Information Security - Full Record.pdf -

Please enable JavaScript to view the full PDF

Exercise No: 01 IT18612 – INFORMATION SECURITY LABORATORY Date: CAESAR CIPHER AIM:  To implement encryption using Caesar Cipher.  To implement decryption using Caesar Cipher.  To apply brute-force attack and to find the key for the given encrypted text. ALGORITHM: 1. Get the string and key value as the input. 2. Iterate this through the input text and apply the below formula for each alphabet in the text to obtain the ciphertext. En = (x + k) mod 26, where k represents key. 3. To decrypt, subtract the key from the given Cipher text to get the original text. Dn = (x – k) mod 26, where k represents key. 4. To calculate cipher key, find the difference in the ASCII codes of the first character of the encrypted message and the original message. If the difference is negative, add 26 to it. Register No: 180801069 Page No: Exercise No: 01 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def encryptVignereCipher(msg, key): encryptText = "" msgLen = len(msg) for i in range(msgLen): ch = msg[i] keyVal = int(key[i]) % 26 if ch.isupper(): ch = chr(ord(ch) + keyVal) if ch > "Z": ch = chr(ord(ch) - ord("Z") + ord("A") - 1) elif ch.islower(): ch = chr(ord(ch) + keyVal) if ch > "z": ch = chr(ord(ch) - ord("z") + ord("a") - 1) encryptText += ch return encryptText def decryptVignereCipher(msg, key): decryptText = "" msgLen = len(msg) for i in range(msgLen): ch = msg[i] keyVal = int(key[i]) % 26 if ch.isupper(): ch = chr(ord(ch) - keyVal) if ch < "A": ch = chr(ord(ch) + ord("Z") - ord("A") + 1) elif ch.islower(): ch = chr(ord(ch) - keyVal) if ch < "a": ch = chr(ord(ch) + ord("z") - ord("a") + 1) decryptText += ch return decryptText Register No: 180801069 Page No: Exercise No: 01 IT18612 – INFORMATION SECURITY LABORATORY Date: def cipherKey(s1, s2): cipherKey = "" strLen = len(s1) for i in range(strLen): keyVal = ord(s2[i]) - ord(s1[i]) if keyVal < 0: keyVal = 26 + keyVal cipherKey += str(keyVal) return cipherKey str1 = input("\nEnter Message To Encrypt : ") key1 = input("Enter A Key : ") print("The encrypted text is : ", encryptVignereCipher(str1, key1)) str2 = input("\nEnter Message To Decrypt : ") key2 = input("Enter A Key : ") print("The decrypted text is : ", decryptVignereCipher(str2, key2)) originalText = input("\nEnter Original Text : ") encryptText = input("Enter Encrypted Text : ") print("The cipher key is : ", cipherKey(originalText, encryptText)) SAMPLE INPUT: Enter Message To Encrypt : nileshD Enter A Key : 3 Enter Message To Decrypt : qlohvkG Enter A Key : 3 Enter Original Text : nileshD Enter Encrypted Text : qlohvkG SAMPLE OUTPUT: The encrypted text is : qlohvkG The decrypted text is : nileshD The cipher key is : 3 RESULT: The program to implement the Caesar Cipher encryption algorithm, decryption algorithm and brute-force attack was successfully executed. Register No: 180801069 Page No: Exercise No: 02 IT18612 – INFORMATION SECURITY LABORATORY Date: PLAYFAIR CIPHER – MATRIX GENERATION AIM: To write a program to generate a key matrix for the Playfair Cipher. ALGORITHM: 1. Convert all characters in the key to uppercase. 2. Replace all occurrences of ‘J’ with ‘I’. 3. Iterate over the cipher key and insert all non-duplicate characters of the string into the matrix. 4. Iterate over the alphabets from ‘A’ to ‘Z’ and insert them into the matrix if they are not already present in the matrix. 5. When you encounter the alphabet ‘J’, insert ‘I’ into the matrix instead. 6. Return the keyMatrix. 