data communications and networks ii project
DESCRIPTION
Data Communications and Networks II Project. Andrew Manborde Owen Thompson Yannick Morgan Tian Boothe Kadian Bailey Daemone Brown. Problem Statement. UCC network has been compromised. Evaluate threats to the UCC network using vulnerability tools. Purpose of Study. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/1.jpg)
DATA COMMUNICATIONS AND NETWORKS IIPROJECT
Andrew ManbordeOwen ThompsonYannick MorganTian BootheKadian BaileyDaemone Brown
![Page 2: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/2.jpg)
Problem Statement UCC network has been compromised. Evaluate threats to the UCC network
using vulnerability tools.
![Page 3: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/3.jpg)
Purpose of Study Demonstrate and evaluate the named
network vulnerability tools. Determine which tool is best suited for
which particular application.
![Page 4: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/4.jpg)
Significance of Study Informed Network Security decisions. Best suited tools to use.
![Page 5: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/5.jpg)
International Review Vulnerability scanning got its start as a
tool of the "bad guys." Port scanning or testing to see which
TCP/UDP ports on a machine are "open" and thus vulnerable to intrusion.
Today's vulnerability scanning programs are designed with the "good guys" in mind
![Page 6: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/6.jpg)
What does a vulnerability scanner do? Can only scan for known vulnerabilities.
And that means vulnerabilities that are known to their vendors.
Depend on databases that contain the descriptions of the vulnerabilities they can detect.
Only as good as the database it uses
![Page 7: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/7.jpg)
Types of scans
Open ("listening") ports Unnecessary services DDoS agents and similar malware Means of remote access (terminal services,
PCAnywhere) Password crackers System configuration Coding flaws/unsafe code Missing service packs and security fixes
![Page 8: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/8.jpg)
What a vulnerability scanner doesn't do
Vulnerability scanners don't do the job of anti-virus and anti-spyware products
Vulnerability scanners don't do the job of a firewall
Vulnerability scanners don't do the job of an Intrusion Detection System (IDS)
![Page 9: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/9.jpg)
Wireshark
Network protocol analyzer (packet sniffer) which captures and decodes packets of information from a network.
Wireshark is used to capture and analyze network packets and discover a wide array of information
![Page 10: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/10.jpg)
Snort
Open Source Intrusion Detection System which can be downloaded free of cost. It is a software package which needs to be installed (along with other software in many cases) in a standard server which acts as the sensor.
Network Sniffer Mode Network Intrusion Detection Mode
![Page 11: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/11.jpg)
Kismet 802.11 layer2 wireless network detector,
sniffer, and intrusion detection system. Kismet identifies networks by passively
collecting packets and detecting standard named networks, named/ hidden networks, and inferring the presence of nonbeaconing networks via data traffic.
![Page 12: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/12.jpg)
Cain and Abel
Password recovery tool for Microsoft Operating Systems.
Sniffing the network. Cracking encrypted passwords using Dictionary,
Brute-Force and Cryptanalysis attacks. Recording VoIP conversations. Decoding scrambled passwords, recovering
wireless network keys. Revealing password boxes. Uncovering cached passwords and analyzing
routing protocols.
![Page 13: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/13.jpg)
Local Case Study International standards apply to Jamaica
to a lesser scale. Net Security pros use the same tools as
hackers. Hackers exploit to personal gain.
![Page 14: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/14.jpg)
Implementation Recommendations
Net Vulnerability tools selection are based on:
Type of network Size of network
Provide counter measures to prevent future attacks.
![Page 15: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/15.jpg)
Network Solution Steps Select four viable candidates for use as
a network vulnerability tool. Evaluate each candidate. Use the selected candidate to evaluate
the security of the network in question.
Record and interpret the results.
![Page 16: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/16.jpg)
Select 4 tools
Cain and Abel Wireshark Kismet Snort
![Page 17: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/17.jpg)
Evaluate each candidate Cain and Abel – Good functionality. Did not require additional software in
order to be compliant with the test network.
User friendly due to its user interface design.
![Page 18: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/18.jpg)
Wireshark – Average functionality. Did not require additional software. Not user friendly due to its user interface
design.
![Page 19: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/19.jpg)
Kismet – Poor functionality. Additional software was required to be
compliant with the test network.
![Page 20: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/20.jpg)
Snort – Poor functionality. Additional software was required to be
compliant.
![Page 21: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/21.jpg)
Evaluate Selected Candidate
The network vulnerability tool that was selected as being the best candidate was Cain and Abel. The test was conducted and several vulnerabilities were revealed.
![Page 22: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/22.jpg)
Record and interpret the results.
It was determined that a Kerberos firewall was required in order to secure the network.
![Page 23: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/23.jpg)
Summary Snort and Kismet required another piece
of software in order to be fully compliant with our test network.
WireShark proved to be too complicated in its function and not very user friendly in its GUI
Cain and Abel is easily utilized and has a good GUI.
![Page 24: Data Communications and Networks II Project](https://reader036.vdocuments.site/reader036/viewer/2022062501/56816080550346895dcfa9ce/html5/thumbnails/24.jpg)
Conclusion We recommend the network vulnerability
tool Cain and Abel for use as it is fully functional i.e. it does not require additional software in order to function as well as it is user friendly by means of simple functionality and intuitive user interface design.