Professional Documents
Culture Documents
Technology
CYBER SCEURITY
(3150714)
5th SEMESTER
COMPUTER ENGINEERING
y ManualLaborator
DEPARTMENT OF COMPUTER ENGINEERING
VISION
To be recognized for the quality education and research in the field of Computer Engineering known for
its accomplished graduates.
MISSION
1. Continually improve the standard of our graduates by engaging in innovative teaching learning
methods with high caliber motivated faculty members keeping in-line with the rapid
technological advancements.
2. Promote and support research activities over a wide range of academic interests among students
and staff for growth of individual knowledge and continuous learning.
3. Provide an education system that promotes innovation, creativity, entrepreneurial spirit,
leadership as well as freedom of thought with emphasis on professionalism and ethical behavior.
PEO1: To provide fundamental knowledge of science and engineering for an IT professional and to
equip them with proficiency of mathematical foundations and algorithmic principles and inculcate
competent problem-solving ability.
PEO2: To implant ability in creativity & design of IT systems and transmit knowledge and skills
to analyze, design, test and implement various software applications.
PEO3: To exhibit leadership capability, triggering social and economical commitment and inculcate
community services.
PEO4: To inculcate professional-social ethics, teamwork in students and acquaint them with requisite
technical and managerial skills to attain a successful career.
PROGRAM OUTCOMES (POs)
Engineering Graduates will be able to:
It gives us immense pleasure to present the first edition of Cyber Security Practical Book for the
B.E. 3rd year students of Silver Oak College of Engineering and Technology.
The theory and laboratory course of Cyber Security, at Silver Oak College of Engineering and
Technology, Ahmedabad, is designed in such a manner that students can develop the basic
understanding of the subject during theory classes and gain the hands-on practical experience during
their laboratory sessions.
The Laboratory Manual presented here to you help you in understanding Topologies of network,,
security related network and understanding of different tools for different attacks on security. It also
take you in learning various hacking techniques. It will help you in learning Linux programming
which will be very useful programming language in Cyber Security.
Lab Manual Revised by: Prof. Shital Mehta, Silver Oak College of Engineering and Technology
S
Practical T From
r Aim o
N
o
1 2
1 To study about Basic concepts of Computer Networks.
. (Devices, LAN, MAN & WAN)
AIM: To study about Basic concepts of Computer Networks. (Devices, LAN, MAN & WAN, O.S)
Introduction
LAN or Local Area Network connects network devices in such a way that personal computer and
workstations can share data, tools and programs. The group of computers and devices are connected
together by a switch, or stack of switches, using a private addressing scheme as defined by the TCP/IP
protocol. Private addresses are unique in relation to other computers on the local network. Routers are
found at the boundary of a LAN, connecting them to the larger WAN.
Data transmits at a very fast rate as the number of computers linked are limited. By definition, the
connections must be high speed and relatively inexpensive hardware (Such as hubs, network adapters
and Ethernet cables). LANs cover smaller geographical area (Size is limited to a few kilometres) and are
privately owned. One can use it for an office building, home, hospital, schools, etc. LAN is easy to design
and maintain. A Communication medium used for LAN has twisted pair cables and coaxial cables. It
covers a short distance, and so the error and noise are minimized.
Early LAN’s had data rates in the 4 to 16 Mbps range. Today, speeds are normally 100 or 1000 Mbps.
Propagation delay is very short in a LAN. The smallest LAN may only use two computers, while larger
LANs can accommodate thousands of computers. A LAN typically relies mostly on wired connections for
increased speed and security, but wireless connections can also be part of a LAN. The fault tolerance of
a LAN is more and there is less congestion in this network. For example: A bunch of students playing
Counter Strike in the same room (without internet).
Metropolitan Area Network (MAN) –
MAN, or Metropolitan area Network covers a larger area than that of a LAN and smaller area as
compared to WAN. It connects two or more computers that are apart but resides in the same or
different cities. It covers a large geographical area and may serve as an ISP (Internet Service Provider).
MAN is designed for customers who need a high-speed connectivity. Speeds of MAN ranges in terms of
Mbps. It’s hard to design and maintain a Metropolitan Area Network.
The fault tolerance of a MAN is less and also there is more congestion in the network. It is costly and
may or may not be owned by a single organization. The data transfer rate and the propagation delay of
MAN is moderate. Devices used for transmission of data through MAN are: Modem and Wire/Cable.
Examples of a MAN are the part of the telephone company network that can provide a high-speed DSL
line to the customer or the cable TV network in a city.
Wide Area Network (WAN) –
WAN or Wide Area Network is a computer network that extends over a large geographical area,
although it might be confined within the bounds of a state or country. A WAN could be a connection of
LAN connecting to other LAN’s via telephone lines and radio waves and may be limited to an enterprise
(a corporation or an organization) or accessible to the public. The technology is high speed and
relatively expensive.
There are two types of WAN: Switched WAN and Point-to-Point WAN. WAN is difficult to design and
maintain. Similar to a MAN, the fault tolerance of a WAN is less and there is more congestion in the
network. A Communication medium used for WAN is PSTN or Satellite Link. Due to long distance
transmission, the noise and error tend to be more in WAN.
WAN’s data rate is slow about a 10th LAN’s speed, since it involves increased distance and increased
number of servers and terminals etc. Speeds of WAN ranges from few kilobits per second (Kbps) to
megabits per second (Mbps). Propagation delay is one of the biggest problems faced here. Devices used
for transmission of data through WAN are: Optic wires, Microwaves and Satellites. Example of a
Switched WAN is the asynchronous transfer mode (ATM) network and Point-to-Point WAN is dial-up
line that connects a home computer to the Internet.
Os-:
An operating system (OS) is basically a collection of software that manages computer hardware
resources and provides common services for computer programs. Operating system is a crucial
component of the system software in a computer system.
Network Operating System is one of the important type of operating system.
Network Operating System runs on a server and gives the server the capability to manage data, users,
groups, security, applications, and other networking functions. The basic purpose of the network
operating system is to allow shared file and printer access among multiple computers in a network,
typically a local area network (LAN), a private network or to other networks.
Some examples of network operating systems include Microsoft Windows Server 2003, Microsoft
Windows Server 2008, UNIX, Linux, Mac OS X, Novell NetWare, and BSD.
Advantages
● Centralized servers are highly stable.
● Security is server managed.
● Upgradation of new technologies and hardware can be easily integrated into the system.
● It is possible to remote access to servers from different locations and types of systems.
Disadvantages
● High cost of buying and running a server.
● Dependency on a central location for most operations.
● Regular maintenance and updates are required.
PRACTICAL: 2
AIM: To study about Network Topologies.
Network Topology
Computer network topology is the way various components of a network (like nodes, links,
peripherals, etc.) are arranged. Network topologies define the layout, virtual shape or structure of
network, not only physically but also logically. The way in which different systems and nodes are
connected and communicate with each other is determined by topology of the network. Topology can
be physical or logical.
Physical Topology is the physical layout of nodes, workstations and cables in the network; while
logical topology is the way information flows between different components.
● Bus Topology
● Star Topology
● Ring Topology
● Mesh Topology
● Tree Topology
1. Bus Topology
A signal from the source is broadcasted and it travels to all workstations connected to bus cable.
Although the message is broadcasted but only the intended recipient, whose MAC address or IP
address matches, accepts it. If the MAC /IP address of machine doesn’t match with the intended
address, machine discards the signal.
Aterminatorisaddedat endsofthecentralcable, topreventbouncingofsignals. Abarrelconnector can be
used to extend it. Below I have given a basic diagram of a bus topology and then have discussed
advantages and disadvantages of Bus Network Topology.
In Star topology, all the components of network are connected to the central device called “hub”
whichmaybeahub,arouteroraswitch.UnlikeBustopology(discussedearlier),wherenodeswere connected to
central cable, here all the workstations are connected to central device with a point-to- point
connection. So it can be said that every computer is indirectly connected to every other node by the
help of “hub”.
All the data on the star topology passes through the central device before reaching the intended
destination.HubactsasajunctiontoconnectdifferentnodespresentinStarNetwork,andatthesame
timeitmanagesandcontrolswholeofthenetwork.Dependingonwhichcentraldeviceisused,“hub”
canactasrepeaterorsignalbooster.Centraldevicecanalsocommunicatewithotherhubsofdifferent network.