7. Stop Register No: 180801069 Page No: Exercise No: 02 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def matrixGeneration(key: str): key = key.upper().replace(" ", "") res = [] for ch in key: if ch not in res: if ch == "J": res.append("I") else: res.append(ch) flag = 0 for i in range(ord("A"), ord("Z") + 1): if chr(i) not in res: if chr(i) == "J" and "I" not in res: res.append("I") flag = 1 elif flag == 0 and chr(i) == "I" or chr(i) == "J": pass else: res.append(chr(i)) k = 0 rows, cols = (5, 5) keyMatrix = [[0 for j in range(cols)] for i in range(rows)] for i in range(rows): for j in range(cols): keyMatrix[i][j] = res[k] k += 1 return keyMatrix key = input("\nEnter Cipher Key : ") keyMatrix = matrixGeneration(key) for i in range(5): print() for j in range(5): print(keyMatrix[i][j], end=" ") SAMPLE INPUT: Enter Cipher Key : PROGRAMMING SAMPLE OUTPUT: P R O G A M I N B C D E F H K L Q S T U V W X Y Z RESULT: The programs to generate the matrix for Playfair cipher for the given key, encryption algorithm and decryption algorithm were successfully implemented. Register No: 180801069 Page No: Exercise No: 03 IT18612 – INFORMATION SECURITY LABORATORY Date: PLAYFAIR CIPHER – ENCRYPTION AND DECRYPTION AIM:  To encrypt the given plain text with the given key using Playfair cipher.  To decrypt the given encrypted text with the given key using Playfair cipher. ALGORITHM: 1. Read the plain text. 2. The plaintext is split into pairs of two letters (digraphs). A pair cannot be made with same letter. Break the letter in single and add a ‘X’ to the previous letter. 3. If there is an odd number of letters, a ‘X’ is added to the last letter. 4. These digraphs will be substituted using the key matrix. 5. The substitution process uses the following encryption rules: - a. If both the letters are in the same column, take the letter below each one (going back to the top if at the bottom). b. If both letters are in the same row, take the letter to the right of each one (going back to the left if at the farthest right). c. If neither of the preceding two rules are true, form a rectangle with the two letters and take the letters on the horizontal opposite corner of the rectangle. 6. Display the encrypted message generated using the key matrix. 7. Reverse of encryption is decryption. Register No: 180801069 Page No: Exercise No: 03 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def findInMatrix(ch, keyMatrix): # Replace the 'J' with 'I' if ch == "J": ch = "I" for i, j in enumerate(keyMatrix): for k, l in enumerate(j): if ch == l: return i, k def encrypt(msg: str, keyMatrix) -> str: msg = msg.upper() msg = msg.replace(" ", "") msgLen = len(msg) encryptStr = "" for s in range(msgLen): if s < msgLen - 1: if msg[s] == msg[s + 1]: msg = msg[: s + 1] + "X" + msg[s + 1 :] if msgLen % 2 != 0: msg = msg[:] + "X" for i in range(0, msgLen, 2): (w, x) = findInMatrix(msg[i], keyMatrix) (y, z) = findInMatrix(msg[i + 1], keyMatrix) if w == y: x = (x + 1) % 5 z = (z + 1) % 5 encryptStr += keyMatrix[w][x] encryptStr += keyMatrix[y][z] elif x == z: w = (w + 1) % 5 y = (y + 1) % 5 encryptStr += keyMatrix[w][x] encryptStr += keyMatrix[y][z] else: encryptStr += keyMatrix[w][z] encryptStr += keyMatrix[y][x] i += 2 return encryptStr def decrypt(msg: str, keyMatrix) -> str: msg = msg.upper() msg = msg.replace(" ", "") msgLen = len(msg) decryptStr = "" for i in range(0, msgLen, 2): (w, x) = findInMatrix(msg[i], keyMatrix) (y, z) = findInMatrix(msg[i + 1], keyMatrix) Register No: 180801069 Page No: Exercise No: 03 IT18612 – INFORMATION SECURITY LABORATORY Date: if w == y: x = ((x - 1) % 5 + 5) % 5 z = ((z - 1) % 5 + 5) % 5 decryptStr += keyMatrix[w][x] decryptStr += keyMatrix[y][z] elif x == z: w = ((w - 1) % 5 + 5) % 5 y = ((y - 1) % 5 + 5) % 5 decryptStr += keyMatrix[w][x] decryptStr += keyMatrix[y][z] else: decryptStr += keyMatrix[w][z] decryptStr += keyMatrix[y][x] i += 2 return decryptStr while True: print("\n1. Playfair Cipher Encryption") print("2. Playfair Cipher Decryption") print("3. Exit") choice = int(input("Enter your choice : ")) if choice == 1: str1 = input("\nEnter Message To Encrypt : ") print("Enter Cipher Key : ") keyMatrix = [] for i in range(5): row = input().split(' ') keyMatrix.append(row) print("The encrypted text is : ", encrypt(str1, keyMatrix)) elif choice == 2: str2 = input("\nEnter Message To