Networks & Security Course. Web of Trust and Network Forensics

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Networks & Security Course. Web of Trust and Network Forensics"

Transcription

1 Networks & Security Course Web of Trust and Network Forensics

2 Virtual Machine Virtual Machine Internet connection You need to connect the VM to the Internet for some of the Web of Trust exercises. Make sure the Firewall does not restrict connections coming from Virtualbox / VMware. Ensure time in VM is set (approximately) correctly (see next slide) Needed for some services Some exercises require sharing files can use the TU/e FTP server (see below) or USB sticks or...

3 Virtual Machine Enable Network Time [1] If date/time is off in your virtual machine: [2] [3] 1. Right click the date in the bar, select Adjust Date and Time 2. Click Unlock in the Date and Time screen You will be prompted for password when trying to change the settings ( secnet by default). 3. Turn on Network Time

4 TU/e FTP Server An unsafe and public medium where files are visible to everyone. Can use Debian s own file browser to connect. Places > Connect to Server Server: ftp.tue.nl Folder: /upload/2ic60_2015

5 Lab session overview Web of trust PGP & OpenPGP GnuPG Seahorse Introduction to Network Forensics Wireshark basics Recognizing attacks

6 OpenPGP and GnuPG OpenPGP (PGP=`Pretty Good Privacy ) is a common asymmetric encryption standard and GnuPG is an implementation of OpenPGP used for encryption and signing of messages. Web of trust: Decentralized method of establishing authenticity of public keys (as opposed to using a certificate authority). Participants issue certificates; they digitally sign (public key, user name) pairs for user s they known to verify the connection. This can happen e.g. at a `key signing party ; people meet physically to check and sign each others keys (like the one in this lab). Tool required: GPG, command-line tool Seahorse, graphical front-end for GPG

7 OpenPGP and GnuPG source: xkcd.com Background information: Section 8.5 of the textbook

8 Seahorse a GUI for GnuPG Can be used to create keys and view the keys available in your keyring. Is helpful, but you still need to use the command line tool, gpg to interact with the key server, and encryption/decrypting files. 03-Jun-15

9 Exercise 1.1 Generate a public key. File > New > PGP key Enter your details and click Create.

10 Exercise 1.1 Your key should appear in the GnuPG keys list. You can use View menu to filter the public keys (those created by you / those you signed etc.) The RSA public key is long. There will be a key ID and a fingerprint to identify it more easily. Right click and select Properties for details. 03-Jun-15

11 Exercise 1.2 Share your public key with others. You can use a key server to do it. Alternatively you can upload it somewhere, share via USB stick, etc. Use the command-line tool gpg to upload your key to the server (don t use the graphic front-end it does not play nice with key servers) gpg --send-keys <Your key ID>

12 Exercise 1.3 Import some keys to your keyring and sign them (after verifying the identity of the owner). This builds the web of trust. Try to create a connected web rather than isolated clusters. If your classmates shared their keyring via the key server: gpg --recv-keys <peer key id> to import them

13 Exercise 1.3 The keys you imported will show up in the front-end. By default the front-end only shows the keys you created, so make sure to select View > Show any to display all keys. You can sign the keys via command-line or the graphical interface. Command line: gpg -u <your key ID> --sign-key <imported key ID> After signing your peer s key, update the key server: gpg --send-keys <peer signed key ID> (might take a minute or two for the key server to reflect the update) Update your keyring by adding some keys that are signed by other classmates: gpg --recv-keys <peer key id>

14 Exercise 1.4 Create a text file and sign it with your public key. Transfer it to a public medium (e.g. TU/e FTP server). Verify the signatures of your peers. Sign a file: gpg -u <key ID> --sign <filename> Decrypt file & verify sender: gpg -u <key ID> --decrypt <filename> Verify sender only: gpg -u <key ID> --verify <filename>

15 Exercise 1.5 Create a text file and encrypt it with a recipient s public key. Transfer it to a public medium (e.g. TU/e FTP server). Decrypt a message sent to you and attempt to decrypt a message intended for someone else. Signing: gpg -u <key ID> --sign <filename> You ll be prompted for the recipient s key ID Decrypting: gpg -u <key ID> --decrypt <filename>

