All posts by : chebby

 In this lab, students need to conduct attacks on the TCP/IP protocols. They can use the Netwox tools and/or other tools in the attacks. All the attacks are performed on Linux operating systems. However, instructors can require students to also conduct the same attacks on other operating systems and compare the observations. To simplify the “guess” of TCP sequence numbers and source port numbers, we assume that attackers are on the same physical network as the victims. Therefore, you can use sniffer tools to get that information. The following is the list of attacks that need to be implemented. 3.1 Task 1 : SYN Flooding Attack ` ` User Server SYN SYN+ACK ACK Active TCP Connection ` ` Attacker Server SYN Spoofed Addresses SYN+ACK ` Legitimate User SYN No Reply Normal TCP 3-way handshake between user and server SYN Flood: attacker sends many SYN to server without ACK. The server is not able to process request from legitimate user 1 2 3 4 1 2 3 Figure 2: SYN Flooding Attack SEED Labs – TCP/IP Attack Lab 4 SYN flood is a form of DoS attack in which attackers send many SYN requests to a victim’s TCP port, but the attackers have no intention to finish the 3-way handshake procedure. Attackers either use spoofed IP address or do not continue the procedure. Through this attack, attackers can flood the victim’s queue that is used for half-opened connections, i.e. the connections that has finished SYN, SYN-ACK, but has not yet gotten a final ACK back. When this queue is full, the victim cannot take any more connection. Figure 2 illustrates the attack. The size of the queue has a system-wide setting. In Linux, we can check the setting using the following command: # sysctl -q net.ipv4.tcp_max_syn_backlog We can use command “netstat -na” to check the usage of the queue, i.e., the number of halfopened connection associated with a listening port. The state for such connections is SYN-RECV. If the 3-way handshake is finished, the state of the connections will be ESTABLISHED. In this task, you need to demonstrate the SYN flooding attack. You can use the Netwox tool to conduct the attack, and then use a sniffer tool to capture the attacking packets. While the attack is going on, run the “netstat -na” command on the victim machine, and compare the result with that before the attack. Please also describe how you know whether the attack is successful or not. The corresponding Netwox tool for this task is numbered 76. Here is a simple help screen for this tool. You can also type “netwox 76 –help” to get the help information. Listing 1: The usage of the Netwox Tool 76 Title: Synflood Usage: netwox 76 -i ip -p port [-s spoofip] Parameters: -i|–dst-ip ip destination IP address -p|–dst-port port destination port number -s|–spoofip spoofip IP spoof initialzation type SYN Cookie Countermeasure: If your attack seems unsuccessful, one thing that you can investigate is whether the SYN cookie mechanism is turned on. SYN cookie is a defense mechanism to counter the SYN flooding attack. The mechanism will kick in if the machine detects that it is under the SYN flooding attack. You can use the sysctl command to turn on/off the SYN cookie mechanism: # sysctl -a | grep cookie (Display the SYN cookie flag) # sysctl -w net.ipv4.tcp_syncookies=0 (turn off SYN cookie) # sysctl -w net.ipv4.tcp_syncookies=1 (turn on SYN cookie) Please run your attacks with the SYN cookie mechanism on and off, and compare the results. In your report, please describe why the SYN cookie can effectively protect the machine against the SYN flooding attack. If your instructor does not cover the mechanism in the lecture, you can find out how the SYN cookie mechanism works from the Internet. 3.2 Task 2 : TCP RST Attacks on telnet and ssh Connections The TCP RST Attack can terminate an established TCP connection between two victims. For example, if there is an established telnet connection (TCP) between two users A and B, attackers can spoof a RST packet from A to B, breaking this existing connection. To succeed in this attack, attackers need to correctly construct the TCP RST packet. SEED Labs – TCP/IP Attack Lab 5 In this task, you need to launch an TCP RST attack to break an existing telnet connection between A and B. After that, try the same attack on an ssh connection. Please describe your observations. To simplify the lab, we assume that the attacker and the victim are on the same LAN, i.e., the attacker can observe the TCP traffic between A and B. The corresponding Netwox tool for this task is numbered 78. Here is a simple help screen for this tool. You can also type “netwox 78 –help” to get the help information. Listing 2: The usage of the Netwox Tool 78 Title: Reset every TCP packet Usage: netwox 78 [-d device] [-f filter] [-s spoofip] Parameters: -d|–device device device name {Eth0} -f|–filter filter pcap filter -s|–spoofip spoofip IP spoof initialization type {linkbraw} 3.3 Task 3 : TCP RST Attacks on Video Streaming Applications Let us make the TCP RST attack