Decrypt : ") print("Enter Cipher Key : ") keyMatrix = [] for i in range(5): row = input().split(' ') keyMatrix.append(row) print( "The decrypted text is : ", decrypt(str2, keyMatrix), "(Ignore Unnecessary X)", ) else: break Register No: 180801069 Page No: Exercise No: 03 IT18612 – INFORMATION SECURITY LABORATORY Date: SAMPLE INPUT: 1. Playfair Cipher Encryption 2. Playfair Cipher Decryption 3. Exit Enter your choice : 1 Enter Message To Encrypt : CORONAVIRUS Enter Cipher Key : S V C E A B D F G H I K L M N O P Q R T U W X Y Z Enter your choice : 2 Enter Message To Decrypt : SQTPTHSKOYCU Enter Cipher Key : S V C E A B D F G H I K L M N O P Q R T U W X Y Z Enter your choice : 3 SAMPLE OUTPUT: The encrypted text is : SQTPTHSKOYCU The decrypted text is : CORONAVIRUSX (Ignore Unnecessary X) RESULT: The Python program to implement encryption and decryption using Playfair cipher was successfully executed. Register No: 180801069 Page No: Exercise No: 04 IT18612 – INFORMATION SECURITY LABORATORY Date: RAIL FENCE CIPHER AIM:  To implement encryption using Rail Fence Cipher.  To implement decryption using Rail Fence Cipher.  To apply brute-force attack and to find the key for the given encrypted text. ALGORITHM: encryptRailFence(str, key) 1. Populate a matrix with the number of rows as the cipher key and the number of columns as the length of the text with the ‘\n’ character. 2. Iterate over each character of the string. 3. If we have just filled the top or bottom rail, change the direction 4. Populate rail[row][col] with ch. 5. Increment row and col according to the direction. decryptRailFence(str, key) 1. Populate a matrix with the number of rows as the cipher key and the number of columns as the length of the text with the ‘\n’ character. 2. Iterate from 0 till the length of the string. 3. Change the direction appropriately when you hit the top or bottom of the rail 4. Mark the place where we have to place the text with ‘*’ 5. Increment row and col according to the direction. 6. Iterate over the matrix populated with ‘*’ and fill it with the characters of the encrypted cipher. 7. Iterate over the matrix in a zigzag manner to obtain the encrypted text. cipherKey(str1, str2) 1. Brute-force the encrypted string by trying to decrypt it with a key in range of 2 to N, where N is the length of the decrypted string. 2. If the decrypted string matches the original string, that integer is the correct key. Register No: 180801069 Page No: Exercise No: 04 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def encryptRailFence(msg, key) -> str: rail = [["\n" for j in range(len(msg))] for i in range(key)] dir_down = False row, col = 0, 0 for ch in msg: if row == 0 or row == key - 1: dir_down = not dir_down rail[row][col] = ch col += 1 if dir_down: row += 1 else: row -= 1 encryptText = "" for i in range(key): for j in range(len(msg)): if rail[i][j] != "\n": encryptText += rail[i][j] return encryptText def decryptRailFence(msg, key) -> str: rail = [["\n" for j in range(len(msg))] for i in range(key)] dir_down = None row, col = 0, 0 for ch in msg: if row == 0: dir_down = True if row == key - 1: dir_down = False rail[row][col] = "*" col += 1 if dir_down: row += 1 else: row -= 1 Register No: 180801069 Page No: Exercise No: 04 IT18612 – INFORMATION SECURITY LABORATORY Date: index = 0 for i in range(key): for j in range(len(msg)): if rail[i][j] == "*" and index < len(msg): rail[i][j] = msg[index] index += 1 decryptText = "" row, col = 0, 0 for i in range(len(msg)): if row == 0: dir_down = True if row == key - 1: dir_down = False if rail[row][col] != "*": decryptText += rail[row][col] col += 1 if dir_down: row += 1 else: row -= 1 return decryptText def cipherKey(s1, s2): strLen = len(s2) for i in range(2, strLen + 1): if decryptRailFence(s2, i) == s1: return i return None str1 = input("\nEnter Message To Encrypt : ") key1 = int(input("Enter A Key : ")) print("The encrypted text is : ", encryptRailFence(str1, key1)) str2 = input("\nEnter Message To Decrypt : ") key2 = int(input("Enter A Key : ")) print("The decrypted text is : ", decryptRailFence(str2, key2)) originalText = input("\nEnter Original Text : ") encryptText = input("Enter Encrypted Text : ") print("The cipher key is : ", cipherKey(originalText, encryptText)) Register No: 180801069 Page No: Exercise No: 04 IT18612 – INFORMATION SECURITY LABORATORY Date: SAMPLE INPUT: Enter Message To Encrypt : CORONAVIRUS Enter A Key : 3 Enter Message To Decrypt : CNROOAIURVS Enter A Key : 3 Enter Original Text : CORONAVIRUS Enter Encrypted Text : CNROOAIURVS SAMPLE OUTPUT: The encrypted text is : CNROOAIURVS The decrypted text is : CORONAVIRUS The cipher key is : 3 RESULT: The program to implement the Rail Fence Cipher encryption algorithm, decryption algorithm and brute-force attack was successfully executed. Register No: 180801069 Page No: Exercise No: 05 IT18612 – INFORMATION SECURITY LABORATORY Date: VIGENÈRE CIPHER AIM:  To implement encryption using Vigenère Cipher.  To implement decryption using Vigenère Cipher.  To apply brute-force attack and to find the key for the given encrypted text. ALGORITHM: 1. Get the string and key value as the input. Make sure the length of the string and key are same. 2. Iterate this through the input text and apply and apply the below formula for each alphabet in the text to obtain the ciphertext. En = (s[i] + k[i]) mod 26, where k[i] represents the key at the ith position. 3. To decrypt, subtract the key from the given Cipher text to get the original text. Dn = (s[i] – k[i]) mod 26, where k[i] represents the key at the ith position. 4. To calculate cipher key, find the difference in the ASCII codes of each character of the encrypted message and the original message. If the difference is negative for a pair of characters, add 26 to it. Register No: 180801069 Page No: Exercise No: 05 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def encryptVignereCipher(msg, key): encryptText = "" msgLen = len(msg) for i in range(msgLen): ch = msg[i] keyVal = int(key[i]) % 26 if ch.isupper(): ch = chr(ord(ch) + keyVal) if ch > "Z": ch = chr(ord(ch) - ord("Z") + ord("A") - 1) elif ch.islower(): ch = chr(ord(ch) + keyVal) if ch > "z": ch = chr(ord(ch) - ord("z") + ord("a") - 1) encryptText += ch return encryptText def decryptVignereCipher(msg, key): decryptText = "" msgLen = len(msg) for i in range(msgLen): ch = msg[i] keyVal = int(key[i]) % 26 if ch.isupper(): ch = chr(ord(ch) - keyVal) if ch < "A": ch = chr(ord(ch) + ord("Z") - ord("A") + 1) elif ch.islower(): ch = chr(ord(ch) - keyVal) if ch < "a": ch = chr(ord(ch) + ord("z") - ord("a") + 1) decryptText += ch return decryptText Register No: 180801069 Page No: Exercise No: 05 IT18612 – INFORMATION SECURITY LABORATORY Date: def cipherKey(s1, s2): cipherKey = "" strLen = len(s1) for i in range(strLen): keyVal = ord(s2[i]) - ord(s1[i]) if keyVal < 0: keyVal = 26 + keyVal cipherKey += str(keyVal) return cipherKey str1 = input("\nEnter Message To Encrypt : ") key1 = input("Enter A Key : ") print("The encrypted text is : ", encryptVignereCipher(str1, key1)) str2 = input("\nEnter Message To Decrypt : ") key2 = input("Enter A Key : ") print("The decrypted text is : ", decryptVignereCipher(str2, key2)) originalText = input("\nEnter Original Text : ") encryptText = input("Enter Encrypted Text : ") print("The cipher key is : ", cipherKey(originalText, encryptText)) SAMPLE INPUT: Enter Message To Encrypt : nileshD Enter A Key : 2132789 Enter Message To Decrypt : pjogzpM Enter A Key : 2132789 Enter Original Text : nileshD Enter Encrypted Text : pjogzpM SAMPLE OUTPUT: The encrypted text is : pjogzpM The decrypted text is : nileshD The cipher key is : 2132789 RESULT: The program to implement the Vigenère Cipher encryption algorithm, decryption algorithm and brute-force attack was successfully executed. Register No: 180801069 Page No: Exercise No: 06 IT18612 – INFORMATION SECURITY LABORATORY Date: PASSWORD VALIDATION AIM: To write a program to check for the validity of a password. A password is valid if: -  Password must have at least 6 characters and at most 8 characters.  