Tool Description
With the wide spread use of the internet as medium by the organizations and individuals, number of cyber-attacks is increasing every day. According to the government surveys for the year 2018 four out of ten business organizations and two out of ten charitable organizations are the victims of cyber-attacks (Markowsky and Markowsky 2015). More threatening fact about these attacks are not only the sheer volume but the nature of the attacks which are getting more complexity.
Different sections of this report contributes to the use of the different tools in the attacks, tools that can be used as the counter measures to secure the system or the organizational network. In addition to that detailed description as well as their role in the cyber security is also disused in the process of the evaluation of the tools.
nmap: For this project the selected tool for carrying out the penetration attacks is “nmap.” Use of this tool can help the attacker in order to get the details of the different ports of a system inside a network.
following are the some of the best features of “nmap” that makes it one of the best and preferred tools by the administrators.
Cross platform and Portable: the nmap tool can be used on most of the widely used operating systems. This includes the operating systems like Solaris, IRIX Linux, Open/Free/Net BSD, Sun OS, Mac OS X and so on. For Windows operating system this tool is still in the beta phase (Rohrmann, Patton and Chen 2016).
Flexible: This tool supports numerous advanced techniques in order to map the targeted networks that may contain firewalls, routers, and other devices as obstacles. In addition to that it can work for both TCP & UDP protocols, OS detection and other network scanning functionalities. There are several options that are available that can be used to get the details of the ports. Inside a network, the ports of the system can be one of the following states;
open, closed, filtered, unfiltered, open|filtered, closed|filtered;
open ports are the most vulnerable from the security point of view. As these ports accepts the UDP datagrams or TCP connections from other systems (Markowsky and Markowsky 2015). Mostly, the attackers exploit this type of ports. In addition to that, these ports are also useful for gaining information about the applications and thus exploitations of the vulnerabilities of those applications.
There are multiple options of the nmap command through which the attacker or network administrator can filter a scope of IPs inside a network. Filtering a wide range of IPs is helpful when attempting to figure out where a cyber-attack might happen (Rodofile, Radke and Foo 2016). Having the capacity to examine numerous IPs additionally spares important time when tracing for a attack inside a network. the command for this function is
nmap 192.168.0.1-20
OpenSSL
The selected tool used by the defender to protect the information systems and networks is OpenSSL. This is a widely used crypt-library which are used by the system administrators in order to implements SSL/ TLS protocols in order make the data communication secure over some organizational networks.
Role in Cybersecurity
In order secure the data transmission over internet or organizational network different type of web servers like Postfix, Apache web server, PHP and so on. Use of this tools helps in the users to get and use the different cryptographic algorithms that includes Blowfish, AES, DES and so on. In addition to that, cryptographic hash functions like SHA-1, MD5, MD4, SHA-2 along with that different Public-key cryptography algorithms are also available such as Diffie-Hellman key exchange, RSA as well as DSA.
Role of nmap
As the data nmap is highly configurable thus it helps in processing their own scan for the targeted network. In this way the system or network administrator can find out the open ports and observe that what type of data the systems are spilling to the potential hackers through the open or unfiltered ports.
For an example we can consider a Windows OS based system often utilizes many ports to c communicate with the different other system or applications inside the network (Markowsky and Markowsky 2015). in this scenario each open port is considered as the potential course in to system for the attacker.
Through the Port checking utilizing the h Nmap is a quick and viable approach to distinguish which ports are open, what administrations are running on them and where frail spots exist that needs attention to reduce the vulnerability against any kind of cyber-attack (Rodofile, Radke and Foo 2016). Closing the unnecessary open ports helps in decreasing the quantity of possibly exploitable administrations.
Furthermore, when the system administrator has completely mapped the network or the system, they can likewise check whether any sudden changes have happened since the last scan of the ports (Tanizawa et al. 2017). For instance, an information system affected some malware will try to open ports so as to tune in for directions from the attacker.
The OpenSSL is a pre bundled library which is included in order to provide strong cryptographic solution to the stored data and programs. This tool also provides access to the most of its functionality when used through the command line.
Use of the command-line tool is helpful in easily complete the different operations. This operation includes computation of the MD5 hash value of any particular file’s contents (Messier, Chandra and Viega 2016). In addition to that the command-line tool provides the capability to access most of the OpenSSL’s higher-level functionalities from shell scripts on the differ Linux distributions.
OpenSSL comes with some default configuration file which is used normally unless use or the system administrator any alternate options is specified. Settings are reasonable in the default configuration of the package. The users can often replace them that are suited better and are tailored according to the requirement. Location of this configuration file changes greatly depending on OS.
This crypto-library is mainly responsible for Negotiation of the cipher suite in the communication process, authentication of the server and bother the parties in the communication which are the server and the client (this is optional). Moreover, it also generates the session keys that plays the vital role in establishment of secure connection. Different libraries under the OpenSSL’s are also used by third party tools for example OpenSSH, OpenCA in order to establish the secure transmission of the data from application to server. Through the use of the SSL Proxy arbitrary socket connections also can be secured.
Scenario Description
Use of “nmap” tools helps in discovering the visible ports. In this way system administrator, they only need to know which services or applications are running on the targeted machine so that the they can determine that to which exploits the machines in the network are is vulnerable.
With the use of –sV option or –A it enables version detection along with the OS detection and version detection. The following uses the nmap-service-probes database in order to try out and determine the protocols.
Scanning of the different hosts inside the network. as shown below most of the system in the network have all the 1000 ports filtered. Only for the host with the IP 192.168.1.25 have the ports 135, 139, 445 are open and the running services are listed in the output.
Scanning of the ports in a network
The above screenshot shows the all the ports inside the network are filtered through the use of some firewall application.
Scanning a specific port for the exploitation. In this scenario, port 80 is checked. In most of the scenarios infiltrated malwares consistently operate through a specific port whenever it infects a host. Through the scanning of these ports the system administrator can quickly determine the type of malware that is infecting the systems inside the network. In the following scenario a single port is scanned in order find out whether it is open and leaking information:
In the next stage the through use of the nmap the system is scanned for TCP SYN scan so that it can be determined if any port is listening to the external application. Use of this command is often known as half-open scanning (Arzhakov and Silnov 2017). In this scanning process the administrator does not establish a complete TCP connection. Instead of that the administrator only sends a SYN packet in order to get any response from a listening port. In case a response is received in the form of SYN/ACK response, therefore it means that a port is listening to the SYN messages and are vulnerable against attacks.
Nmap facebook.com
The above is the result of the nmap scan for the host www.facebook.com that generates the results as shown in the image. From the result I can be observed that the port 80, 443, 843 are open and on the first two https services are running. In case of port 5222, the port is closed and xmpp-client service is running.
Use of the OpenSSL
One of the most important use of the OpenSSL is generation of the public and private keys using the RSA and other algorithms. Such an example is shown below;
openssl genrsa -out sampl.key
Use of OpenSSL in order to develop the Private in kali Linux. Following is the screenshot the process of developing the keys.
Generation of the Public key using the OpenSSL. The RSA keys can be used to sign a document and encrypt the content so that the transmitted data can be untouched and intrusion by the hackers can be prevented.
Evaluation of nmap: “nmap” being complimentary positively affects our financial plan. It is an endeavour class instrument that anybody can download and use.
nmap in both command line based and GUI, is an extremely propelled tool that is anything but difficult to utilize, so there’s next to no expectation to learn and adapt included, which positively affects profitability and security.
An important element that is a tremendous help is that you can look at outputs. This spares long stretches of scanning physically for contrasts in sweep results. Quicker outcomes imply quicker relief of issues, which can be a genuine cash saver.
Use of this tools helps in the Host discovery. In this way the administrator can identify the application hosts inside a targeted network. For an instance listing all the hosts which respond against the pings may have some of the ports or a particular port open that can be used by the attackers (Rohrmann, Patton and Chen 2016). In addition to that Port scanning is another utility that enumerates the open ports on target hosts.
Lastly the version detection is another issue using which the attacker or the system admin can get the information by interrogating the network services on remote devices to get the information about the application and its version.
With the support to the multiple output formats the nmap tool helps even the non-technical users to interact with the generated report. Following are the list and description of the output formats supported by the nmap tools.
Interactive output format: In this format the result of the nmap scan is updated and represented in real time to the user runs whenever the command is executed on the command line. With multiple available options that can be used during the scanning process it can facilitate the intended and exact monitoring of the system and network.
Normal: This output format can be seen while executing the nmap through command line, while it is saved to some file (often text file).
XML format report: This output format can be processed further through the use of the XML tools. Furthermore, this can be converted into a HTML report by using XSLT technique that is presentable on different kind of available browsers (Arzhakov and Silnov 2017).
Grepable Output format: This type of output format is tailored in order to use with the different Linux based processing tools for example as grep or awk.
Role of OpenSSL in cyber security
In the evaluation of targets in cyber-attacks, the information learning more about the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) configuration can be very useful. Being able to test SSL/TLS configurations on target machines is a common requirement when performing security assessments. As such, it is important to be able to perform these tests as independent of system configuration as possible.
It is important to store the data in encrypted form as well as transmit it through the secure channels that can help the system administrators to avoid the hackers from sniffing into the transmitted data. Transmission of the data through the secure channel using the tools like OpenSSL help in providing additional protection to the data in transition.
