Networks & Security Course. Web of Trust and Network Forensics
|
|
- Myles Lester
- 8 years ago
- Views:
Transcription
1 Networks & Security Course Web of Trust and Network Forensics
2 Virtual Machine Virtual Machine Internet connection You need to connect the VM to the Internet for some of the Web of Trust exercises. Make sure the Firewall does not restrict connections coming from Virtualbox / VMware. Ensure time in VM is set (approximately) correctly (see next slide) Needed for some services Some exercises require sharing files can use the TU/e FTP server (see below) or USB sticks or...
3 Virtual Machine Enable Network Time [1] If date/time is off in your virtual machine: [2] [3] 1. Right click the date in the bar, select Adjust Date and Time 2. Click Unlock in the Date and Time screen You will be prompted for password when trying to change the settings ( secnet by default). 3. Turn on Network Time
4 TU/e FTP Server An unsafe and public medium where files are visible to everyone. Can use Debian s own file browser to connect. Places > Connect to Server Server: ftp.tue.nl Folder: /upload/2ic60_2015
5 Lab session overview Web of trust PGP & OpenPGP GnuPG Seahorse Introduction to Network Forensics Wireshark basics Recognizing attacks
6 OpenPGP and GnuPG OpenPGP (PGP=`Pretty Good Privacy ) is a common asymmetric encryption standard and GnuPG is an implementation of OpenPGP used for encryption and signing of messages. Web of trust: Decentralized method of establishing authenticity of public keys (as opposed to using a certificate authority). Participants issue certificates; they digitally sign (public key, user name) pairs for user s they known to verify the connection. This can happen e.g. at a `key signing party ; people meet physically to check and sign each others keys (like the one in this lab). Tool required: GPG, command-line tool Seahorse, graphical front-end for GPG
7 OpenPGP and GnuPG source: xkcd.com Background information: Section 8.5 of the textbook
8 Seahorse a GUI for GnuPG Can be used to create keys and view the keys available in your keyring. Is helpful, but you still need to use the command line tool, gpg to interact with the key server, and encryption/decrypting files. 03-Jun-15
9 Exercise 1.1 Generate a public key. File > New > PGP key Enter your details and click Create.
10 Exercise 1.1 Your key should appear in the GnuPG keys list. You can use View menu to filter the public keys (those created by you / those you signed etc.) The RSA public key is long. There will be a key ID and a fingerprint to identify it more easily. Right click and select Properties for details. 03-Jun-15
11 Exercise 1.2 Share your public key with others. You can use a key server to do it. Alternatively you can upload it somewhere, share via USB stick, etc. Use the command-line tool gpg to upload your key to the server (don t use the graphic front-end it does not play nice with key servers) gpg --send-keys <Your key ID>
12 Exercise 1.3 Import some keys to your keyring and sign them (after verifying the identity of the owner). This builds the web of trust. Try to create a connected web rather than isolated clusters. If your classmates shared their keyring via the key server: gpg --recv-keys <peer key id> to import them
13 Exercise 1.3 The keys you imported will show up in the front-end. By default the front-end only shows the keys you created, so make sure to select View > Show any to display all keys. You can sign the keys via command-line or the graphical interface. Command line: gpg -u <your key ID> --sign-key <imported key ID> After signing your peer s key, update the key server: gpg --send-keys <peer signed key ID> (might take a minute or two for the key server to reflect the update) Update your keyring by adding some keys that are signed by other classmates: gpg --recv-keys <peer key id>
14 Exercise 1.4 Create a text file and sign it with your public key. Transfer it to a public medium (e.g. TU/e FTP server). Verify the signatures of your peers. Sign a file: gpg -u <key ID> --sign <filename> Decrypt file & verify sender: gpg -u <key ID> --decrypt <filename> Verify sender only: gpg -u <key ID> --verify <filename>
15 Exercise 1.5 Create a text file and encrypt it with a recipient s public key. Transfer it to a public medium (e.g. TU/e FTP server). Decrypt a message sent to you and attempt to decrypt a message intended for someone else. Signing: gpg -u <key ID> --sign <filename> You ll be prompted for the recipient s key ID Decrypting: gpg -u <key ID> --decrypt <filename>
16 Conclusions Web of Trust You ve established a web of trust for the class The stronger the connection between you and some key the greater the level of trust. full trust in directly checked keys can also place trust in keys signed by keys you trust You ve used the trusted keys to securely share files where secure = confidentiality/integrity/authenticity of file can also use to send secure s 03-Jun-15
17 Network Forensics Forensics: Analysis of logs or network trace files after the attack has happened. Tools needed: Wireshark and your favorite search engine
18 PCAP Files Network traffic data captured during the attacks. Relatively small and filtered, contains information relevant to the attacker and victim only. A PCAP from an actual personal computer will have much more variety in traffic. In some of the PCAPs, the attacker uses exploits and malware to break into the victim s system. If you choose to use your own PC instead of the virtual machine, the malware binaries in the files could trigger your anti-virus, but you are safe as long as you don t convert them into.exe files and run them on a Windows XP machine.
