Network Security


COIT20262 - Advanced Network Security


Assignment 1 Questions


Question 1. Cookie Stealing Attack

For this question you must use virtnet (as used in the workshops) to perform a cookie stealing attack. This assumes you have already setup and are familiar with virtnet. See Moodle and workshop instructions for information on setting up and using virtnet, deploying the website, and performing the attack. The tasks and sub-questions are grouped into multiple phases. You must complete all phases, in order.

Phase 1: Setup

1.    Create topology 7 in virtnet.

2.    Add a new normal student user to the MyUni grading system. The user must have:

a.     Username: [StudentID]

b.    Password: [FirstName]

3.    Add a new malicious student user to the MyUni grading system. The user must have:

a.     Username: 12345678

b.    Password: [StudentID]

4.    Add a grade for the normal student user for unit/course ‘coit20262’ with a grade of what you expect to receive this term, e.g. HD, D, C, P or F.

5.    Change the title of the MyUni website by editing header_footer.php and changing

the <title>Grades</title> line to:

<title>Grades:[StudentID]</title>

6.  Change the domain of the MyUni website to www.[StudentID].edu by editing the

/etc/hosts files.

7.  Test that the existing users and new student can access the grading website.

The roles of nodes in topology 7 are:

         node1: Web browser (lynx) of normal student user.

         node2: Web browser (lynx) of malicious student user.

         node3: Capture of packets with tcpdump.

         node4: MyUni grading website.

         node5: not used in this question.


Phase 2: Capture Cookies

8.    Start capturing on node3 using tcpdump.

9.    The normal student user must do the following on node1:

a.  Visit the MyUni grading website, e.g. as below or with any options:

lynx http://www.[StudentID].edu/grades/

b.    Follow the “Login” link and login

c.     Follow the “View grades” link and enter their username and ‘coit20262’ to view the course/unit grade, and submit.

d.    Follow the “Logout” link.

e.     Exit lynx by pressing q for quit.

10.   Stop capturing on node3. Note that it is important that the start of the TCP connection (i.e. 3 way handshake), as well as all HTTP requests/responses are included in the capture.

Save the capture file as normal-student.pcap.



Phase 3: Masquerade Attack

Using information from the capture in part 2, the malicious student user must now perform a cookie stealing attack to masquerade as the normal student user. Although the capture may have recorded the normal student users’ password, you MUST NOT use it in the cookie stealing attack (e.g. assume the password was encrypted). Your cookie stealing attack must only use the cookie information (not the password).

11.      Setup for the cookie stealing attack on node2.

12.      Start capturing on node 3 using tcpdump.

13.      The malicious student user must do the following on node2:

a.  Visit the MyUni grading website, e.g.

lynx http://www.[StudentID].edu/grades/

b.    Follow the “View grades” link and enter the username of the normal user, leaving the course/unit field empty (see you see all grades), and submit.

c.     Follow the “Logout” link.

d.    Exit lynx by pressing q for quit.

14.    Stop capturing on node3. Note that it is important that the start of the TCP connection (i.e. 3 way handshake), as well as all HTTP requests/responses are included in the capture.

Save the capture file as malicious-student.pcap.



Phase 4: Analysis

Answer the following sub-questions regarding the previous phases and cookie stealing attack.

(a) Submit normal-student.pcap.

(b) Submit malicious-student.pcap.

(c) Draw a message sequence diagram that illustrates all the HTTP messages for the normal student user viewing the grades (i.e. the HTTP messages from normal -student.pcap from step 7 above). Do not draw any packets generated by other applications or protocols, such as ARP, DNS or SSH, and do not draw TCP connection setup or ACKS. Only draw HTTP messages. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale.

Based on your captures only, identify the following information. If the information is found in multiple packets, give the first packet from the capture. For example, if the information is found in packet numbers 3, 5 and 7, you would give the packet number as 3.


a. Packet number from normal-student.pcap that contains the normal students’ password

b. Packet number from normal-student.pcap in which the server originally sends the cookie to the browser

c.     Last 4 HEX digits of the id_hash in the cookie (give the value of the last 4 digits, not the packet number)

d. Packet number from malicious-student.pcap that contains the normal students grade for coit20262.

e.   Packet number from malicious-student.pcap in which the client originally sends the stolen cookie

(e)Explain how the id_hash is calculated, giving both the equation/algorithm for calculating it, as well as a description of the values used in calculating it (for example, where do the values come from? How are they set?).

(f)  Explain how the id_hash provides security on the context that it is used in the grading web application.

Explain a weakness or vulnerability of how the id_hash is calculated or used. For example, how could the security it provides be broken?

(g)In this question, the username and password of the normal student user are sent as plaintext from browser to server. This is an obvious weakness, as an attacker that intercepts the packets between browser and server immediately learns the password. A possible solution is for the client browser to calculate a hash of the password using JavaScript, and sending the hash of the password to the server, instead of the actual password. Discuss the strengths or weaknesses of such a scheme with respect to preventing an attacker from logging in using the normal student users’ password.