16 Conclusions Web of Trust You ve established a web of trust for the class The stronger the connection between you and some key the greater the level of trust. full trust in directly checked keys can also place trust in keys signed by keys you trust You ve used the trusted keys to securely share files where secure = confidentiality/integrity/authenticity of file can also use to send secure s 03-Jun-15

17 Network Forensics Forensics: Analysis of logs or network trace files after the attack has happened. Tools needed: Wireshark and your favorite search engine

18 PCAP Files Network traffic data captured during the attacks. Relatively small and filtered, contains information relevant to the attacker and victim only. A PCAP from an actual personal computer will have much more variety in traffic. In some of the PCAPs, the attacker uses exploits and malware to break into the victim s system. If you choose to use your own PC instead of the virtual machine, the malware binaries in the files could trigger your anti-virus, but you are safe as long as you don t convert them into.exe files and run them on a Windows XP machine.

19 Wireshark Analyzes network traffic and decodes a variety of protocols. Can be used for real-time monitoring as well. We use it for offline forensics in the current lab. Decoding does not work perfectly: Wireshark can miss if the packet capture started in the middle of a transaction, or if the parser has a problem. Commands particularly useful for this exercise: Statistics (Summary, Conversations, Endpoint List, etc.), Analyze (Decode As, Follow TCP Stream) Filtering, with expressions such as tcp.port==4445

20 Wireshark - Filtering Allows to focus on relevant parts of the traffic. Packets can be filtered according to host, protocol, time, TCP flags, session id, etc. More about filters: d/chworkbuilddisplayfiltersection.html Filter reference (per protocol):

21 Wireshark Filter examples All packets from the IP : ip.src eq All TCP packets: tcp All TCP packets with the source 443: tcp.srcport eq 443 All HTTP traffic: http

22 Wireshark Filter examples All TCP packets except HTTP traffic: tcp and (not http) All HTTP communication between and : (ip.addr eq ) and (ip.addr eq ) and http TCP packets with SYN flag set to 1 tcp.flags.syn eq 1

23 Wireshark Statistics Statistics menu is useful for getting an overview of the traffic. Statistics>Conversations to list TCP sessions Statistics>Protocol hierarchy to find out the protocols commonly used in the conversation. Statistics >Endpoints to list the hosts.

24 Wireshark - Stream Right click on a packet and click Follow TCP/UDP/.. Stream to view the conversation in a specific session. Particularly helpful with the text-based protocols.

25 Exercise 2: Classify the attacks Four PCAP files are given in the folder: ~/PCAP. Each containing traffic capture from an attack. Identify the attack in each file as one of the following: 1. Spear phishing (by user clicking on a malicious link) 2. TCP port scan 3. Buffer overflow over a Windows service 4. Malicious PHP query against a Web server

Networks and Security Lab. Network Forensics

Networks and Security Lab. Network Forensics Networks and Security Lab Network Forensics Network Forensics - continued We start off from the previous week s exercises and analyze each trace file in detail. Tools needed: Wireshark and your favorite

More information

Pretty Good Privacy with GnuPG

Pretty Good Privacy with GnuPG Pretty Good Privacy with GnuPG Steve Revilak Cabot House Sep. 24, 2013 1 / 16 Encryption and Signing Encryption The purpose is to ensure that a message is readable only by someone possessing a specific

More information

Lab - Using Wireshark to Observe the TCP 3-Way Handshake

Lab - Using Wireshark to Observe the TCP 3-Way Handshake Topology Objectives Part 1: Prepare Wireshark to Capture Packets Select an appropriate NIC interface to capture packets. Part 2: Capture, Locate, and Examine Packets Capture a web session to www.google.com.

