Social Engg. Assignment it17 final (1)

61 views

Published on

Social Engg. Assignment it17 final (1)

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
61
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Social Engg. Assignment it17 final (1)

  1. 1. IT17 Manage Network Security1. Write down two examples of Social Engineering.Ans: Social Engineering is the practice of tricking a user into giving, or givingaccess to, sensitive information, thereby bypassing most or all protectionExamples:• Social Engineering by Online: Hackers may obtain information on-line isby pretending to be the network administrator, sending e-mail through thenetwork and asking for a user’s password. The primary weakness is thatmany users often repeat the use of one simple password on everyaccount: Yahoo, Travelocity, Gap.com, whatever. So once the hacker hasone password, he or she can probably get into multiple accounts• Social Engineering by Phone: The most prevalent type of socialengineering attack is conducted by phone. A hacker will call up and imitatesomeone in a position of authority or relevance and gradually pullinformation out of the user.2. What is Denial of service attacks? List three features of it.Ans: A type of attack on a network that is designed to bring the network to itsknees by flooding it with useless traffic. Many DoS attacks, such as the Ping ofDeath and Teardrop attacks, exploit limitations in the TCP/IP protocols.Features:Flood Attack : The earliest form of denial of service attack was the flood attack.The attacker simply sends more traffic than the victim could handle. Thisrequires the attacker to have a faster network connection than the victim.This is the lowest-tech of the denial of service attacks, and also the mostdifficult to completely prevent.Ping of Death Attack : The Ping of Death attack relied on a bug in the BerkeleyTCP/IP stack which also existed on most systems which copied theBerkeley network code. The ping of death was simply sending pingpackets larger than 65,535 bytes to the victim. This denial of serviceattack was as simple as:ping -l 86600 victim.orgSYN Attack : In the TCP protocol, handshaking of network connections is donewith SYN and ACK messages. The system that wishes to communicatesends a SYN message to the target system. The target system thenresponds with an ACK message. In a SYN attack, the attacker floods thetarget with SYN messages spoofed to appear to be from unreachableInternet addresses. This fills up the buffer space for SYN messages on thetarget machine, preventing other systems on the network fromcommunicating with the target machine.
  2. 2. 3. Explain at least two features of honey pot.Ans: Honey pot is a trap set to detect, counteract attempts at unauthorized useof information systems. Mostly it consists of computer data, or a network site thatappears to be part of a network from the same network but is actually isolated,(un)protected, and monitored, and which seems to contain information or aresource of value to attackers.Features:1. Production honeypots : They are easy to use/capture only limitedinformation, and are used primarily by companies or corporations; Productionhoneypots are placed inside the production network with other production serversby organization to improve their overall state of security. Normally, productionhoneypots are low-interaction honeypots, which are easier to deploy. They giveless information about the attacks or attackers than research honeypots do. Thepurpose of a production honeypot is to help mitigate risk in an organization. Thehoneypot adds value to the security measures of an organization.2.Research honeypots: are run by a volunteer, non-profit research organizationor an educational institution to gather information about the motives and tactics ofthe Blackhat community targeting different networks. These honeypots do notadd direct value to a specific organization. Instead they are used to research thethreats organizations face, and to learn how to better protect against thosethreats.Research honeypots are complex to deploy and maintain, captureextensive information, and are used primarily by research, military, orgovernment organizations.4. Explain about different types of Encryption method with examples.Ans: Encryption is the conversion of data into a form, called a ciphertext. Thereare two basic techniques for encrypting information: symmetric encryption (alsocalled secret key encryption) and asymmetric encryption (also called public keyencryption).symmetric encryption: A type of encryption where the same key is used toencrypt and decrypt the message.Asymmetric encryption: which uses one key to encrypt a message andanother to decrypt the message.