more interesting by experimenting it on the applications that are widely used in nowadays. We choose the video streaming application in this task. For this task, you can choose a video streaming web site that you are familiar with (we will not name any specific web site here). Most of video sharing websites establish a TCP connection with the client for streaming the video content. The attacker’s goal is to disrupt the TCP session established between the victim and video streaming machine. To simplify the lab, we assume that the attacker and the victim are on the same LAN. In the following, we describe the common interaction between a user (the victim) and some video-streaming web site: • The victim browses for a video content in the video-streaming web site, and selects one of the videos for streaming. • Normally video contents are hosted by a different machine, where all the video contents are located. After the victim selects a video, a TCP session will be established between the victim machine and the content server for the video streaming. The victim can then view the video he/she has selected. Your task is to disrupt the video streaming by breaking the TCP connection between the victim and the content server. You can let the victim user browse the video-streaming site from another (virtual) machine or from the same (virtual) machine as the attacker. Please be noted that, to avoid liability issues, any attacking packets should be targeted at the victim machine (which is the machine run by yourself), not at the content server machine (which does not belong to you). 3.4 Task 4 : TCP Session Hijacking The objective of the TCP Session Hijacking attack is to hijack an existing TCP connection (session) between two victims by injecting malicious contents into this session. If this connection is a telnet session, attackers can inject malicious commands (e.g. deleting an important file) into this session, causing the victims to execute the malicious commands. Figure 3 depicts how the attack works. In this task, you need to demonstrate how you can hijack a telnet session between two computers. Your goal is to get the the telnet server to run a malicious command from you. For the simplicity of the task, we assume that the attacker and the victim are on the same LAN. SEED Labs – TCP/IP Attack Lab 6 Note: If you use Wireshark to observe the network traffic, you should be aware that when Wireshark displays the TCP sequence number, by default, it displays the relative sequence number, which equals to the actual sequence number minus the initial sequence number. If you want to see the actual sequence number in a packet, you need to right click the TCP section of the Wireshark output, and select “Protocol Preference”. In the popup window, uncheck the “Relative Sequence Number and Window Scaling” option. The corresponding Netwox tool for this task is numbered 40. Here is part of the help screen for this tool. You can also type “netwox 40 –help” to get the full help information. You may also need to use Wireshark to find out the correct parameters for building the spoofed TCP packet. Listing 3: Part usage of netwox tool 40 Title: Spoof Ip4Tcp packet Usage: netwox 40 [-l ip] [-m ip] [-o port] [-p port] [-q uint32] [-B] Parameters: -l|–ip4-src ip IP4 src {10.0.2.6} -m|–ip4-dst ip IP4 dst {5.6.7.8} -o|–tcp-src port TCP src {1234} -p|–tcp-dst port TCP dst {80} -q|–tcp-seqnum uint32 TCP seqnum (rand if unset) {0} -H|–tcp-data mixed_data mixed data ` ` User Server ` Attacker Attacker hijacks the TCP session and sends “Z” to server on behalf of client Data: “A” Data: “Z” Seq No.: ? ACK 3-way Handshake Data: “B” ACK Sniffing Figure 3: TCP Session Hijacking Attack SEED Labs – TCP/IP Attack Lab 7 3.5 Task 5 : Creating Reverse Shell using TCP Session Hijacking When attackers are able to inject a command to the victim’s machine using TCP session hijacking, they are not interested in running one simple command on the victim machine; they are interested in running many commands. Obviously, running these commands all through TCP session hijacking is inconvenient. What attackers want to achieve is to use the attack to set up a back door, so they can use this back door to conveniently conduct further damages. A typical way to set up back doors is to run a reverse shell from the victim machine to give the attack the shell access to the victim machine. Reverse shell is a shell process running on a remote machine, connecting back to the attacker’s machine. This gives an attacker a convenient way to access a remote machine once it has been compromised. In the following, we will show how we can set up a reverse shell if we can directly run a command on the victim machine (i.e. the server machine). In the TCP session hijacking attack, attackers cannot directly run a command on the victim machine, so their jobs is to run a reverse-shell command through the session hijacking attack. In this task, students need to demonstrate that they can achieve this goal. 

