Coit20262 Virtnet Topology To Perform Assessment Answer

This task user needs to use the virtnet topology to perform the cookie stealing attack. By following the below steps, to do the cooking stealing attacks (Edwards, 2013).

1. First, make 7 topologies in virtnet.
2. Next, add new student and malicious users.
3. Test the existing users.
4. Then, use the TCPDUMP to capture the cookies.
5. Also do the masquerade attack to capture the packet, by using the malicious student user.
6. Then, perform cookie stealing attack to masquerade, as a normal student user.
7. Record and Capture the normal users’ password.


Capture the packet on the node 3.

The normal and malicious student captured packets are attached below.

Captured packet file is attached here.

Captured packet file is attached here.

Information	Answer
Packet number from normal-student.pcap contains the normal students’ password.	Packet Number - 35
Packet number from normal-student.pcap, using which the server originally sends the cookie to the browser.	Packet Number -12
Last 4 HEX digits of the id_hash in the cookie (gives the value of the last 4 digits, not the packet number).	a9 fe ff 42
Packet number from malicious-student.pcap contains the normal student’s grade for coit20262.	Packet Number -23
Packet number from malicious-student.pcap, where the client originally sends the stolen cookie.	Packet Number -32

Calculation of hash id using the Merkle tree algorithm is done, because it requires SHA hash, whole id message and it defines in the protocol specification. So, the Merkle tree algorithm is a very effective algorithm to calculate the Hash ID function (Elliot, 2014).

Basically, the Hash ID is used to provide security on the context which is used in the grading web applications, which is shown in all the data security applications. The hash ID function is a mathematical function that is used for the changes over a numerical information approval into the packed numerical approval. The hash function contribution is a subjective length, yet its yield is dependable on the established length. In cryptography, the hash function has variety of purposes. It also has practical applications which incorporates message integrity checks, different data security applications, validation and digital signatures (Hallberg, 2013).

The calculation of hash ID has the weakness and vulnerability. The identified weakness of hash function takes into account two records, to have a similar process whose capacity is considered as cryptographically broken, in the light of the fact that the computerized fingerprints created with it can be manufactured and cannot be trusted. When, the attackers can possibly develop software programs which could be acknowledged and executed by a refresh system that is used to refresh the system. This approves the refreshes, by checking the computerized marks (Jackson, 2010).

Generally, from browser the students (users) send the password in a plaintext, to a server, which does not provide the security. So, the users must store the passwords by using the hash functions. Because, it needs the members to use the stronger passwords, by enforcing the mixed characters and digital and special characters.

Creating Cookies

Generally, the browser stores the cookies. Next, when any request is made for cookie, the cookie is sent to the exact requested server, which is present in the cookie HTTP header.

Cryptography

Summary files are attached here.

Summary Signature Files are attached here.

Basically, AES uses the unaltered key on every block and it only encrypts 128 data bits. It is shown below (Kotenko, 2012).

The AES padding does not have any security implications. For example, the user utilizes 128 characters out of a letter ser. Next, it creates the key with 256 bit quality. So, the user gets interested in encoding difficulty, with a number of bits. Its individuals does not utilize the short passwords and this is the reason for a secret word based key deduction function (Kotenko & Skormin, 2010).

The Initialization vector used is a discretionary number similarly it is called nonce, which when joined with a mystery key makes the primary data completely befuddled. The data when first XOR with plaintext data combines, it randomizes it. Additional mystery key encryption will make it impressively harder to scrutinize. In this manner IV essentially requires not be a mystery, since the encryption with a mystery key gives the required mystery. Also the data inside the mixed record can't be hypothesized in AES-CBC, as it goes into various rounds of encryption (Kurose & Ross, 2014).

Ransomware Research

Outline of Ransomware

Ransomware, is a sort of malware that shields customers from getting to their structure or individual records and demands free section with a particular true objective, to recover. There are a couple of different ways using which the ransomware can spoil your computer. A champion among the most understood methods today is through vindictive spam, or malspam, which is an unconstrained email that is used to pass on the malware. Ransomware is a kind of vindictive programming or malware that once is accepted, it controls over your computer and undermines the threats, by denying the user their access to their own data. The attacker asks for an instalment from the casualty, promising to restore their access to their own data (Tanenbaum, 2011).

How ransomware capacities

There are different vector ransomwares for a computer, among which the champion is phishing spam which comes through email. If these files are opened or downloaded, it ensures to have control over the victim’s computer, where the users are allowed to have only the definitive access. In a couple of kinds of malware, the aggressor may case to be a law usage office shutting down the casualty's PC on account of the quickness of erotica or appropriated programming on it. In any case, most assaults don't sit around idly with this deception. There is an assortment, called leak ware or doxware, in which the assailant cripples to plug sensitive data on the victim's hard drive. Since finding and expelling such information is an astoundingly problematic recommendation for assailants, the encryption ransomware is by far the most broadly perceived method. Another notable method is malvertising. Malvertising, or vindictive advancing, is the use of electronic publicizing to scatter malware with alongside zero users participation required. Consistently, that malware is ransomware (Thomas, Thomas & Vugt, 2011).

Specialized Details of Ransomware

There are the two standard ransomware types that are regularly watched today:

• Crypto-ransomware will encode the records on a PC, essentially by 'scrambling' the report substance so the user can't get to it without a deciphering key that can precisely 'unscramble' it.
• "Police-themed" ransomware will attempt to cover their exercises by appearing, apparently, to be a notice from an area for managing approval authority, and obviously to have materials that are wrongfully downloaded.

Four Recommendations are:

• Use updated Operating System.
• Try not to present programming or give it authoritative benefits with the exception that you know what it is and what it does.
• Introduce antivirus programming, which separates harmful tasks like ransomware as they arrive, and list out such programs, which controls the unapproved applications from executing.
• Back up all your reports, both normally and occasionally. It can make the mischief caused by one significantly less basic.

References

Edwards, C. (2013). Instant Ubuntu. Packt Publishing.

Elliot, J. (2014). The network. [London]: Bloomsbury Publishing.

Hallberg, B. (2013). Networking. New York: McGraw-Hill Publishing.

Jackson, C. (2010). Network security auditing. Indianapolis, IN: Cisco Press.

Kotenko, I. (2012). Computer network security. Berlin: Springer.

Kotenko, I., & Skormin, V. (2010). Computer Network Security. Berlin, Heidelberg: Springer-Verlag Berlin Heidelberg.

Kurose, J., & Ross, K. (2014). Computer networking.

Tanenbaum, A. (2011). Computer networks. Boston: Pearson Education.

Thomas, K., Thomas, K., & Vugt, S. (2011). Beginning Ubuntu Linux. New York, NY: Apress.