  3. 3. Method:RSAIn 1977, shortly after the idea of a public key system was proposed, threemathematicians, Ron Rivest, Adi Shamir and Len Adleman gave a concreteexample of how such a method could be implemented. To honour them, themethod was referred to as the RSA Scheme. The system uses a private and apublic key. To start two large prime numbers are selected and then multipliedtogether; n=p*q.If we let f(n) = (p-1) (q-1), and e>1 such that GCD(e, f(n))=1. Here e will have afairly large probability of being co-prime to f(n), if n is large enough and e will bepart of the encryption key. If we solve the Linear Diophantine equation; edcongruent 1 (mod f(n)), for d. The pair of integers (e, n) are the public key and (d,n) form the private key. Encryption of M can be accomplished by the followingexpression; Me = qn + C where 0<= C < n. Decryption would be the inverse ofthe encryption and could be expressed as; Cd congruent R (mod n) where 0<= R< n. RSA is the most popular method for public key encryption and digitalsignatures today.5. Define it:Digital Signatures: An attachment to an electronic message used for securitypurposes. The most common use of a digital certificate is to verify that a usersending a message is who he or she claims to be, and to provide the receiverwith the means to encode a reply.An individual wishing to send and encrypted message applies for a digitalcertificate from a Certificate Authority. The CA issues an encrypted digitalcertificate containing the applicants public key and a variety of other identificationinformation. The CA makes its own public key readily available through printpublicity or perhaps on the InternetThe recipient of an encrypted message uses the CAs public key to decode thedigital certificate attached to the message, verifies it as issued by the CA andthen obtains the senders public key and identification information held within thecertificate. With this information, the recipient can send an encrypted reply.
  4. 4. b. Steganography: is the hiding of a secret message within an ordinarymessage and the extraction of it at its destination. Steganography takescryptography a step farther by hiding an encrypted message so that no onesuspects it exists. Ideally, anyone scanning your data will fail to know it containsencrypted data.In modern digital steganography, data is first encrypted by the usual means andthen inserted, using a special algorithm, into redundant (that is, provided butunneeded) data that is part of a particular file format such as a Jpeg image. Thinkof all the bits that represent the same color pixels repeated in a row. By applyingthe encrypted data to this redundant data in some random or non conspicuousway, the result will be data that appears to have the "noise" patterns of regular,non encrypted data. A trademark or other identifying symbol hidden in softwarecode is sometimes known as a watermark.c. WEP: stands for Wired Equivalent Privacy, a security protocol for wirelesslocal area networks (WLANs) defined in the 802.11b standard. WEP is designedto provide the same level of security as that of a wired LAN. LANs are inherentlymore secure than WLANs because LANs are somewhat protected by thephysicality of their structure, having some or all part of the network inside abuilding that can be protected from unauthorized access. WLANs, which are overradio waves, do not have the same physical structure and therefore are morevulnerable to tampering. WEP aims to provide security by encrypting data overradio waves so that it is protected as it is transmitted from one end point toanother. However, it has been found that WEP is not as secure as once believed.WEP is used at the two lowest layers of the OSI model - the data link andphysical layers; it therefore does not offer end-to-end security.d. WPA: stands for Wi-Fi Protected Access, a Wi-Fi standard that was designedto improve upon the security features of WEP. The technology is designed towork with existing Wi-Fi products that have been enabled with WEP but thetechnology includes two improvements over WEP:• Improved data encryption through the temporal key integrity protocol(TKIP), which scrambles the keys using a hashing algorithm and, byadding an integrity-checking feature, ensures that the keys haven’t beentampered with.• User authentication, which is generally missing in WEP, through theextensible authentication protocol (EAP). WEP regulates access to awireless network based on a computer’s hardware-specific MAC address,which is relatively simple to be sniffed out and stolen. EAP is built on amore secure public-key encryption system to ensure that only authorizednetwork users can access the network.
  5. 5. 6. What is the difference between biometrics and forensics?Ans: Biometrics refers to authentication techniques that rely on measurablephysical characteristics that can be automatically checked.There are several types of biometric identification schemes:• face: the analysis of facial characteristics• fingerprint: the analysis of an individual’s unique fingerprints• hand geometry: the analysis of the shape of the hand and the length ofthe fingers• retina: the analysis of the capillary vessels located at the back of the eye• iris: the analysis of the colored ring that surrounds the eye’s pupil• Signature: the analysis of the way a person signs his name.• vein: the analysis of pattern of veins in the back if the hand and the wrist• Voice: the analysis of the tone, pitch, cadence and frequency of aperson’s voice.Though the field is still in its infancy, many people believe that biometrics will playa critical role in future computers, and especially in e-commerce. Personalcomputers of the future might include a fingerprint scanner where you couldplace your index finger. The computer would analyze your fingerprint todetermine who you are and, based on your identity, authorize you different levelsof accessComputer forensics, also called cyberforensics, is the application of computerinvestigation and analysis techniques to gather evidence suitable for presentationin a court of law. The goal of computer forensics is to perform a structuredinvestigation while maintaining a documented chain of evidence to find outexactly what happened on a computer and who was responsible for it.Forensic investigators typically follow a standard set of procedures: Afterphysically isolating the computer in question to make sure it cannot beaccidentally contaminated, investigators make a digital copy of the hard drive.Once the original hard drive has been copied, it is locked in a safe or othersecure storage facility to maintain its pristine condition. All investigation is doneon the digital copy.Investigators use a variety of techniques and proprietary forensic applications toexamine the hard drive copy, searching hidden folders and unallocated diskspace for copies of deleted, encrypted, or damaged files. Any evidence found onthe digital copy is carefully documented in a "finding report" and verified with theoriginal in preparation for legal proceedings that involve discovery, depositions,or actual litigation.
  6. 6. 7. Discuss the key issue of Network design.There are many things and issue to be taken under consideration beforedesigning network.1. What Kinds of Services or Applications Will the Network Offer: Typical networkapplications today include FTP, telnet, and, of course, browsing the Webmake sure that the application is safe and application does not overlapanother2. Choosing a LAN Protocol: Today the de facto protocol of choice has to beTCP/IP but the network should support IPX/SPX and AppleTalk.3. Take care of hardware’s used for networking .like switch, cables, routers,cards etc.4. Use of better firewall which act as barriers, separating one network fromanother. It is vital that connection between a security LAN and the corporateLAN, WAN, and certainly the Internet, be very tightly controlledThe better network design should include:• forecasts of how the new network/service will operate;• the economic information concerning costs; and• The technical details of the network’s capabilities.8. Write down the disadvantages of search engine.The main disadvantage of search engine is :1. If you are in a particular line of business in a particular area and all therivalries in that area may also list themselves in the same search engineso whenever person searches for some kind of information about your lineof business upon seeing the a lots of list he will either select the namewhich is attractive or the place which is nearby so the every personsearching for a line of business in which you r trading he may notnecessarily select you.2. Too many website visitors: Highly ranked websites receive significantlymore visitors than those which are invisible to the search engines. In ourexperience, increases in visitor numbers from 200% to several orders ofmagnitude are normal.Large websites with lots of images / Flash / downloads may find theirhosting provision needs increasing. This is normally only a problem withwebsites on very old host servers. Cost implications are minimal.It is likely that the amount of Spam received will also increase. This maybe more of a nuisance.
  7. 7. 7. Discuss the key issue of Network design.There are many things and issue to be taken under consideration beforedesigning network.1. What Kinds of Services or Applications Will the Network Offer: Typical networkapplications today include FTP, telnet, and, of course, browsing the Webmake sure that the application is safe and application does not overlapanother2. Choosing a LAN Protocol: Today the de facto protocol of choice has to beTCP/IP but the network should support IPX/SPX and AppleTalk.3. Take care of hardware’s used for networking .like switch, cables, routers,cards etc.4. Use of better firewall which act as barriers, separating one network fromanother. It is vital that connection between a security LAN and the corporateLAN, WAN, and certainly the Internet, be very tightly controlledThe better network design should include:• forecasts of how the new network/service will operate;• the economic information concerning costs; and• The technical details of the network’s capabilities.8. Write down the disadvantages of search engine.The main disadvantage of search engine is :1. If you are in a particular line of business in a particular area and all therivalries in that area may also list themselves in the same search engineso whenever person searches for some kind of information about your lineof business upon seeing the a lots of list he will either select the namewhich is attractive or the place which is nearby so the every personsearching for a line of business in which you r trading he may notnecessarily select you.2. Too many website visitors: Highly ranked websites receive significantlymore visitors than those which are invisible to the search engines. In ourexperience, increases in visitor numbers from 200% to several orders ofmagnitude are normal.Large websites with lots of images / Flash / downloads may find theirhosting provision needs increasing. This is normally only a problem withwebsites on very old host servers. Cost implications are minimal.It is likely that the amount of Spam received will also increase. This maybe more of a nuisance.

×