Lab Test

Venue : Makmal Sistem, Building FTMK.
Date : 22-10-2009
Time : 10.00 a.m. – 11.50 a.m.

As I posted on my previous post, that was the last week for lab session. Suppose that this week we would not have any lab session, but we were here in the Makmal Sistem for LAB TEST. This test was to test whether we understand what we have learnt for the previous lab sessions or not. So the questions were basically related to whatever we learned previously. I attempted on two questions related to file permission and IPSec. Hope that I would be able to score for this lab test. This would be the last time for us to use this lab for this subject, I would miss it….

Week 10 – Final week

Venue : BK7, Building FTMK.
Date : 21 - 10 -2009
Time : 9.00 a.m. – 10.50 a.m.

This week we were having the last lecture for this subject, and so this might be the last blog for lecture of this subject. Throughout this semester I have learnt a lot of new things about Internet Security, I’ll miss this subject, and all the memories can be found from the blogs which I have posted. As usual the lecture started at 9a.m. sharp. The last two topics that Mr. Zaki had covered were Intrusion Detection System and Legal And Ethical Issues In Computer Security.
The lecture began with the topic “Intruders”. The examples of intruders are significant issue hostile / unwanted trespass, user trespass and software trespass. The examples of intrusion are:

• remote root compromise
• web server defacement
• guessing / cracking passwords
• copying viewing sensitive data / databases
• running a packet sniffer
• distributing pirated software
• using an unsecured modem to access net
• impersonating a user to reset password
• using an unattended workstation

Intrusion Detection can be classified as Host-based and Network-based. Host-based IDS is to monitor single host activity; whereas Network-based IDS is to monitor the network traffic. The requirements of IDS are:

• run continually
• be fault tolerant
• resist subversion
• impose a minimal overhead on system
• configured according to system security policies
• adapt to changes in systems and users
• scale to monitor large numbers of systems
• provide graceful degradation of service
• allow dynamic reconfiguration

There are three types of Intrusion Detection Techniques, they are signature detection, anomaly detection and when potential detected sensor sends an alert and logs information. The next topic is SNORT, which is the lightweight IDS that is used for real time packet capture and rule analysis. The last topic for this chapter is Honeypot. It is the decoy system that emulates the entire networks.
So the lecture moved on to another chapter – “Legal and Ethical Issues in Computer Security”. What are the differences between law and ethics? They are shown in the table below:

Law	Ethic
Formal, documented	Described by unwritten principles
Interpreted by courts	Interpreted by individuals
Established by legislature representing everyone	Presented by philosophers, religions, professional group
Applicable to everyone	Personal choice
Priority determined by courts if two laws conflict	Priority determined by individual if two principles conflict
Enforceable by police and courts	Self-practice

Some examples for the ethics concept in Information Security are ethical differences across cultures, software license infringement, illicit use, misuse of corporate resources, ethics and education and deterrence to unethical and illegal behaviour (ignorance, accident and intent). The three ways protecting programs and data are trade secret, copyrights and patents. Although open-source software are free, they are protected by copyright protection also somehow. For example, one will be sued if he or she sells the copy of the open software.
The issues related to Information are information commerce, electronic publishing and database. On the other hand, employee and employers should know their rights in order to avoid the law problems. Some of the rights are ownership of a patent, ownership of a copyright, work for hire, licenses, trade secret protection and employment contracts. To examine a case for ethical issues, we can use the following methods:

• Understand the situation. Determine the issues involved.
• Know several theories of ethical reasoning
• List the ethical principles involved
• Determine which principles outweigh others.

The lecture ended at here. This was the last lecture for this semester, I’ll be missing this lecture subject in future… …^^

WEP Password Cracking

Venue : Makmal Sistem, Building FTMK.
Date : 15-10-2009
Time : 10.00 a.m. – 11.50 a.m.

This is the last lab session for this semester. The title for this lab was very interesting. It was about the password cracking for WEP. The tools needed for this lab were 1 wireless router which was accessed by several workstations. The workstations should be installed with Backtrack2. Backtrack2 is a very useful OS for hacking use. It was developed from Linux. It needs a lot of times for the cracking process. The more workstations we use, the fastest the cracking time. As the number of packets sent are directly proportional to the number of workstations available for the WLAN. To perform the hacking, I have learnt a lot of commands from Mr. Zaki. For example, “-airmon-ng”, “-airodunm-ng”, “-aireplay-ng” and so on. That was cool man! Due to the limited time, we could not see the final result of it, but we have learnt a lot from this lab. I will try that myself for sure. This reminds me to be careful when wanna use wireless connection next time…

Week 9

Venue : BK7, Building FTMK.
Date : 14 - 10 -2009
Time : 9.00 a.m. – 10.50 a.m.

