Professional Documents
Culture Documents
WNS Write Up3361601
WNS Write Up3361601
(608)
DEPARTMENT OF INFORMATION
TECHNOLOGY (16)
6TH SEMESTER
1. Generate an executable file from a C compiler and generate its Message Digest
Sum (MD5) sum. Note down the MD5.
2. Change the above C program with a minor modification and again generate its
executable. Check the MD5 of the new file. Verify the MD5 of both the files.
1
3. Take 5 different application executables and check their MD5 in similar
manner.
Reference: (www.md5summer.org/download.html).
You can alternatively use online MD5 generator.
2 Prepare a 5 slides presentation of RSA, explaining its working and structure.
1. Generate executable file from a C compiler and generate is Secure Hash
Algorithm (SHA-256, SHA-512) sum. Note down the SHA values.
2. Change the above C program with a minor modification and again generate its
executable. Check the SHA 256 and 512 of the new file. Verify the SHA values of
3
both the files.
3. Take 5 different application executables and check their SHA values.
Reference: (http://www.xorbin.com/tools/sha256-hash-calculator).
You can download the desktop based SHA generator.
4 Prepare a chart/model Message Authentication Codes (MACs).
5 Prepare a chart /model to explain the importance of Digital Signature.
6 Install Wireshark tool for packet capture.
Inspect IP packets and identify source and destination IP using the Wireshark
7
tool.
8 Prepare a Chart and/or presentation on SSL Protocol Stack.
1. Download Avast free AV or Clam AV open source. Check the updates of the
9 anti malware.
2. Identify you operating system. Update the OS and identify updates.
10 Prepare a presentation on 3D authentication for monetary Transactions (SET).
11 Install and configure an Antivirus for Network security.
12 Install and configure few features of Firewall for Network security.
Inspect the firewall at your department in CWN. Understand its functionality;
13
identify the important configuration parameters for the same.
2. Change the above C program with a minor modification and again generate
its executable. Check the MD5 of the new file. Verify the MD5 of both the
files.
Explanation:
First you have to make a “c” program and for that do the following steps:
Open turbo C & C++ software and make simple Hello world program
OUTPUT
By build all option you got your 2.exe file on this location C:/TurboC4/TC/SOURCE.
After that you have to download MD5 summer software and for that you just open your
browser and type MD5 summer and click on the first link, download the Zip file and install
MD5 summer.
I select C:/TurboC4/TC/SOURCE because it’s where I saved my 2.exe file. After that you
have to click on create sum option shown below and select your 2.exe file.
Just save your MD5 file on location you want and you will get your MD5 code for your EXE
File.
So that’s how you can get your MD5 sum shown in above figure as MD5 hash for your 2.EXE
file.
Explanation:
Now we just change the above program and calculate MD5 hash value for that. For that first
of all we just changed above “c” program and named by 3.c as shown in below:
As you shown in above figure I just changed program and you will get following output.
Now open MD5 summer again and browse 3.exe file path. Save that MD5 file and you will get
following output.
If you compare the output of first and second MD5 value you will see that small changed in
“c” program do big difference in the MD5 value.
Explanation:
Open your MD5 summer software and browse any five .EXE file from your computer as
shown below.
As you shown in above figure I just browse my five different .EXE file and click on OK
button and find the MD5 hash for every single .EXE file. It gives five different MD5 hash
value as shown below.
2. Change the above C program with a minor modification and again generate
its executable. Check the SHA1 sum of the new file. Verify the SHA values of
both the files.
What is SHA-256?
The SHA (Secure Hash Algorithm) is one of a number of cryptographic hash functions. A
cryptographic hash is like a signature for a text or a data file. SHA-256 algorithm generates an
almost-unique, fixed size 256-bit (32-byte) hash. Hash is a one way function – it cannot be
decrypted back. This makes it suitable for password validation, challenge hash authentication,
anti-tamper, digital signatures.
SHA-256 is one of the successor hash functions to SHA-1, and is one of the strongest hash
functions available.SHA1 gives 160-bit output.
Explanation:
First you have to make a “c” program and for that do the following steps:
Open turbo C & C++ software and make simple Hello world program
OUTPUT
By build all option you got your 2.exe file on your saved location.
After that you have to download MD5 summer software and for that you just open your
browser and type MD5 summer and click on the first link, download the Zip file and install
MD5 summer.
Next step is open MD5 summer and browse that 2.exe from the location
C:/TurboC4/TC/SOURCE.After that select SHA1 from dropdown list and click on Create
sum button.
You just have to double click on 2.exe file and you find below window
So that’s how you can get your SHA1 sum for your 2.EXE file
Explanation:
Now we just change the above program and calculate MD5 hash value for that. For that first
of all we just changed above “c” program and named by 3.c as shown in below:
As you shown in above figure I just changed program and you will get following output.
Now open MD5 summer again and browse 3.exe file path(C:/TurboC4/TC/SOURCE).save that
MD file and you will get following output.
If you compare the output of first and second MD value you will see that small changed in
“c” program does big difference in the SHA1 sum value.
Explanation:
Open your MD5 summer software and browse any five .exe file from your computer as
shown below.
As you shown in above figure I just browse my five different .EXE file and click on OK
button and find the SHA1 sum for every single .EXE file. It gives five different SHA1 sum
value as shown below.
Windows installers contain the platform and version, e.g. Wireshark-winxx-2.0.x.exe. The
Wireshark installer includes WinPcap which is required for packet capture.
Installation Components
On the Choose Components page of the installer you can select from the following:
Wireshark - The network protocol analyzer that we all know and mostly love.
TShark - A command-line network protocol analyzer. If you haven’t tried it you
should.
Wireshark 1 Legacy - The old (GTK+) user interface in case you need it.
Plugins & Extensions - Extras for the Wireshark and TShark dissection engines
o Dissector Plugins - Plugins with some extended dissections.
o Tree Statistics Plugins - Extended statistics.
o Mate - Meta Analysis and Tracing Engine - User configurable extension(s)
of the display filter engine, see https://wiki.wireshark.org/Mate for details.
o SNMP MIBs - SNMP MIBs for a more detailed SNMP dissection.
Tools - Additional command line tools to work with capture files
o Editcap - Reads a capture file and writes some or all of the packets into
another capture file.
o Text2Pcap - Reads in an ASCII hex dump and writes the data into a pcap
capture file.
o Reordercap - Reorders a capture file by timestamp.
o Mergecap - Combines multiple saved capture files into a single output file.
o Capinfos - Provides information on capture files.
o Rawshark - Raw packet filter.
User’s Guide - Local installation of the User’s Guide. The Help buttons on most
dialogs will require an internet connection to show help pages if the User’s Guide is
not installed locally.
Additional Tasks
Start Menu Shortcuts - Add some start menu shortcuts.
Desktop Icon - Add a Wireshark icon to the desktop.
Quick Launch Icon - add a Wireshark icon to the Explorer quick launch toolbar.
Install Location
Inspect IP packets and identify source and destination IP using the wireshark
tool.
Wireshark, a network analysis tool formerly known as Ethereal, captures packets in real
time and display them in human-readable format. Wireshark includes filters, color-coding
and other features that let you dig deep into network traffic and inspect individual packets.
After downloading and installing Wireshark, you can launch it and click the name of an
interface under Interface List to start capturing packets on that interface. For example, if
you want to capture traffic on the wireless network, click your wireless interface. You can
configure advanced features by clicking Capture Options, but this isn’t necessary for now.
As soon as you click the interface’s name, you’ll see the packets start to appear in real time.
Wireshark captures each packet sent to or from your system. If you’re capturing on a
wireless interface and have promiscuous mode enabled in your capture options, you’ll also
see other the other packets on the network.
Click the stop capture button near the top left corner of the window when you want to stop
capturing traffic.
Click a packet to select it and you can dig down to view its details.
You can also create filters from here — just right-click one of the details and use the Apply
as Filter submenu to create a filter based on it.
Wireshark is an extremely powerful tool, and this tutorial is just scratching the surface of
what you can do with it. Professionals use it to debug network protocol implementations,
examine security problems and inspect network protocol internals.
1) Uninstall any antivirus programs. You should only run one antivirus program on your
computer at a time to avoid conflicts and errors. AVG most likely will not even install if
it detects another antivirus program running.
2) For Example: Download AVG Free 2013. You can download the file from the AVG
website. You will be directed to Download.com, where you can start your file download.
AVG is not available for Mac OS X.
3) Run the install file. The install will begin, and the necessary files will be downloaded.
Select your language and click next >.
4) Read and accept the license agreement. You must accept it to continue, so it
recommended that you read the details.
5) Select the Free license. After checking to make sure that no conflicting programs are
installed, AVG will ask what type of installation you would like.
Selecting Express Install will install AVG toolbars and custom search sites into your
browser. Disable these if you wish by choosing a Custom Installation and
unchecking the boxes. Click Next >.
If you chose Custom Installation, you can choose what components to install in the
next screen. You can turn on or off extra features.
6) Wait for AVG to install. Once your installation is configured, the files will be
downloaded and installed automatically. This may take several minutes depending on
your computer speed and network connection.
On (recommended). This is the default setting (with don’t allow exceptions not
selected).
o Don't allow exceptions. When this check box is selected, the firewall is
placed into On With No Exceptions mode which blocks all unsolicited
requests to connect to your computer. This includes requests to programs or
services that you select on the Exceptions tab. Use the Don't allow exceptions
setting when you need maximum protection for your computer, such as
when you connect to a public network in a hotel or airport, or when a
vulnerability is discovered and either you have not had time to download a
hotfix for your computer or a hotfix is unavailable.
After you have installed the latest operating system service packs and
software updates, you can restore normal Internet functionality by returning
the operational mode to On with Don't allow exceptions cleared.
Off (not recommended). Turning off Windows Firewall might make your computer
more vulnerable to damage from viruses, worms, or intruders.
Windows Firewall is a new feature of Microsoft Windows XP Service Pack 2 (SP2) that is
turned on by default. It monitors and restricts the information that travels between your
computer and a network such as the Internet. Windows Firewall helps to provide a line of
defense against someone who might try to access your computer over a network without
your permission. It also helps to block malicious software and worms and provides a
means to log security events.
On the Advanced tab in Windows Firewall there are several settings that you can configure.
These settings are divided into four sections:
Security Logging. Advanced users can create a record of successful connections and
unsuccessful connection attempts across Windows Firewall. When you choose to log
unsuccessful attempts, information is collected about each connection attempt that is
detected and blocked by Windows Firewall.
When you choose to log successful connections, information is collected about each
successful connection that travels across the firewall. Together these create a log of all
the transactions going into and out of the computers environment.
ICMP. Advanced users can select which parts of Internet Control Message Protocol
(ICMP) can be used through Windows Firewall. To configure these settings requires in-
depth knowledge of ICMP mechanisms. Incorrect configuration of ICMP can seriously
affect your computers security.
Default Settings. Users with Administrator rights can use this option to restore
Windows Firewall settings to their original defaults settings.
Because Windows Firewall restricts communication between your computer and the
Internet, you might have to adjust settings for some programs that require an open
connection to the Internet. For any program on the Windows Firewall exceptions list,
Windows opens the necessary connection automatically, regardless of where the
application is run from.
Note: The firewall designates that the connection is only open while the program is waiting
to receive the connection. All other times the port is closed.
The firewall designates that the port is only open while the program is waiting to receive
the connection. All other times the port is closed and your computer is secure from
unsolicited requests.