Scribd Logo
Upload

Welcome to Scribd!

  • Experiment 1 Client Server V2 PDF

    Uploaded by

    Jorge Guerrero
    14 views3 pages

    Original Title

    Experiment_1_Client_Server_V2.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views3 pages

    Experiment 1 Client Server V2 PDF

    Uploaded by

    Jorge Guerrero

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    IoT – Part II

    Experiment Set 1 – Client- Server Communication

    Purpose

    The purpose of this experiment is to cover the client-server communication and


    evaluate potential threats to networks by:

     Developing, testing and implementing a Python script for a Server and a


    Client.
     Using two different Virtual Machine’s which acted as the Server and Client.
     Initiating penetration testing attacks from Client onto the Server to test for
    vulnerabilities.
     Encrypting all data between Server and Client by creating a secure
    connection.
     Test different scenarios involving different type of penetration attacks such
    as:
    o Man In the Middle (MITM), DDoS (Distributed Denial of Service),
    XSS (Cross-site scripting), among many others.
     Learn the different aspects of networking and how the Open Systems
    Interconnection (OSI) model works for communication between networks.
     Learn how to implement strategies to harden a system against network
    threats.

    Apparatus
    The following tools can be used in this experiment:

     Python programming language version 3.7. Python is excellent for


    developing scripts to test applications, tools and networks.
     Oracle Virtual Box version 6.0.12. This virtual box was used to create two
    independent Virtual Machines which were used to host Linux machines
    (Server/Client).
     Linux Ubuntu Desktop Operating System 64-bit version 18.0.4 LTS.
     Vim text editor in Linux Ubuntu to write the Python scripts.
     Wireshark packet sniffer.
     RSA and AES encryption keys.

    Dr. Darwish IoT Lab Course 2 Page 1


    IoT – Part II
    Experiment Set 1 – Client- Server Communication

    Overview

    In this experiment, you will perform a multi-stages experiment including the


    following:

    Stage 1: Setup the platform on oracle virtual box running Ubuntu Linux
    operating system. You should deploy two machines, one will be acting as the
    client and the other as the server.

    During this experiment, you will learn operating systems and Linux foundation using
    the command line or terminal. Commands that you can test include (ping, ip,
    ifconfig, etc). This will lead to gaining a basic understanding of what they do and
    what they can be used for. It is essential to understand what these commands do
    because they allow you to inspect a network and its issues as well as knowing how
    to go about fixing those issues.

    Stage 2: In this stage, you will create two programs using Python version
    3.7. One program is to run as a client service and the other as the server. You
    need to test the communication between both and you should be able to send
    messages and files.

    Next, you need to start learning more about network programming. You will create
    sockets in Python which will be used as an endpoint for communication between
    two machines on an internal network, in this case you will use two Ubuntu machines
    one acting as the server and the other one will be acting as the client for further
    testing purposes.

    Stage 3: You will need to enhance the programs to include encryption to


    the communication channels using RSA and AES.

    Python is a powerful scripting language used by many today to automate tasks,


    perform network penetration attacks, securing a network among many other use
    cases. It is fundamental to learn how to program in Python because as previously
    demonstrated, the capabilities are extremely powerful regarding the developing,
    testing and implementing secure applications or tools. The first scenario will consist
    of an unsecure socket communication, meaning unencrypted which is a dangerous
    situation because it is a prime target for attackers since there is no security structure

    Dr. Darwish IoT Lab Course 2 Page 2


    IoT – Part II
    Experiment Set 1 – Client- Server Communication
    around it. This is an attacker’s dream since everything is unencrypted it makes their
    job easier and less sophistication is needed to steal, alter or sell data.

    In the second scenario, you will experiment using the same socket communication.
    However, this time you will implement symmetric encryption such as AES and
    asymmetric encryption such as RSA. AES requires both parties to have access to the
    same private key otherwise encryption and decryption will not be possible, whereas
    RSA generates a private and public key which is much more convenient. It is
    recommended that RSA key strength must be 2048 bits or better to ensure a strong
    encryption method which is harder to crack should an attacker try to brute force it.

    As for signatures it is recommended to use SHA-256 or better. With RSA you will
    study how a private key is used to key a public key which anyone can see, but only
    the private key is able to encrypt and decrypt data. This provides a stronger method
    than AES because of its security and efficiency.

    Dr. Darwish IoT Lab Course 2 Page 3

    You might also like