Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
INTRODUCTION
Our final year project is mainly about hacking, the norm for those who have basic
computer know what a hacker or hacking. Our group would like to implement the
project shaped hacking, hacking way or ways determine whether or not exposed to
hacking.
The advantages of this hacking skill are it can be used to recover lost information
where the computer password has been lost. With that it teaches you that no
technology is 100% secure. But still, it can harm someones privacy. It makes sense
that hacking and security need to constantly update and it is a fast moving sector of
the computing industry.
Nowadays, usually data are used or implicate in the internet, and that can be the
reason why the data being stolen. This problem usually related with one or more
computer hacker. As we know, the hacker has knowledge in programming and
networking field. On this latest technology, many range of business can be done
online such as payment through internet banking. At that time, the hackers will take
the opportunity to get all desired data, including transfer money into their own
accounts. From this problem arise; we can conclude that our project can identify the
methods used by hackers to hack into a network. In addition, important data in a
large company such as tenders corporate information and a range of other
confidential information of the company that require data tight security. Our project
also involve on secure network that help to reduce the problem of stealing data done
by hackers. Personal websites can also be changed easily by hackers simply because
it is not secured. Therefore, with this project, we can detect and give the best solution
to reduce the problem.
1.2 Objective
There are three objectives involve in our project. It is:
1.3 Scope
1.3.1 System Scope
To setup secure network
In our project, from start we have to create one secure network. One of the technique
to secure is using packet filtering access control list where we use standard access
control list. Other basic security that we are going to use is windows host based
firewall with advanced security where from there we can control the traffic especially
inbound traffic.
The final attempt for our project is to test the two hacking technique that we have
create. We start the hacking with IP Spoofing technique. Using the hacking tools
provided, we can send a fake ip address to the victim so that the victim get trick with
it thinking that ip is from the trusted host. After that we do the Dos attack on the
server to slow down and stop the services. While we test the hacking, we must setup
the network with vulnerabilities which see what will happen with the network if it
get hack. After the first hacking test, we switch on the security that we provide for
our server and then start the second testing. From there, we can explain the flaws that
we have if we dont equipped with strong security. That is what we call an ethical
hacking project.
Area
The place that most suit for our project is the computer lab. The lab is equipped with
pc and other networking devices such as switch and router is suitable for our kind of
project.
Time
The dateline for our project is start from the January until October of 2014 which is
about 10 months. Those 10 months we use to create our project accordingly to the
objectives.
Payment
The total cost of our project is RM4700.00. The cost is more to the type of computer
that we use to develop our project. We use two type of desktop computer that cost
about RM1900.00 for both. The other we use Sony laptop which cost RM1600.00.
The balance left is for networking device in our project.
Ethical Hacker
The most common user is an ethical hacker. They protect networks and computers
from attacks from bad hackers who illegally penetrate computers to access private
and sensitive information. Though they possess technical skills like those of an bad
hacker, an ethical hacker uses these skills for protection. Using advanced software,
an ethical hacker attempts to penetrate his company's system in much the same way a
hacker does. The goal is to uncover any weak areas in the system. Once a weakness
is found, it is patched. As part of the security team, the ethical hacker also ensures
that the system is firewalled, security protocols are in place and sensitive files are
encrypted.
Network Administrator
Network administrator is also one of the common users. Their job is maintenance and
monitoring of active data network or converged infrastructure and related network
equipment. The actual role of the network administrator will vary from place to
place, but will commonly include activities and tasks such as network address
assignment, management and implementation of routing protocols such as OSPF,
ACL, routing table configurations and certain implementations of authentication. It
can also include maintenance of certain network servers such as file servers, VPN
gateways, and intrusion detection systems. They also test the network for weakness,
keeping an eye out for needed updates, installing and implementing security
programs.
There must be the reason why the project should be developed. It should have a lot of
interest in doing the project. The group member can learn and practise the real
project by their owned. In this project, student can be more hardworking person and
can learn how to cooperate with each group member more. All this can make a
student become better in the real working situation.
The group member can get the opportunity to know more about the device used and
can manage it by their own. This will make the student have more knowledge about
network hardware. It also can improve the confident of the student to manage all the
device without any fear.