(h)  In this question, the malicious student performing the cookie stealing attack uses lynx as a web browser. Explore how to edit or create cookies in common graphical web browsers (Firefox, Chrome, IE, Edge or Safari). Give a brief explanation of what you need to do to modify/create cookies (e.g. which options of the browser, or what software needs to be installed) and take a screenshot of a cookie you modified or created. The cookie in the screenshot MUST include your [StudentID] (e.g. put your [StudentID] in any field of the cookie).


Question 2. Cryptography


For this question you must use openssl to perform a set of cryptographic operations. When performing cryptographic operations you must be very careful, as a small mistake (such as a typo) may mean the result is an insecure system. Read the instructions carefully, understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test it by decrypting it and comparing the original to the decrypted). It is recommended you use virtnet to perform the operations.

The tasks and sub-questions are grouped into multiple phases. You must complete all phases. Phase 1: Download

Normally in public key cryptography you generate your own public/private key pair. However in this assignment to simplify the tasks, the Unit Coordinator has generated a key pair for you. Your key pair will be available to you on Moodle to download, with filename:

          [StudentID]-keypair.pem

In addition to your key pair, a number of files will be available to all students on Moodle to download. Each file starting with [StudentID] must be downloaded by you. You may also need to download files with other student’s IDs (see the next phase).

The download URL will be published on Moodle.



Question 3. Ransomware Research

Ransomware attacks are increasingly publicised. In addition it is estimated there are many more ransomware attacks not being made public, e.g. companies and users paying a ransom but not disclosing the attack. The prevalence of ransomware, and the impact it has on organisations, has led to the discussion of ransomware insurance. Your task is to study what is ransomware, what are the challenges and possible countermeasures, and report on it in an easy-to-understand manner. You must write a short report on ransomware, covering the following sections.


Overview of Ransomware

Approximately ½ page of text explaining what is ransomware and how it works. Assume the audience of this section is the general public (non-technical). You must include real examples of ransomware and/or ransomware attacks.


Technical Details of Ransomware

Approximately ½ to 1 page of text explaining the technical aspects of ransomware, including:

         What are the common methods of infection?

         What are common payloads?

         What cryptographic techniques are commonly used?

         What technologies are used to obtain ransoms?

         Why are some ransomware very hard to break?

Assume the audience of this section is technical, i.e. have similar background on network security as you. You should refer to techniques and concepts covered in the unit, and give sufficient technical detail to demonstrate you understand the issues.


Recommendations

List and explain 4 recommendations for end-users and/or organisations to avoid ransomware and/or handle ransomware infections.
There is no minimum/maximum length of the report. As a guide 1 to 2 pages of text (not including pictures) may be appropriate. Do NOT include pictures or tables in the report. Use text only. While you may use numbered lists and dot points, the report cannot entirely be lists. References are not necessary (although the normal rules of academic integrity are expected).
 To get solution visit our website www.sourceessay.com

Comments

Post a Comment

Popular posts from this blog

Assignment Help: Add Valuable Factors In Your Learning Skills

Image
The end to end process of acquiring new information and process it to meet requirements is known as the ability to learn. Learning is a combination of various skills that are required by students to process information efficiently. Broadly speaking learning skills can be categorized into four categories- critical thinking, creative thinking, communicating, and collaborating. In this article, we are going to briefly discuss the valuable factors that add essence to the learning skills of students. Critical Thinking - The careful analysis of information for better understanding is known as critical thinking. With the help of critical thinking students can develop the following abilities- Analyzing, Arguing, Classifying, Comparing & Contrasting, Defining, Describing, Evaluating, Explaining, Problem Solving, and Tracking cause and effect. In case a student faces difficulties while implementing these abilities in an assignment they can seek  instant essay help  from SourceEssay  essay
Read more

Language Techniques Every Student Must Know

Image
For every student to write an impressing assignment it is important that the assignment is written in a language that makes it easy for the readers to understand whether the piece of work is an essay, story, poem, novel or a report. The elements that are found everywhere in the piece of work is known as language techniques .  Today we are going to talk about common language techniques that should be known to every student in order to write an engaging assignment. Importance Of Language Techniques In Assignment Writing Language techniques are important because it improves the quality of the assignment as a result students are able to create appealing assignments and score well. Apart from this language techniques help students create an impact with their writing. It helps them craft their work using transactional, creative, and oral presentations. Moreover using language techniques students are able to achieve unit standards that helps them to explore language about transactional, poeti
Read more

The Helpful Essay Writing Guide: Structure, Outline, Tips And Format

Image
Essay writing is an art that involves, skills of writing, technical knowledge, and understanding of the subject. There are various types of essays each involves different structures, tones, techniques, and even the length of it differs. Students face a lot of challenges while writing essays mostly because of language barriers and lack of technical knowledge and writing skills. Students are seen taking external help from professionals to write quality essays to overcome these barriers. This is why  essay Deutsch   has gained immense popularity in Germany among academic students. In this article, we are going to share some tips with students on how to structure, outline, and format an essay. Even though the specifications of essay writing change with the kind of essay the basic structure of the essay remains the same.  Structure Of An Essay   The basic structure of an essay comprises three parts namely the introduction, body, and conclusion. Introduction   The introductio
Read more