The password has at least one uppercase character.  The password has at least one numeric character.  The password has at least one special character.  The password must not have duplicate characters. ALGORITHM: 1. Accept input for the password 2. Check if the length of the password in the range of 6<=len<=8. 3. Iterate over the password string and count the number of uppercase characters, special characters and numeric characters. 4. Calculate the frequency of each character in the string and check if any duplicates are present in the string. 5. Display appropriate error messages if any of the parameters is not satisfied 6. Return true if the password passes all the parameters 7. Stop Register No: 180801069 Page No: Exercise No: 06 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: def passwordValidation(password: str): specialChars = ["!", "@", "#", "$", "%", "^", "&", "*"] flag = True if len(password) < 6 or len(password) > 8: print( "The length of the password must be atleast 6 characters and atmost 8 characters" ) flag = False if not any(char.isupper() for char in password): print("The password must have atleast one uppercase letter") flag = False if not any(char.isnumeric() for char in password): print("The password must have atleast one numeric character") flag = False if not any(char in specialChars for char in password): print("The password must have atleast one special character") flag = False if len(set(password)) < len(password): print("The password must not have duplicate characters") flag = False return flag password = input("\nEnter A Password : ") if passwordValidation(password): print("Valid Password!") else: print("Invalid Password!") Register No: 180801069 Page No: Exercise No: 06 IT18612 – INFORMATION SECURITY LABORATORY Date: SAMPLE INPUT: Enter A Password : test@123 Enter A Password : Testing123 Enter A Password : testtest Enter A Password : Test@123 SAMPLE OUTPUT: The password must have atleast one uppercase letter The password must not have duplicate characters Invalid Password! The length of the password must be atleast 6 characters and atmost 8 characters. The password must have atleast one special character. Invalid Password! The password must have atleast one uppercase letter The password must have atleast one numeric character The password must have atleast one special character The password must not have duplicate characters Invalid Password! Valid Password! RESULT: The program to check the validity of an entered password based on certain pre-defined parameters was successfully implemented. Register No: 180801069 Page No: Exercise No: 07 IT18612 – INFORMATION SECURITY LABORATORY Date: PASSWORD MANAGEMENT AND AUTHENTICATION AIM: To write a program to implement Password Management and authentication.  A file should contain at least 10 user id and encrypted password (SHA 256)  Provision must be given to add or update user-id and password.  Give a message if user id and password is correct else give error message. ALGORITHM: addUser(userId, password) 1. Import the hashlib library. 2. Hash the password entered by the user using SHA256 algorithm. 3. Append to the text file. updateUser(userId, oldPassword, newPassword) 1. Hash oldPassword using SHA256 algorithm 2. Check if the hash of the old password matches the hash of the user’s existing password. 3. Hash the new password using SHA256 algorithm 4. Replace the old password with the new password. 5. Write to the text file. isValid(userId, password) 1. Get the hashed password of the entered userId from the text file. 2. Hash the password entered by the user using SHA256 algorithm. 