Time flies, it’s week number 9! Once again, I would like to remind myself that this month is a critical month for me, so please do not play too much, concentrate to projects and assignments although it is quite tiring sometimes, after this I can play as much possible as I can. So, the lecture for this week was about two of the hottest topic in the field of networking, Wireless Security and Firewall.
Wireless connection has becoming very important because it is very convenient as compared to wired connection. For laptop, just switch on the wireless button then one can connect to the available access point easily. However, one of the weaknesses for wireless connection is that it is very easy to be attacked by others.
The first part of lecture today was basically some sort of revision which we have studied in networking subjects in the previous few semesters. There are two types of wireless mode; they are infrastructure mode and ad-hoc mode. There are two categories of infrastructure mode:

1. Basic Service Set (BSS) – All workstations are connected to one access point.
2. Extended Service Set – Two or more BSSs connect together to form a single subnet.

Now, for ad-hoc mode or sometimes known as peer-to-peer, are independent BSS. It means that the wireless workstations are connected together without connecting to the access point first. After knowing how actually a wireless network works, Mr. Zaki then continue the lecture which is more to the security part of the wireless network. There are three basic security services defined by IEEE for WLAN:

1. Authentication – to provide a security service for verification the identity of communicating client stations.
2. Integrity – to ensure that messages are not modified in transit between the wireless clients and the access point in an active attack.
3. Confidentiality – to provide “privacy achieved by a wired network”
   

Wireless network can be categorised into four types, they are 802.11a, 802.11b, 802.11g and 802.11n. The two security services provided in 802.11b are Authentication (Shared Key Authentication) and Encryption (Wired Equivalence Privacy). Based on what I have understood, the encryption is done by a mechanism called RC4. It is a symmetric key encryption which applying RSA encryption algorithm. The three processes for WEP sending are:

1. Compute Integrity Check Vector (ICV).
2. Encrypt plaintext via RC4.
3. Transmit the ciphertext.
   

The processes are reversed when the ciphertext in order to get the plaintext. There are several WEP safeguards such as shared secret key required, messages are encrypted and messages have checksum. The passive attack happens when attacker collects all traffic or attacker collect two messages (Encrypted with same key and same IV and statistical attack to reveal plaintext). On the other hand, active attack could happen if attacker knows the pair of complement plaintext and ciphertext or through bitflipping method. Although some vendors limited WEP keys, it also can be brute forced in several minutes. The ways to do brute force key attack are:

• Capture ciphertext.
• Search all 240 possible secret keys.
• Find which key decrypts ciphertext to plaintext.

The 802.11 safeguards are as follow:

• Security Policy and Architecture Design
• Treat it as untrusted LAN
• Discover unauthorized use
• Access point audits
• Station protection
• Access point location
• Antenna design

The problem of WEP has been fixed with the replacement of Wi-Fi Protected Access (WPA). No matter how good it was fixed, it still has its weaknesses. The two practical attacks of WPA are dictionary attack on pre-shared key mode and denial of attack.
The lecture then continued with a new chapter called firewall. The capabilities of firewall are:

• defines a single choke point that keeps unauthorized users out of the protected network
• provides a location for monitoring security events
• convenient platform for some Internet functions such as NAT, usage monitoring, IPSEC VPNs

The limitations of firewall are:

• cannot protect against attacks bypassing firewall
• may not protect fully against internal threat
• improperly secure wireless LAN may be accessed from outside the org
• laptop, PDA, portable storage device infected outside then used inside
  

Basically, there are four types of firewall; they are packet filtering firewall, stateful inspection firewall, application-level gateway (application proxy) and circuit-level gateway. Besides that, throughout the lecture I have learnt about the firewall basing. The three types of firewall basing are bastion host, host-based firewall and personal firewall. The last topic for today lecture was about firewall locations. The diagram below shows how actually the firewall is placed:

Mid Term Examination

Venue : Makmal Sistem, Building FTMK.
Date : 8-10-2009
Time : 10.00 a.m. – 11.50 a.m.

The lab session this week was a bit different, we were not asked to do any practices the like previous weeks. We were having mid term examination. Oh my god!!! It has 4 questions all together we need to answer 3 questions. The first question was mainly about the cryptography, it was hard, my head nearly cracked when answering it. Then, I have chosen question 2 and 3 to do. They were questions for the theory part. I hope that I can score for this paper… …^^

Week 8 of Lecture

Venue : BK7, Building FTMK.
Date : 7 - 10 -2009
Time : 9.00 a.m. – 10.50 a.m.

Week 8, it’s already week 8, many assignments and projects to deal with, however we still need to attend lecture also. This is gonna be a busy month for us. Well, the lecture for this week was basically the continuation of last week’s lecture on the topic “Security in Networks” and a totally new chapter about “Security in Applications”.
Mr. Zaki started with the topic called Networks Security Control. The table below shows the summary of this topic:

Type of network security control	Explanation
Encryption	Link to Link Cover layer 1 and 2 OSL model. Decryption happens when entering receiving of the computer. End to End Provide security in layer 6 or 7. Protect data in every layer.
Strong Authentication	one entity proves its identity to another by demonstrating knowledge of a secret known to be associated with that entity Use cryptographic mechanisms to protect messages in protocol encryption, integrity mechanism and digital signature.
IPSec, VPN, SSH	IPSec – define standards means for handling encrypted data. It is implemented at IP layer and it provides AH and ESP. SSH - Secure remote login (encrypt data send over the network) SSL – It is to encrypt data over the transport layer. It serves as interface between applications and the TCP/PIP protocols to provide server authentication, optional client authentication and an encrypted communications channel between client and server.
Kerberos	Based on the idea that a central server provides authentication tokens, called tickets, to requesting applications.
Firewall	It is a network security device designed to restrict access to resources according to a security policy.
Intrusion Detection System	It is a device or software tools or hardware tools that monitor activity to identify malicious or suspicious events
Intrusion Prevention System	Network security device that monitors network and system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities
Honeypot	It is a decoy systems that are designed to lure a potential attacker away from critical systems

After that, Mr Zaki taught us about hacking under the topic “Hacking and Prevention”. The examples of 5 hacking phases are reconaisance, scanning, gaining access, maintaining access and covering track. The examples of hacking behaviors are:

• select target using IP lookup tools




• map network for accessible services




• identify potentially vulnerable services




• brute force (guess) passwords




• install remote administration tool




• wait for admin to log on and capture password




• use password to access remainder of network

Finally, Mr. Zaki taught us the new topic known as “Security in Applications”. To understand this chapter, we have to know the securities in Email and Web. The securities in Email are SMIME and PGP; while the securities in Web are SSL, SSH, SET, HTTPS and SFTP. The securities are basically the protocols that we have learnt before in other subjects in the previous semesters. The diagram below shows the way Email works:

I have learnt something quite interesting, initially email cannot carry non-text content until MIME was invented. So, the lecture ended sharp at 11a.m. Again, Mr. Zaki reminded us again about the mid term exam tomorrow, I was worrying… … :(

Lab 7

Venue : Makmal Sistem, Building FTMK.
Date : 10-9-2009
Time : 10.00 a.m. – 11.50 a.m.

The lab session is getting more interesting, it was about Security in Network this week. Mr. Zaki has proven to us the weaknesses of TELNET and FTP as he promised us during the lecture several weeks ago before Raya Holidays. The trick to prove it is by capturing the packets sent between client and server using a networking tool called “Wireshark”. Once again we were using virtual machine (VM Ware) in this lab session. First, we need to open two Windows Server 2003 simultaneously in VM Ware where the first one would serve as Server; and the second one would serve as Window. Both Widows were set with different IP address, for example I have use 192.168.1.1 for server and 192.168.1.2 for the client side.
As usual, the connectivity between them were tested by using the “Ping” command, if they are successfully to Ping each other we could proceed to the next steps. Now, install and run the Wireshark on the server side. After that we can try to TELNET the server from client. Surprisingly, Wireshark captured the password used to TELNET. Then, we tried also for FTP, Wireshark captured the username and the password used for FTP as well. So in this lab, we were taught on how to overcome the problem of unsecured in FTP by applying IPSec. IPSec is one of the solutions to safeguard the transmission of data over FTP from being seen by an unauthorized user. The data will be encrypted by IP Sec before they are sent using FTP. Throughout this lab I have learnt the lesson on not to use TELNET if possible because it is really not secured at all. On the other hand, IP Sec has to be implemented if one wants to use FTP service to ensure that all data are encrypted before sent. Before the lab session ended, Mr. Zaki reminded us that we need to pass up the lab report by next week, it’s gonna be a busy week for me as there are tones of assignment waiting for me… …