More information

Signing and Encryption with GnuPG

Signing and Encryption with GnuPG Signing and Encryption with GnuPG Steve Revilak Cryptoparty @ Northeastern Law School Feb. 9, 2014 1 / 22 What is GnuPG? GnuPG is a free software implementation of the OpenPGP standard. PGP stands for

More information

Network Forensics Network Traffic Analysis

Network Forensics Network Traffic Analysis Copyright: The development of this document is funded by Higher Education of Academy. Permission is granted to copy, distribute and /or modify this document under a license compliant with the Creative

More information

Signing and Encryption with GnuPG

Signing and Encryption with GnuPG Signing and Encryption with GnuPG Steve Revilak http://www.srevilak.net/wiki/talks Cryptoparty @ Somerville Public Library January 10, 2015 1 / 20 What is GnuPG? GnuPG is a free software implementation

More information

Wireshark Deep packet inspection with Wireshark

Wireshark Deep packet inspection with Wireshark Wireshark Deep packet inspection with Wireshark Wireshark is a free and open-source packet analyzer. It is commonly used to troubleshoot network issues and analysis. Originally named Ethereal, in May 2006

More information

Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER

Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER COVER STORY Encrypting Email Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY The leading email applications include new features for helping users secure and authenticate their

More information

GPG installation and configuration

GPG installation and configuration Contents Introduction... 3 Windows... 5 Install GPG4WIN... 5 Configure the certificate manager... 7 Configure GPG... 7 Create your own set of keys... 9 Upload your public key to the keyserver... 11 Importing

More information

Tutorial: Encrypted Email with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014)

Tutorial: Encrypted Email with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014) Tutorial: Encrypted Email with Thunderbird and Enigmail Author: Shashank Areguli Published: Ed (August 9, 2014) There are three issues of security that needs to dealt with on the internet, concerning information.

More information

HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am)

HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am) HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am) This HW/Lab assignment covers Lectures 2 to 4. Please review these thoroughly before starting to

More information

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013 SOUTHERN POLYTECHNIC STATE UNIVERSITY Snort and Wireshark IT-6873 Lab Manual Exercises Lucas Varner and Trevor Lewis Fall 2013 This document contains instruction manuals for using the tools Wireshark and

More information

Websense Web Security Gateway: What to do when a Web site does not load as expected

Websense Web Security Gateway: What to do when a Web site does not load as expected Websense Web Security Gateway: What to do when a Web site does not load as expected Websense Support Webinar November 2011 web security data security email security Support Webinars 2009 Websense, Inc.

More information

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures A. Secure File Transfer Protocol (SFTP) Procedures Overview IEHP utilizes our Secure File Transfer Protocol (SFTP) server to conduct all electronic data file transactions. Some of the benefits to using

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

EMAIL ENCRYPTION Guide June 3, 2013

EMAIL ENCRYPTION Guide June 3, 2013 EMAIL ENCRYPTION Guide June 3, 2013 TABLE OF CONTENTS Steps to Create Encryption Public Key... 3 Installing GPG... 3 Key Generation Process... 4 Update User Settings... 6 Decrypting an encrypted file...

More information

Lab 8.3.2 Conducting a Network Capture with Wireshark

Lab 8.3.2 Conducting a Network Capture with Wireshark Lab 8.3.2 Conducting a Network Capture with Wireshark Objectives Perform a network traffic capture with Wireshark to become familiar with the Wireshark interface and environment. Analyze traffic to a web

More information

WildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks

WildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on

More information

Network Traffic Analysis

Network Traffic Analysis 2013 Network Traffic Analysis Gerben Kleijn and Terence Nicholls 6/21/2013 Contents Introduction... 3 Lab 1 - Installing the Operating System (OS)... 3 Lab 2 Working with TCPDump... 4 Lab 3 - Installing

More information

The KGpg Handbook. Jean-Baptiste Mardelle Rolf Eike Beer

The KGpg Handbook. Jean-Baptiste Mardelle Rolf Eike Beer Jean-Baptiste Mardelle Rolf Eike Beer 2 Contents 1 Introduction 5 2 Getting Started 6 3 Using KGpg 8 3.1 Generating a key...................................... 8 3.2 Revoking a key.......................................

