Upload
seejalsshetty
View
223
Download
0
Embed Size (px)
Citation preview
8/19/2019 network security report
1/32
Demonstration and Implementation of Information and Network Security Tool
Program Name: Play Fair Cipher
Description:
The Playfair cipher or Playfair square or Wheatstone-Playfair cipher or Wheatstone cipher is a
manual symmetric encryption technique and was the first literal diagram substitution cipher. The
Playfair cipher uses a 5 by 5 table containing a key word or phrase. Memorization of the
keyword and simple rules was all that was required to create the 5 by 5 table and use the
cipher.
!ubstitution cipher is a method of encoding by which units of plainte"t are replaced with
cipherte"t# according to a fi"ed system$ the %units% may be single letters &the most common'#
pairs of letters# triplets of letters# mi"tures of the abo(e# and so forth. The recei(er deciphers the
te"t by performing the in(erse substitution.
STEPS IN P!" F!I# CIP$E# !%IT$':
)ny sequence of *5 letters can be used as a key# so long as all letters are in it and there are no
repeats. +ote that there is no ,,# it is combined with ,i,. We now apply the encryption rules to
encrypt the plainte"t.
. /emo(e any punctuation or characters that are not present in the key square &this may
mean spelling out numbers# punctuation etc.'.
*. 0dentify any double letters in the plainte"t and replace the second occurence with an ,",
e.g. ,hammer, -1 ,ham"er,.
2. 0f the plainte"t has an odd number of characters# append an ,", to the end to make it e(en.
. 3reak the plainte"t into pairs of letters# e.g. ,ham"er, -1 ,ha m" er,
5. The algorithm now works on each of the letter pairs.
4. ocate the letters in the key square# &the e"amples gi(en are using the key square abo(e'
a. 0f the letters are in different rows and columns# replace the pair with the letters on
the same row respecti(ely but at the other pair of corners of the rectangle defined by
the original pair. The order is important 6 the first encrypted letter of the pair is the one
that lies on the same row as the first plainte"t letter. ,ha, -1 ,bo,# ,es, -1 ,il,
Department of CSE( SIT( 'angaluru Page 1
8/19/2019 network security report
2/32
Demonstration and Implementation of Information and Network Security Tool
b. 0f the letters appear on the same row of the table# replace them with the letters to
their immediate right respecti(ely &wrapping around to the left side of the row if a
letter in the original pair was on the right side of the row'. ,ma, -1 ,or,# ,lp, -1 ,pq,
c. 0f the letters appear on the same column of the table# replace them with the letters
immediately below respecti(ely &wrapping around to the top side of the column if a
letter in the original pair was on the bottom side of the column'. ,rk, -1 ,dt,# ,p(, -1 ,(o,
Source Code :
77 0mplementation of Play 8air 9ipher )lgorithm in :a(a anguage
package New;
import java.util.*;class Basic{
String allChar="ABC!#$%&'()N+,-S/01234";
5oolean in6e78Char9char c:
{
8or9int i=;i < allChar.length9:;i:
{
i89allChar.charAt9i:==c:
return true;
>
return 8alse;
>>
class +la?air{
Basic 5=new Basic9:;
char ke?)atri7@@=new char@@;
5oolean repeat9char c:
{
i895.in6e78Char9c::
{
return true;
>
8or9int i=;i < ke?)atri7.length;i:
{
8or9int j=;j < ke?)[email protected];j:
{
i89ke?)atri7@i@j==c DD c==E&E:
return true;
Department of CSE( SIT( 'angaluru Page 2
8/19/2019 network security report
3/32
Demonstration and Implementation of Information and Network Security Tool
>
>
return 8alse;
>
voi6 insert'e?9String ke?:{
ke?=ke?.to/pperCase9:;
ke?=ke?.replaceAll9"&"F "%":;
ke?=ke?.replaceAll9" "F "":;
int a=F5=;
8or9int k=;k < ke?.length9:;k:
{
i89repeat9ke?.charAt9k:::
{
ke?)atri7@a@5=ke?.charAt9k:;i895GH:
{
5=;
a;
>
>
>
char p=EAE;
while9a < :
{
while95 < :
{
i89repeat9p::
{
ke?)atri7@a@5=p;
>
p;
>5=;
a;
>
S?stem.out.print9"IIIIIIIIIIIIIIIIIIIIIIIII'e?