19 Wireshark Analyzes network traffic and decodes a variety of protocols. Can be used for real-time monitoring as well. We use it for offline forensics in the current lab. Decoding does not work perfectly: Wireshark can miss if the packet capture started in the middle of a transaction, or if the parser has a problem. Commands particularly useful for this exercise: Statistics (Summary, Conversations, Endpoint List, etc.), Analyze (Decode As, Follow TCP Stream) Filtering, with expressions such as tcp.port==4445
20 Wireshark - Filtering Allows to focus on relevant parts of the traffic. Packets can be filtered according to host, protocol, time, TCP flags, session id, etc. More about filters: d/chworkbuilddisplayfiltersection.html Filter reference (per protocol):
21 Wireshark Filter examples All packets from the IP : ip.src eq All TCP packets: tcp All TCP packets with the source 443: tcp.srcport eq 443 All HTTP traffic: http
22 Wireshark Filter examples All TCP packets except HTTP traffic: tcp and (not http) All HTTP communication between and : (ip.addr eq ) and (ip.addr eq ) and http TCP packets with SYN flag set to 1 tcp.flags.syn eq 1
23 Wireshark Statistics Statistics menu is useful for getting an overview of the traffic. Statistics>Conversations to list TCP sessions Statistics>Protocol hierarchy to find out the protocols commonly used in the conversation. Statistics >Endpoints to list the hosts.
24 Wireshark - Stream Right click on a packet and click Follow TCP/UDP/.. Stream to view the conversation in a specific session. Particularly helpful with the text-based protocols.
25 Exercise 2: Classify the attacks Four PCAP files are given in the folder: ~/PCAP. Each containing traffic capture from an attack. Identify the attack in each file as one of the following: 1. Spear phishing (by user clicking on a malicious link) 2. TCP port scan 3. Buffer overflow over a Windows service 4. Malicious PHP query against a Web server
Networks and Security Lab. Network Forensics
Networks and Security Lab Network Forensics Network Forensics - continued We start off from the previous week s exercises and analyze each trace file in detail. Tools needed: Wireshark and your favorite
More informationPretty Good Privacy with GnuPG
Pretty Good Privacy with GnuPG Steve Revilak Cabot House Sep. 24, 2013 1 / 16 Encryption and Signing Encryption The purpose is to ensure that a message is readable only by someone possessing a specific
More informationTutorial: Encrypted Email with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014)
Tutorial: Encrypted Email with Thunderbird and Enigmail Author: Shashank Areguli Published: Ed (August 9, 2014) There are three issues of security that needs to dealt with on the internet, concerning information.