3. Check if the hashed password matches the hashed password present in the file. Register No: 180801069 Page No: Exercise No: 07 IT18612 – INFORMATION SECURITY LABORATORY Date: SOURCE CODE: import hashlib def addUser(userId, password): passwordHash = hashlib.sha256(password.encode()) user = f"{userId} {passwordHash.hexdigest()}" f = open("users.txt", "a") try: f.write(user) finally: f.close() print("New User ID Added!") def updateUser(userId, oldPassword, newPassword): with open("users.txt", "r") as f: filedata = f.read() users = {} with open("users.txt", "r") as f: for line in f: (key, val) = line.split() users[key] = val passwordHash = hashlib.sha256(oldPassword.encode()) passwordHash = passwordHash.hexdigest() crctHash = users.get(userId, None) if crctHash is None: return -1 if passwordHash != crctHash: return 0 else: newHash = hashlib.sha256(newPassword.encode()) searchText = f"{userId} {passwordHash}" replaceText = f"{userId} {newHash.hexdigest()}" filedata = filedata.replace(searchText, replaceText) with open("users.txt", "w") as f: f.write(filedata) return 1 def isValid(userId, password): users = {} with open("users.txt", "r") as f: for line in f: (key, val) = line.split() users[key] = val passwordHash = hashlib.sha256(password.encode()) Register No: 180801069 Page No: Exercise No: 07 IT18612 – INFORMATION SECURITY LABORATORY Date: passwordHash = passwordHash.hexdigest() crctHash = users.get(userId, None) if crctHash is None: return -1 if passwordHash == crctHash: return 1 else: return 0 while True: print("\n1. Add New User ID and Password") print("2. Update Password for Existing User") print("3. Check Validity of A User ID and Password") print("4. Exit") choice = int(input("Enter your choice : ")) if choice == 1: userId = input("\nEnter User ID : ") password = input("Enter password : ") addUser(userId, password) elif choice == 2: userId = input("\nEnter User ID : ") oldPassword = input("Enter existing password : ") newPassword = input("Enter new password : ") x = updateUser(userId, oldPassword, newPassword) if x == -1: print("No such User ID exists") elif x == 0: print("Incorrect password entered") elif x == 1: print("Password updated!") elif choice == 3: userId = input("\nEnter User ID : ") password = input("Enter password : ") x = isValid(userId, password) if x == -1: print("No such User ID exists") elif x == 0: print("Incorrect password entered") elif x == 1: print("Valid User!") elif choice == 4: break Register No: 180801069 Page No: Exercise No: 07 IT18612 – INFORMATION SECURITY LABORATORY Date: SAMPLE INPUT: 1. Add New User ID and Password 2. Update Password for Existing User 3. Check Validity of A User ID and Password 4. Exit Enter your choice : 1 Enter User ID : navish_69 Enter password : Navish2000 Enter your choice : 2 Enter User ID : navish_69 Enter existing password : Navish2000 Enter new password : Navish2001 Enter your choice : 3 Enter User ID : navish_69 Enter password : Navish2001 Enter your choice : 4 SAMPLE OUTPUT: New User ID Added! Password updated! Valid User! RESULT: The program to implement password management, password encryption and authentication using SHA256 was completed successfully. Register No: 180801069 Page No: Exercise No: 08 IT18612 – INFORMATION SECURITY LABORATORY Date: BASIC NETWORKING COMMANDS FOR ERROR HANDLING AND LOGGING AIM: To implement basic networking commands for error handling and logging purposes. COMMANDS: 1. Display all network interfaces on the system COMMAND: ip link show 2. Display addresses, bind new address or delete old ones COMMANDS: ip address show dev enp0s8 ip addr add 1.1.1.1/24 dev eth2 ip addr del 1.1.1.1/24 dev eth2 3. Shows the ports, their state (open/closed), and protocols. COMMAND: nmap 10.0.0.50 4. Print or display the routing table COMMAND: ip route show 5. Check if a host is alive COMMAND: ping -c 3 google.com 6. Analyze and measure network performance between two hosts COMMANDS: sudo apt install iperf -y iperf -s iperf -c 10.0.0.51 7. Show the sequence of gateways through which the packets travel to reach their