.© 2015 Neil Eliot [1] Assignment Authors: Neil Eliot (Newcastle) Ronald K Shiflet (Singapore) January 2017 EN0561 Principles of Ethical Hacking Attack Analysis in Ethical Hacking Assignment 1 of 1 Assessment Weighting 100% of Module Submission Date: Via TurnItIn on 20th April 2017© 2015 Neil Eliot [2] CONTENTS INTRODUCTION..............................................................................................3 LEARNING OUTCOMES .................................................................................3 PLAGIARISM ...................................................................................................4 REQUIREMENTS.............................................................................................4 TASKS..............................................................................................................5 MARKING SCHEME ........................................................................................8 SUBMISSION DETAILS...................................................................................9© 2015 Neil Eliot [3] INTRODUCTION This assignment consists of carrying out research into hacking tools and systems/network protocols and developing a technical report in (IEEE format -Word and Latex, templates provided). The assignment is designed to enable the student to examine the effects specific security tools have on computer systems. At the conclusion of their investigation, students will produce a report on the protocol/application they have chosen to examine and the tools they have used to attack/investigate that protocol/application (including how any tools function), along with identifying any available countermeasures that exist to increase the levels of security that can be implemented. The report component of this assignment is to be carried out as an individual piece of work; the research component which leads up to the production of the report is to be carried out in groups of four. Members of the group may share findings and test results during the research phase but must not assist each other with the production of their individual report. Each group selects a topic area and works in that area together, only the report component needs to be an individual piece of work. LEARNING OUTCOMES This assignment is designed to link into the following Learning Outcomes of the Module • Evaluate the principles of ethical hacking and appreciate where and in what situations these principles should be applied. • Appreciate the legal and ethical issues associated with ethical hacking and be aware of the documentary and evidentiary standards expected in presenting the results of ethical hacking activities. • Analyse and evaluate the professional requirements of an ethical hacker and critically discuss the challenges facing the ethical hacker • Assess computer systems, information systems and networks to identify their vulnerabilities and weaknesses so as to be able to penetrate those systems or networks • Evaluate the means by which systems or networks are penetrated and design and test countermeasures to address those weaknesses and vulnerabilities. • Appreciate how the core concepts, knowledge and practice of computer security have developed through research. This is achieved by developing a technical report based upon the practical use of hacking/penetration testing tools and analysing the effects they have on a computer system along with identifying and testing countermeasures to increase security.© 2015 Neil Eliot [4] PLAGIARISM Please read appendix 1 on issues relation to plagiarism. Also please see http://northumbria.ac.uk/sd/central/stud_serv/ssc/writing/plag/ for plagiarism advice and information. Academic Misconduct Your work, for all parts of the assignment, must be your own and, where you have used someone else’s words (quotations), they should be correctly quoted and referenced in accordance to the IEEE format as provided for this assignment. Cases of suspected academic misconduct (e.g. collusion or plagiarism) will be dealt with in accordance to the Assessment Regulations for Northumbria Awards (ARNA). Documents outlining assessment documentation for students is available from: http://www.northumbria.ac.uk/sd/central/ar/qualitysupport/assess/assproc/assdocstud/ REQUIREMENTS You are required to work in groups of four or at the discretion of the lecturer; smaller groups may be allowed, in extreme circumstances an individual may be allowed to work on their own. Choose ONE member of your group to send an e-mail to: [email protected]. The e-mail should have the Subject ‘EN0561 2017 T1 Group’ and contain a complete list of the group’s members, giving the student number, name and e-mail address of all group members. Example: To: [email protected] Subject: EN0561 2017 T1 Group Hello, Our Group is: 123456 Yew Soh Fatt [email protected] 123457 River Smith [email protected] This e-mail should be sent before the end of your seminar session in week 8 of semester2 (6th March 2017). If you have not assigned yourself to a group by 17.00 on the Friday of that week, you must send an email to [email protected] subject ‘EN0561 2016 T1 No Group’. You will be allocated to a suitable group. Ultimately, it is your responsibility to join a group. As groups are confirmed they will be listed in the Blackboard Module.© 2015 Neil Eliot [5] TASKS 1. GROUP SELECTION Firstly you must organise yourselves in to groups of four for the analysis and research stages of the assignment. 2. SUBJECT SELECTION Once you have a group you must identify an area of interest from the Kali Linux distribution that you wish to research, this must be discussed with the module team to ensure it is an appropriate area. As a starting point the following are suitable areas of study. • DDNS – An investigation of the Protocol reconnaissance techniques (e.g. spoofing, hijacking, redirection etc.) and counter measures 
 • 802.11bg – An investigation of the Protocol reconnaissance techniques and counter measures 
 • MITM Attacks through Cache Poisoning – An investigation of the cache poisoning techniques and counter measures for at least 2 protocols (e.g. ARP, DNS, etc.). 
