IMT-93: Different Types of Attacks-2014
IMT-93: Different Types of Attacks-2014
ASSIGNMENT - 1
1. What are Buffer Overflows? Give an example of a source code that can be overflowed.
2. Describe in detail three different types of Buffer Overflows.
3. How can Buffer Overflows be prevented?
4. Trojans, Keyloggers, Sniffers and Spyware are examples of tools that assist IP theft. Describe some similarities and differences between each one of them.
5. What are some of the challenges associated with remotely installing IP theft tools on the target system?
6. How can you avoid anti-virus detection while installing IP theft tools on the target system?
7. Describe counter-measures that can be implemented on a system to prevent IP theft.
8. What is Steganography? How can you detect the presence of data that is steganographically hidden inside an image?
9. If you are a disloyal, disgruntled employee and want to steal data from your organisation, then which technique would you use?
10. What is Dumpster Diving? Why does an attacker usually carry it out?
ASSIGNMENT - 2
1. What are routing tables? What are they used for?
2. Describe three different types of DOS attacks. How are they executed? Suggest some counter-measures.
3. Describe three different types of distributed DOS attacks. How are they executed? Suggest some countermeasures.
4. What is the key difference between DOS attacks and distributed DOS attacks?
5. Describe a hybrid DOS attack that has not been described in this course.
6. What security solutions would you implement in your organisation to prevent your employees from stealing data?
7. What is USB Hacking? What all can be done by an attacker using USB Hacking? How can you prevent USB Hacking?
8. What is an attacker usually trying to do while performing shoulder surfing?
9. What are Keyloggers? What makes them so dangerous?
10. How can an attacker prevent IP theft through cellphones?
ASSIGNMENT - 3
1. You will need two different systems for this particular lab session. On one system install the victim part of the Trojan while on the other system install the attacker part of the Trojan. Now use the attacker part of the Trojan to control the victim part and do things on its screen. (Kindly submit actual screenshots as your answer.)
2. Carry out Dumpster Diving on a particular victim for a consecutive period of 10 days and collect all private, confidential information that you can about the victim. Please note that every student is required to take prior permission from the victim before carrying out this exercise. (Kindly submit actual items that you collect via Dumpster Diving as your answer.)
IMT-92: Network Security-2014
IMT-92: Network Security-2014
ASSIGNMENT - 1
1. What are the differences between DNS lookup and Reverse DNS lookup?
2. How can you trace an abusive email on the Internet?
3. What steps do you need to follow to send a spoofed email from billgates@microsoft.com to your best friend?
4. Carry out a line-by-line detailed analysis of the following email header:
X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.39; Tue, 01 Jan 2008 07:51:02 -0800
X-Originating-IP: [209.191.124.119]
Return-Path: <chaf_top@yahoo.com>
Authentication-Results: mta294.mail.mud.yahoo.com from=yahoo.com; domainkeys=pass (ok)
Received: from 209.191.124.119 (HELO web38008.mail.mud.yahoo.com) (209.191.124.119) by mta294.mail.mud.yahoo.com with SMTP; Tue, 01 Jan 2008 07:51:02 -0800
Received: (qmail 75045 invoked by uid 60001); 1 Jan 2008 15:51:02 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=n7Z8yvU8dl5/5NCv241EXAL18FKFTIg5kB5HNAW/Fvq5KhRBexLBlGsm2ogSq3cu0/R2hZoWtEqZiNZROx/mI4a2CndacN24yGyxIKfC1b1ixeEhTN9/k1gD85U0UQDMFNzNcdVoFk922SncG2BCntFxCkIo2Jut3VVdnrv1C9Y=;X-YMail-OSG: QNpAifEVM1lcfKFx3Ay.9VdiBphyL7jT0E_mg5qVL9gPn1tbfN8A7fSXAo0xtJJF0XteyqMgtVyzD4d5tRv.njZ_cSrdbXVKvPB5dMl5BqR1IpoKEZj2pcLunC7dUw-