More information

Web Application Firewall

Web Application Firewall Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

More information

Using Internet or Windows Explorer to Upload Your Site

Using Internet or Windows Explorer to Upload Your Site Using Internet or Windows Explorer to Upload Your Site This article briefly describes what an FTP client is and how to use Internet Explorer or Windows Explorer to upload your Web site to your hosting

More information

Network setup and troubleshooting

Network setup and troubleshooting ACTi Knowledge Base Category: Troubleshooting Note Sub-category: Network Model: All Firmware: All Software: NVR Author: Jane.Chen Published: 2009/12/21 Reviewed: 2010/10/11 Network setup and troubleshooting

More information

USING WIRESHARK TO CAPTURE AND ANALYZE NETWORK DATA

USING WIRESHARK TO CAPTURE AND ANALYZE NETWORK DATA USING WIRESHARK TO CAPTURE AND ANALYZE NETWORK DATA CPSC 441 TUTORIAL JANUARY 30, 2012 TA: RUITING ZHOU The content of these slides are taken from CPSC 526 TUTORIAL by Nashd Safa (Extended and partially

More information

Network Security, ISA 656, Angelos Stavrou. Snort Lab

Network Security, ISA 656, Angelos Stavrou. Snort Lab Snort Lab Purpose: In this lab, we will explore a common free Intrusion Detection System called Snort. Snort was written initially for Linux/Unix, but most functionality is now available in Windows. In

More information

ReadyNAS Remote White Paper. NETGEAR May 2010

ReadyNAS Remote White Paper. NETGEAR May 2010 ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that

More information

File and email encryption with GPG4win & Enigmail

File and email encryption with GPG4win & Enigmail Protektor Services Windows Manual 11.5 File and email encryption with GPG4win & Enigmail Introduction, Contact, Legals, License Introduction Protektor Services Manual version 11.5 A new edition of the

More information

IDS and Penetration Testing Lab ISA656 (Attacker)

IDS and Penetration Testing Lab ISA656 (Attacker) IDS and Penetration Testing Lab ISA656 (Attacker) Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible

More information

WS_FTP Professional 12. Security Guide

WS_FTP Professional 12. Security Guide WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 2 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...

More information

Preventing credit card numbers from escaping your network

Preventing credit card numbers from escaping your network Preventing credit card numbers from escaping your network The following recipe describes how to configure your FortiGate to use DLP (Data Loss Prevention) so that credit card numbers cannot be sent out

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Introduction to Network Security Lab 1 - Wireshark

Introduction to Network Security Lab 1 - Wireshark Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication

More information

Safe network analysis

Safe network analysis Safe network analysis Generating network traffic captures within a virtual network. Presented by Andrew Martin 1 Introduction What is a sniffer How does sniffing work Usages Scenarios Building safe repositories

More information

EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL

EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL PREPARATIONS STUDYING SIP PROTOCOL The aim of this exercise is to study the basic aspects of the SIP protocol. Before executing the exercise you should

More information

1. LAB SNIFFING LAB ID: 10

1. LAB SNIFFING LAB ID: 10 H E R A LAB ID: 10 SNIFFING Sniffing in a switched network ARP Poisoning Analyzing a network traffic Extracting files from a network trace Stealing credentials Mapping/exploring network resources 1. LAB

More information

Setting Up Scan to SMB on TaskALFA series MFP s.

Setting Up Scan to SMB on TaskALFA series MFP s. Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and

More information

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer

More information

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Biznet GIO Cloud Connecting VM via Windows Remote Desktop Biznet GIO Cloud Connecting VM via Windows Remote Desktop Introduction Connecting to your newly created Windows Virtual Machine (VM) via the Windows Remote Desktop client is easy but you will need to make

More information

Lab 1: Network Devices and Technologies - Capturing Network Traffic

Lab 1: Network Devices and Technologies - Capturing Network Traffic CompTIA Security+ Lab Series Lab 1: Network Devices and Technologies - Capturing Network Traffic CompTIA Security+ Domain 1 - Network Security Objective 1.1: Explain the security function and purpose of

More information

Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort

Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort License Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons

More information

Configuring Security for FTP Traffic

Configuring Security for FTP Traffic 2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP

More information

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us

More information

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem

More information

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of

More information

McAfee Network Security Platform Administration Course

McAfee Network Security Platform Administration Course McAfee Network Security Platform Administration Course Intel Security Education Services Administration Course The McAfee Network Security Platform Administration course from McAfee Education Services

More information

Network Connect & Junos Pulse Performance Logs on Windows

Network Connect & Junos Pulse Performance Logs on Windows Network Connect & Junos Pulse Performance Logs on Windows How-to Juniper Networks, Inc. 1 Table of Contents Introduction Part 1: Client Prerequisites... 3 Step 1.1: Packet Sniffer... 3 Step 1.2: Output

More information

WinSCP for Windows: Using SFTP to upload files to a server

WinSCP for Windows: Using SFTP to upload files to a server WinSCP for Windows: Using SFTP to upload files to a server Quickstart guide Developed by: Academic Technology Services & User Support, CIT atc.cit.cornell.edu Last updated 9/9/08 WinSCP 4.1.6 Getting started

More information

Ubuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014

Ubuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014 Ubuntu Open PGP IMPLEMENTATION Dr. ENİS KARAARSLAN 2014 Enter your personal information, select your key encryption type, key strength, and when you want your key to expire. Your name and email address

More information

Firewall Firewall August, 2003

Firewall Firewall August, 2003 Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also

More information

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder. CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files

More information

Custom Application Signatures Tech Note PAN-OS 4.1

Custom Application Signatures Tech Note PAN-OS 4.1 Custom Application Signatures Tech Note PAN-OS 4.1 Revision C Contents Overview...3 Why Custom App-IDs...3 Objectives...3 Signatures for Custom App-IDs...3 Research the Application...3 Identify Patterns

More information

Lab 8.4.2 Configuring Access Policies and DMZ Settings

Lab 8.4.2 Configuring Access Policies and DMZ Settings Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set

More information

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses. Lab Exercise DNS Objective DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses. Step 1: Analyse the supplied DNS Trace Here we examine the supplied trace of a

More information

WS_FTP Professional 12. Security Guide

WS_FTP Professional 12. Security Guide WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 1 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...

More information

XStream Remote Control: Configuring DCOM Connectivity

XStream Remote Control: Configuring DCOM Connectivity XStream Remote Control: Configuring DCOM Connectivity APPLICATION BRIEF March 2009 Summary The application running the graphical user interface of LeCroy Windows-based oscilloscopes is a COM Automation

More information

Intrusion Detection Systems (IDS)

Intrusion Detection Systems (IDS) Intrusion Detection Systems (IDS) What are They and How do They Work? By Wayne T Work Security Gauntlet Consulting 56 Applewood Lane Naugatuck, CT 06770 203.217.5004 Page 1 6/12/2003 1. Introduction Intrusion

More information

Network Connect & Pulse Performance Logs on Windows

Network Connect & Pulse Performance Logs on Windows Network Connect & Pulse Performance Logs on Windows How-to Published Date July 2015 Contents Introduction 4 Part 1: Client Prerequisites 4 Step 1.1: Packet Sniffer 4 Step 1.2: Output of IPs, Routes, Ping,

More information

Hands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp

Hands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp Hands-on Network Traffic Analysis 2015 Cyber Defense Boot Camp What is this about? Prerequisite: network packet & packet analyzer: (header, data) Enveloped letters inside another envelope Exercises Basic

More information

Wireshark. Fakrul (Pappu) Alam fakrul@dhakacom.com

Wireshark. Fakrul (Pappu) Alam fakrul@dhakacom.com Wireshark Fakrul (Pappu) Alam fakrul@dhakacom.com What is Wireshark? Wireshark is a network packet/protocol analyzer. A network packet analyzer will try to capture network packets and tries to display

More information

4. Click Next and then fill in your Name and E-mail address. Click Next again.

4. Click Next and then fill in your Name and E-mail address. Click Next again. NOTE: Before installing PGP, Word needs to be disabled as your editor in Outlook. In Outlook, go to Tools: Options: Mail Format and uncheck Use Microsoft Office Word to edit e-mail messages. Failure to

