Course Details
Subject {L-T-P / C} : CS6373 : OS and Database Security Laboratory { 0-0-3 / 2}
Subject Nature : Practical
Coordinator : Prof.(Ms.) Sujata Mohanty
Syllabus
Detailed syllabus:
List of experiments to be conducted in lab:
1. Perform Port scanning with NMAP
2. Perform an experiment on active and passive fingerprinting using XPROBE2 and NMAP.
3. Demonstrate how to provide secure data storage, secure data transmission and for creating digital signatures (GnuPG).
4. Perform an experiment to demonstrate how to sniff for router traffic using WIRESHARK.
5. Setup a honey pot and monitor the honeypot on network (KF Sensor)
6. Installation of rootkits and study about the variety of options.
7. Network enumeration through port scanning, SYN flooding
8. Intrusion detection using SNORT IDS
9. Find vulnerabilities of target system through Nessus vulnerability Scanner
10. Perform anonymity through e-mail spoofing and bombing using PHP. Subsequently detect these attacks through analyzing the e-mail header.
11. Generating password hashes using OpenSSL
12. Develop secure coding practices to handle Code Injection Vulnerabilities such as SQL Injection, PHP Injection and Command Injection
Course Objectives
- Monitor and evaluate audit logs and set administrative alerts
- Detect, identify, resolve and document network intrusions
- Able to detect privilege escalation, remote control, keyloggers, rootkits
Course Outcomes
Deploy, implement and test IDS security plan. <br />• Identify which TCP and UDP services are running, listening, or established on the network (port scan) <br />• Able to create IDS sensors and attach them to network (snort)
Essential Reading
- Rafeeq Rehman, Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID, Prentice Hall
- Jack Koziol, Intrusion Detection with Snort, SAMS Publishing
Supplementary Reading
- Laura Chappell, Wireshark Network Analysis (Second Edition): The Official Wireshark Certified Network Analyst Study Guide, Laura Chappell University
- , ,