Received: from [196.201.201.177] by web38008.mail.mud.yahoo.com via HTTP; Tue, 01 Jan 2008 07:51:02 PST
Date: Tue, 1 Jan 2008 07:51:02 -0800 (PST)
From: "chaf de souza" <> Add to Address Book Add Mobile Alert
Yahoo! DomainKeys has confirmed that this message was sent by yahoo.com. Learn more
Subject: IMPORTANT FOR FOREIGN STUDENT
To: ankitfadia2001@yahoo.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-599614051-1199202662=:73737"
Content-Transfer-Encoding: 8bit
Message-ID: <476717.73737.qm@web38008.mail.mud.yahoo.com>
Content-Length: 1829
5. Find out the exact geographical location of the sender of the email with the following headers:
X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.41; Mon, 31 Dec 2007 20:02:37 -0800
X-Originating-IP: [209.191.90.74]
Return-Path: <vineet@udaantravel.com>
Authentication-Results: mta261.mail.re4.yahoo.com from=udaantravel.com; domainkeys=neutral (no sig)
Received: from 209.191.90.74 (HELO web801.biz.mail.mud.yahoo.com) (209.191.90.74) by mta261.mail.re4.yahoo.com with SMTP; Mon, 31 Dec 2007 20:02:37 -0800
Received: (qmail 73717 invoked by uid 60001); 1 Jan 2008 04:02:36 -0000
X-YMail-OSG: vj_jELkVM1m.5nfWWK8MNyd4s6PSk7kF9QqubwddySNz8vkLb_G3hvRRfO9jxI5DyCCxA9FcAi. xsqWsn4LYMPOyg6qEtF0cpGnIjotB2Y4pgo4-
Received: from [71.177.119.70] by web801.biz.mail.mud.yahoo.com via HTTP; Mon, 31 Dec 2007 20:02:36 PST
Date: Mon, 31 Dec 2007 20:02:36 -0800 (PST)
From: "VINEET BADHWAR" <vineet@udaantravel.com> Add to Address Book Add Mobile Alert
Reply-to: VINEET@
Subject: HAPPY NEW YEAR
To: vineet@
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1640175783-1199160156=:73312"
Content-Transfer-Encoding: 8bit
Message-ID: <538044.73312.qm@web801.biz.mail.mud.yahoo.com>
Content-Length: 1290
6. How can you check your POP email manually? How can you crack POP
email account passwords?
7. How can you secure email communication?
8. How can you attach files to a forged email sent through Sendmail?
9. Describe some risks associated with Instant Messengers.
10. If you have received an email from your friend, how can you tell whether it is spoofed or not?
ASSIGNMENT - 2
1. What are SQL Injection attacks? How do they work? What are some dangers associated with them? Suggest some counter-measures against SQL Injection.
2. How can a system administrator prevent email forging from taking place on their network?
3. What are the different types of ports on a system?
4. How can you prevent input validation attacks on a system?
5. Describe some strategies to fight email spam.
6. How can a system administrator mislead an attacker probing different ports?
7. Discuss the pros and cons of the various types of mail bombing strategies.
8. How can you send a forged email to multiple individuals through BCC?
9. How would you crash a remote system through Instant Messengers?
10. Is this possible: You telnet to Port 23 and the FTP daemon shows up? What is going on if this happens? How is it done?
ASSIGNMENT - 3
1. Explore the various ports (1-100) of the following systems (Kindly submit actual logs as your answer):
www.hackingmobilephones.com
ww.imt.edu
2. Give examples of 3 REAL Websites that actually exist on the Internet that suffer from an input validation loophole or an SQL Injection loophole.
IMT-91: Basics of Security-2014
IMT-91: Basics of Security-2014
PART - A
1. What is an IP address? What are the various forms of an IP address? What are the various ways in which you can trace an IP address on the Internet?
2. Imagine that you are a cyber terrorist and you are planning a major cyber attack. Of course you don't want to get caught! What are the various strategies you will employ to protect your identity and prevent the police from tracing you?