More informationSigning and Encryption with GnuPG
Signing and Encryption with GnuPG Steve Revilak http://www.srevilak.net/wiki/talks Cryptoparty @ Somerville Public Library January 10, 2015 1 / 20 What is GnuPG? GnuPG is a free software implementation
More informationWireshark Deep packet inspection with Wireshark
Wireshark Deep packet inspection with Wireshark Wireshark is a free and open-source packet analyzer. It is commonly used to troubleshoot network issues and analysis. Originally named Ethereal, in May 2006
More informationSigning and Encryption with GnuPG
Signing and Encryption with GnuPG Steve Revilak Cryptoparty @ Northeastern Law School Feb. 9, 2014 1 / 22 What is GnuPG? GnuPG is a free software implementation of the OpenPGP standard. PGP stands for
More informationHW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am)
HW/Lab 1: Email Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am) This HW/Lab assignment covers Lectures 2 to 4. Please review these thoroughly before starting to
More informationGPG installation and configuration
Contents Introduction... 3 Windows... 5 Install GPG4WIN... 5 Configure the certificate manager... 7 Configure GPG... 7 Create your own set of keys... 9 Upload your public key to the keyserver... 11 Importing
More informationEncrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER
COVER STORY Encrypting Email Encrypting Email with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY The leading email applications include new features for helping users secure and authenticate their
More informationNetwork Forensics Network Traffic Analysis
Copyright: The development of this document is funded by Higher Education of Academy. Permission is granted to copy, distribute and /or modify this document under a license compliant with the Creative
More informationSOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013
SOUTHERN POLYTECHNIC STATE UNIVERSITY Snort and Wireshark IT-6873 Lab Manual Exercises Lucas Varner and Trevor Lewis Fall 2013 This document contains instruction manuals for using the tools Wireshark and
More informationGETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures
A. Secure File Transfer Protocol (SFTP) Procedures Overview IEHP utilizes our Secure File Transfer Protocol (SFTP) server to conduct all electronic data file transactions. Some of the benefits to using
More informationHow To Encrypt A Traveltrax Report On Gpg On A Pc Or Mac Or Mac (For A Free Download) On A Thumbdrive Or Ipad Or Ipa (For Free) On Pc Or Ipo (For An Ipo)
EMAIL ENCRYPTION Guide June 3, 2013 TABLE OF CONTENTS Steps to Create Encryption Public Key... 3 Installing GPG... 3 Key Generation Process... 4 Update User Settings... 6 Decrypting an encrypted file...
More informationWebsense Web Security Gateway: What to do when a Web site does not load as expected
Websense Web Security Gateway: What to do when a Web site does not load as expected Websense Support Webinar November 2011 web security data security email security Support Webinars 2009 Websense, Inc.
More informationFile and email encryption with GPG4win & Enigmail
Protektor Services Windows Manual 11.5 File and email encryption with GPG4win & Enigmail Introduction, Contact, Legals, License Introduction Protektor Services Manual version 11.5 A new edition of the
More informationLab 8.4.2 Configuring Access Policies and DMZ Settings
Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationThe KGpg Handbook. Jean-Baptiste Mardelle Rolf Eike Beer
Jean-Baptiste Mardelle Rolf Eike Beer 2 Contents 1 Introduction 5 2 Getting Started 6 3 Using KGpg 8 3.1 Generating a key...................................... 8 3.2 Revoking a key.......................................
More informationWS_FTP Professional 12. Security Guide
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 2 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
More informationUSING WIRESHARK TO CAPTURE AND ANALYZE NETWORK DATA
USING WIRESHARK TO CAPTURE AND ANALYZE NETWORK DATA CPSC 441 TUTORIAL JANUARY 30, 2012 TA: RUITING ZHOU The content of these slides are taken from CPSC 526 TUTORIAL by Nashd Safa (Extended and partially
More informationLab 8.3.2 Conducting a Network Capture with Wireshark
Lab 8.3.2 Conducting a Network Capture with Wireshark Objectives Perform a network traffic capture with Wireshark to become familiar with the Wireshark interface and environment. Analyze traffic to a web
More information1. LAB SNIFFING LAB ID: 10
H E R A LAB ID: 10 SNIFFING Sniffing in a switched network ARP Poisoning Analyzing a network traffic Extracting files from a network trace Stealing credentials Mapping/exploring network resources 1. LAB
More informationUbuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014
Ubuntu Open PGP IMPLEMENTATION Dr. ENİS KARAARSLAN 2014 Enter your personal information, select your key encryption type, key strength, and when you want your key to expire. Your name and email address
More informationNetwork Traffic Analysis
2013 Network Traffic Analysis Gerben Kleijn and Terence Nicholls 6/21/2013 Contents Introduction... 3 Lab 1 - Installing the Operating System (OS)... 3 Lab 2 Working with TCPDump... 4 Lab 3 - Installing
More informationWildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks
WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on
More informationNetwork setup and troubleshooting
ACTi Knowledge Base Category: Troubleshooting Note Sub-category: Network Model: All Firmware: All Software: NVR Author: Jane.Chen Published: 2009/12/21 Reviewed: 2010/10/11 Network setup and troubleshooting
More informationSetting Up Scan to SMB on TaskALFA series MFP s.
Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and
More informationWeb Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
More informationUsing Internet or Windows Explorer to Upload Your Site
Using Internet or Windows Explorer to Upload Your Site This article briefly describes what an FTP client is and how to use Internet Explorer or Windows Explorer to upload your Web site to your hosting
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More information4. Click Next and then fill in your Name and E-mail address. Click Next again.
NOTE: Before installing PGP, Word needs to be disabled as your editor in Outlook. In Outlook, go to Tools: Options: Mail Format and uncheck Use Microsoft Office Word to edit e-mail messages. Failure to
More informationIDS and Penetration Testing Lab ISA656 (Attacker)
IDS and Penetration Testing Lab ISA656 (Attacker) Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible
More informationWS_FTP Professional 12. Security Guide
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 1 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
More informationIntroduction to Network Security Lab 1 - Wireshark
Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication
More informationNetwork Security, ISA 656, Angelos Stavrou. Snort Lab
Snort Lab Purpose: In this lab, we will explore a common free Intrusion Detection System called Snort. Snort was written initially for Linux/Unix, but most functionality is now available in Windows. In
More informationInstructions on TLS/SSL Certificates on Yealink Phones
Instructions on TLS/SSL Certificates on Yealink Phones 1. Summary... 1 2. Encryption, decryption and the keys... 1 3. SSL connection flow... 1 4. The instructions to a certificate... 2 4.1 Phone acts as
More informationWS_FTP Professional 12
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method...1 About SSL...1 About SSH...2 About OpenPGP...2 Using FIPS 140-2 Validated Cryptography...2
More informationReadyNAS Remote White Paper. NETGEAR May 2010
ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that
More informationOverview Keys. Overview
Overview Keys Overview The PGPmail program performs fast, high-security, public-key encrypting (with optional compression), decrypting, and authenticating of electronic messages and files. The program
More informationNetwork Connect & Junos Pulse Performance Logs on Windows
Network Connect & Junos Pulse Performance Logs on Windows How-to Juniper Networks, Inc. 1 Table of Contents Introduction Part 1: Client Prerequisites... 3 Step 1.1: Packet Sniffer... 3 Step 1.2: Output
More informationFirewall Firewall August, 2003
Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also
More informationPort Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.
Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem
More informationEINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL
EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL PREPARATIONS STUDYING SIP PROTOCOL The aim of this exercise is to study the basic aspects of the SIP protocol. Before executing the exercise you should
More informationNetwork Intrusion Analysis (Hands-on)
Network Intrusion Analysis (Hands-on) TCP/IP protocol suite is the core of the Internet and it is vital to understand how it works together, its strengths and weaknesses and how it can be used to detect
More informationMake a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.
CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files
More informationWe will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall
Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,
More informationHow to use PGP Encryption with iscribe
How to use PGP Encryption with iscribe iscribe e-mail seamlessly supports e-mail encryption and digital signatures. This bulletin describes how to setup iscribe so that you can send and receive encrypted
More informationLab 1: Network Devices and Technologies - Capturing Network Traffic
CompTIA Security+ Lab Series Lab 1: Network Devices and Technologies - Capturing Network Traffic CompTIA Security+ Domain 1 - Network Security Objective 1.1: Explain the security function and purpose of
More informationIntrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort
License Intrusion Detection and Prevention: Network and IDS Configuration and Monitoring using Snort This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons
More informationIntrusion Detection System Based Network Using SNORT Signatures And WINPCAP
Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of
More informationHow To Gather Log Files On A Pulse Secure Server On A Pc Or Ipad (For A Free Download) On A Network Or Ipa (For Free) On An Ipa Or Ipv (For An Ubuntu) On Your Pc
Network Connect & Pulse Performance Logs on Windows How-to Published Date July 2015 Contents Introduction 4 Part 1: Client Prerequisites 4 Step 1.1: Packet Sniffer 4 Step 1.2: Output of IPs, Routes, Ping,
More informationMcAfee Network Security Platform Administration Course
McAfee Network Security Platform Administration Course Intel Security Education Services Administration Course The McAfee Network Security Platform Administration course from McAfee Education Services
More informationHoneyBOT User Guide A Windows based honeypot solution
HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationLab 8.4.2 Configuring Access Policies and DMZ Settings
Lab 8.4.2 Configuring Access Policies and DMZ Settings Objectives Log in to a multi-function device and view security settings. Set up Internet access policies based on IP address and application. Set
More informationConnecting your Virtual Machine to the Internet. BT Cloud Compute. The power to build your own cloud solutions to serve your specific business needs
Connecting your Virtual Machine to the Internet BT Cloud Compute The power to build your own cloud solutions to serve your specific business needs Introduction Once you have created your virtual machine
More informationFirewalls and Software Updates
Firewalls and Software Updates License This work by Z. Cliffe Schreuders at Leeds Metropolitan University is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. Contents General
More informationIntrusion Detection Systems (IDS)
Intrusion Detection Systems (IDS) What are They and How do They Work? By Wayne T Work Security Gauntlet Consulting 56 Applewood Lane Naugatuck, CT 06770 203.217.5004 Page 1 6/12/2003 1. Introduction Intrusion
More informationDecryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks
Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
More informationSafe network analysis
Safe network analysis Generating network traffic captures within a virtual network. Presented by Andrew Martin 1 Introduction What is a sniffer How does sniffing work Usages Scenarios Building safe repositories
More informationPreventing credit card numbers from escaping your network
Preventing credit card numbers from escaping your network The following recipe describes how to configure your FortiGate to use DLP (Data Loss Prevention) so that credit card numbers cannot be sent out
More informationAPWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/
DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing
More informationConfiguring Security for FTP Traffic
2 Configuring Security for FTP Traffic Securing FTP traffic Creating a security profile for FTP traffic Configuring a local traffic FTP profile Assigning an FTP security profile to a local traffic FTP
More informationDMZ Network Visibility with Wireshark June 15, 2010
DMZ Network Visibility with Wireshark June 15, 2010 Ashok Desai Senior Network Specialist Intel Information Technology SHARKFEST 10 Stanford University June 14-17, 2010 Outline Presentation Objective DMZ
More informationSolution of Exercise Sheet 5
Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????
More informationWireshark. Fakrul (Pappu) Alam fakrul@dhakacom.com
Wireshark Fakrul (Pappu) Alam fakrul@dhakacom.com What is Wireshark? Wireshark is a network packet/protocol analyzer. A network packet analyzer will try to capture network packets and tries to display
More informationGetting Started. Symantec Client Security. About Symantec Client Security. How to get started
Getting Started Symantec Client Security About Security Security provides scalable, cross-platform firewall, intrusion prevention, and antivirus protection for workstations and antivirus protection for
More informationChapter 11 Phase 5: Covering Tracks and Hiding
Chapter 11 Phase 5: Covering Tracks and Hiding Attrition Web Site Contains an archive of Web vandalism attacks http://www.attrition.org/mirror/attrition Most attackers, however, wish to keep low profile
More informationBiznet GIO Cloud Connecting VM via Windows Remote Desktop
Biznet GIO Cloud Connecting VM via Windows Remote Desktop Introduction Connecting to your newly created Windows Virtual Machine (VM) via the Windows Remote Desktop client is easy but you will need to make
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationOpen Source Security Tool Overview
Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware
More informationWinSCP for Windows: Using SFTP to upload files to a server