When come to the project, there are many interests on doing our project. Our group
member can learn how to know when there is an untrusted person try to hack the
trusted person in real situation. Then we can learn how to solve the problem by their
own. This will be the biggest interest when develop this project. At least we can
become more serious in making this project successful.
Other than all that, we become more interested when can know some of the hacking
tools and the type of security used to make sure the problem can be solve according
to the wishes. This type of software is usually used when we learn in networking
class but we cannot have chance to try it because this is all just a theory in the
subject. But this time, we have the chance to learn more and run the software to
make sure the project are done on time.
Lastly, every project that student develop, have their own interest on it. Similar to us,
this project have many interest which make us more excited on doing it. When the
project is developing successfully, we can feel more open minded and more
confident in next time.
CONCLUSION
The conclusion is that we have explained all the important details about our project
in this chapter 1. The first is about the problem statement; basically we must list out
all the problems that make us decide to develop our project. So, based on the
problems occur and we have to ensure that we can manage the network in secure
ways.
On the objective, we have our target on this project. Based on that, automatically we
can show our skills. Then, at the same time, we can learn new skills throughout the
whole process of our project. Next, about the scope, the scope has been split into two
which are system scope and user scope. For system scope, we give the details on the
project that develop such as the operating system, hardware devices, software and
many more. While on user scope, we have to identify the type of user that normally
or going to use this project based on their daily life. Then, move on to the project
significant.
The topic will cover the reason why we have to create our project. On this section,
there is a lot of benefit that we can gain while doing our project. Last but not least,
hopefully all our planning will be run smoothly according to the target that we want
to achieve. There are many things that we will be learn in this project to make us
become more good and confident in the future. For us, it not only just to develop the
project in successful, but it is more than that. In this project we can be more close to
each other and know the strengths and weakness of our group member. Hopefully, all
this make us completing each other in the way to make this project done in the
correct way and specific time given.
CHAPTER 2
LITERATURE REVIEW
Being in accordance with the rules or standards for right conduct or practice,
especially the standards of a profession.
2.1.2 Hacking
In computer networking, hacking is any technical effort to manipulate the normal
behaviour of network connections and connected systems. A hacker is any person
engaged in hacking. The term "hacking" historically referred to constructive, clever
technical work that was not necessarily related to computer systems. Today, however,
hacking and hackers are most commonly associated with malicious programming
attacks on the Internet and other networks.
The work of ethical hacking is still considered hacking because it uses knowledge of
computer systems in an attempt to in some way penetrate them or crash them. This
work is ethical because it is performed to increase the safety of the computer
systems. Its reasoned that if a white hat can somehow break the security protocols of
a system. Thus, the goal of ethical hacking is to determine how to break in or create
mischief with the present programs running, but only at the request of the company
that owns the system and specifically to prevent others from attacking it.
With increasing use of the Internet and concerns about its security, especially when it
comes to things like consumer information or private medical details, there is
considerable need for computer experts to work in ethical hacking. Even sites owned
by organizations like the US government have been hacked in the past, and concern
about information theft remains incredibly high. Designing impenetrable systems or
identifying the current weaknesses of a system are vital parts of keeping the Internet
safe and information private, and even with the present legion of ethical hackers that
perform this work, there is still more work to do.
Those with interest in the field of ethical hacking often acquire a lot of their skills on
their own, and many have particular talent with and affinity for computers. Some
knowledge can also be acquired through formal education in computer programming.
This work requires creativity, and the ethical hacker must be able to think outside of
the box, coming up with as many possible ways as he or she can derive. The figure
below show a statistic about cyber incidents including DOS attack happen in
Malaysia.
Network A
Table 2.2 : Configuration Devices at Network A
Item
Software
Configuration
Web
Ip Address
: 192.168.1.3
Server(XAMPP
Subnet Mask
: 255.255.255.0
)
Snort
Wireshark
Nagios
Ip Address
: 192.168.1.4
Subnet Mask
: 255.255.255.0
No Software
Ip Address
: 192.168.1.2
Subnet Mask
: 255.255.255.0
Ip Address fa0/0
: 192.168.1.1
se0/0/0 : 192.168.2.1
No Software
: 192.168.1.1
Network B
Table 2.3: Configuration Devices at Network B
Item
Software
Backtrack 5
Configuration
Ip Address
: 172.16.100.3
Subnet Mask
: 255.255.255.0
No Software
Ip Address
: 172.16.100.2
Subnet Mask
: 255.255.255.0
Default Gateway
: 172.16.100.1
Ip Address fa0/0
: 172.16.100.1
se0/0/0 : 192.168.2.2
No Software
: 255.255.255.0
se0/0/0 : 255.255.255.252
Default Gateway
: 172.16.100.1
First is Dos attack, in computing, a denial-of-service (DoS) or distributed denial-ofservice (DDoS) attack is an attempt to make a machine or network resource
unavailable to its intended users.
Although the means to carry out, the motives for, and targets of a DoS attack vary, it
generally consists of efforts to temporarily or indefinitely interrupt or suspend
services of a host connected to the Internet.
This technique has now seen extensive use in certain games, used by server owners,
or
disgruntled
competitors
on
games,
such
as
server
owners'
popular Minecraft servers. Increasingly, DoS attacks have also been used as a form
of resistance. Richard Stallman has stated that DoS is a form of 'Internet Street
Protests. The term is generally used relating to computer networks, but is not limited
to this field for example it is also used in reference to CPU resource management.
One common method of attack involves saturating the target machine with external
communications requests so much so that it cannot respond to legitimate traffic, or
responds slowly as to be rendered essentially unavailable. Such attacks usually lead
to a server overload. In general terms, DoS attacks are implemented by either forcing
the targeted computer to reset, or consuming its resources so that it can no longer
provide its intended service or obstructing the communication media between the
intended users and the victim so that they can no longer communicate adequately.
Slowloris attacks are popular Denial of Service (DoS) network attacks, likely named
because of its use of a large number of small ICMP packets.
The goal of this network attack is to create a crushing amount of traffic. This attack
strategy came about as a function of ICMP (Internet Control Message Protocol) and
the network broadcast address.
If an attacker has a large network segment that he is aware of, he can send a ping or
an ICMP Echo Request to that broadcast address. Each host on that network should
take that because the broadcast address was used, though the Echo Request is
actually destined for itself.
The basic protocol for sending data over the Internet network and many other
computer networks is the Internet Protocol ("IP"). The header of each IP packet
contains, among other things, the numerical source and destination address of the
packet. The source address is normally the address that the packet was sent from. By
forging the header so it contains a different address, an attacker can make it appear
that the packet was sent by a different machine. The machine that receives spoofed
packets will send a response back to the forged source address, which means that this
technique is mainly used when the attacker does not care about the response or the
attacker has some way of guessing the response. In certain cases, it might be possible
for the attacker to see or redirect the response to his own machine. The most usual
case is when the attacker is spoofing an address on the same LAN or WAN.
1. XAMPP
2.2.3.1.1 XAMPP
To use XAMPP, only one zip, exe or tar file is needed. Users just need
to download this file and run the application. There is also not much configuration
and tinkering to be done in terms of settings and its components.
The XAMPP package is also updated on a regular basis to synchronize with the
updates made on the different platforms involved in the package like Apache, PHP,
Perl, and MySQL. This means users on different operating systems can download
this server package free of charge. Not to mention that there is no configuration
necessary to setup the system. After downloading and extracting the free application,
users can immediately use XAMPP.
2. Joomla
Step 1 : Getting XAMPP ready. The first thing you'll need to do is turn on the bits of
XAMPP that Joomla needs to run you shouldn't need to do anything other than
double click the icon on your desktop and click a couple of buttons the 'Start' buttons
next to Apache and MySql.
Step 5: Final configuration. All being well, you should now see this
screen:
3.
Nagios
4. Wireshark
Wireshark is
a free
and
network troubleshooting,
open-source packet
analysis,
analyser.
software
It
is
used
for
and communications
protocol development, and education. Originally named Ethereal, in May 2006 the
project was renamed Wireshark due to trademark issues.