its a project work. related about matlab  programming

The vast majority of the population associates Blockchain with cryptocurrency Bitcoin; however, there are many other uses of blockchain; such as Litecoin, Ether, and other currencies. In this discussion, please describe at least two cryptocurrencies with applicable examples. Discuss some similarities and differences. Lastly, discuss if you have any experience using any cryptocurrencies.

Please make your initial post and two response posts substantive. A substantive post will do at least two of the following:

• Ask an interesting, thoughtful question pertaining to the topic
• Answer a question (in detail) posted by another student or the instructor
• Provide extensive additional information on the topic
• Explain, define, or analyze the topic in detail
• Share an applicable personal experience
• Provide an outside source (for example, an article from the UC Library) that applies to the topic, along with additional information about the topic or the source (please cite properly in APA)
• Make an argument concerning the topic.

From the following website: https://www.techsmith.com/download/snagit/, download a free trial version of the screen capturing software know as Snagit and use the video resources in this module to learn about the software and its interface.

Now, think about all the knowledge and experience you currently have using and working with the internet. Use this knowledge to create a how-to video to be published on YouTube. The video created needs to be a minimum of five minutes and must include voiceover with your voice.

Using experience and a minimum of three sources of research, the how-to video in this case should be developed in a way to teach others how:

• The Internet supports online education
• To determine the validity of information over the internet demonstrating best practices of internet research.
• The Internet supports social networking including both pros and cons.
• To use research skills locating information to assist in completion of graded assessments

Once the video is created using Snagit, upload the video to YouTube and include the video link created from YouTube in the comments section of the submission area for this assignment. Also, include the sources of research used to support your video content in the comments section as well.

Important Note: We recognize and understand that some may not be comfortable uploading videos to YouTube. In these cases, upload and attach the actual video file to the submission area for this assignment and include the sources of research used to support your video content in the comments section.

Assignment Expectations

Video Length: Minimum of five minutes

Structure: Include voiceover

References: Use the appropriate APA style in-text citations and references for all resources utilized to create video content and references can be shown in the video itself.

Format: Snagit (Use of another screen video capture software can be used other than Snagit to create video)

File name: Name your saved file according to your first initial, last name, and the assignment number (for example, “RHall Assignment_1.mp4”)

  Base on the reading assignment, your experience, and personal research, please  answer the following questions: 

• Thoroughly explain the Base Station Controller (BSC) as it relates to a cellular network?
• What is a Mobile Equipment Identifier (MEID) and what is it used for?
• As an examiner, why is it important for you to understand how a call is routed through the cellular network?
• What is the significance of Code Division Multiple Access (CDMA)?
• List and explain three components of a SIM file system

Post your main response to the question (400 words minimum). 

Have to do excel sheets

Specification

Introduction

A suitable system to implement. This system must be a data processing system that concerns the creation, storage, management, processing and visualising of a set of data with which you are currently involved. 

This implementation MUST be undertaken using the Python 3 programming language (as per the work you have done in your learning sessions).

Part 1 – System Build

Provide a concise written description of your selected data processing system (guideline word count 500 words). This can include diagrams or images if this is required to best support your description. Also, include the user stories that describe the functionality of the system. Whilst this will not directly accrue any marks, it is required to establish if your software implementation satisfies the requirements of the system.

Produce a Python 3 implementation of your chosen system. This must provide the data processing and visualisation relevant to your system and provide a graphical user interface (GUI) to this processing and visualisation.

You must utilise object-oriented programming where appropriate and structure your solution using the module and package approach adopted by good idiomatic Python 3 implementations (also referred to as being Pythonic). It is expected that the structure of your submitted Python project will also reflect this

structure, utilising a main project folder (with any necessary sub-folders) and appropriate Python 3 script files.

You are also expected to provide full documentation of the details of your implementation by including appropriate code comments within your Python 3 script files.

Part 2 – Automated Testing

Provide a set of automated unit tests (using a suitable Python 3 automated testing  framework  such  as  the  unittest module)  that  exercise  and demonstrate the correct functionality for 4 separate methods taken from a class (or classes) that is involved with part of the data processing in your system. You can choose methods related to any of the CRUD functions. Do not include any method which would require testing of the GUI (this is beyond what was included as part of your learning during the module). Ensure you fully document your test code using appropriate code commenting.

Your automated unit tests must be provided within the Python project in a way that properly separates these tests from the production version of your implementation. Also, the automated unit tests must be able to be run from within the PyCharm Community Edition IDE you have worked with in your learning sessions, using the automated unit testing integration offered by this IDE.

Part 3 – System Function Traceability Report

Produce a report that traces the functionality provided in your software implementation back to the specific requirement for that function in your system description. This must be done by mapping the user stories that represent your system requirements to the various classes and methods of those classes that you have implemented in your software solution.

You must also provide for each trace back a short explanation as to how the mapped class and /or method directly contributes to satisfying the “So that…” aspect of the user story involved.

A recommended approach here is to tabulate your mappings so they can be easily traced.

Part 4 – Reflective Report

You are to write a short reflective report (guideline word count 500 words) focussing on one future trend in computing and considering how new ideas and theories could be applied in the application domain you have developed for this assignment.

You should consider both the potential benefits of the new ideas as well as the inherent complexities and present your reasoned evaluation and conclusions regarding the application of those new ideas within your chosen domain.

If your application is work related, you could conclude your reflective evaluation with recommendations relevant to your employer regarding the adoption, or otherwise, of new advanced computing techniques.

For this reflective report you could consider any one of the following topics or chose any other current computing topic:

  Big Data / Data mining or analytics / Data visualisation

  Artificial Intelligence / Machine learning

  Robotics and Social Interaction

  Virtual or Augmented reality

  Security within Cloud computing

  The internet of things (IoT)

  Autonomous Transportation

  Wearable devices and sensors

You are not expected to reference research papers or present a very technical explanation of the topic – rather you are expected to focus on the advantages and complexities of applying the theory in your application area.

You should start your reflective report with a short description of your chosen topic (250 words or thereabouts would be appropriate for this) before presenting your evaluation of its application.

Citations of web sources for this is perfectly fine but your sources must be correctly cited and a reference list provided (as per the Harvard referencing scheme).

Quotations should be kept to a very minimum and 90% of the words should be your own.

Deliverables

A zipped archive of your main Python project folder which must include all relevant files need to both run your software implementation and run the automated unit tests. Also, include in this archive the word processed document that contains the concise description of the system and the associated user stories  (as  required in  Part  1).  Any details of  further  instructions  or  any additional Python 3 libraries (beyond those in the standard Python 3 installation) must also be provided in a  readme.txt file (to ensure your software implementation can be run). Provide this archive as a single zip file. This archive will be used when you provide your demonstration of your system.

A single word processed document that contains the traceability and reflective reports required for the Part 3 and Part 4 tasks. Make sure this document is

clearly organised into titled sections and that any diagrams and images are referenced with a figure number. Ensure it is evident which of these sections relates to which assessment task to avoid any ambiguity when your work is considered during marking. 

Also, ensure you provide any referenced work within this document (as per the normal Harvard referencing scheme).

What are authentication factors and what are the risks associated with them?

It must be at least 450 words and have references.

No plagiarism and no grammar mistakes and need APA format.

properly cite the references.

Write an essay discussing sqlmap, an automated tool for sql injection and database takeover in 500 words or more. Why do we need an automated tool for sql injection? 

Write in essay format not in outline, bulleted, numbered or other list format.  

Use the five paragraph format. Each paragraph must have at least five sentences

Need literature review for 40-70 pages