WinSCP for Windows: Using SFTP to upload files to a server Quickstart guide Developed by: Academic Technology Services & User Support, CIT atc.cit.cornell.edu Last updated 9/9/08 WinSCP 4.1.6 Getting started
More informationINTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY AUTHOR: ANAS TAWILEH anas@tawileh.net Available online at: http://www.tawileh.net/courses/ia This work is released under a Creative Commons Attribution-ShareAlike 2.5 License
More informationLab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance
Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Objective Scenario Estimated Time: 20 minutes Number of Team Members: Two teams with four students per team
More informationMultifaceted Approach to Understanding the Botnet Phenomenon
Multifaceted Approach to Understanding the Botnet Phenomenon Christos P. Margiolas University of Crete A brief presentation for the paper: Multifaceted Approach to Understanding the Botnet Phenomenon Basic
More informationInternet Programming. Security
Internet Programming Security Introduction Security Issues in Internet Applications A distributed application can run inside a LAN Only a few users have access to the application Network infrastructures
More informationCom.X IP PBX The complete communications solution in a box
IP PBX Utilising VPN security when extending PBX services to remote users Virtual Private Network It is not uncommon for a single company to occupy more than one set of premises. Individual users on geographically
More informationAmazon Inspector. User Guide Version Latest
Amazon Inspector User Guide Amazon Inspector: User Guide Copyright 2016 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationF-SECURE MESSAGING SECURITY GATEWAY
F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE
More informationLab Objectives & Turn In
Firewall Lab This lab will apply several theories discussed throughout the networking series. The routing, installing/configuring DHCP, and setting up the services is already done. All that is left for
More informationNetwork Security and Firewall 1
Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week
More information7. Exercise: Network Forensic
60 CERT Exercises Handbook 7. Exercise: Network Forensic Main Objective Targeted Audience Total Duration The objective of the exercise is to familiarize students with standard network monitoring tools,
More informationHands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp
Hands-on Network Traffic Analysis 2015 Cyber Defense Boot Camp What is this about? Prerequisite: network packet & packet analyzer: (header, data) Enveloped letters inside another envelope Exercises Basic
More informationMySQL Quick Start Guide
Quick Start Guide MySQL Quick Start Guide SQL databases provide many benefits to the web designer, allowing you to dynamically update your web pages, collect and maintain customer data and allowing customers
More informationChapter 8 Router and Network Management
Chapter 8 Router and Network Management This chapter describes how to use the network management features of your ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. These features can be found by
More informationComparison of Firewall, Intrusion Prevention and Antivirus Technologies
White Paper Comparison of Firewall, Intrusion Prevention and Antivirus Technologies How each protects the network Juan Pablo Pereira Technical Marketing Manager Juniper Networks, Inc. 1194 North Mathilda
More informationBrazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005
Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department
More informationEVault for Data Protection Manager. Course 361 Protecting Linux and UNIX with EVault
EVault for Data Protection Manager Course 361 Protecting Linux and UNIX with EVault Table of Contents Objectives... 3 Scenario... 3 Estimated Time to Complete This Lab... 3 Requirements for This Lab...
More informationINSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v15.5.0 ONWARDS)
Web: Overview INSTALLATION AND CONFIGURATION GUIDE (THIS DOCUMENT RELATES TO MDAEMON v15.5.0 ONWARDS) This document provides an installation and configuration guide for MDaemon Messaging Server along with
More informationMonitor Network Activity
Monitor Network Activity Panorama provides a comprehensive, graphical view of network traffic. Using the visibility tools on Panorama the Application Command Center (ACC), logs, and the report generation
More informationLiteCommerce Advanced Security Module. Version 2.8
LiteCommerce Advanced Security Module Version 2.8 Reference Manual Revision date: Jul/03/2007 LiteCommerce Advanced Security Module Reference Manual I Table of Contents Introduction...1 Administrator...2
More informationPIX/ASA 7.x with Syslog Configuration Example
PIX/ASA 7.x with Syslog Configuration Example Document ID: 63884 Introduction Prerequisites Requirements Components Used Conventions Basic Syslog Configure Basic Syslog using ASDM Send Syslog Messages
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationStep-by-Step Configuration
Step-by-Step Configuration Kerio Technologies Kerio Technologies. All Rights Reserved. Printing Date: August 15, 2007 This guide provides detailed description on configuration of the local network which
More informationLab Module 3 Network Protocol Analysis with Wireshark
Pacific Northwest National Laboratory Lab Module 3 Network Protocol Analysis with Wireshark NATO ASI on Energy Infrastructure Security October 2015 PNNL-##### Lab Module 3 Network Protocol Analysis with
More information7. Exercise: Network Forensic
CERT Exercises Toolset 59 7. Exercise: Network Forensic Main Objective Targeted Audience Total Duration The objective of the exercise is to familiarize students with standard network monitoring tools,
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More information