Wireshark is very similar to tcpdump, but has a graphical front-end, plus some
integrated sorting and filtering options. Wireshark allows the user to put network
interface controllers that support promiscuous mode into that mode, in order to see
all traffic visible on that interface, not just traffic addressed to one of the interface's
configured addresses and broadcast/multicast traffic. However, when capturing with
a packet analyser in promiscuous mode on a port on a network switch, not all of the
traffic travelling through the switch will necessarily be sent to the port on which the
capture is being done, so capturing in promiscuous mode will not necessarily be
sufficient to see all traffic on the network. Port mirroring or various network
taps extend capture to any point on the network. Simple passive taps are extremely
resistant to tampering.
On Linux, BSD, and OS X, with libpcap 1.0.0 or later, Wireshark 1.4 and later can
also put wireless network interface controllers into monitor mode.
Data can be captured "from the wire" from a live network connection or read
from a file of already-captured packets.
b)
of network,
Captured network data can be browsed via a GUI, or via the terminal
(command line) version of the utility, TShark.
d)
Captured files can be programmatically edited or converted via commandline switches to the "editcap" program.
e)
f)
g)
h)
Wireshark's native network trace file format is the libpcap format supported
by libpcap and WinPcap, so it can exchange captured network traces with other
applications that use the same format, including tcpdump and CA NetMaster. It can
also read captures from other network analysers, such as snoop, Network General's
Sniffer, and Microsoft Network Monitor.
Step 2: Click the interfaces name, the packets start to appear in real time. Wireshark
captures each packet sent to or from network
ITEM (Hardware)
DESCRIPTION
COST
RM999.00
Router
RM 4827.29
Broadband
RM100.00
broadband.
rated power
20 + 4 pins, 2 x SATA cables
built-in
Side panel with air duct built-
in
High Quality 0.6 mm SGCC
steel
1 x 90 mm front fan built-in
4 x 5.25" + 1 x 3.5" drive bay
Screwless H.D.D bay
1 year I-to-I exchange for
power supply
Blue color power LED
1 x 90 mm rear fan built-in
2000
RM 1300
BUSINESS PC
optionally
One port available as an option
Color coded support for
RM 1400
(green)
VGA and
integrated
dual
provide
independent
monitor support
RJ-45 port accesses
integrated
DVI-D
Intel
the
network
interface controller
(2) PCI
PCIe x1; 10 W max power
PCIe x16; 25 W max power
Card Reader
5.25-inch external
1 bay 8.19-inch depth for
optional optical disc drive
Controller
SATA Interfaces
Platform
RM1400
1.8 MHz
Memory Bus
533MHz
Main Memory
512MB
DDR2
SDRAM*2
(upgradeable up to 2GB)
Hard Disk
80GB
Video Memory
256MB
Display
Camera
ITEM (Software)
DESCRIPTION
COST
Backtrack R5
Backtrack
is
Ubuntu
based
Open
source
Information
gathering,
Wireshark
Open
Nagios
network
infrastructure
software
application.
monitoring
monitoring
It
have
Source
CentOS
Open
Source
reproduceable
platform
derived
model,
increased
Open
(x86)
or 64-bit
(x64) processor
source
Give the user a hotspot log-in page(but instead of asking for a password, ask
the users a simple question)
Ask the users if they want to update their computer and if they agree.
Then the hotspot page could run the Drive-by technique and start healing the
computer.
The system could then let the user to browse freely while their computer was updated
and they could walk away at the end of their session with a much healthier computer.
Comparison
The main reason of our project is to test our network vulnerabilities with some
hacking techniques that we use. Compare to his, he use his hacking technique not for
testing but for a much easier updates. We use DOS attack and IP Spoofing for our
hacking techniques. In Andy project, the technique is known as a Drive-by
Download attack. The attack explain about when users browsing normally but then
getting virus which is the updates and anti-virus tools by a website instead of sending
them other content. The updates are well hidden and the Drive-by Download happens
without even a pop-up or any kind of notification. With this, it could let the user to
browse freely while their computer was updated.
Also, he doesnt involve much hardware for his project. Instead, he uses a
programming language and other software for him to create his own attack. We use a
lot hardware to develop our own project because its involve us to create our own
network. However, when it comes to hacking, we only use the hacking technique that
usually use in most situation. In the other project, he uses the Drive-by Download
attack, a technique that not most ethical hacker uses. His project also dont use local
network to apply his hacking technique. He needs an internet which is a Wi-Fi Hot
Spot to apply his updates that was made for the users. For our network, we use local
network and then apply our hacking to it.