3. How can you find out the IP address of a system hiding behind a proxy server?
4. Write down the IP address 163.114.24.14 in the following notation formats:
l Decimal
l Hexadecimal
l Octal
l Binary
l DWORD
5. What are the differences and similarities between ping and tracert?
6. From a system administrator's perspective, which ICMP utility is more dangerous: ping or tracert? Give reasons to support your answer. Which counter-measures can a system administrator employ to counter it?
7. Describe three port scanning techniques. Give their pros and cons.
8. How can you carry out stealth port scanning on a target system?
9. How can you use ICMP scanning to carry out OS detection? Which counter-measures can a system administrator implement to prevent ICMP OS detection?
10. What are the advantages of carrying out ping sweeping? How can a system administrator detect that ping sweeping is taking place? How can it be countered?
PART - B
1. What are the differences and similarities between active fingerprinting and passive fingerprinting?
2. How can an attacker perform passive fingerprinting? Describe in detail.
3. What counter-measures can be taken to prevent fingerprinting probes?
4. What is the regedit file? Describe its structure, format and uses.
5. Describe any three windows registry tweaks of your choice.
6. What are sniffers? How can you use a sniffer to record data packets being sent/received on a network?
7. How can a system administrator make it more difficult for an attacker to carry out information gathering?
8. Which information gathering technique is the most important from the attacker's perspective?
9. How can a system administrator mislead an attacker during the process of information gathering?
10. How can an attacker modify the registry on a remote system?
ASSIGNMENT - 3
1. Find out if the following systems are alive. If they are alive, then find out their exact geographical information
(Kindly submit actual logs as your answer):
203.94.11.12
203.94.12.11
www.hackingmobilephones.com
www.imt.edu
2. UsE all information gathering techniques taught in this course to find out as much information as possible about the following systems (Kindly submit actual logs as your answer):
www.hackingmobilephones.com
www.imt.edu
IMT-93: Different Types of Attacks-2014
ASSIGNMENT - 1
1. What are Buffer Overflows? Give an example of a source code that can be overflowed.
2. Describe in detail three different types of Buffer Overflows.
3. How can Buffer Overflows be prevented?
4. Trojans, Keyloggers, Sniffers and Spyware are examples of tools that assist IP theft. Describe some similarities and differences between each one of them.
5. What are some of the challenges associated with remotely installing IP theft tools on the target system?
6. How can you avoid anti-virus detection while installing IP theft tools on the target system?
7. Describe counter-measures that can be implemented on a system to prevent IP theft.
8. What is Steganography? How can you detect the presence of data that is steganographically hidden inside an image?
9. If you are a disloyal, disgruntled employee and want to steal data from your organisation, then which technique would you use?
10. What is Dumpster Diving? Why does an attacker usually carry it out?
ASSIGNMENT - 2
1. What are routing tables? What are they used for?
2. Describe three different types of DOS attacks. How are they executed? Suggest some counter-measures.
3. Describe three different types of distributed DOS attacks. How are they executed? Suggest some countermeasures.
4. What is the key difference between DOS attacks and distributed DOS attacks?
5. Describe a hybrid DOS attack that has not been described in this course.
6. What security solutions would you implement in your organisation to prevent your employees from stealing data?
7. What is USB Hacking? What all can be done by an attacker using USB Hacking? How can you prevent USB Hacking?
8. What is an attacker usually trying to do while performing shoulder surfing?
9. What are Keyloggers? What makes them so dangerous?
10. How can an attacker prevent IP theft through cellphones?
ASSIGNMENT - 3
1. You will need two different systems for this particular lab session. On one system install the victim part of the Trojan while on the other system install the attacker part of the Trojan. Now use the attacker part of the Trojan to control the victim part and do things on its screen. (Kindly submit actual screenshots as your answer.)