destination. COMMAND: traceroute google.com 8. Packet sniffing tool COMMAND: sudo tcpdump host ubuntu18 -n -c 5 Register No: 180801069 Page No: Exercise No: 08 IT18612 – INFORMATION SECURITY LABORATORY Date: 9. Display only TCP connections with state established COMMAND: ss -a -t -o state established 10. Connect securely with remote hosts over the internet COMMANDS: sudo apt install openssh-server ssh root@10.0.0.50 11. Query domain name servers and resolving IP COMMAND: nslookup relicflare.com RESULT: The basic networking commands for error handling and logging purposes were successfully implemented. Register No: 180801069 Page No: Exercise No: 09 IT18612 – INFORMATION SECURITY LABORATORY Date: USE SNORT TOOL TO WRITE A SET OF RULES FOR ACCESS CONTROL FROM A PARTICULAR HOST AIM: To Write Set of rules for access control from a particular host. PROCEDURE: 1. Set the IP Address in config file snort->etc->snort.conf 2. Set HOME_NET IP address to runnable system IP 3. Write rules for alert messages snort->rules->local file content a. Goto command prompt b. Change to c:\Snort\bin c. Type snort -c c:\Snort\etc\snort.conf -A console -i 1 d. From source device send data packet using Ping command. Register No: 180801069 Page No: Exercise No: 09 IT18612 – INFORMATION SECURITY LABORATORY Date: RESULT: A set of rules were successfully written to get access control from a particular host using the Snort tool. Register No: 180801069 Page No: Exercise No: 10 IT18612 – INFORMATION SECURITY LABORATORY Date: STUDY ON ENCRYPTION AND DECRYPTION USING KELOPATRA TOOL AIM: To perform a study on Encryption and Decryption using Kelopatra tool. PROCEDURE: STEP 1: Download Gpg4win from the website, and install it STEP 2: When you first install Gpg4win you are offered very little in the way of clues about how to proceed, so the first thing you should do is generate a key pair. To do this, fire up GPA and it will helpfully offer to generate a private key for you STEP 3: Follow the Wizard, inputting your name and email address (which are used to build the key), the password you want to use, and where you want to save the key. It is important to use the same email address that you will be sending your encrypted email from, and the password is important as the recipient will need it to decrypt your files. Now have our first key Register No: 180801069 Page No: Exercise No: 10 IT18612 – INFORMATION SECURITY LABORATORY Date: STEP 4: Generate a public key, so that others can decrypt files you that encrypt with your private key. In GPA select the key you have just generated, click on ‘Export’, choose a name for the public key, a folder to save it to, and click ‘Save’. We saved it to our ‘Encryption keys’ folder. STEP 5: Share your public key – this can be done by simply emailing it to whoever you want to send encrypted mail to. The recipient should ‘Import’ this key in their instance of GPA Register No: 180801069 Page No: Exercise No: 10 IT18612 – INFORMATION SECURITY LABORATORY Date: STEP 6: To encrypt a file or folder, right-click on it, and select ‘Sign and Encrypt. Check that the file save paths are where you want them, and that the ‘Sign and Encrypt (OpenPGP only’) radio button is selected. STEP 7: Select the recipients you want to encrypt the file for, and ‘Add’ to the list. When you are ready, click ‘Encrypt’ STEP 8: If you have more than one identity, you can choose which one you wish to use for signing. For now, just click ‘Sign and Encrypt’ Register No: 180801069 Page No: Exercise No: 10 IT18612 – INFORMATION SECURITY LABORATORY Date: STEP 9: An encrypted version of the file or folder is created (with the .gpg file extension), which can then be simply emailed to the person you want to have it, or you can decrypt it. STEP 10: If an encrypted file is emailed to you, Download it to a convenient location, right-click on the file and select ‘Decrypt and verify’. STEP 11: Enter the passphrase set up by the