 • Phishing – An investigation into Phishing and related social engineering techniques and counter measures. Students should study exploitation via various social engineering techniques. • Apache Vulnerability Assessment – An investigation of the Application configuration, reconnaissance techniques and counter measures. 
 • Joomla Vulnerability Assessment – An investigation of the Application configuration, reconnaissance techniques and counter measures. 
 • DDOS (Distributed Denial of Service) Attacks – An investigation of the abused Protocols and why they are vulnerable, flooding techniques used and counter measures 
 NOTE: Due to the amount of coverage of SSH in the teaching environment SSH is not an acceptable subject of your investigations.© 2015 Neil Eliot [6] 3. RESEARCH Once the subject area is agreed, you must research the Protocols, Applications and Tool Sets and demonstrate within your report that you have gained a good understanding of how and why they are implemented for general use, and how they can be applied to company infrastructures and the internet. You should also use the honeypot environment to allow a close analysis of how the protocols function and demonstrate the effect they have on the network traffic or application (essential part of your report). You should also identify which part of the protocols are being attacked and highlight this within the standards that are available (essential for the report). Once a full understanding of the protocol and the attack tools is achieved, you should investigate the countermeasures and hardening techniques that are available for the protocols and techniques you have chosen and show how these techniques have improved the security of the environment. This should include evidence gained from the honeypot environment to illustrate how the counter measures have improved the security. 4. GROUP REPORT The report you develop must be in IEEE format. An indicative list of sections for the report is :-. • Title • Abstract • Introduction • Protocol Scope • Protocol Standards • Toolset/Attack Software • Toolset/Attack Effects • Counter Measure Techniques • Counter Measure Effects • Conclusion • References • Appendix If during any of the work involved you develop software it should be included in the report as an appendix (Marks may be awarded if the code is referenced in the main report as a part of that section). FORMATIVE FEEDBACK Formative feedback will be provided throughout the seminar workshops and also during the Research and Analysis component of the module to assist in moving your projects forward.© 2015 Neil Eliot [7] SUMMATIVE FEEDBACK Summative feedback will be provided 3 weeks after the submission date as listed on the front of the assignment.© 2015 Neil Eliot [8] MARKING SCHEME This assignment consists of an individual report which constitutes 100% of the marks for the module. The marks will be awarded as show below :- Deliverable – Individual Report Max Score Title 0% Abstract 5% Introduction 5% Protocol Scope 10% Protocol Standards 15% Toolset/Attack Software 15% Toolset/Attack Effects 15% Counter Measures Techniques 15% Counter Measures Effects 10% Conclusion 5% References 5% TOTAL 100% If you develop any software you should include a code listing as an appendix in the report, if referenced from the report it will be included in the marking of that section.© 2015 Neil Eliot [9] SUBMISSION DETAILS The report must be in PDF format and submitted via ‘TurnItIn’ in the assignment area of the blackboard site by the date and time shown on the front of this assignment. All code listings must be included as text (not screen dumps) and must be formatted using a monospaced font (e.g. Courier New) size 8 e.g. int main(void) { time_t t; char password[9]; #ifdef _WIN32 system("cls"); #else system("clear"); #endif /* Intializes random number generator */ srand((unsigned) time(&t)); header(); sprintf(password, "%i%i%i%i%i%i%i%i", rand() % 9, rand() % 9, rand() % 9, rand() % 9, rand() % 9, rand() % 9, rand() % 9, rand() % 9); printf("|%s %s | ", REVERSE, password); MDString(password); printf(" %s|\n",ALL_NORMAL); footer(); return 0; } NOTE: The report must be submitted to “TurnItIn” in the assessments area, failure to submit and electronic copy will result in a mark of zero. Paper submissions must also be made on the 2nd floor, as per usual.