Panoptis is a project created by Costas Kotsokalis started some time ago, with the
aim to stop the Denial of Service and Distributed Denial of Service attacks that have
been torturing the Internet. It is based on real-time processing of Cisco (R) NetFlow
(TM) data, since this seems to be the most efficient approach as it is router-centric,
allowing for automated central response without intervention from the affected
organizations' network administrators.
Panoptis is now in a beta stage, and released under the GNU Public License. At the
moment, Panoptis detects the attacks and uses the mail.py script to notify the
administrators through email that an attack has started (or ended). It also connects to
potential peers to notify them. Users can download the source code (0.1.4 release)
and compile/run it.
Comparison
The project given above is more on creating security software to prevent DOS or
DDOS Attack. In our project, we use ACL and Snort for detection and prevention of
DOS Attack. Also, our project does not just involve in securing the network, but also
creating the hacking process. The Panoptis project focusing on making a security tool
for users out there to defend their network from DOS attack. Panoptis detects the
attacks and uses the mail.py script to notify the administrators through email that an
attack has started (or ended). Just like the other previous project, Costas project does
not use much hardware for his project. He uses a programming language to create the
Panoptis.
scanner and passive scanner and forced browsing. It has dynamic SSL certificates,
Smartcard and Client Digital Certificates support, web sockets support, support for a
wide range of scripting languages, Plug-n-Hack support and many more.
ZAP is developed by a worldwide team of volunteers but also been helped by many
organizations, either financially or by encouraging their employees to work on ZAP
such as OWASP, Mozilla, Google, Microsoft and Hacktics, Ernst & Young. The
project was license by Apache 2.0. They use operating systems such as Linux, Java
Runtime Environment 6, Windows and Mac OS and implement it by
Java 1.6+.
The ZAP project also has translated into many languages. The project is available for
download for users out there to use.
Comparison
The ZAP project focusing on creating software that test what kind of vulnerabilities
of the web applications happen to have while in our project, we have to figured out
the vulnerabilities ourselves in the network we created. With DOS Attack and IP
Spoofing, we must develop our security strategy to overcome those hacking
techniques and our vulnerabilities in the network. The Zap Project also has been
developed by many professional programmers for them to create it using Java. Our
project doesnt involve coding in it, instead we just use the penetration tools given in
Backtrack operating system to test the system vulnerabilities.
Conclusion
We have discussed all the important components in our literature review and first are
about the definition of term where we explain the term for ethical hacking in details.
Then, we explain about all the main component of our project such as the network,
monitoring using nagios, the hacking tools, the web server, the security and the
configuration. We must elaborate all of it so we could get the guide on what kind of
project that we done. Next, we explain about the equipment that we use in our
project. We listed all the details about the software and hardware to get a better
explanation in our equipment. Lastly, we describe about the compare and contrast of
our project to other kind of project that almost similar to us. We have three projects
that are almost related to our project and make some comparison to it. The first is
about hacking for updating, the second is about software for detecting DOS/DDOS
Attack and the third one is focusing on making a penetration testing tool. With
making a comparison to other project, we can find the significant and vulnerabilities
of our project and inspires us to develop our project into much better.
CHAPTER 4
Analysis and design deal with planning the development of information systems
through understanding and specifying in detail what a system should do and how the
components of the system should be implemented and work together. System
analysts solve business problems through analysing the requirements of information
systems and designing such systems by applying analysis and design techniques.
We will explain many details about the hacking weve done in this chapter and the
hacking is about DOS attack and IP Spoofing. Then, we will explain about the
prevention of those hacking. The flowchart given in this chapter will give a much
bigger view on how our project really works. We also explain more details on the
topology that we created.
4.1 Users
Based on the project, there are three types of users which are ethical hacker, network
administrator and network security engineer. All of them can implement the common
hacking technique to test to their own network for better future security.
4.2
Network
Setting up about two network where hacking process happening at network B while
the main web server placed in the network B. In the network A we have configure
static ip address while in the network B as DHCP.
4.3
Dos Attack
Using any Backtrack Version for doing DOS attack like Backtrack 5 can easily do
DDOS with a perl script. This script make this attack every easy and userfriendly.
