Ditutup

Computer Security- PROJECT LAB WORK

Purpose: For this lab, we will be creating a basic webpage and apply DoS/DDoS attack on it. Then, we will be monitoring the network through an Intrusion Detection System (IDS). Last, we will be adding a simple firewall rule to block the attacker by denying the IP.

1. Initial Steps

We will be using the same VM we have used in the previous labs.

First thing first, we need to update and upgrade the system sudo apt update

sudo apt upgrade

From your host, check your connection with SSH and make sure that the VM has an IP from DHCP server – for this, you need to make sure that the VirtualBox configuration for the VM network is set to the bridged.

2. Create a basic webpage

Now, we will create a basic webpage using Apache webserver. Install apache: sudo apt install apache2

When you visit localhost from your browser (just enter localhost in your browser), you should be

able to see some information about Apache webserver (it should say "Apache2 Ubuntu Default Page").

Now, let's put some basic content. Let's download this image: [login to view URL] content/uploads/2019/05/[login to view URL]

Please copy the figure under /var/www/html/

Now, we need to update [login to view URL] in /var/www/html using the following code:

<html>

<head>

<title>Basic DoS test</title>

</head>

<body>

<p>This is our webserver

<figure>

<img src="[login to view URL]" alt="UNT">

<figcaption>Welcome to our webpage</figcaption>

</figure>

</body>

</html>

From the browser's private mode (or incognito mode) in your VM, please visit localhost again. Now, you should be able to see the UNT figure there.

The main reason why we will be using the private mode in our browser from now on is not to have any cache stored in the browser; otherwise, we will have to clean our cache. If you are able to see the figure and webpage correctly, let’s move to the next step.

From your host machine, when you open (from private mode or incognito of your browser), visit your VM using its IP. If you are able to see the figure and webpage correctly, let’s move to the next step. (Question 1) Provide a screenshot of it.

3. Monitor network traffic

Now, we will be monitoring the traffic from the host to the VM. In case it is not installed at the moment, make sure that you have Wireshark installed.

sudo apt-get install wireshark sudo wireshark

Make sure that you are able to monitor the traffic from your host to the VM using Wireshark. You can use the IP filtering for this. (Question 2) Provide a screenshot. (Question 3) Explain in details what kind of traffic you can observe when you visit the VM from your host (i.e., what protocols, what ports, how many packets).

If you are able to monitor the traffic, we can move on to apply some attack.

4. Running TCP SYN flood attack

We will be using Hping3 to execute our TCP Syn flooding attack – we will run the attack from our host machine to the VM.

First, let’s install Hping3:

If your host is Ubuntu as well, you can install it easily by: apt-get install hping3

For Mac, you can use brew install hping

For Windows, you can download it from [login to view URL] (an older version)

Now, you need to run TCP Syn flooding using HPing3 – search for the right command. However, you need to make sure that you are running the attack on port 80 and you are not changing the source IP (not random source). (Question 4) Provide your command and explain why you have chosen it and how it works (you need to explain each parameter).

While running the attack, you will be seeing a large amount of traffic on the VM; (Question 5) verify this by providing a screenshot. (Question 6) Observe the packets and verify how you are running TCP SYN flooding and explain it.

Kemahiran: Linux, Ubuntu, Virtual Machines

Lihat lagi: intrusion detection system project, intrusion detection system project bids, intrusion detection system project report, lab work sharepoint, mobile computer security lab pentest, computer security project, computer security project bids, ieee project intrusion detection system, network intrusion detection system ieee project, project topics related computer security, sample project computer security java, master project computer security, research project computer security, level project computer security, project proposal computer security, network intrusion detection system using data mining project, computer security lab exercises, network intrusion detection system project source code

Tentang Majikan:
( 5 ulasan ) Hyderabad, United States

ID Projek: #29879743

5 pekerja bebas membida secara purata $27 untuk pekerjaan ini

Kuvvat

hi how are you. I have solid experience in networking and linux administration. have done many load tests like that write me and lets discuss it. thanks good luck

$30 USD dalam sehari
(70 Ulasan)
5.7
AhmadSameer

Hey there! I have been in the InfoSec arena for years. I had conducted tons of Computer Security projects. I'm downloading the attached document to check. Regards!

$30 USD dalam 7 hari
(39 Ulasan)
5.5
Armeed300

Dear, I have vast experience in System Network and security fields please let me know if you require my services. May we build a better relationship in this project.

$30 USD dalam 7 hari
(8 Ulasan)
3.9
jaywyawhare

I read through the job details extremely carefully and I am absolutely sure that I can do the project very well. I have solid experience in networking and Linux administration. I can complete your project on time and w Lagi

$25 USD dalam 7 hari
(0 Ulasan)
0.0
haqadeer91

Hello, I hope you are doing great in these hard times of COVID. I am an expert system architect with almost seven years of professional experience in the domain of application and network security. I have read the req Lagi

$20 USD dalam 7 hari
(0 Ulasan)
0.0