More information

WS_FTP Professional 12

WS_FTP Professional 12 WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method...1 About SSL...1 About SSH...2 About OpenPGP...2 Using FIPS 140-2 Validated Cryptography...2

More information

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN) MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

More information

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,

More information

How to use PGP Encryption with iscribe

How to use PGP Encryption with iscribe How to use PGP Encryption with iscribe iscribe e-mail seamlessly supports e-mail encryption and digital signatures. This bulletin describes how to setup iscribe so that you can send and receive encrypted

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

Chapter 8 Router and Network Management

Chapter 8 Router and Network Management Chapter 8 Router and Network Management This chapter describes how to use the network management features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. These features can be found by

More information

Open Source Security Tool Overview

Open Source Security Tool Overview Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware

More information

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started

Getting Started. Symantec Client Security. About Symantec Client Security. How to get started Getting Started Symantec Client Security About Security Security provides scalable, cross-platform firewall, intrusion prevention, and antivirus protection for workstations and antivirus protection for

More information

DMZ Network Visibility with Wireshark June 15, 2010

DMZ Network Visibility with Wireshark June 15, 2010 DMZ Network Visibility with Wireshark June 15, 2010 Ashok Desai Senior Network Specialist Intel Information Technology SHARKFEST 10 Stanford University June 14-17, 2010 Outline Presentation Objective DMZ

More information

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005 Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department

More information

Computer Networks. Lab 4

Computer Networks. Lab 4 1 159.334 Computer Networks Lab 4 Objectives: 1) Manage user accounts in windows 2) Familiarise yourself with FTP, Network Drive, Network Printer and Terminal Services 3) Configure IP filtering Note: Unless

More information

Kepware Technologies Using Wireshark for Ethernet Diagnostics

Kepware Technologies Using Wireshark for Ethernet Diagnostics Kepware Technologies Using Wireshark for Ethernet Diagnostics March, 2012 Ref. 50.08 Kepware Technologies Table of Contents 1. Introduction... 1 2. Setting up the Software... 1 3. Using Wireshark... 2

More information

Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Objective Scenario Estimated Time: 20 minutes Number of Team Members: Two teams with four students per team

More information

HoneyBOT User Guide A Windows based honeypot solution

HoneyBOT User Guide A Windows based honeypot solution HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3

More information

Firewalls and Software Updates

Firewalls and Software Updates Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General

More information

Connecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs

Connecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs Connecting your Virtual Machine to the Internet BT Cloud Compute The power to build your own cloud solutions to serve your specific business needs Introduction Once you have created your virtual machine

More information

Configuring Network Load Balancing with Cerberus FTP Server

Configuring Network Load Balancing with Cerberus FTP Server Configuring Network Load Balancing with Cerberus FTP Server May 2016 Version 1.0 1 Introduction Purpose This guide will discuss how to install and configure Network Load Balancing on Windows Server 2012

More information

Technical Notes TN 1 - ETG 3000. FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?

Technical Notes TN 1 - ETG 3000. FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection? FactoryCast Gateway TSX ETG 3021 / 3022 modules How to Setup a GPRS Connection? 1 2 Table of Contents 1- GPRS Overview... 4 Introduction... 4 GPRS overview... 4 GPRS communications... 4 GPRS connections...

More information

Using Keil software with Linux via VirtualBox

Using Keil software with Linux via VirtualBox Using Keil software with Linux via VirtualBox Introduction The Keil UVision software used to develop programs for ARM based microprocessor systems is designed to run on Microsoft Windows operating systems.

More information

AXIS 70U - Using Scan-to-File

AXIS 70U - Using Scan-to-File AXIS 70U - Using Scan-to-File Introduction This document describes the Scan-to-File feature in the AXIS 70U. The step-by-step instructions describe the process of configuring the AXIS 70U and an FTP server.

More information

Remote login (Telnet):

Remote login (Telnet): SFWR 4C03: Computer Networks and Computer Security Feb 23-26 2004 Lecturer: Kartik Krishnan Lectures 19-21 Remote login (Telnet): Telnet permits a user to connect to an account on a remote machine. A client

More information

Overview Keys. Overview

Overview Keys. Overview Overview Keys Overview The PGPmail program performs fast, high-security, public-key encrypting (with optional compression), decrypting, and authenticating of electronic messages and files. The program

More information

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts

More information

Network Performance Analysis Solution. White Paper

Network Performance Analysis Solution. White Paper Network Performance Analysis Solution White Paper Copyright Copyright 2016 Colasoft. All rights reserved. Information in this document is subject to change without notice. No part of this document may

More information

Lab Module 3 Network Protocol Analysis with Wireshark

Lab Module 3 Network Protocol Analysis with Wireshark Pacific Northwest National Laboratory Lab Module 3 Network Protocol Analysis with Wireshark NATO ASI on Energy Infrastructure Security October 2015 PNNL-##### Lab Module 3 Network Protocol Analysis with

More information

PIX/ASA 7.x with Syslog Configuration Example

PIX/ASA 7.x with Syslog Configuration Example PIX/ASA 7.x with Syslog Configuration Example Document ID: 63884 Introduction Prerequisites Requirements Components Used Conventions Basic Syslog Configure Basic Syslog using ASDM Send Syslog Messages

More information

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2 Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Lab VI Capturing and monitoring the network traffic

Lab VI Capturing and monitoring the network traffic Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)

More information

Com.X IP PBX The complete communications solution in a box

Com.X IP PBX The complete communications solution in a box IP PBX Utilising VPN security when extending PBX services to remote users Virtual Private Network It is not uncommon for a single company to occupy more than one set of premises. Individual users on geographically

More information

INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v15.5.0 ONWARDS)

INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v15.5.0 ONWARDS) Web: Overview INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v15.5.0 ONWARDS) This document provides an installation and configuration guide for MDaemon Messaging Server along with

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

Multifaceted Approach to Understanding the Botnet Phenomenon

Multifaceted Approach to Understanding the Botnet Phenomenon Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic

More information

Weston Public Schools Virtual Desktop Access Instructions

Weston Public Schools Virtual Desktop Access Instructions Instructions for connecting to the Weston Schools Virtual Desktop Environment Notes: You will have to have administrator permission on your computer in order to install a VMWare Client application which

More information

Applied Security Lab 2: Personal Firewall

Applied Security Lab 2: Personal Firewall Applied Security Lab 2: Personal Firewall Network Security Tools and Technology: Host-based Firewall/IDS using Sysgate Name: Due Date: Wednesday (March 3, 2010) by 8:00 a.m. Instructions: The Lab 2 Write-up

More information

Biznet GIO Cloud Connecting VM via SSH

Biznet GIO Cloud Connecting VM via SSH Biznet GIO Cloud Connecting VM via SSH Introduction Connecting to your newly created Virtual Machine (VM) via an SSH client is easy but you will need to make some configuration changes in Portal first.

More information

Clearswift Information Governance

Clearswift Information Governance Clearswift Information Governance Implementing the CLEARSWIFT SECURE Encryption Portal on the CLEARSWIFT SECURE Email Gateway Version 1.10 02/09/13 Contents 1 Introduction... 3 2 How it Works... 4 3 Configuration

More information

EKT 332/4 COMPUTER NETWORK

EKT 332/4 COMPUTER NETWORK UNIVERSITI MALAYSIA PERLIS SCHOOL OF COMPUTER & COMMUNICATIONS ENGINEERING EKT 332/4 COMPUTER NETWORK LABORATORY MODULE LAB 2 NETWORK PROTOCOL ANALYZER (SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK)

More information

Kaspersky Lab Mobile Device Management Deployment Guide

Kaspersky Lab Mobile Device Management Deployment Guide Kaspersky Lab Mobile Device Management Deployment Guide Introduction With the release of Kaspersky Security Center 10.0 a new functionality has been implemented which allows centralized management of mobile

More information