Assignment Description
Assignment Overview
For this assignment you will evaluate a Network Security Software. Marks will be awarded based on the sophistication and the difficulties the demonstration explored.
Your task is to complete and make a 4-5 min video presentation on the following:
1. Download and install (on your computer or on MIT Virtual box) a Network SecuritySoftware assigned to you from Table 1.
2. Demonstrate (narration of your actions recorded by video) 4 tasks the software can perform.
3. Overview of your presentation.
4. Summarize your findings.
5. Present the results in a video presentation.
6. You should appear in the video at the first and last 30 secs to introduce yourself and draw a conclusion.
Length of Video:Introduction (30 secs, your appearance should be in the video) + Outline of the presentation (30 secs) + Demonstration of the task (210 seconds) + Summary (15 seconds) + Conclusion (15 secs, with appearance)
[You can choose a network security tool for your demonstration with your tutor's consent].
Table 1 Network Security Tools
|
Serial #
|
Name of the Software
|
Description
|
|
1
|
Nmap
|
map your network and ports with the number one port scanning tool. Nmap now features powerful NSE scripts that can detect vulnerabilities, misconfiguration and security related information around network services. After you have nmap installed be sure to look at the features of the included ncat - its netcat on steroids
|
|
2
|
Metasploit Framework
|
Test all aspects of your security with an offensive focus. Primarily a penetration testing tool, Metasploit has modules that not only include exploits but also scanning and auditing.
|
|
3
|
OpenSSH
|
Secure all your traffic between two points by tunnelling insecure protocols through an SSH tunnel. Includes scp providing easy access to copy files securely. Can be used as poor mans VPN for Open Wireless Access points (airports, coffee shops). Tunnel back through your home computer and the traffic is then secured in transit. Access internal network services through SSH tunnels using only one point of access. From Windows, you will probably want to have putty as a client and winscp for copying files. Under Linux just use the command line ssh and scp.
|
|
4
|
BackTrack
|
an Ubuntu based Linux distribution that is configured with hundreds of security testing tools and scripts. Backtrack is well known with penetration testers and hobbyists alike.
|
|
5
|
Nikto
|
A web server testing tool that has been kicking around for over 10 years. Nikto is great for firing at a web server to find known vulnerable scripts, configuration mistakes and related security problems. It won't find your XSS and SQL web application bugs, but it does find many things that other tools miss. To get started try the Nikto Tutorial or the online hosted version.
|
You may use any of the available open source software for screen capture. Please find the following as an example.
• Software:- https://camstudio.org/
• Tutorial:- https://www.youtube.com/watch?v=jVnBnvXJw00