Venue : Makmal Sistem, Building FTMK.
Date : 10-9-2009
Time : 10.00 a.m. – 11.50 a.m.
Date : 10-9-2009
Time : 10.00 a.m. – 11.50 a.m.
The lab session is getting more interesting, it was about Security in Network this week. Mr. Zaki has proven to us the weaknesses of TELNET and FTP as he promised us during the lecture several weeks ago before Raya Holidays. The trick to prove it is by capturing the packets sent between client and server using a networking tool called “Wireshark”. Once again we were using virtual machine (VM Ware) in this lab session. First, we need to open two Windows Server 2003 simultaneously in VM Ware where the first one would serve as Server; and the second one would serve as Window. Both Widows were set with different IP address, for example I have use 192.168.1.1 for server and 192.168.1.2 for the client side.
As usual, the connectivity between them were tested by using the “Ping” command, if they are successfully to Ping each other we could proceed to the next steps. Now, install and run the Wireshark on the server side. After that we can try to TELNET the server from client. Surprisingly, Wireshark captured the password used to TELNET. Then, we tried also for FTP, Wireshark captured the username and the password used for FTP as well. So in this lab, we were taught on how to overcome the problem of unsecured in FTP by applying IPSec. IPSec is one of the solutions to safeguard the transmission of data over FTP from being seen by an unauthorized user. The data will be encrypted by IP Sec before they are sent using FTP. Throughout this lab I have learnt the lesson on not to use TELNET if possible because it is really not secured at all. On the other hand, IP Sec has to be implemented if one wants to use FTP service to ensure that all data are encrypted before sent. Before the lab session ended, Mr. Zaki reminded us that we need to pass up the lab report by next week, it’s gonna be a busy week for me as there are tones of assignment waiting for me… …
As usual, the connectivity between them were tested by using the “Ping” command, if they are successfully to Ping each other we could proceed to the next steps. Now, install and run the Wireshark on the server side. After that we can try to TELNET the server from client. Surprisingly, Wireshark captured the password used to TELNET. Then, we tried also for FTP, Wireshark captured the username and the password used for FTP as well. So in this lab, we were taught on how to overcome the problem of unsecured in FTP by applying IPSec. IPSec is one of the solutions to safeguard the transmission of data over FTP from being seen by an unauthorized user. The data will be encrypted by IP Sec before they are sent using FTP. Throughout this lab I have learnt the lesson on not to use TELNET if possible because it is really not secured at all. On the other hand, IP Sec has to be implemented if one wants to use FTP service to ensure that all data are encrypted before sent. Before the lab session ended, Mr. Zaki reminded us that we need to pass up the lab report by next week, it’s gonna be a busy week for me as there are tones of assignment waiting for me… …
No comments:
Post a Comment