sender. Remember that we will also need to have imported the sender’s public encryption key into your certificate manager Register No: 180801069 Page No: Exercise No: 10 IT18612 – INFORMATION SECURITY LABORATORY Date: STEP 12: A new folder with the suffix .tar_1 (or similar) will be created, with the encrypted files inside. Clicking Show Details will give you more information about the certificates validity RESULT: Hence, the study on Encryption and Decryption using Kelopatra tool was performed successfully. Register No: 180801069 Page No: Exercise No: 11 IT18612 – INFORMATION SECURITY LABORATORY Date: STUDY ON AUTHENTICATION AND DIGITAL SIGNATURE USING KELOPATRA TOOL AIM: To perform a study of authentication and digital signature using Kelopatra tool. PROCEDURE: STEP 1: File -> Import Certificates or you can create a new key pair (File -> New Certificate) STEP 2: Import the public key/PGP certificate into Kleopatra - using either ‘Import Certificates’, or right-clicking on the file and selecting ‘Import keys’. Register No: 180801069 Page No: Exercise No: 11 IT18612 – INFORMATION SECURITY LABORATORY Date: STEP 3: Certify the PGP certificate using your private key - this tells GnuPG that you trust the person who signed the certificate. a) In Kleopatra right-click on the key and select ‘Certify Certificate’. Register No: 180801069 Page No: Exercise No: 11 IT18612 – INFORMATION SECURITY LABORATORY Date: b) Select the certificate, and confirm that you have verified its fingerprint (hopefully this will be published on the developer’s website). c) Unless you are very sure about the authenticity of the certificate then you should Certify only for yourself (certificates work on the principle of a web of trust - the more people who trust them, the surer you can be they are genuine). Register No: 180801069 Page No: Exercise No: 11 IT18612 – INFORMATION SECURITY LABORATORY Date: d) Enter your private key passphrase to finish verifying the certificate. STEP 4 : Now that you have certified the Certificate used to make the signature for the file you have downloaded (whew!), you can use it to verify the signature. a) In Kleopatra go to File -> Decrypt/Verify files and browse to the signature file, or right-click on it and go to MoreGpgEX options -> Verify. b) Ensure ‘Input File’ is the signature file, and that the ‘Signed data’ field contains the program or file you wish to verify, then hit ‘Decrypt/Verify’. Register No: 180801069 Page No: Exercise No: 11 IT18612 – INFORMATION SECURITY LABORATORY Date: c) All being well, Kleopatra will declare the signature valid. RESULT: Hence, implement of authentication and digital signature using kelopatra is done successfully. Register No: 180801069 Page No: Exercise No: 12 IT18612 – INFORMATION SECURITY LABORATORY Date: LOGIN CREATION AND ACCESS CONTROL IN AWS AIM: To use the AWS management console to create new users for the organization and also use it to overlook and manage their passwords. PROCEDURE: 1. Log in into your AWS management console (Admin account). 2. Go to the IAM (Identity and Access management) service in the services tab of the AWS management console. Register No: 180801069 Page No: Exercise No: 12 IT18612 – INFORMATION SECURITY LABORATORY Date: 3. Select the users tab in the IAM console and click on “Add user”. 4. Enter the name for the user and give them the access they need according to their role in the organization. Register No: 180801069 Page No: Exercise No: 12 IT18612 – INFORMATION SECURITY LABORATORY Date: 5. Add the user to a pre-existing group with permissions or create a new group with authenticated permissions on the console and click on “Create user”. 6. Once the user is added note the secret access key and the auto-generated password and we can even mail these credentials to the respected user. The user will have to use the specified URL to access the console page using their designated login. Register No: 180801069 Page No: