network.

Step 8: Here, it will display the site (/~csci571/missingfile.html) automatically through the
network.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 9: Go to Expression tabselect HTTP-Hypertext Transfer
Protocolhttp.request.method click on “==” Value:POSTclick on OK.

HTTP REQUEST POST

Step 10: It will display POST method.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 11: Go to Expression tabselect HTTP-Hypertext Transfer
Protocolhttp.request.uriclick on “==” Value:GETclick on OK.

HTTP REQUEST URI

Step 12: It will display GET method.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 13: Go to Expression tabselect HTTP-Hypertext Transfer
Protocolhttp.response.codeclick on “==” Value:404click on OK.

HTTP RESPONSE CODE 404

Step 14: It will capture the HTTP 404 not found.

HTTP.REQUEST.FULL_URI

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


It will display URI method.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 15: Now open a website. Example www.monster.com

Step 16: Now go to wireshark and see the packets and filter it as http.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 17: Go to Expression tabselect HTTP-Hypertext Transfer
Protocolhttp.request.methodclick on “==” Value:POSTclick on OK.

HTTP REQUEST POST

HTTP REQUEST POST

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step19: Go to Expression tabselect HTTP-Hypertext Transfer
Protocolhttp.request.methodclick on “==” Value:GETclick on OK.

HTTP REQUEST GET

HTTP REQUEST GET

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 2
Aim: Using GNUPGP

Generate the Key

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]
Sign and Encrypt a File

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]
INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]
Practical No. 3

Aim: Using IP TABLES on Linux and setting the filtering rules.

Step 1: Open Linux Server in VMware Workstation. Open the terminal (Applications ->
Accessories -> Terminal). Enter the command ‘sudoiptables -F’ to flush all existing chains
and then enter, ‘sudoiptables -L’ after every command to view the rules if they have been
applied.

Enter the command ‘sudoiptables -A INPUT -m conntrack --


ctstateRELATED,ESTABLISHED -j ACCEPT’. After executing this command, the
connection is established, and ctstate RELATED, ESTABLISHED is displayed.

SSH:
Step 2: Enter the command ‘sudoiptables -A INPUT -p tcp --dportssh -j ACCEPT’ to allow
the incoming traffic at the destination port,.i.e, SSH(22).

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


HTTP:
Step 3: Enter the command ‘sudoiptables -A INPUT -p tcp --dport 80 -j ACCEPT’ to allow
all incoming web traffic at the destination port,.i.e, Http(80).

DROP:
Step 3: Enter the command ‘sudoiptables -A INPUT -j DROP’ to drop all input traffic.

INSERT:
Step 4: Enter the command ‘sudoiptables -I INPUT 1 -m conntrack --ctstate RELATED,
ESTABLISHED -j ACCEPT’. After executing this command, the connection is established,
and a connection is added at the first row.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


INSERTING RULES IPTABLES
Step 5: Enter the command ‘sudoiptables -I INPUT 4 -p tcp --dport 443 -j ACCEPT’. After
executing this command, the https rule is inserted at the fourth row and the drop command is
shifted to the next row. The rules should always be inserted before DROP.

LOOPBACK INTERFACE:
Step 6: Enter the command ‘sudoiptables -I INPUT 1 -i lo -j ACCEPT’. After executing this
command, an interface is inserted at the first row.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


SHOW DETAILED INFO IN OUTPUT
Step 7: Enter the command ‘sudoiptables -L -v’. It displays detailed information, eg.
OUTPUT chain displays information in the form of packets and bytes.

LOGGING CHAIN
Step 8: Enter the command ‘sudoiptables -N LOGGING’ to create a new chain called
‘LOGGING’ whose name is predefined.

ENSURE UNMATCHED PACKETS


Step 9: Enter the command ‘sudoiptables –A INPUT -j LOGGING’.Initially, when the new
chain is created, the references is 0 and after execution of this command(where input is
provided), the references changes to 1.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


LOG THE PACKET WITH PREFIX
Step 10: Enter the command, ‘sudoiptables -A LOGGING -m limit --limit 4/min -j LOG --
log-prefix “IPTables Packet Dropped:” --log-level 3. It displays the error prefix. i.e., level 3.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


SAVING IPTABLES
Step 11: Enter the command ‘sudoiptables-save’. It saves the iptable’s configuration, so that
even if machine is rebooted, the iptable’s configuration is not lost.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 4

Aim: Working with S/Mime with MS Outlook.

Register for Certificate online on Comodo Site

Fill in the required details. The certificates can only be installed in the browser, where the
registration was done from

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Open the received email and click on the Click and Install Certificate

Outlook Configuration
Go to http://www.google.com/settings -> Security Tab

There Enable the option in Access for less secure apps

In Gmail, go to Settings -> Forwarding / POP IMAP and Enable POP and
Enable IMAP

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Configure Outlook

Open Outlook Options -> Trust Center -> Trust Center


Settings

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


In Email Security, click on Settings -> OK

Check all options.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Create and send an email. For Encryption to happen, you need the recipients public key
installed on your machine and their contact in your address book

To export the public key, go into Internet Options, Certificates and export the certificate
w/out private key

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 5

Aim: Understanding the buffer overflows and format string attacks.


Buffer overflow attack

Step 1: Start Ubuntu from ‘Oracle VM VirtualBox Manager’ and login as a “Guest User”.

Step2: Open the terminal using ‘Ctrl+Alt+T’. Type this ‘gedit’ command in terminal for
opening the text editor.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 3: Type the program for the buffer overflow attack and save it on desktop as
‘bufferoverflow.c’. The root privileges should be granted to the user even after password
entered is incorrect, which is the major flaw in the code.

Code:

#include <stdio.h>
#include <string.h>
int main(void)
{
char buff[15];
int pass = 0;
printf("\n Enter the password : \n");
gets(buff);
if(strcmp(buff, "@@@patkar@@@"))
{
printf ("\n Wrong Password \n");
}
else
{
printf ("\n Correct Password \n");
pass = 1;
}
if(pass)
{
/* Now Give root or admin rights to user*/
printf ("\n Root privileges given to the user \n");
}
return 0;
}

Step 4: Open the terminal using ‘Ctrl+Alt+T’. Enter the command ‘cd Desktop’ and then
‘gccbufferoverflow.c –o bufferoverflow’ where bufferoverflow.c denotes the file containing
the code and bufferoverflow is the name of the output file to be created.
The warnings are displayed on executing the above command. Type the command
‘./bufferoverflow’ to execute the program.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 5: After the executing the above command, the output file ‘bufferoverflow’ is created on
the desktop.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 6: On executing the program, it prompts to enter a password. On entering the password
as ‘@@@snitsem3@@@’ which is provided in the program, the output is displayed as
correct password and root privileges are granted to the user.

Step 7: On entering the password of size more than 14, the output is displayed as ‘Core
dumped’ because the size specified in the program is 15, i.e., 0 to 14. If the password entered
is 15 characters, then only ‘Wrong Password’ is displayed because gets() has a feature of
allowing in one more size than the specified size, i.e. it allows character at 15th position
although size specified is till 14.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


FORMAT STRING ATTACK

Step 1: Start Ubuntu from ‘Oracle VM VirtualBox Manager’ and login as a “Guest User”.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 2: Type the program for Format String attack in Text Editor which is at left side of the
ubuntu desktop and then save the program with any name, e.g. FormatString.c’, but
compulsorily with “.c” extension with the location as desktop.

CODE:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>

int main (int argc, char **argv)


{
char buf [100];
int x = 1;
printf(“\n %s \n”, argv[0]);
printf(“\n %s \n”, argv[1]);
snprintf ( buf, sizeof buf, argv [1] ) ;
buf [ sizeof buf -1 ] = 0;
printf ( “Buffer size is: (%d) \nData input: %s \n” , strlen (buf) , buf ) ;
printf ( “X equals: %d/ in hex: %#x\nMemory address for x: (%p) \n” , x, x, &x) ;
return 0 ;
}

Step 3: The file is saved on the desktop.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 4: Next open the ‘Terminal’ by pressing ‘Alt+Ctrl+T’ or by going for the option in the
left pane of the desktop & then write the following commands:‘cd Desktop’,then
‘gccFormatString.c –o FormatString’

Step 5: The output file named ‘FormateString’ is created on desktop.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 6: Next go in terminal window the above command is executed with warnings, type the
following command to execute the program: ‘./FormatString’

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 7: Now the format string vulnerability will be explored. If the format string parameter
‘%x %x’ is inserted in the input string, when the format function parses the argument, the
output will display the hello mscit, but instead of showing the %x string, the application will
show the contents of a memory address.

Step 8: When no input is provided, then buffer size is displayed as 0. When the input
provided is only hello mscit, then the buffer size is displayed as 11. When the input provided
is hello %x %x, then the buffer size is displayed as 10. The inputs hello and the format
strings parameters will be attributed to the variable buf inside the code which should take the
place of the %s in the Data input. So now the printf argument looks like: printf(“Buffer size
is: (%d) \n Data input: Bob %x %x \n” , strlen (buf) , buf ) ;When the application prints the
results, the format function will interpret the format string inputs, showing the content of a
memory address.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


INPUT"%x %x %x %x"
buffer (15): 0 1b 6 2cb43048
x is 0xbfb818b4

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 6

Aim: Using NMAP for ports monitoring.

Step 1: Open Nmapzenmap GUI Enter Target IP addressselect Intense scan click on
scan.Nmap Output tab will display all info about ip address.

Step 2: Click on scanPorts/Hosts tab will display all tcp ports.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 3: It will display the topology.

Step 4: It will display the Host Details.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 5: It will display Scan ip address.

Step 6: Click on Scan tab select Save scan.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 6: Save Scan as select file type (.xml)

Step 7: Enter the second ip address  here we enter the Google sites ip address

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 8: It will display Nmap Output.

Step 9: It will display All tcp ports/hosts.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 10: It will display the topology.

Step 11: It will display host details.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 12: It will display Scans ip address.

Step 13: Here also save the scan.

Step 14: Choose a scan to save.

Step 15: Save the second scan as .xml format.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 16: Now click on tools tab Select Compare Result.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Step 17: Click on Open buttonie open the firstscan.xml file.  Open secondscan .xml flie

Step 18: It will display all information Host ans OS details.

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 7
Aim: Socket Programming

GreetingClient.Java

import java.net.*;
import java.io.*;

public class GreetingClient


{
public static void main(String [] args)
{
String serverName = args[0];
int port = Integer.parseInt(args[1]); try
{
System.out.println("Connecting to " + serverName+ " on port " + port); Socket client = new
Socket(serverName, port); System.out.println("Just connected to " +
client.getRemoteSocketAddress());
OutputStream outToServer = client.getOutputStream(); DataOutputStream out = new
DataOutputStream(outToServer); out.writeUTF("Hello from " +
client.getLocalSocketAddress()); InputStream inFromServer = client.getInputStream();
DataInputStream in = new DataInputStream(inFromServer); System.out.println("Server says
" + in.readUTF()); client.close();
}
catch(IOException e)
{
e.printStackTrace();
}
}
}

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


GreetingServer.java

import java.net.*;
import java.io.*;
public class GreetingServer extends Thread
{
private ServerSocket serverSocket;
public GreetingServer(int port) throws IOException
{
serverSocket = new ServerSocket(port); serverSocket.setSoTimeout(10000);
}
public void run()
{
while(true)
{
try
{
System.out.println("Waiting for client on port " + serverSocket.getLocalPort() + "...");
Socket server = serverSocket.accept(); System.out.println("Just connected to "+
server.getRemoteSocketAddress());
DataInputStream in = new DataInputStream(server.getInputStream());
System.out.println(in.readUTF()); DataOutputStream out = new
DataOutputStream(server.getOutputStream());
out.writeUTF("Thank you for connecting to " + server.getLocalSocketAddress() +
"\nGoodbye!"); server.close();
}

catch(SocketTimeoutException s)
{
System.out.println("Socket timed out!"); break;
}
catch(IOException e)
{
e.printStackTrace();
break;
}
}
}

public static void main(String [] args)


{
int port = Integer.parseInt(args[0]); try
{
Thread t = new GreetingServer(port); t.start();
}
catch(IOException e)
{
e.printStackTrace();
}
}
}

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Output:

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


Practical No. 8

Aim: Exposure to Client Server concept using TCP/IP.

TCPServer.java

import java.io.*;
import java.net.*;

class TCPServer
{
public static void main(String argv[]) throws Exception
{
String clientSentence;
String capitalizedSentence;
ServerSocket welcomeSocket = new ServerSocket(6789); while(true)
{
Socket connectionSocket = welcomeSocket.accept(); BufferedReader inFromClient = new
BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));
DataOutputStream outToClient = new
DataOutputStream(connectionSocket.getOutputStream()); clientSentence =
inFromClient.readLine(); System.out.println("Received: " + clientSentence);
capitalizedSentence = clientSentence.toUpperCase() + '\n';
outToClient.writeBytes(capitalizedSentence);
}
}
}

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


TCPClient.java

import java.io.*;
import java.net.*;

class TCPClient
{
public static void main(String argv[]) throws Exception
{
String sentence;
String modifiedSentence;
BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in));
Socket clientSocket = new Socket("localhost", 6789);
DataOutputStream outToServer = new DataOutputStream(clientSocket.getOutputStream());
BufferedReader inFromServer = new BufferedReader(new
InputStreamReader(clientSocket.getInputStream()));
sentence = inFromUser.readLine(); outToServer.writeBytes(sentence + '\n');
modifiedSentence = inFromServer.readLine(); System.out.println("FROM SERVER: " +
modifiedSentence); clientSocket.close();
}
}

INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]


INTERNET SECURITY MANAGEMENT MSc. IT SEM 3 [2017 – 2018]