2. Carry out Dumpster Diving on a particular victim for a consecutive period of 10 days and collect all private, confidential information that you can about the victim. Please note that every student is required to take prior permission from the victim before carrying out this exercise. (Kindly submit actual items that you collect via Dumpster Diving as your answer.)
IMT-92: Network Security-2014
IMT-92: Network Security-2014
ASSIGNMENT - 1
1. What are the differences between DNS lookup and Reverse DNS lookup?
2. How can you trace an abusive email on the Internet?
3. What steps do you need to follow to send a spoofed email from billgates@microsoft.com to your best friend?
4. Carry out a line-by-line detailed analysis of the following email header:
X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.39; Tue, 01 Jan 2008 07:51:02 -0800
X-Originating-IP: [209.191.124.119]
Return-Path: <chaf_top@yahoo.com>
Authentication-Results: mta294.mail.mud.yahoo.com from=yahoo.com; domainkeys=pass (ok)
Received: from 209.191.124.119 (HELO web38008.mail.mud.yahoo.com) (209.191.124.119) by mta294.mail.mud.yahoo.com with SMTP; Tue, 01 Jan 2008 07:51:02 -0800
Received: (qmail 75045 invoked by uid 60001); 1 Jan 2008 15:51:02 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=n7Z8yvU8dl5/5NCv241EXAL18FKFTIg5kB5HNAW/Fvq5KhRBexLBlGsm2ogSq3cu0/R2hZoWtEqZiNZROx/mI4a2CndacN24yGyxIKfC1b1ixeEhTN9/k1gD85U0UQDMFNzNcdVoFk922SncG2BCntFxCkIo2Jut3VVdnrv1C9Y=;X-YMail-OSG: QNpAifEVM1lcfKFx3Ay.9VdiBphyL7jT0E_mg5qVL9gPn1tbfN8A7fSXAo0xtJJF0XteyqMgtVyzD4d5tRv.njZ_cSrdbXVKvPB5dMl5BqR1IpoKEZj2pcLunC7dUw-
Received: from [196.201.201.177] by web38008.mail.mud.yahoo.com via HTTP; Tue, 01 Jan 2008 07:51:02 PST
Date: Tue, 1 Jan 2008 07:51:02 -0800 (PST)
From: "chaf de souza" <> Add to Address Book Add Mobile Alert
Yahoo! DomainKeys has confirmed that this message was sent by yahoo.com. Learn more
Subject: IMPORTANT FOR FOREIGN STUDENT
To: ankitfadia2001@yahoo.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-599614051-1199202662=:73737"
Content-Transfer-Encoding: 8bit
Message-ID: <476717.73737.qm@web38008.mail.mud.yahoo.com>
Content-Length: 1829
5. Find out the exact geographical location of the sender of the email with the following headers:
X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.41; Mon, 31 Dec 2007 20:02:37 -0800
X-Originating-IP: [209.191.90.74]
Return-Path: <vineet@udaantravel.com>
Authentication-Results: mta261.mail.re4.yahoo.com from=udaantravel.com; domainkeys=neutral (no sig)
Received: from 209.191.90.74 (HELO web801.biz.mail.mud.yahoo.com) (209.191.90.74) by mta261.mail.re4.yahoo.com with SMTP; Mon, 31 Dec 2007 20:02:37 -0800
Received: (qmail 73717 invoked by uid 60001); 1 Jan 2008 04:02:36 -0000
X-YMail-OSG: vj_jELkVM1m.5nfWWK8MNyd4s6PSk7kF9QqubwddySNz8vkLb_G3hvRRfO9jxI5DyCCxA9FcAi. xsqWsn4LYMPOyg6qEtF0cpGnIjotB2Y4pgo4-
Received: from [71.177.119.70] by web801.biz.mail.mud.yahoo.com via HTTP; Mon, 31 Dec 2007 20:02:36 PST
Date: Mon, 31 Dec 2007 20:02:36 -0800 (PST)
From: "VINEET BADHWAR" <vineet@udaantravel.com> Add to Address Book Add Mobile Alert
Reply-to: VINEET@
Subject: HAPPY NEW YEAR
To: vineet@
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1640175783-1199160156=:73312"
Content-Transfer-Encoding: 8bit
Message-ID: <538044.73312.qm@web801.biz.mail.mud.yahoo.com>
Content-Length: 1290
6. How can you check your POP email manually? How can you crack POP
email account passwords?
