Adding to your security skills
This assignment is a tour of techniques and tools that are related to topics of this course. This will give you additional hands-on experience with some of methods to apply parts of what of we have learned. These mini projects are based on the main reference book of the course. You will be responsible for all topics those tools touch on. Objectives: 1- Employing a tool for applying some cryptography techniques 2- Illustrate understanding of a famous encryption cipher which is AES 3- Performing network administration tasks such as: check the MAC (physical) address of the
network, check its SSID, find the channel it is using, notice a signal-to-noise ratio, identify the type of security the network is using, identify the type and speed of the network, and notice the times the network appears.
4- Illustrate the ability control access to a system by using a well-known password auditing program
5- Identify the role of a firewall by using a well-known tool to monitor packets flowing in and out a network.
6- Illustrate what constitutes a host hardening process to protect assets on the scale of a single machine or parts of this machine.
7- Performing an evaluation of the level of security an application has and to appreciate the critical need for curing any vulnerabilities the application may have.
Please follow these guidelines closely: 1- Create a report that has all parts below.
a. The report has a title page i. Title page has names and ids of all students of the project.
b. The report should have a table of content page showing each part and the page numbers.
c. The report mainly focuses on snapshots of performing different tasks, so make sure you follow exactly the described guidelines.
i. Please add captions to the snapshots describing what the snapshot is about. And highlight the task to the snapshot (e.g., the snapshot is about ENCRYPTION PART_28)
d. Make sure that the report is very well organized before submitting. Make it look very professional. If not, expect points to be taken off.
e. Submit the report as pdf file. f. The project is to be done in groups of 2 or less. Groups have to be from the same
section in case we have several sections. i. Forming groups, if you want to have a group, is the responsibility of students. ii. Therefore, not finding a group is not an excuse not to do the project; you still
can do it on your own. g. Copying and cheating will have serious consequences. So, avoid that.
Due date is 4/15/2017 @ 11:59 pm CDT
Please perform all the tasks below:
ENCRYPTION PART: AxCrypt® is a great third-party encryption tool. You just select the files you want encrypted, enter your password, and you’re done. It is even available as an option in the shortcut menu when you right-click a file. AxCrypt will automatically re-encrypt the file after you are done modifying it. It uses 128-bit AES and is completely free. Let’s look at some of the functionality built into AxCrypt. 1. Download AxCrypt from http://www.axantum.com/AxCrypt. 2. Click Download. 3. Click on the appropriate version for your operating system. 4. Click Save. 5. Select your download folder. 6. If the program doesn’t automatically open, browse to your download folder. 7. Right-click AxCrypt-Setup.exe. 8. Click Run as administrator. 9. Click Yes if prompted. 10. Click I Agree. 11. Click Custom Installation. 12. Deselect all the bloatware (from Amazon). 13. Click Install. 14. Deselect Register. 15. Click Finish. 16. Save all your work, exit all other programs, and reboot your computer. Once your computer is rebooted you can continue on to the next step. 17. Right-click your desktop. 18. Click New and Text Document. 19. Name the file YourName.txt. Replace YourName with your first and last name. 20. Right-click the file named YourName.txt. 21. Select AxCrypt, and Encrypt. 22. Enter the password “tiger1234” (without quotes). 23. Click OK. 24. Double-click the new YourName-txt.axx file you just created. 25. Enter the password “tiger1234” (without quotes). 26. Click OK. 27. Close the text file that you just opened. 28. Take a screenshot of your desktop showing the newly created files. 29. Right-click the file named YourName-txt.axx. 30. Select AxCrypt and Decrypt. 31. Enter the password “tiger1234” (without quotes). 32. Click OK. 33. Right-click the file named YourName.txt. (This time you’re going to make an executable file that can be opened by anyone. They won’t have to have Axcrypt installed on their computer to be able to open the .exe.) 34. Select AxCrypt, and Encrypt copy to .EXE. 35. Enter the password “tiger1234” (without quotes). 36. Click OK. 37. TAKE A SCREENSHOT OF YOUR NEWLY CREATED YOURNAME-TXT.EXE FILE.
http://www.axantum.com/AxCrypt
NETWORK SECURITY PART: A useful program that network administrators can use to manage their wireless networks is inSSIDer®. It shows (1) the MAC (physical) address of the network, (2) its SSID, (3) the channel it is using, (4) a signal-to-noise ratio, (5) the type of security the network is using, (6) the type and speed of the network, and (7) the times the network appear.
Another benefit of inSSIDer is that it displays the encryption type used on a specific network. This is important information if you are doing a penetration test or a security audit. If your company is using wired equivalent privacy (WEP), it would be wise to switch to Wi-Fi protected access (WPA) or WPA2 (even better). There are several tools available that can crack WEP keys.
Running a quick scan of your network using inSSIDer may help you determine if you need to make changes to your network. It can also tell you if your network has dead spots or rogue access points. Let’s look at a simple example.
1. Download inSSIDer from http://www.metageek.net/products/inssider. 2. Click Download inSSIDer for Windows. 3. Click Save. 4. Select your download folder. 5. If the program doesn’t automatically start, browse to your download folder. 6. Double-click the inSSIDer installer (Inssider_Installer.exe). 7. Click Next, Next, Next, and Close. 8. Click Start, All Programs, MetaGeek, and inSSIDer. 9. Select your wireless network card from the drop-down menu.
10. Click Start Scanning. 11. Click on the 2.4 GHz Channels tab in the lower pane. 12. Wait a few minutes for surrounding networks to show up on the list. 13. Take a screenshot.
ACCESS CONTROL PART:
One of the most well-known password auditing programs is John the Ripper® (JtR), written by Solar Designer (Alexander Peslyak). You can read all about it and get a free copy from http://www.openwall.com/john/. It has been used for many years and has proven to be both robust and easy to use.
In this project, you are going to run JtR in a command prompt (DOS). You are going to perform both a dictionary attack and a brute-force attack on a sample password file that you will download from www.pearsonhighered.com/boyle/. 1. Make a folder labeled “security” on your C: drive (C:\security\). 2. Download JtR from http://www.openwall.com/john/. 3. Scroll down and click on the link labeled John the Ripper 1.7.9 (Windows). Download the latest version available. 4. Click Save. 5. Select your C:\security folder. (If you haven't already created this folder, you will need to do so now.) 6. If the program doesn’t automatically open, browse to C:\security. 7. Right-click john179w2.zip. (If a later version was available, this file may have a slightly different name.) 8. Select Extract All, and Extract. 9. Download the sample password database labeled "hackme.txt" from www.pearsonhighered.com/boyle/. (The files may be listed under Student Project Files, Chapter 5.) 10. Extract all of the student project files (including hackme.txt) into your C:\security folder.
http://www.metageek.net/products/inssider
http://www.openwall.com/john/
http://www.pearsonhighered.com/boyle/
http://www.openwall.com/john/
http://www.pearsonhighered.com/boyle/
11. Copy the "hackme.txt" file from the student project folder to C:\security\john179w2\john179\run. (It is important that the hackme.txt file be in the "run" directory with the JtR executable.) 12. Click Start. 13. In the search box, type cmd 14. Press Enter. (This will open a command prompt.) 15. Type cd .. 16. Press Enter. (This will move up one directory.) 17. Type cd .. 18. Press Enter. (This will move up one directory. You should now be at the C:\) 19. Type cd security 20. Press Enter. (This will move you into the C:\security directory.) 21. Type cd john179w2 22. Press Enter. (This will move you into the C:\security\john171w2 directory.) 23. Type cd john179 24. Press Enter. (This will move you into the C:\security\john171w2\john1701 directory.) 25. Type cd run 26. Press Enter. (This will move you into the C:\security\john171w2\john1701\run directory.) 27. Type dir 28. Press Enter. (This will give you a listing of the files in the "run" directory. You can confirm that both john.exe and hackme.txt are in this directory. Note: You need to make sure you have a copy of the hackme.txt file in the run directory. You need to give john.exe something to crack. After the passwords are cracked they will be stored in a file called john.pot in the C:\security\john179w2\john179\run directory. 29. Type john.exe -wordlist=password.lst hackme.txt 30. Press Enter. (This will start a dictionary attack using a built-in dictionary (password.lst) that came with JtR. The extension on password.lst file is ".lst" where the “l” is an L as in lemon.) 31. Type time 32. Press Enter twice. (This will provide a timestamp.) 33. Take a screenshot. 34. Type john.exe hackme.txt 35. Press Enter. (This will start a brute force attack. JtR will start trying all possible combinations until it cracks all of the passwords. The passwords you see were cracked in addition to the ones found during the dictionary attack.) 36. Stop the brute force attack by pressing Ctrl-C. (You can let it run for a couple of minutes.) 37. Take a screenshot. 38. Type notepad john.pot 39. Press Enter twice. (This will open the john.pot file where the cracked passwords are stored.) 40. Take a screenshot showing hashes and passwords you have cracked.
FIREWALLS PART:
One of the most well-known packet sniffers is called Wireshark® (formerly Ethereal®). It is a powerful tool that can capture, filter, and analyze network traffic. It can promiscuously capture traffic on both wired and wireless networks. It is used by security and networking professionals to troubleshoot networking problems.
In this project, you will install Wireshark, capture packets, and look at the contents of a packet. When placed correctly, a network administrator can use Wireshark to see all the traffic coming into and out of a network. Network administrators can, among other things, see which hostnames are being requested and who is requesting them. Surfing the Web is not anonymous. 1. Download Wireshark from http://www.wireshark.org/download.html. 2. Click Download Windows Installer. (Download the latest stable release.) 3. Click Save. 4. Save the file in your download folder. 5. If the program doesn’t automatically open, browse to your download folder. 6. Double-click Wireshark-setup-1.8.5.exe. (The software version numbers will be slightly different
as newer versions are released.) 7. Click Next, I Agree, Next, Next, Next, and Install. 8. Click Next to install WinPCap. 9. Click Next, I Agree, Install, and Finish. 10. Click Next, and Finish. 11. Double-click the Wireshark icon on your desktop. (You can also access it through your Start
menu.) 12. Click Interface List. (This will display a list of all available network interfaces on your computer.
You will want to want to note the description and IP address of the interface with the most traffic. You will need to select this interface in the following steps.)
13. Note the interface with the most traffic. (You will select this interface in the following steps.) If there are duplicate names for the Network Interface Card (NIC), you can use the last 3 or 4 values of the MAC address to identify the appropriate NIC.
14. Close the Capture Interfaces window. 15. Click Capture, and Options. 16. Select your Network Interface Card (NIC) if it is not already selected. 17. Take a screenshot. 18. Close ALL other programs you currently have open except your word processing program (MS
Word, LibreOffice Writer®, etc.). 19. Click Start. 20. Let it run for 10 seconds. 21. While you are waiting open a Web browser and go to www.google.com. 22. Return to your Wireshark window. 23. In the file menu click Capture and Stop (or use the keyboard shortcut—Ctrl+E). 24. Scroll up until you see a green and blue area. (These are the packets you captured when you
requested Google’s main page.) 25. Take a screenshot. 26. Scroll down until you see a line that has GET / HTTP/1.1. (You may have to try more than one
until you get to the packet that shows “www.google.com” in the bottom pane.) 27. Select that row. 28. In the bottom pane, you will see a bunch of numbers to the left. (It’s the packets contents in
hexadecimal.) Just to the right you will see the content of the packet in a column. 29. Select the text: www.google.com. 30. Take a screenshot.
http://www.wireshark.org/download.html
http://www.google.com/
http://www.google.com/
http://www.google.com/
http://www.google.com/
HOST HARDENING PART:
FileVerifier++® is a tool that will compute hashes on any single file, or all of your files at once. These hashes are then checked to see if there have been any changes to those files. FileVerifier++
can quickly check the integrity of a large number of files. FileVerifier++ is useful if you need to verify that a given set of files has not been changed or
altered in any way. For example, it could be used to verify that customer, employee, financial, or sales records were not manipulated. If a file was changed without authorization, it can be compared with an earlier version to determine which changes were made. Using a file verifier is one way IT security professionals can detect a possible intrusion. 1. Download and install FileVerifier++ from http://www.programmingunlimited.net. 2. Click Start, All Programs, FileVerifier++, and FileVerifier++. 3. In FileVerifier, click the Options button. 4. Change the Default Algorithm to MD5. 5. Click OK. 6. Click on the Dirs button to select the directories you want. (You can also select individual files.) 7. Browse to and select your downloads directory. 8. Click OK. 9. Take a screenshot. 10. Click the Verify All button. (Browse to your downloads directory if necessary.) 11. Click OK. 12. Take a screenshot. 13. Create a new text file named YourNameHash.txt, and save it in your downloads folder. (Replace
YourName with your first and last names.) 14. Open the text file labeled YourNameHash.txt you just created in your downloads folder. 15. Add your name to the contents of the text file. 16. Save your changes to that text file by clicking File, and Save. 17. Close the text file. 18. In the FileVerifier++ window, click Verify All again. (Browse to your downloads folder if
necessary.) 19. Scroll down until you can see the text file that you changed. (It should be highlighted in red.) 20. Take a screenshot.
APPLICATION SECURITY PART:
Gaining practical experience related to testing and securing application weaknesses is difficult. Most applications have already patched known vulnerabilities. Websites are typically not willing to let users “test” their website or web applications for vulnerabilities. Testing for vulnerabilities can cause applications, web applications, and even whole websites to crash.
Open Web Application Security Project® (OWASP) is a project that contains tools that focuses specifically on application security (www.OWASP.org). It has robust tools for testing the security of your existing Web applications, and impressive training tools that won’t harm any outside websites.
OWASP’s training tool, WebGoat®, will walk you through several of the main types of application weaknesses. If you are interested in learning more about application testing, both WebGoat and WebScarab® (a custom testing proxy) are great places to start. They will help you understand specific application vulnerabilities and test them without causing any harm.
WARNING: Do not use any of the material shown in these tutorials on real websites. They can cause harm, and you will be held accountable for any damage you may do. These tools are available to help
http://www.programmingunlimited.net/
systems administrators learn how to secure their own systems. 1. Download OWASPs WebGoat® from http://code.google.com/p/webgoat/downloads/list. 2. Click on WebGoat-5.4-OWASP_Standard_Win32.zip 3. On the next page, click on WebGoat-5.4-OWASP_Standard_Win32.zip. 4. Click Save. 5. Select your download folder. 6. Click Save. 7. If the program doesn’t automatically open, browse to your download folder. 8. Right-click WebGoat-5.4-OWASP_Standard_Win32. 9. Click 7-Zip, and Extract to “\WebGoat…” 10. Browse to the newly extracted folder (\WebGoat-5.4-OWASP_Standard_Win32). 11. Open the WebGoat-5.4 folder. (You will see 5 or 6 files.)
http://code.google.com/p/webgoat/downloads/list
12. Double-click the file named webgoat.bat. (This will open a runtime viewer. You can minimize this viewer, but do not close it.) 13. Click Allow access if you see a Windows Security Alert. 14. Open an Internet browser (e.g., Firefox or Internet Explorer). 15. Type the URL http://localhost/WebGoat/attack. 16. Type “guest” for the username and “guest” for the password (without quotation marks). 17. Click on Start WebGoat. 18. You will now see the WebGoat application running through your Internet Browser. While running WebGoat, your machine is extremely vulnerable to attack. If possible, you should disconnect from the Internet while using this program. 19. With WebGoat running, open a browser and type: http://localhost/WebGoat/attack. This address is case-sensitive, so be sure to capitalize the W and G in the address line. 20. Click on Start WebGoat. 21. On the left-hand side, click on Concurrency. (The links labeled Lesson Plan and Solution provide detailed explanations about why coding errors make this attack possible.) 22. Click on Shopping Cart Concurrency Flaw. 23. Right click on the link Shopping Cart Concurrency Flaw and select Open Link in New Window. (You should have two tabs open with the exact same content.) 24. Align the windows so they are side-by-side. 25. In the left window, change the quantity of Hitachi Hard Drives from 0 to 1. 26. Click Purchase. (Do not click Confirm.) 27. In the right window, change the quantity of Hitachi Hard Drives from 0 to 15. 28. Click Update Cart. 29. Take a screenshot of your entire desktop (Ctrl-PrintScreen) showing both windows. 30. In the left window, click Confirm. (This confirms the charged amount of $169.00 while having updated the quantity to 15 in your cart! This will now process the transaction charging the original amount of one item and process the order for the updated quantity amount.) 31. Take a screenshot of your entire desktop (Ctrl-PrintScreen) showing both windows. 32. Close the right window. 33. In the left window, click Restart this lesson in the top right-hand side of the page. 34. Repeat the steps in this exercise to reproduce a similar concurrency flaw using a different product (not the Hitachi hard drive) and different quantities. 35. Take a screenshot of your entire desktop (Ctrl-PrintScreen) showing both windows after you have reproduced the concurrency flaw.
http://localhost/WebGoat/attack
http://localhost/WebGoat/attack