Question: Part 1 ( Setup your own secured webserver ) ( 5 points ) Objective 1 - Setup a Controlled Environment: Use a controlled lab with

Part

1 (

Setup your own secured webserver

) (5

points

)

Objective

1 -

Setup a Controlled Environment:

Use a controlled lab with at least two virtual machines: a machine hosting the HTTP

-

based website you managed to create in part

1

and the other acts as an attacker machine.

Objective

2

Configuring the Tools:

On the attacker machine, install Cain & Abel for Windows or Ettercap for Linux.

Using the chosen tool, perform ARP poisoning in the network.

Objective

3

Sniffing and Capturing Data:

Once ARP poisoning is successful, use the tool to capture traffic between the client and the server.

Focus on capturing HTTP traffic and identifying plain text credentials from the client to the server.

NOTE: the captured traffic should contain your student ID or student name also, you need to use Wireshark to display the captured traffic. Additionally, you should also sniff other unsecured traffic of your choice

(

SNMP

,

Telnet, FTP

. .

etc

)

Objective

4

Use Filters in Ettercap for MITM

Filters play a crucial role in changing the unencrypted traffic in Ettercap tool. You are required to use any filter of your choice and apply it during the MITM attack against any protocol or victim's machine.

Part

3 (

Password Cracking

)_(10

points

)

Objective

1

SSH Dictionary Attack

In this part, you are required to set up an ssh server on a Linux device and provide a username and password of your choice to the SSH server. Afterward, you are required to perform a dictionary attack against the ssh server from attacker's machine.

Objective

2

Firewall Setup

You are required to set a firewall on the victim's machine

(

iptables firewall is a good option if you chose Linux to be the victim

)

Add some rule to prevent Full and Half open scans against the Linux machine and to detect any dictionary attack on the SSH

.

Test the rule efficiency by scanning the device and performing an SSH dictionary attack.

Objective

3

Hashing Cracking

You need to use a tool to crack a password extracted from the shadow file in the Linux machine of the virtual machine.

Part 1(Setup your own secured webserver)(5 points) Objective 1- Setup a

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

While I was treading this assiment I was confuse how to start the assignment since I still confuse with the question what I suppose for this assignment as I am confuse of the instruction and can you...

Module Case Study Information A Module Case Study is a critical analysis and evaluation of a specific case or subject. For this course a Module Case Study must: Be two pages in length, double-spaced....

Module 2: Project - Part 1 Due Sep 5by11:59pm Points 0 Available Aug 30 at 12am - Sep 5 at 11:59pm7 days This assignment was locked on Sep 5 at 11:59 pm. Attached are the project directions (in green...

Part 1 ( Setup your own secured webserver ) ( 5 points ) Objective 1 - Setup a Controlled Environment: Use a controlled lab with at least two virtual machines: a machine hosting the HTTP - based...

Objective: The objective of this project is to install and run virtual machines with various IPS / IDS tools, evaluate their effectiveness, and compare their features and functionalities. Students...

As organizations embrace cloud computing, cybersecurity practices continue to evolve. A robust cloud security posture protects assets from bad actors and helps organizations realize the benefits of...

Module 9 Assignment: TOC Answer all the questions and submit your answer report to Module 9 Assignment in Dropbox by the deadline . The report should be typed, single spaced, in one MS Word file. You...

ITM 309: Business Information Technology and Systems Spring 2016 Watson and the new era of cognitive systems Jerry Haan IBM Cloud Ecosystem Development January 27, 2016 2013 International Business...

Provide a summary technical report with your own words about Pipelined Execution which is also named as Instruction Level Parallelism, addressing mainly the following areas: 1. What is Pipelined...

computer security course, please I need help it due 3 hours. 1 Lab Overview The learning objective of this lab is for students to gain the first-hand experience on buffer-overflow vulner- ability by...

Zinn Co. sold $500,000 of equipment during May under a one-year warranty. The cost to repair defects under the warranty is estimated at 5% of the sales price. On October 10, a customer required a...

Shark Tank is a reality television phenomenon featuring 6 multi-millionaires who give an audience to entrepreneurs hopeful to gain their financial support and business know-how. The show provides a...

A stock is priced at $ 1 4 . 9 4 today, and analysts have a view that the stock will trade at $ 1 7 . 7 6 in one year. The current risk free rate in the economy is 4 . 0 0 % while the market...

eBook A firm with a WACC of 10% is considering the following mutually exclusive projects: $205 $105 19. 20. LE+ Project 1 -$450 $50 $50 $50 $205 O Project 2 -$550 $300 $300 $105 $105 Which project...

1. What do you think are the main problems in using performance management when working in an organisation where many of the workers are volunteers?

describe a model for achieving strategic learning, training and talent development

state what is meant by the term performance management