Unshielded Twisted Pair (UTP) Ethernet cable is used to connect workstations to central node.
● Less damage in case of a single computer failure as it does not affect the entire network
● Morecablesarerequiredtobeconnectedbecauseeachcomputerindividuallyconnectstothe central
server
● Single point of failure in case the server letdown.
3. Ring Topology
In Ring Topology, all the nodes are connected to each-other in such a way that they make a closed
loop. Each workstation is connected to two other components on either side, and it communicates with
these two adjacent neighbors. Data travels around the network, in one direction. Sending and receiving
of data takes place by the help of TOKEN.
Token passing (in brief): Token contains a piece of information which along with data is sent by the
source computer. This token then passes to next node, which checks if the signal is intended to it. If
yes, it receives it and passes the empty to into the network, otherwise passes token along with the data
to next node. This process continues until the signal reaches its intended destination. The nodes
with token are the ones only allowed to send data. Other nodes have to wait for an empty token to
reach them. This network is usually found in offices, schools and small buildings.
● Reducedchancesofdatacollisionaseachnodereleaseadatapacketafterreceivingthetoken.
● Token passing makes ring topology perform better than bus topology under heavy traffic
● No need of server to control connectivity among the nodes
● Equal access to the resources
● In Unidirectional Ring, a data packet must pass through all the nodes.
Ex:Let’ssayA,B,C,D,andEareapartoftheringnetwork.ThedataflowisfromAtowards
Bandhenceforth.Inthiscondition,ifEwantstosendapackettoD,thepacketmusttraverse the entire
network to reach.
● Single point of failure that means if a node goes down entire network goes down.
4. Mesh Topology
In a mesh network topology, each of the network node, computer and other devices, are
interconnectedwithoneanother.Everynodenotonlysendsitsownsignalsbutalsorelaysdatafrom other nodes.
In fact a true mesh topology is the one where every node is connected to every other node in the
network. This type of topology is very expensive as there are many redundant connections, thus it is
not mostly used in computer networks. It is commonly used in wireless networks. Flooding or routing
technique is used in mesh topology.
a. Full Mesh Topology: - In this, like a true mesh, each component is connected to every other
component. Even after considering the redundancy factor and cost of this network, its main
advantage is that the network traffic can be redirected to other nodes if one of the nodes goes down.
Full mesh topology is used only for backbone networks.
b. PartialMeshTopology:-Thisisfarmorepracticalascomparedtofullmeshtopology.Here,some of the
systems are connected in similar fashion as in mesh topology while rests of the systems are
onlyconnectedto1or2devices.Itcanbesaidthatinpartialmesh,theworkstationsareindirectly connected to
other devices. This one is less costly and also reduces redundancy.
5. Tree Topology
Tree Topology integrates the characteristics of Star and Bus Topology. Earlier we saw how in
PhysicalStarnetworkTopology,computers(nodes)areconnectedbyeachotherthroughcentralhub.
● Scalable as leaf nodes can accommodate more nodes in the hierarchical chain.
● A point to point wiring to the central hub at each intermediate node of a tree topology
represents a node in the bus topology
● Other hierarchical networks are not affected if one of them gets damaged
● Easier maintenance and faultfinding
6. Hybrid Topology
Hybrid, as the name suggests, is mixture of two different things. Similarly, in this type of topology we
integrate two or more different topologies to form a resultant topology which has good points
optimizing the available resources. Special care can be given to nodes where traffics high as well as
where chances of fault are high.
PRACTICAL: 3
Nmap is a tool used for port scanning. It scans the open ports in the target host.
Step 1: Install the nmap.exe.
Step 2: Start Nmap.
Following is the GUI of Nmap.
Host Details:
PRACTICAL: 4
netcat = net+cat.
It is cat command over the network. Mostly used for file transfer over the network. Learn basic
unix/linux commands to understand working of this tool.
Step 1: Install the ncat. Sometimes it comes with nmap package so check it before installing a fresh
package.