7. How can you secure email communication?
8. How can you attach files to a forged email sent through Sendmail?
9. Describe some risks associated with Instant Messengers.
10. If you have received an email from your friend, how can you tell whether it is spoofed or not?
ASSIGNMENT - 2
1. What are SQL Injection attacks? How do they work? What are some dangers associated with them? Suggest some counter-measures against SQL Injection.
2. How can a system administrator prevent email forging from taking place on their network?
3. What are the different types of ports on a system?
4. How can you prevent input validation attacks on a system?
5. Describe some strategies to fight email spam.
6. How can a system administrator mislead an attacker probing different ports?
7. Discuss the pros and cons of the various types of mail bombing strategies.
8. How can you send a forged email to multiple individuals through BCC?
9. How would you crash a remote system through Instant Messengers?
10. Is this possible: You telnet to Port 23 and the FTP daemon shows up? What is going on if this happens? How is it done?
ASSIGNMENT - 3
1. Explore the various ports (1-100) of the following systems (Kindly submit actual logs as your answer):
www.hackingmobilephones.com
ww.imt.edu
2. Give examples of 3 REAL Websites that actually exist on the Internet that suffer from an input validation loophole or an SQL Injection loophole.
IMT-91: Basics of Security-2014
IMT-91: Basics of Security-2014
PART - A
1. What is an IP address? What are the various forms of an IP address? What are the various ways in which you can trace an IP address on the Internet?
2. Imagine that you are a cyber terrorist and you are planning a major cyber attack. Of course you don't want to get caught! What are the various strategies you will employ to protect your identity and prevent the police from tracing you?
3. How can you find out the IP address of a system hiding behind a proxy server?
4. Write down the IP address 163.114.24.14 in the following notation formats:
l Decimal
l Hexadecimal
l Octal
l Binary
l DWORD
5. What are the differences and similarities between ping and tracert?
6. From a system administrator's perspective, which ICMP utility is more dangerous: ping or tracert? Give reasons to support your answer. Which counter-measures can a system administrator employ to counter it?
7. Describe three port scanning techniques. Give their pros and cons.
8. How can you carry out stealth port scanning on a target system?
9. How can you use ICMP scanning to carry out OS detection? Which counter-measures can a system administrator implement to prevent ICMP OS detection?
10. What are the advantages of carrying out ping sweeping? How can a system administrator detect that ping sweeping is taking place? How can it be countered?
PART - B
1. What are the differences and similarities between active fingerprinting and passive fingerprinting?
2. How can an attacker perform passive fingerprinting? Describe in detail.
3. What counter-measures can be taken to prevent fingerprinting probes?
4. What is the regedit file? Describe its structure, format and uses.
5. Describe any three windows registry tweaks of your choice.
6. What are sniffers? How can you use a sniffer to record data packets being sent/received on a network?
7. How can a system administrator make it more difficult for an attacker to carry out information gathering?
8. Which information gathering technique is the most important from the attacker's perspective?
9. How can a system administrator mislead an attacker during the process of information gathering?
10. How can an attacker modify the registry on a remote system?
ASSIGNMENT - 3
1. Find out if the following systems are alive. If they are alive, then find out their exact geographical information
(Kindly submit actual logs as your answer):
203.94.11.12
203.94.12.11
www.hackingmobilephones.com
www.imt.edu
2. UsE all information gathering techniques taught in this course to find out as much information as possible about the following systems (Kindly submit actual logs as your answer):
www.hackingmobilephones.com
www.imt.edu
No comments:
Post a Comment