You can easily use this script and its 100% work on Backtrack R1 R2 R3. Script
name is slowloris.pl. .pl extension is perl extension. Perl is a scripting language
On the project that we do, we would dos attacking on the website we created and see
how the flow of the attack works.
4.4
Ip Spoofing
Every IP datagram sent in the Internet contains a source and destination IP address in
its header. The source is the original sender of the datagram and the destination is the
intended recipient. Setting the IP source address of datagrams to be a fake address is
called address spoofing. In Linux it is very easy to do using sytem that is built in the
backtrack os. One of it is iptables. Address spoofing can be performed with a single
command using iptables. We also use scapy to develop the ip spoofing. Scapy is a
Python interpreter that enables you to create, forge, or decode packets on the
network, to capture packets and analyse them, to dissect the packets. It also allows
you to inject packets into the network. It supports a wide number of network
protocols and it can handle and manipulate wireless communication packets. Scapy
can be used to perform the jobs done by many network tools, such as nmap, hping,
arpscan, and tshark (the command line of wireshark).
4.5
After the attacking, we would show some prevention that can defend that kind of
attack. We can block the attack with packet filters on the router which is ACL. This is
by far the best method, and if you can do this, you are pretty much done, except that
its still a good idea to contact the other ISPs who are victims of this attack. Most
ISPs have a bunch of routers.
4.6
START
open terminal in
the backtrack os
Using
slowloris, do
the dos
attacking
NO
YES
END
4.7
Ip Spoofing Flowchart
START
Open browser
and go to
kasspmj2014.co
m
Is your ip being denied?
NO
YES
Open terminal in
backtrack os
Use iptables,
scapy and others
tools to do IP
Spoofing
Is the ip spoofing working
NO
YES
END
Block that ip
using ACL and
Firewall
4.8
Prevention Flowchart
START
go to wireshark
Block it by using
packet filtering ACL
and Firewall with
Advanced Security
END
Conclusion
As a conclusion, the project shown through the flowcharts given is an effective way
for really understanding the flow of the project. An important benefit of flowcharts is
that they provide documentation of a process. This is useful when problems arise
because flow charts let you trace the process from one step to the next. This lets you
easily identify when the problem took place. The flowchart also provides guidance
for network administrator overseeing operations and helps ensure compliance with
policy and regulations. For example, network administrator can reference a flowchart
of procedures to verify that the activities are being conducted according to generally
accepted accounting principles.
Chapter 6
Introduction
This chapter concludes the summary of the research is presented and findings of the
study are discussed and interpreted of the significance for this research in the
immediate context for ethical hacking. At this point of view, we summarize and
conclude all information related to the system which is done from the start to the end
of module. This chapter will give some suggestion as appropriate and will conclude
or summarize the whole of this report. First, it will list several suggestions that can
be applied for improvement in the future. Second, this chapter will give a general
conclusion about the results of the project that have been carried out. Conclusion
made by evaluating from the several aspects of the results collected from the project
of Wi-Fi Hotspot Bridge from the beginning until the end.
6.1 Suggestion
There some suggestions which can be consider furthering improving the network
development of Ethical hacking. One of the suggestions is to make the network
become more secure by using open security in order to prevent the network or the
entire network. Other than that, the technique that used is not a professional ways to
prove the attacks performed. There is a lot of ways in order to develop the best
attacking in the ways to hacked the website or network. As we know there a lots of
attacking occur with different types of ways today. Next, the device that be used
should be upgrade such as personal computer used should have wireless adapter in
order to facilitate installation of software. This project needs to be improved in the
ways of proper wiring closet. This is because it can easily manage the cable and also
the power supply.
6.2 Conclusion
As a conclusion, there are several different ways to define hacking, but the best and
most used definition describes hacking as a computer system being entered through
unauthorized access. Ethical hackers are network and computer experts who attack a
security system to help the computer system's owners. They do this to look for any
vulnerability that could be exploited by a malicious hacker. They will use the same
methods as a malicious hacker to test a security system, but instead of taking
advantage of these vulnerabilities, they will report them.
In order to develop this project, we are exposed to the situation where we can
implement all the knowledge that we gain in our studies. We also learn new
knowledge so that we can become more practises in the future.