)atri7IIIIIIIIIIIIIIIIIII":;
8or9int i=;i < ;i:
{
Department of CSE( SIT( 'angaluru Page 3
8/19/2019 network security report
4/32
Demonstration and Implementation of Information and Network Security Tool
S?stem.out.println9:;
8or9int j=;j < ;j:
{
S?stem.out.print9"Jt"ke?)atri7@i@j:;
>
>S?stem.out.println9"JnIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
IIIIIIIII":;
>
int row+os9char c:
{
8or9int i=;i < ke?)atri7.length;i:
{
8or9int j=;j < ke?)[email protected];j:
{i89ke?)atri7@i@j==c:
return i;
>
>
return IK;
>
int column+os9char c:
{
8or9int i=;i < ke?)atri7.length;i:
{
8or9int j=;j < ke?)[email protected];j:
{
i89ke?)atri7@i@j==c:
return j;
>
>
return IK;
>
String encr?ptChar9String plain:{
plain=plain.to/pperCase9:;
char a=plain.charAt9:F5=plain.charAt9K:;
String cipherChar="";
int rKFcKFrLFcL;
rK=row+os9a:;
cK=column+os9a:;
Department of CSE( SIT( 'angaluru Page 4
8/19/2019 network security report
5/32
Demonstration and Implementation of Information and Network Security Tool
rL=row+os95:;
cL=column+os95:;
i89cK==cL:
{
rK;rL;
i89rKGH:
rK=;
i89rLGH:
rL=;
cipherChar=ke?)atri7@rK@cL;
cipherChar=ke?)atri7@rL@cK;
>
else i89rK==rL:
{cK;
cL;
i89cKGH:
cK=;
i89cLGH:
cL=;
cipherChar=ke?)atri7@rK@cK;
cipherChar=ke?)atri7@rL@cL;
>
else{
cipherChar=ke?)atri7@rK@cL;
cipherChar=ke?)atri7@rL@cK;
>
return cipherChar;
>
String !ncr?pt9String plaine7tFString ke?:
{
insert'e?9ke?:;
String ciphere7t="";
plaine7t=plaine7t.replaceAll9"j"F "i":;
plaine7t=plaine7t.replaceAll9" "F "":;
plaine7t=plaine7t.to/pperCase9:;
Department of CSE( SIT( 'angaluru Page 5
8/19/2019 network security report
6/32
Demonstration and Implementation of Information and Network Security Tool
int len=plaine7t.length9:;
MM S?stem.out.println9plaine7t.su5string9KFLK::;
i89lenML=:
{
plaine7t="2";
len;>
8or9int i=;i < lenIK;i=iL:
{
ciphere7t=encr?ptChar9plaine7t.su5string9iFiL::;
ciphere7t=" ";
>
return ciphere7t;
>
String 6ecr?ptChar9String cipher:
{
cipher=cipher.to/pperCase9:;
char a=cipher.charAt9:F5=cipher.charAt9K:;
String plainChar="";
int rKFcKFrLFcL;
rK=row+os9a:;
cK=column+os9a:;
rL=row+os95:;
cL=column+os95:;
i89cK==cL:
{
IIrK;
IIrL;
i89rK < :
rK=H;
i89rL < :
rL=H;
plainChar=ke?)atri7@rK@cL;plainChar=ke?)atri7@rL@cK;
>
else i89rK==rL:
{
IIcK;
IIcL;
i89cK < :
Department of CSE( SIT( 'angaluru Page 6
8/19/2019 network security report
7/32
Demonstration and Implementation of Information and Network Security Tool
cK=H;
i89cL < :
cL=H;
plainChar=ke?)atri7@rK@cK;
plainChar=ke?)atri7@rL@cL;
>
else{
plainChar=ke?)atri7@rK@cL;
plainChar=ke?)atri7@rL@cK;
>
return plainChar;
>
String ecr?pt9String ciphere7tFString ke?:
{
String plaine7t="";
ciphere7t=ciphere7t.replaceAll9"j"F "i":;
ciphere7t=ciphere7t.replaceAll9" "F "":;
ciphere7t=ciphere7t.to/pperCase9:;
int len=ciphere7t.length9:;
8or9int i=;i < lenIK;i=iL:
{
plaine7t=6ecr?ptChar9ciphere7t.su5string9iFiL::;
plaine7t=" ";
>
return plaine7t;
>
>
class +la?airCipher{pu5lic static voi6 main9String args@:throws !7ception
{
+la?air p=new +la?air9:;
Scanner scn=new Scanner9S?stem.in:;
String ke?Fciphere7tFplaine7t;
S?stem.out.println9"!nter plainte7t":;
Department of CSE( SIT( 'angaluru Page 7
8/19/2019 network security report
8/32
Demonstration and Implementation of Information and Network Security Tool
plaine7t=scn.ne7t(ine9:;
S?stem.out.println9"!nter 'e?":;
ke?=scn.ne7t(ine9:;
ciphere7t=p.!ncr?pt9plaine7tFke?:;
S?stem.out.println9"!ncr?pte6 te7t":;
S?stem.out.println9"IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
IIIIIIIJn"ciphere7t:;
S?stem.out.println9"IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
IIIIIII":;
String encr?pte6e7t=p.ecr?pt9ciphere7tF ke?:;
S?stem.out.println9"ecr?pte6 te7t" :;
S?stem.out.println9"IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII
IIIIIIIJn"encr?pte6e7t:;
S?stem.out.println9"IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII":;
>
>
&utput:
Department of CSE( SIT( 'angaluru Page 8
8/19/2019 network security report
9/32
Demonstration and Implementation of Information and Network Security Tool
T&& DE'&NST#!TI&N
Tool Name: )ireshark
Description and )orking:
)ireshark is a 8ree and ;pen packet analyzer. 0t is used for network troubleshooting# analysis#
software and communications protocol de(elopment# and education. ;riginally named Ethereal#
the proect was renamed Wireshark in May *
8/19/2019 network security report
10/32
Demonstration and Implementation of Information and Network Security Tool
• Do0P calls in the captured traffic can be detected. 0f encoded in a compatible encoding#
the media flow can e(en be played.
• /aw C!3 traffic can be captured.
• Wireless connections can also be filtered.
The user typically sees packets highlighted in green# blue# and black. Wireshark uses colors to
help the user identify the types of traffic at a glance. 3y default# green is T9P traffic# dark blue is
=+! traffic# light blue is C=P traffic# and black identifies T9P packets with problems E for
e"ample# they could ha(e been deli(ered out-of-order. Csers can change e"isting rules for
coloring packets# add new rules# or remo(e rules.
=ownload Wireshark from www.wireshark.org and install# wireshark launches as shown infigure .
!elect your interface &ie wired or wireless' then capture options
8igure> Wireshark welcome window
)fter Wireshark launches it displays 2 panes# the top pane shows the 0PFs and protocols
Department of CSE( SIT( 'angaluru Page 10
https://en.wikipedia.org/wiki/Voice_over_IPhttps://en.wikipedia.org/wiki/Universal_Serial_Bushttp://www.wireshark.org/http://www.wireshark.org/https://en.wikipedia.org/wiki/Voice_over_IPhttps://en.wikipedia.org/wiki/Universal_Serial_Bushttp://www.wireshark.org/
8/19/2019 network security report
11/32
Demonstration and Implementation of Information and Network Security Tool
8igure*> Window =isplayed after ocal area connection is selected
Gou can also filter these results by protocol and 0P as shown below
8igure2> 8ilters can be applied to show results by protocols and 0P
Department of CSE( SIT( 'angaluru Page 11
8/19/2019 network security report
12/32
Demonstration and Implementation of Information and Network Security Tool
8igure5> ;nly HTTP Protocols are displayed after applying filter.