Step 6: On the second cmd (client window) run the command: ncat.exe 127.0.0.1 4444
127.1.1.1 is the local ip address. The address of same PC, and 4444 is the port number where ncat is
listening. To practice the practical in the lab enter your neighbour's IP address, and choose any port
number greater than 1024.
Step 7: Now type the message which is to be sent on the server. As soon as you press the enter key, the
message is sent to the server and it is displayed on the server cmd window.
Step 8: Now the connection has made. To disconnect the connection press ctrl+c.
2.Select "low"
3.Click Submit
Step 4: Command Execution.
1. Below we are going to do a simply ping test using the web interface.
2. As an example, ping something on your network.
3. Use the IP Address 192.168.1.106
4. Click Submit.
Attempt 1
1. cat /var/www/html/dvwa/vulnerabilities/exec/source/low.php.
2. Notice the two shell_exec lines.
3. These are the lines that execute ping depending on which Operating System is being used.
4. In Unix/Linux command, you can run multiple command separated by a ";".
5. Notice the code does not check that if $target matches an IP Address
6. \d+.\d+.\d+.\d+, where "\d+" represents a number with the possibility of multiple digits, like
192.168.1.106.
7. The code allows for an attacker to append commands behind the IP Address. 8.
192.168.1.106; cat /etc/passwd
Step 7: Copy the /etc/passwd file to /tmp.
● Input the below text into the User ID Textbox (See Picture).
● %' or '0'='0 and click submit.
● In this scenario, we are saying display all record that are false and all records that are true.
● %' - Will probably not be equal to anything, and will be false.
● '0'='0' - Is equal to true, because 0 will always equal 0.
Step 6:
● Input the below text into the User ID Textbox (See Picture).
● %' or 0=0 union select null, version() #.
● Notice in the last displayed line, 5.1.60 is displayed in the surname.
● This is the version of the mysql database.
Step 7: Display Database User
● Input the below text into the User ID Textbox (See Picture).
● %' or 0=0 union select null, user() #
● Notice in the last displayed line, root@localhost is displayed in the surname.
● This is the name of the database user that executed the behind the scenes PHP code
Step 8: Display all tables in information schema
● Input the below text into the User ID Textbox (See Picture).
● %' and 1=0 union select null, table name from information_schema. tables #
● Click Submit
● Now we are displaying all the tables in the information schema database.
● The INFORMATION_SCHEMA is the information database, the place that stores information
about all the other databases that the MySQL server maintains.
Step 9: Display all the user tables in information schema.
● Input the below text into the User ID Textbox (See Picture).
● %' and 1=0 union select null, table name from information_schema.tables where table name
like 'user%'#
● Click Submit
● Now we are displaying all the tables that start with the prefix "user" in the information schema
database.
Step 10: Display all the columns fields in the information schema user table
● Input the below text into the User ID Textbox (See Picture).%' and 1=0 union select null,
concept(table_name,0x0a,column_name) from information_schema.columns where table name
= 'users' #
● Click Submit
● Notice there are a user_id, first name, last name, user and Password column.
Step 11: Display all the columns field contents in the information_schema user table
● Input the below text into the User ID Textbox (See Picture).
● %' and 1=0 union select null, concat(first_name,0x0a,last_name,0x0a,user,0x0a,password) from
users #
● Click Submit
● Now we have successfully displayed all the necessary authentication information into this
database.
PRACTICAL: 8
A packet sniffer, sometimes referred to as a network monitor or network analyzer, can be used
byanetworkor system administrator to monitor and troubleshoot network traffic. Using the information
captured by the packet sniffer an administrator can identify erroneous packets and use the data to
pinpoint bottlenecks and help maintain efficient network data transmission.
In its simple form a packet sniffer simply captures all of the packets of data that pass through given
network interface. By placing packet sniffer on networking promiscuous mode, a malicious intruder
can capture and analyze all of the network traffic.
This is basically a network protocol analyzer –popular for providing the minutest details about your
network protocols, packet information, decryption etc. It can be used on Windows, Linux, OS X,
Solaris, FreeBSD, NetBSD, and many other systems. The information that is retrieved via this tool can
be viewed through a GUI, or the TTY-mode TShark utility. You can get your own free version of the
tool from here.
Select interface: Got capture option in menu bar and select interface
3. Start Capturing
PRACTICAL: 9
Intrusion of websites is illegal in many countries, so you cannot take other’s web sites as your testing
target.
First, you need build a test environment for yourself. If you are not good at building servers, we
recommend you build a simple one with XAMPP.
OS: Windows 7, 8
Software: XAMPP for Windows, download:
https://www.apachefriends.org/zh_cn/index.html
XAMPP for Windows has modules such as Apache, PHP, Tomcat, and MySQL etc. The default
installation path is c:\xampp, please do not change it.
Take DVWA (Damn Vulnerable Web Application) as an example, Start Apache and MySQL, and
access with http://127.0.0.1 .
After started, you can use the following command to set the password to 123456 (This is a weak
password, just for example, please modify it)
C:\xampp\mysql\bin\mysqladmin -u root password 123456
Now, you can download DVWA from https://github.com/RandomStorm/DVWA , unzip it to
C:\xampp\htdocs\dvwa,
Then modify its configuration file, which is
C:\xampp\htdocs\dvwa\config\config.inc.php:
$_DVWA[ 'db_server' ] = 'localhost';
$_DVWA[ 'db_database' ] = 'dvwa';
$_DVWA[ 'db_user' ] = 'root'
$_DVWA[ 'db_password' ] = ‘123456’;
$_DVWA['default_security_level']=" low";
Open http://127.0.0.1/dvwa/setup.php
Click” Create/Reset Database” to finish the installation.
Access the front page of it and it will redirect to
http://127.0.0.1/DVWA/login.php
Now, a basic test environment is available.
2. DVWA Brute Force
The first challenge of DVWA is how to login it. Usually, you can search the network and get the
default username/password, or try to use SQL Injection to escape the authentication mechanism, such
as use a username like admin’;-- or other ways.
Here we will use brute force, and use WebCruiser Web Vulnerability Scanner 3
(http://www.janusec.com/ ) as a brute force tool.
First, input any username and password, such as 123, 456, etc. submit.
Click “Go” to start guess process, result will be list in the window.
Log in with the username and password.
3. SQL Injection
Select “SQL Injection” menu, input 1 and submit:
Input 1’ to try:
But we found it is not the same as expected, SQL Injection with integer type was ruled out. Continue try
with 1' and '1'='1 and 1' and '1'='2
There is no result return to us when we input 1’ and ‘1’=’2
Till now, we can adjudge there is SQL Injection vulnerability with string type here. Recap:
Criterion of SQL Injection
Assume the initial response is Response0, Response by append true logic is Response1, Response by
append false logic is Response2,
If Response1= Response0, but Response1! = Response2, SQL Injection exists. OK, can you takeover
some data by exploiting it?
Try: http://127.0.0.1/dvwa/vulnerabilities/sqli/?Submit=Submit&id=1' and (select 1 from ( select
count(*),concat((select database()),0x3a,floor(rand(0)*2)) x from information_schema.tables group by
x)a)%23
ord(substr(database(),4,1)) )=97 and %271%27=%271 ,the fourth byte is a . Got the full name of
database is “dvwa” .
Is there a tool which can do these tests instead?
Yes, we can use a web application security scanner to do it.
Take WebCruiser as an illustration, navigate page and click “ScanURL”:
SQL Injection vulnerabilities found. Right click vulnerability and select “SQL INJECTION POC”,
Continue click ”Get Environment Information”:
4. XSS
Select XSS from the menu, http://127.0.0.1/dvwa/vulnerabilities/xss_s/
Input text and script directly in the title and content field, such as:
testinput<img src=0 onerror="alert(123456)"> Or use scanner, it found 2 XSS vulnerabilities.
Note: In order to improve efficiency, WebCruiser Web Vulnerability Scanner can scan designated
vulnerability type (setting) or designated URL (ScanURL button) separately.
PRACTICAL: 10
An Act to provide legal recognition for transactions carried out by means of electronic data interchange
and other means of electronic communication, commonly referred to as "electronic commerce", which
involve the use of alternatives to paper-based methods of communication and storage of information, to
facilitate electronic filing of documents with the Government agencies.
If any person without permission of the owner or any other person who is in charge of a computer,
computer system or computer network, —
(a) Accesses or secures access to such computer, computer system or computer network;
(b) Downloads, copies or extracts any data, computer data base or information from such computer,
computersystemorcomputernetworkincludinginformationordataheldorstoredinanyremovable storage
medium;
(c) Introduces or causes to be introduced any computer contaminant or computer virus into any
computer, computer system or computer network;
(d) damages or causes to be damaged any computer, computer system or computer network, data,
computer data base or any other programmer residing in such computer, computer system or computer
network;
(e) Disrupts or causes disruption of any computer, computer system or computer network;
(f) Denies or causes the denial of access to any person authorized to access any computer, computer
system or computer network by any means;
(g) providesanyassistancetoanypersontofacilitateaccesstoacomputer,computersystemor
computer network in contravention of the provisions of this Act, rules or regulations made thereunder;
(h) chargestheservicesavailedofbyapersontotheaccountofanotherpersonbytamperingwithor
manipulatinganycomputer,computersystem,orcomputernetwork,heshallbeliabletopaydamages by way
of compensation not exceeding one crore rupees to the person so affected. Explanation.- For the
purposes of this section,—
(i) "Computer contaminant" means any set of computer instructions that are designed—
(a) To modify, destroy, record, transmit data or Programmed residing within a computer, computer
system or computer network; or
(b) By any means to usurp the normal operation of the computer, computer system, or computer
network;
(ii) "computer data base" means a representation of information, knowledge, facts, concepts or
instructionsintext,image,audio,videothatarebeingpreparedorhavebeenpreparedinaformalized manner or
have been produced by a computer, computer system or computer network and are intended for use in
a computer, computer system or computer network;
(iii) "computervirus"meansanycomputerinstruction,information,dataorProgrammethatdestroys,
damages, degrades or adversely affects the performance of a computer resource or attaches itself to
another computer resource and operates when a Programmed, data or instruction is executed or some
other event takes place in that computer resource;
(iv) "Damage" means to destroy, alter, delete, add, modify or rearrange any computer resource by any
means.
If any person who is required under this Act or any rules or regulations made thereunder to—
(a) furnishanydocument,returnorreporttotheControlleror?heCertifyingAuthorityfailstofurnish
the same, he shall be liable to a penalty not exceeding one lakh and fifty thousand rupees for each such
failure;
(b) File any return or furnish any information, books or other documents within the time specified
therefor in the regulations fails to file return or furnish the same within the time specified therefore
theregulations,heshallbeliabletoapenaltynotexceedingfivethousandrupeesforeverydayduring which such
failure continues;
(c) Maintain books of account or records, fails to maintain the same, he shall be liable to a penalty not
exceeding ten thousand rupees for every day during which the failure continues.
52. Salary, allowances and other terms and conditions of service of Presiding Officer.
The salary and allowances payable to, and the other terms and conditions of service including pension,
gratuity and other retirement benefits of. The Presiding Officer of Cyber Appellate Tribunal shall be
such as may be prescribed: Provided that neither the salary and allowances nor the other terms and
conditions of service of the Presiding Officer shall be varied to his disadvantage after appointment.
No court shall have jurisdiction to entertain any suit or proceeding in respect of any matter which an
adjudicating officer appointed under this Act or the Cyber Appellate Tribunal constituted under this
Act is empowered by or under this Act to determine and no injunction shall be granted by any court or
other authority in respect of any action taken or to be taken in pursuance of any power conferred by or
under this Act.
Any person aggrieved by any decision or order of the Cyber Appellate Tribunal may file an appeal to
the High Court within sixty days from the date of communication of the decision or order of the Cyber
Appellate Tribunal to him on any question of fact or law arising out of such order Provided that the
High Court may, if it is satisfied that the appellant was prevented by sufficient cause from
filingtheappealwithinthesaidperiod,allowittobefiledwithinafurtherperiodnotexceedingsixty
days.
ApenaltyimposedunderthisAct,ifitisnotpaid,shallberecoveredasanarrearoflandrevenueand
thelicenseortheDigitalSignatureCertificate,asthecasemaybe,shallbesuspendedtillthepenalty is paid.
Explanation.—for the purposes of this section, "computer source code" means the
Listingofprogrammer,computercommands,designandlayoutandProgrammeanalysisofcomputer resource
in any form.
(1) Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to
the public or any person destroys or deletes or alters any information residing in a computer resource or
diminishes its value or utility or affects it injuriously by any means, commit shack:
(2) Whoever commits hacking shall be punished with imprisonment up to three years, or with fine
which may extend up to two lakh rupees, or with both.
Whoever publishes or transmits or causes to be published in the electronic form, any material which
islasciviousorappealstotheprurientinterestorifitseffectissuchastotendtodepraveandcorrupt
personswhoarelikely,havingregardtoallrelevantcircumstances,toread,seeorhearthematter
contained or embodied in it, shall be punished on first conviction with imprisonment of either
description for a term which may extend to five years and with fine which may extend to one lakh
rupeesandintheeventofasecondorsubsequentconvictionwithimprisonmentofeitherdescription for a term
which may extend to ten years and also with fine which may extend to two lakh rupees.
(1) TheControllermay,byorder,directaCertifyingAuthorityoranyemployeeofsuchAuthorityto
takesuchmeasuresorceasecarryingonsuchactivitiesasspecifiedintheorderifthosearenecessary to ensure
compliance with the provisions of this Act, rules or any regulations made thereunder.
(1) If the Controller is satisfied that it is necessary or expedient so to do in the interest of the
sovereignty or integrity of India, the security of the State, friendly relations with foreign Stales or
public order or for preventing incitement to the commission of any cognizable offence, for reasons
toberecordedinwriting,byorder,directanyagencyoftheGovernmenttointerceptanyinformation transmitted
through any computer resource.
(2) The subscriber or any person in charge of the computer resource shall, when called upon by any
agencywhichhasbeendirectedundersub-section(1),extendallfacilitiesandtechnicalassistanceto decrypt
the information.
(1) The appropriate Government may, by notification in the Official Gazette, declare that any
computer, computer system or computer network to be a protected system.
(2) The appropriate Government may, by order in writing, authorize the persons who reauthorized
to access protected systems notified under sub-section (1).
Whoevermakesanymisrepresentationto,orsuppressesanymaterialfactfrom,theControllerorthe Certifying
Authority for obtaining any license or Digital Signature Certificate, as the case may be. Shall be
punished with imprisonment for a term which may extend to two years, or with fine which may extend
to one lakh rupees, or with both.
Save as otherwise provided in this Act or any other law for the time being in force, any person who,
inpursuanceofanyofthepowersconferredunderthisAct,rulesorregulationsmadethereunder,has secured
access to any electronic record, book, register, correspondence, information, document or other
material without the consent of the person concerned discloses such electronic record, book. Register,
correspondence, information, document or other material to any other person shall be punished with
imprisonment for a term which may extend to two years, or with fine which may extend to one lakh
rupees, or with both.
73. Penalty for publishing Digital Signature Certificate false in certain particulars.
(a) The Certifying Authority listed in the certificate has not issued it; or
(b) The subscriber listed in the certificate has not accepted it; or
(c) The certificate has been revoked or suspended, unless such publication is for the purpose of
verifying a digital signature created prior to such suspension or revocation.
(2) Any person who contravenes the provisions of sub-section (1) shall be punished with
imprisonment for a term which may extend to two years, or with fine which may extend to one lakh
rupees, or with both.
Whoever knowingly creates, publishes or otherwise makes available a Digital Signature Certificate for
any fraudulent or unlawful purpose shall be punished with imprisonment for a term which may extend
to two years, or with fine which may extend to one lakh rupees, or with both.
(1) Subject to the provisions of sub-section (2), the provisions of this Act shall apply also to any
offence or contravention committed outside India by any person irrespective of his nationality.
76. Confiscation.
Anycomputer,computersystem,floppies,compactdisks,tapedrivesoranyotheraccessoriesrelated thereto,
in respect of which any provision of this Act. rules, orders or regulations made thereunder
hasbeenorisbeingcontravened,shallbeliabletoconfiscation:Providedthatwhereitisestablished to the
satisfaction of the court adjudicating the confiscation that the person in whose possession,
powerorcontrolofanysuchcomputer,computersystem,floppies,compactdisks,tapedrivesorany other
accessories relating thereto is found is not responsible for the contravention of the provisions of this
Act, rules, orders or regulations made thereunder, the court may, instead of making an order
forconfiscationofsuchcomputer,computersystem,floppies,compactdisks,tapedrivesoranyother
accessories related thereto, make such other order authorized by this Act against the person
contravening of the provisions of this Act, rules, orders or regulations made thereunder as it may think
fit.
77. Penalties or confiscation not to interfere with other punishments.
No penalty imposed or confiscation made under this Act shall prevent the imposition of any other
punishment to which the person affected thereby is liable under any other law for the time being in
force.
Notwithstanding anything contained in the Code of Criminal Procedure, 1973, a police officer not
below the rank of Deputy Superintendent of Police shall investigate any offence under this Act.
For the removal of doubts, it is hereby declared that no person providing any service as a network
service provider shall be liable under this Act, rules or regulations made thereunder for any third party
information or data made available by him if he proves that the offence or contravention was
committed without his knowledge or that he had exercised all due diligence to prevent the commission
of such offence or contravention.
(b) "Third party information" means any information dealt with by a network service provider in his
capacity as an intermediary;
(2) Where any person is arrested under sub-section (1) by an officer other than a police officer, such
officer shall, without unnecessary delay, take or send the person arrested before a magistrate having
jurisdiction in the case or before the officer-in-charge of a police station.
(3) The provisions of the Code of Criminal Procedure, 1973 shall, subject to the provisions of this
section, apply, so far as may be, in relation to any entry, search or arrest, made under this section.
The provisions of this Act shall have effect notwithstanding anything inconsistent therewith contained
in any other law for the time being in force.
ThePresidingOfficerandotherofficersandemployeesofaCyberAppellateTribunal,theController, the
Deputy Controller and the Assistant Controllers shall be deemed to be public servants within the
meaning of section 21 of the Indian Penal Code.
The Central Government may give directions to any State Government as to the carrying into
execution in the State of any of the provisions of this Act or of any rule, regulation or order made
thereunder.
No suit, prosecution or other legal proceeding shall lie against the Central Government, the State
Government,theControlleroranypersonactingonbehalfofhim,thePresidingOfficer,adjudicating officers
and the staff of the Cyber Appellate Tribunal for anything which is in good faith done or intended to be
done in pursuance of this Act or any rule, regulation or order made thereunder.
85. Offences by companies.
(1) Where a person committing a contravention of any of the provisions of this Act or of any rule,
direction or order made thereunder is a company, every person who, at the time the contravention was
committed, was in charge of, and was responsible to, the company for the conduct of business of the
company as well as the company, shall be guilty of the contravention and shall be liable to be
proceeded against and punished accordingly:
Providedthatnothingcontainedinthissub-sectionshallrenderanysuchpersonliabletopunishment if he
proves that the contravention took place without his knowledge or that he exercised all due diligence to
prevent such contravention.
(2) Notwithstanding anything contained in sub-section (1), where a contravention of any of the
provisions of this Act or of any rule, direction or order made thereunder has been committed by a
company and it is proved that the contravention has taken place with the consent or connivance of,
orisattributabletoanyneglectonthepartof,anydirector,manager,secretaryorotherofficerofthe company,
such director, manager, secretary or other officer shall also be deemed to be guilty of the contravention
and shall be liable to be proceeded against and punished accordingly.
(i) "Company" means anybody corporate and includes a firm or other association of individuals; and
(1)IfanydifficultyarisesingivingeffecttotheprovisionsofthisAct,theCentralGovernmentmay,
byorderpublishedintheOfficialGazette,makesuchprovisionsnotinconsistentwiththeprovisions of this Act
as appear to it to be necessary or expedient for removing the difficulty:
Providedthatnoordershallbemadeunderthissectionaftertheexpiryofaperiodoftwoyearsfrom the
commencement of this Act (2) Every order made under this section shall be laid, as soon as may be
after it is made, before each House ofParliament.