Use of OpenSSL offers SSL and TLS encryption techniques for protecting the data in its transmission phase. This encrypts the communications between the source and the destination for example to the website server and the browser.
This encryption technique prevents anyone who tries to intercept that traffic in case of the Man in the middle attacks (Arzhakov and Silnov 2017). This tools are available for both windows as well as for Linux environments. Aside these being open source OpenSSL becomes a cheaper way of ensuring secure data transmission inside or outside the network.
From the efficiency perspective, the OpenSSL is too slow in the present day internet speed and high-end system configuration. Compared to the traditional unsecured TCP/IP connection it is much slower. This issue is raised due to the result of providing direct and adequate security to the transmitted content. every time a new SSL session is established, the server along with the client exchanges a significant amount of information in order to authenticate each other as well as determine a key which is to be for the data transmission session.
Initial handshake at the time of establishment of the connection includes too much use of public key which make the complete process is very slow (Arzhakov and Silnov 2017). Along with the present day high speed internet the OpenSSL struggles to establish 100 connections/second under real time workloads.
Recently there is a bug in the latest releases of OpenSSL are caught that leads to the “HeartBleed” Attack.
Every time data is transmitted through the secure channel OpenSSL sends a “heartbeat,” to the web server from the browser in order to maintain the active encrypted sessions for sending the data.
The Heartbleed vulnerability makes the process vulnerable to attack from the intruders. Reason behind this can be stated as, any infiltrator/ attacker can exploit this heartbeat or the ping from the client to the server by sending malicious client request to the server which is running a vulnerable OpenSSL version on the server.
In the next stage as the response against the request the affected server will respond back to the malicious user or attacker with 64kb of data from the memory to match the user request received from the browser or application. This large block of data can contain leaked information such as private keys, usernames, and concerned passwords stored on the server.
References
Arzhakov, A.V. and Silnov, D.S., 2017, June. Architecture of multithreaded network scanner. In Micro/Nanotechnologies and Electron Devices (EDM), 2017 18th International Conference of Young Specialists on (pp. 43-45). IEEE.
Bagyalakshmi, G., Rajkumar, G., Arunkumar, N., Easwaran, M., Narasimhan, K., Elamaran, V., Solarte, M., Hernández, I. and Ramirez-Gonzalez, G., 2018. Network vulnerability analysis on brain signal/image databases using Nmap and wireshark tools. IEEE Access, 6, pp.57144-57151.
Coffey, K., Smith, R., Maglaras, L. and Janicke, H., 2018. Vulnerability Analysis of Network Scanning on SCADA Systems. Security and Communication Networks, 2018.
Hanauer, T. and Metzger, S., 2018. Stakeholder Specific Visualization and Automated Reporting of Network Scanning Results applying Vis4Sec. In 11. DFN-Forum Kommunikationstechnologien. Gesellschaft für Informatik eV.
Markowsky, L. and Markowsky, G., 2015, September. Scanning for vulnerable devices in the Internet of Things. In Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2015 IEEE 8th International Conference on (Vol. 1, pp. 463-467). IEEE.
Messier, M., Chandra, P. and Viega, J., 2016. Network Security With OpenSSL 2002.
Moghimifar, F. and Stebila, D., 2016, February. Predicting TLS performance from key exchange performance: short paper. In Proceedings of the Australasian Computer Science Week Multiconference (p. 44). ACM.
Rahman, A., Kawshik, K.R., Sourav, A.A. and Gaji, A.A., 2016. Advanced Network Scanning. American Journal of Engineering Research (AJER), 5(6), pp.38-42.
Rodofile, N.R., Radke, K. and Foo, E., 2016, February. DNP3 network scanning and reconnaissance for critical infrastructure. In Proceedings of the Australasian Computer Science Week Multiconference (p. 39). ACM.
Rohrmann, R., Patton, M.W. and Chen, H., 2016, September. Anonymous port scanning: Performing network reconnaissance through Tor. In Intelligence and Security Informatics (ISI), 2016 IEEE Conference on (pp. 217-217). IEEE.
Tanizawa, Y., Takahashi, R., Sato, H. and Dixon, A.R., 2017, July. An approach to integrate quantum key distribution technology into standard secure communication applications. In Ubiquitous and Future Networks (ICUFN), 2017 Ninth International Conference on (pp. 880-886). IEEE.
Viet, H.N., Van, Q.N., Trang, L.L.T. and Nathan, S., 2018, June. Using Deep Learning Model for Network Scanning Detection. In Proceedings of the 4th International Conference on Frontiers of Educational Technologies (pp. 117-121). ACM.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