Department of CSE( SIT( 'angaluru Page 12
8/19/2019 network security report
13/32
Demonstration and Implementation of Information and Network Security Tool
Tool Name: Network Stum+ler
Description and )orking:
NetStum+ler &also known as Network Stum+ler' is a tool for Windows that facilitates detection
of Wireless )+s using the A
8/19/2019 network security report
14/32
Demonstration and Implementation of Information and Network Security Tool
0t is a reliable software that helps you to quickly detect wireless local area networks &W)+s' and
search for locations with poor co(erage in your W)+.
8igure - +etwork !tumbler
8igure * 6 !ample +etwork !tumbler @"ample
Department of CSE( SIT( 'angaluru Page 14
8/19/2019 network security report
15/32
Demonstration and Implementation of Information and Network Security Tool
Tool Name: Netcat
Description and )orking:
Netcat &often abbre(iated to nc' is a computer networking utility for reading from and writing to
network connections using T9P or C=P. +etcat is designed to be a dependable back-end that can
be used directly or easily dri(en by other programs and scripts. )t the same time# it is a feature-
rich network debugging and in(estigation tool# since it can produce almost any kind of
connection its user could need and has a number of built-in capabilities.
0ts list of features includes port scanning# transferring files# and port listening# and it can be used
as a backdoor.
The original netcat,s features include>IJ
• ;utbound or inbound connections# T9P or C=P# to or from any ports
• 8ull =+! forward7re(erse checking# with appropriate warnings
• )bility to use any local source port
• )bility to use any locally configured network source address
• 3uilt-in port-scanning capabilities# with randomization
•3uilt-in loose source-routing capability
• 9an read command line arguments from standard input
• !low-send mode# one line e(ery + seconds
Department of CSE( SIT( 'angaluru Page 15
https://en.wikipedia.org/wiki/Netcat#cite_note-nc110-1https://en.wikipedia.org/wiki/Reverse_DNS_lookuphttps://en.wikipedia.org/wiki/Reverse_DNS_lookuphttps://en.wikipedia.org/wiki/Netcat#cite_note-nc110-1https://en.wikipedia.org/wiki/Reverse_DNS_lookup
8/19/2019 network security report
16/32
Demonstration and Implementation of Information and Network Security Tool
• He" dump of transmitted and recei(ed data
• ;ptional ability to let another program ser(ice establish connections
• ;ptional telnet-options responder
• 8eatured tunneling mode which permits user-defined tunneling# e.g.# C=P or T9P# with
the possibility of specifying all network parameters &source port7interface# listening
port7interface# and the remote host allowed to connect to the tunnel'.
To install netcat in ubuntu use Kapt-get installF command as shown in 8igure.
)fter the installation is done type Knc -hF like shown in 8igure* & netcat offers you help through
-h option'.
8igure> 0nstalling netcat
Department of CSE( SIT( 'angaluru Page 16
https://en.wikipedia.org/wiki/Hex_dumphttps://en.wikipedia.org/wiki/Telnethttps://en.wikipedia.org/wiki/Tunneling_protocolhttps://en.wikipedia.org/wiki/Hex_dumphttps://en.wikipedia.org/wiki/Telnethttps://en.wikipedia.org/wiki/Tunneling_protocol
8/19/2019 network security report
17/32
Demonstration and Implementation of Information and Network Security Tool
8igure *> shows how to set up the ser(er using netcat in listening mode. We will use port *25
and will specify the port number with -p option.
Tool Name: tcpdump
Description and )orking:
Tcpdump is a common packet analyzer that runs under the command line. 0t allows the user todisplay T9P70P and other packets being transmitted or recei(ed o(er a network to which the
computer is attached. =istributed under the 3!= license# tcpdump is free software.
Tcpdump works on most Cni"-like operating systems> inu"# !olaris# 3!=# ;! ?# HP-
C?# )ndroid and )0? among others. 0n those systems# tcpdump uses the libpcap library to
capture packets. The port of tcpdump for Windows is called Win=ump$ it uses WinPcap# the
Windows port of libpcap.
Tcpdump prints the contents of network packets. 0t can read packets from a network interface
card or from a pre(iously created sa(ed packet file. Tcpdump can write packets to standard
output or a file.
Department of CSE( SIT( 'angaluru Page 17
8/19/2019 network security report
18/32
Demonstration and Implementation of Information and Network Security Tool
0t is also possible to use tcpdump for the specific purpose of intercepting and displaying the
communications of another user or computer. ) user with the necessary pri(ileges on a system
acting as a router or gateway through which unencrypted traffic such as Telnet or HTTP passes
can use tcpdump to (iew login 0=s# passwords# the C/s and content of websites being (iewed#
or any other unencrypted information.
The user may optionally apply a 3P8-based filter to limit the number of packets seen by
tcpdump$ this renders the output more usable on networks with a high (olume of traffic.
0n some Cni"-like operating systems# a user must ha(e super user pri(ileges to use tcpdump
because the packet capturing mechanisms on those systems require ele(ated pri(ileges. Howe(er#
the -L option may be used to drop pri(ileges to a specific unpri(ileged user after capturing has
been set up. 0n other Cni"-like operating systems# the packet capturing mechanism can be
configured to allow non-pri(ileged users to use it$ if that is done# super user pri(ileges are not
required.
Tcpdump is a powerful network debugging tool that can be used for intercepting and displaying
packets on a network interface. )n important feature of tcpdump is a filter that allows you to
display only the packets you want to see.
The following command will install tcpdump under Cbuntu>
sudo apt-get install tcpdump
Usage:
sudo tcpdump IoptionsJ Ifilter e"pressionJ
We can specify a interface using the 6i command line flag.
The following command will capture all packets on the eth< interface>
sudo tcpdump -i eth<
Department of CSE( SIT( 'angaluru Page 18
https://en.wikipedia.org/wiki/Router_(computing)https://en.wikipedia.org/wiki/Telnethttps://en.wikipedia.org/wiki/Telnethttps://en.wikipedia.org/wiki/HTTPhttps://en.wikipedia.org/wiki/HTTPhttps://en.wikipedia.org/wiki/Uniform_Resource_Locatorhttps://en.wikipedia.org/wiki/Router_(computing)https://en.wikipedia.org/wiki/Telnethttps://en.wikipedia.org/wiki/HTTPhttps://en.wikipedia.org/wiki/Uniform_Resource_Locator
8/19/2019 network security report
19/32
Demonstration and Implementation of Information and Network Security Tool
8igure > 9apture of all packets under eth< interface.
Tool Name: Nmap
Description and )orking:
Nmap & Network Mapper ' is a security scanner originally written by Bordon yon ' used to
disco(er hosts and ser(ices on a computer network# thus creating a %map% of the network. To
accomplish its goal# +map sends specially crafted packets to the target host and then analyzes the
responses.
The software pro(ides a number of features for probing computer networks# including host
disco(ery and ser(ice and operating system detection. These features are e"tensible by scripts
that pro(ide more ad(anced ser(ice detection# (ulnerability detection# and other features. +map
Department of CSE( SIT( 'angaluru Page 19
8/19/2019 network security report
20/32
Demonstration and Implementation of Information and Network Security Tool
is also capable of adapting to network conditions including latency and congestion during a scan.
+map is under de(elopment and refinement by its user community.
+map was originally a inu"-only utility# but it was ported to Windows# !olaris# HP-
C?# 3!= (ariants &including ;! ?'# )miga ;!# and 0/0?. inu" is the most popular platform#
followed closely by Windows.
+map features include>
• Host disco(ery 6 0dentifying hosts on a network. 8or e"ample# listing the hosts that
respond to T9P and7or 09MP requests or ha(e a particular port open.
• Port scanning 6 @numerating the open ports on target hosts.
• Dersion detection 6 0nterrogating network ser(ices on remote de(ices to determine
application name and (ersion number.
• ;! detection 6 =etermining the operating system and hardware characteristics of
network de(ices.
+map can pro(ide further information on targets# including re(erse =+! names# de(ice types#
and M)9 addresses.
+map website > www.nmap.org
Typical uses of Nmap:
• )uditing the security of a de(ice or firewall by identifying the network connections
which can be made to# or through it.
• 0dentifying open ports on a target host in preparation for auditing.
• +etwork in(entory# network mapping# maintenance and asset management.
Department of CSE( SIT( 'angaluru Page 20
https://en.wikipedia.org/wiki/Transmission_Control_Protocolhttps://en.wikipedia.org/wiki/Transmission_Control_Protocolhttps://en.wikipedia.org/wiki/Internet_Control_Message_Protocolhttps://en.wikipedia.org/wiki/Port_scannerhttps://en.wikipedia.org/wiki/TCP_and_UDP_porthttps://en.wikipedia.org/wiki/TCP_and_UDP_porthttps://en.wikipedia.org/wiki/OS_fingerprintinghttps://en.wikipedia.org/wiki/OS_fingerprintinghttps://en.wikipedia.org/wiki/Operating_systemhttps://en.wikipedia.org/wiki/Operating_systemhttps://en.wikipedia.org/wiki/Domain_Name_Systemhttps://en.wikipedia.org/wiki/Domain_Name_Systemhttps://en.wikipedia.org/wiki/MAC_addresshttps://en.wikipedia.org/wiki/MAC_addresshttp://www.nmap.org/https://en.wikipedia.org/wiki/Network_mappinghttps://en.wikipedia.org/wiki/Transmission_Control_Protocolhttps://en.wikipedia.org/wiki/Internet_Control_Message_Protocolhttps://en.wikipedia.org/wiki/Port_scannerhttps://en.wikipedia.org/wiki/TCP_and_UDP_porthttps://en.wikipedia.org/wiki/OS_fingerprintinghttps://en.wikipedia.org/wiki/Operating_systemhttps://en.wikipedia.org/wiki/Domain_Name_Systemhttps://en.wikipedia.org/wiki/MAC_addresshttp://www.nmap.org/https://en.wikipedia.org/wiki/Network_mapping
8/19/2019 network security report
21/32
Demonstration and Implementation of Information and Network Security Tool
• )uditing the security of a network by identifying new ser(ers.
• Benerating traffic to hosts on a network.
• 8ind and e"ploit (ulnerabilities in a network.
The command below is used to install nmap in Cbuntu ;!.
sudo apt-get install nmap
The command below is used to scan the C=P ports of www.google.com
sudo nmap 6sC *4.5A.4.
8igure > !canning C=P ports of google.com 0P address.
The command below is used to scan the T9P ports of www.google.com
sudo nmap 6sT google.com
Department of CSE( SIT( 'angaluru Page 21
https://en.wikipedia.org/wiki/Exploit_(computer_security)https://en.wikipedia.org/wiki/Exploit_(computer_security)http://www.google.com/http://www.google.com/https://en.wikipedia.org/wiki/Exploit_(computer_security)http://www.google.com/http://www.google.com/
8/19/2019 network security report
22/32
Demonstration and Implementation of Information and Network Security Tool
8igure *> !canning the T9P ports of www.google.com
Tool Name: ight+eam
Description and )orking:
Department of CSE( SIT( 'angaluru Page 22
8/19/2019 network security report
23/32
Demonstration and Implementation of Information and Network Security Tool
ight+eam &called Collusion in its e"perimental (ersion' is an add-on for 8irefo" that displays
third party tracking cookies placed on the user,s computer while (isiting (arious websites. 0t
displays a graph of the interactions and connections of sites (isited and the tracking sites to
which they pro(ide information.
ight+eam Functionality:
;nce installed and enabled# ightbeam records all tracking cookies sa(ed on the user,s computer
through the 8irefo" browser by the (arious sites that the user (isits. 0t differentiates between
%beha(ioral% tracking cookies and other tracking cookies. )t any time during a browsing session
the user can open a separate tab# using the %!how ightbeam% option of Tools# to display a graph
of sites (isited and cookies placed. This will show when a gi(en cookie is used by multiple sites#
thus enabling those sites to track the user from site to site. ightbeam will also allow the user to
see which ad(ertisers or other third parties are connected to which cookies# and thus can de(elop
information about the user,s browsing from site to site. Mozilla emphasizes that it displays its
data in real time. )ccording to Mozilla# all data collected by ightbeam is stored locally# and is
not shared with anyone# unless the user intentionally e"ports the data and shares it manually.
Tool Name: -eePass
Description and )orking:
Department of CSE( SIT( 'angaluru Page 23
8/19/2019 network security report
24/32
Demonstration and Implementation of Information and Network Security Tool
NeePass Password !afe is a free# open source# and light-weight password management utility
primarily for Microsoft Windows. 0t officially supports other operating systems through the use
of Mono. )dditionally# there are se(eral unofficial ports for Windows Phone# )ndroid# i;!#
and 3lack3erry de(ices. NeePass stores usernames# passwords# and other fields# including free-
form notes and file attachments# in an encrypted file# protected by a master password# key file#and7or the current Windows account details. 3y default# the NeePass database is stored on
local file system &as opposed to cloud storage'.
NeePass is fle"ible and e"tensible# with many configuration options and support for plugins. 0t
has a password generator and synchronization function# supports two-factor authentication# and
has a Secure Desktop mode. 0t can use a two-channel auto-type obfuscation feature to offer
additional protection against keyloggers. NeePass can import from o(er 2< other most commonly
used password managers.
Features:
Password management
Passwords stored by this application can be further di(ided into manageable groups. @ach group
can ha(e an identifying icon. Broups can be further di(ided into subgroups in a tree-like
organization.
8urther# NeePass tracks the creation time# modification time# last access time# and e"piration
time of each password stored. 8iles can be attached and stored with a password record# or te"t
notes can be entered with the password details. @ach password record can also ha(e an
associated icon.
0mport and e"port
The password list can be e"ported to (arious formats like T?T# HTM# ?M and 9!D. The
?M output can be used in other applications and re-imported into NeePass using a plugin. The
9!D output is compatible with many other password safes like the commercial closed-source
Password Neeper and the closed-source Password )gent. )lso# the 9!Ds can be imported by
spreadsheet applications like Microsoft @"cel or;pen;ffice7ibre;ffice 9alc. @"ports from
these programs can be imported to NeePass databases. NeePass can parse and import T?T
Department of CSE( SIT( 'angaluru Page 24
https://en.wikipedia.org/wiki/Keystroke_logginghttps://en.wikipedia.org/wiki/Keystroke_logging
8/19/2019 network security report
25/32
Demonstration and Implementation of Information and Network Security Tool
outputs of 9odeWalletPro# a commercial closed-source password safe. 0t can import T?T files
too.
Multi-user support
NeePass supports simultaneous access and simultaneous changes to a shared password file by
multiple computers &often by using a shared network dri(e'# howe(er there is no pro(isioning of
access per-group or per-entry. )s of May *
8/19/2019 network security report
26/32
Demonstration and Implementation of Information and Network Security Tool
8igure > Neepass window
8igure *> 9reate new database file
Department of CSE( SIT( 'angaluru Page 26
8/19/2019 network security report
27/32
Demonstration and Implementation of Information and Network Security Tool
8igure 2> @ntering the master password
Department of CSE( SIT( 'angaluru Page 27
8/19/2019 network security report
28/32
Demonstration and Implementation of Information and Network Security Tool
8igure > !a(ing the password.
Tool Name: Comodo firewall
Description and )orking:
9omodo 0nternet !ecurity &90!'# de(eloped by 9omodo Broup# is an 0nternet security suite
for Microsoft Windows. 0t includes an anti(irus program# a personal firewall# a sandbo" and
a host-based intrusion pre(ention system &H0P!' called Defense+.
9omodo 0nternet !ecurity &90!' is a(ailable in three editions> 9omplete# Pro and a core free
edition. The core edition is free and contains all security features of Pro. The Pro edition adds
technical support. The 9omplete edition complements the feature set with encryption of
transmitted data o(er the 0nternet connections and online storage for backup.
How does a firewall workO
)t their most basic# firewalls work like a filter between your computer7network and the 0nternet.
Gou can program what you want to get out and what you want to get in. @(erything else is not
allowed. There are se(eral different methods firewalls use to filter out information# and some are
Department of CSE( SIT( 'angaluru Page 28
8/19/2019 network security report
29/32
Demonstration and Implementation of Information and Network Security Tool
used in combination. These methods work at different layers of a network# which determines
how specific the filtering options can be.
8irewalls can be used in a number of ways to add security to your home or business.
How do 8irewalls protect 3usinesses
• arge corporations often ha(e (ery comple" firewalls in place to protect their e"tensi(e
networks.
• ;n the outbound side# firewalls can be configured to pre(ent employees from sending
certain types of emails or transmitting sensiti(e data outside of the network.
• ;n the inbound side# firewalls can be programmed to pre(ent access to certain websites
&like social networking sites'.
• )dditionally# firewalls can pre(ent outside computers from accessing computers inside
the network.
• ) company might choose to designate a single computer on the network for file sharing
and all other computers could be restricted.
• There is no limit to the (ariety of configurations that are possible when using firewalls.
• @"tensi(e configurations typically need to be handle and maintained by highly trained 0T
specialists# howe(er.
The need of 8irewalls for Personal Cse
• 8or home use# firewalls work much more simply.
• The main goal of a personal firewall is to protect your personal computer and pri(ate
network from malicious mischief.
Department of CSE( SIT( 'angaluru Page 29
8/19/2019 network security report
30/32
Demonstration and Implementation of Information and Network Security Tool
• Malware# malicious software# is the primary threat to your home computer. Diruses are
often the first type of malware that comes to mind. ) (irus can be transmitted to your computer
through email or o(er the 0nternet and can quickly cause a lot of damage to your files. ;ther
malware includes Troan horse programs and spyware.
• These malicious programs are usually designed to acquire your personal information for
the purposes of identity theft of some kind.
• There are two ways a 8irewall can pre(ent this from happening.
• 0t can allow all traffic to pass through e"cept data that meets a predetermined set of
criteria# or it can prohibit all traffic unless it meets a predetermined set of criteria.
9omodo 8irewall
9omodo 8irewall uses the latter way to pre(ent malware from installing on your computer. This
free software firewall# from a leading global security solutions pro(ider and certification
authority# use the patent pending %9lean P9 Mode% to prohibit any applications from being
installed on your computer unless it meets one of two criteria.
Those criteria are
a' the user gi(es permission for the installation and
b' the application is on an e"tensi(e list of appro(ed applications pro(ided by 9omodo. With
this feature# you don,t ha(e to worry about unauthorized programs installing on your computer
without your knowledge.
8eatures of 9omodo 8irewall
• 9omodo 8irewall is rated as a top firewall recommended for both beginners and
ad(anced users. 0t has a number of unique features including
• Host 0ntrusion Pre(ention !ystem &H0P!'
Department of CSE( SIT( 'angaluru Page 30
8/19/2019 network security report
31/32
Demonstration and Implementation of Information and Network Security Tool
• =efault =eny Protection
• )uto !andbo" Technology
• Personalized alerts
• 9loud based 3eha(ior )nalysis
This software is highly customizable# so that you can adust it to suit your specific needs.
9omodo 0nternet !ecurity !uite combines the award-winning 9omodo firewall with a powerful
anti(irus to offer a multilayered approach in protecting millions of computers around the world
for free.
8igue - 9omodo firewall user interface
Department of CSE( SIT( 'angaluru Page 31
8/19/2019 network security report
32/32
Demonstration and Implementation of Information and Network Security Tool