The project entitled with “Network Security System” is related to hacking attacks in computer systems over internet. In today’s world many of the computer systems and servers are not secure because of increasing the hacking attacks or hackers with growing information, so information security specialist’s requirement has gone high.
2. INTRODUCTION
The project entitled with “Network Security System” is related to hacking attacks in
computer systems over internet. In today’s world many of the computer systems and
servers are not secure because of increasing the hacking attacks or hackers with growing
information, so information security specialist’s requirement has gone high. The project
done is implemented to explain and demonstrate by finding weak security points in the
systems and major security attacks.
This project designed with “Shell Scripting” on “Red Hat Enterprise Linux” operating
system and also tested with “Backtrack” operating system.
phases of attacks includes to study the possible security threats are Reconnaissance,
scanning, gaining access, maintaining access and covering attacks. These phases can be
elaborated in detail by many security exploit modules like information gathering, network
scanning, system hacking, firewall, packet sniffing, cryptography and some major attacks
like Dos attack, Arp spoof, DNS poisoning and phishing attacks. All the security modules
studied in detail and done with implementation and testing over so many systems with
some inbuilt and built Linux tools and bash shell scripting.
3. CURRENT/OPEN PROBLEMS
In computer Security, Internet security is generally becoming a top priority for both
businesses and governments. Data sent over the Internet—from personal e-mail messages
to online shopping orders—travel through an ever-changing series of computers and
network links. As a result, unscrupulous hackers and scam artists have opportunities to
intercept and change the information. Good Network security protects the critical and
important data from hacker and unauthorized access of the system.
A well-known cause of computer problems is viruses, or damaging programs that are
introduced to computers or networks. Some viruses rewrite coding to make software
programs unusable, while others scramble or destroy data. Many viruses spread quickly
and operate subtly, so they may not be noticed until the damage has already been done.
Several hacking incidents have rocked the technology and internet world recently. In
today's modern world, with the prolific use of computers and high-tech software’s, modern-
day hacking too has become somewhat of a phenomenon. The latest malware cause
damages in millions, private data gets hacked and millions of customer information
accounts compromised.
4. OVERVIEW OF PROPOSED SOLUTION
Phases of an Attack:
If you need to apply countermeasures, first you need to understand the phases of an attack.
It is necessary to comprehend the steps to counter an attack once it is detected, and stop the
attack before it reaches the next phase. In general, there are five phases that make up an
attack:
1. Reconnaissance: The attacker gathers information about a target using active or passive
means.
2. Scanning: The attacker begins to actively probe the target for vulnerabilities that can be
exploited.
3. Gaining Access: If a vulnerability is detected, the attacker exploits it to gain access to
the system.
4. Maintaining Access: Once access is gained, the attacker usually maintains access to
fulfill the goal of the attack.
5. Covering Tracks: The attacker tries to destroy all evidence of the attack
5. IMPLEMENTATION DETAILS
Foot-printing
Foot-printing is basically collecting information about victim. Before collecting information
about victim, it is also essential to know the information about our own system so as to remain
hidden during/after the attack. Different available options are mac and IP (to know one's own
mac address and ip address and different networks to which the system is connected), users
(logged into the system and their uptime), network restart (to restart network), ping (to know if a
system is up or not in a particular network), port scan (to know the active ports of the system
which is up). Command used are ipconfig, uptime, whoami, ping and nc. First four help hacker
in remaining anonymous and gives details about his/her system's details while the next two
options gather information about other users on the network.
Network Scanning
The following part of the tool is very important phase of attack since it is responsible for
finding open ports on system which are up. Ping sweep is an important scanning command
since it deletes the traces so that the scanner remains undetected. TCP and UDP are useful
when one wants to scan only TCP or only UDP ports. Port Scan is useful for scanning a
particular port only. Of all the scanning options all information is useful one, since it can
deduct many useful information about the victim's operating system and version of the
services running on the victim's system. Nmap utility is used to perform scanning.
6. Sniffing
TCP Dump, Wireshark and ARPspoof are the options provided in this section. ARPspoof is
required on LAN for sniffing. Under the TCP dump option again options like sniffing from
a single protocol, port, source, destination, saving packets for a letter analysis.
Using TCP dump, data which is traveling between two systems can be read in a human
readable format and it can be useful to hack the systems of the network.
Firewalls
Applying proper rule-set to protect one's system against cracker is one of the main
idea of ethical hacker. Firewall are most helpful tool to prevent unnecessary
connections and accepting packets from unknown systems. The option built with the
tool are viewing IP rules, flushing (deleting current ip rules), setting rule for a source
IP/destination IP for a particular port, closing Internet connection for an IP which is
being forwarded through hacker's system, limiting number of connections, deleting a
particular rule and saving current ip-table (for future use). 'iptables' is the in-built tool
used here to create firewall. Using firewall connections from particular IP or mac
addresses can be controlled to secure the system.
7. Back-door
Back-door is used to open port on remote system so that hacker can control remote system
from his system. It is also used to create Trojan. Trojans enter system and opens a back-
door for virus to enter into system and carry out its work stealthily. Here 'nc' command is
used to create connection on new port and listen to the port so that commands can be given
from a remote location.
System Hacking
System hacking mainly deals with hacking a system to which we have a physical access.
Sometimes, we do have a physical access to a system but due to password and encryption
we are not able to access the data on the system. Here, we require mainly to crack
passwords to hack into system. So, in this module, password cracking is the main focus.
8. LIMITATIONS OF THE SOLUTION
It works only on Linux and it encompasses the basic tools only.
Need of choosing the right software model to implement the idea.
The decision of making open source software requires detailed analysis and understanding
of the requirements.
Latest hardware are incompatible, so we have to rely on third-party drivers
9. FINDINGS
Security Exploitation has always a scope in the future market of the world since more and
more data is being generated and the need for data security has never been higher.
Network Security is faced with the biggest issue of hacking the information.
Security is not only at data level. It can be at communication level, at the time of file
transferring, identity theft, and many more.
Network Security has to be the top priority for any developer planning for a secured
network and various protocols and norms must be followed.
10. CONCLUSION
This project gave me a thorough learning and practice of bash shell scripting, linux
commands and implementation and theory of hacking. The structured pattern followed
throughout the tool made me understand the need of choosing right software model to
implement the idea or algorithm.
The downside of this project is that it works only on Linux and it encompasses the basic
tools only. Many advanced tools are required in today’s environment to make the task of
hacker easier.
. Overall my experience with the project was enriching and pleasant which has motivated
me to do further learning in this branch of computer science.