PowerPoint PresentationAcknowledgement
Working on this project has been a really good and
challenging
experience and has been a great source of increasing knowledge in
various subjects. So, it is quite obvious that this had been just
on
papers without the guidance of our teachers and mentors.
We would really like to thank our mentor Gurjapna Kaur .who
is
great source of inspiration and motivation for the completion of
the project.
We would also like to thank our teacher Puneet singh for helping us
gain knowledge on programming languages make it possible to work on
Python and complete this project.
Introduction
This software is developed for a technical person who wants to take
the system security in his own hands ensuring that his system gets
the best of security and good enough to escape from hackers and
spam attacks to the system.
Software Requirement
Sniffing
Spoofing
Port scanning
The act of systematically scanning a computer's ports. Since a port
is a place where information goes into and out of a computer, port
scanning identifies open doors to a computer. Port scanning has
legitimate uses in managing networks, but port scanning also can be
malicious in nature if someone is looking for a weakened access
point to break into your computer.
Port scanning
Honeypot
In computer terminology, a honeypot is a trap set to detect,
deflect, or, in some manner, counteract attempts at unauthorized
use of information systems. Generally, a honeypot consists of a
computer, data, or a network site that appears to be part of a
network, but is actually isolated and monitored, and which seems to
contain information or a resource of value to attackers. This is
similar to the police baiting a criminal and then conducting
undercover surveillance.
Honeypot
Backdoor Detection
Backdoors is a term describing unauthorized access to your computer
system. Usually a backdoor lies in the program code and is created
by a programmer. Backdoors in your computer may be accessed by
attackers without your knowledge or consent. Backdoors are
considered to be real security threats.
BackDoor Key advantage for hackers:
Easy command and control of the server even after the original
exploit that enabled activating the backdoor was patched.
Common usages of backdoors:
Maintain site/server access for the purposes of distribution of
malware & spam, credit card or other sensitive data theft,
perpetrating DDoS attacks.
The Challenge of Detecting Website Backdoors
Searching for a website backdoor is like looking for a needle in a
haystack. A backdoor can be installed anywhere on the server under
any name or alias.
The only currently feasible method to detect a backdoor is
by searching every directory & sub-directories on the website,
attempting to find a file/s that “should not be there”.
The complexity of doing this is compounded due to the fact that
most websites are built on 3rd party frameworks and include other
3rd party extensions. Thus, detecting a single file that “should
not be there” – is virtually impossible. Website scanners that scan
websites from the outside are practically unable to detect such
backdoors because the possible location and filename of a backdoor
is infinite and cannot be determined from the outside.
Sniffing
A packet sniffer is a utility that has been used since the original
release of Ethernet. Packet sniffing allows individuals to capture
data as it is transmitted over a network. Packet sniffer programs
are commonly used by network professionals to help diagnose network
issues and are also used by malicious users to capture unencrypted
data like passwords and usernames in network traffic. Once this
information is captured, the user can then gain access to the
system or network.
If you want to keep information confidential or are concerned
about
packet sniffing, it is advised that you work on encrypted protocols
and encrypt all sensitive data, such as e-mails, being sent over
the Internet or network. A great encryption program is PGP, users
who are using Telnet should consider using SSH instead.
Sniffing Diagram
In networking, the term is used to describe a variety of ways in
which hardware and software can be fooled. IP spoofing, for
example, involves trickery that makes a message appear as if it
came from an authorized IP address. Also see e-mail spoofing.
Spoofing is also used as a network management technique to reduce
traffic. For example, most LAN protocols send out packets
periodically to monitor the status of the network. LANs generally
have enough bandwidth to easily absorb these network management
packets. When computers are connected to the LAN over wide-area
network (WAN) connections, however, this added traffic can become a
problem. Not only can it strain the bandwidth limits of the WAN
connection, but it can also be expensive because many WAN
connections incur fees only when they are transmitting data. To
reduce this problem, routers and other network devices can be
programmed to spoof replies from the remote nodes. Rather than
sending the packets to the remote nodes and waiting for a reply,
the devices generate their own spoofedreplies.
Spoofing
Spoofing Diagram
Future Orientation: