Network Security: Firewalls, WiFi, Passwords, HTTPS, And Internet Privacy

Firewalls

(a)

Figure 1. Network Diagram

Source: (created by Author)

(b) The set of rules for the network model

Rule No. Save Time On Research and Writing Hire a Pro to Write You a 100% Plagiarism-Free Paper. Get My Paper	Transport	Source IP	Source Port	Destination Port	Destination IP	Action
1	TCP	10.3.1.0 – 10.3.1.255	143	143	138.77.179.1	Allow
2	TCP	Any	143	143	138.77.179.1	Deny
3	TCP	Any	1433	1433	138.77.179.2	Allow
4	TCP	Any	1023	Any	138.77.178.1	Deny
5	TCP	138.77.179.1	1023	Any	138.77.178.1	Allow
6	TCP	138.77.179.2	1023	Any	138.77.178.1	Allow
7	TCP	31.13.75.0	1234	1234	10.3.3.31	Allow
8	TCP	23.63.9.0	1234	1234	10.3.3.31	Allow
9	TCP	10.3.3.31	1234	1234	Any	Deny

Table 1. The Networking Rules

Source: (created by Author)

Rule 1 & 2: It is created to block the external access to the network.

Rule 3: This rule would prohibit the researchers and the students from accessing the mail server.

Rule 4: This rule would block the other host addresses from accessing the web server.

Rule 5: This rule allows authorization for the request that are outside the network.

Rule 6: This rue defines the accessibility of the web server.

Rule 7 & 8 & 9: This rule is used to enable the SSH accessibility of the server.

The limitation of the application of the remote accessibility is that is causes a risk for the network and the intruder than use the channel for intruding in the network and thus cause a risk for the organization. The hacker can also access the database and modify it and thus different encryption technology is required to be applied for securing the network. The NAT (Network address translation) is required to be applied for mapping the IP address with a domain name for accessing the network from remote location.

(c) The networking rules that can be applied for the professor for accessing the network from home are:

NAT: The Network Address Translation would allow the user to access the network remotely. It performs the task of mapping and translating the Public IP addresses into the internal IP addresses. With the configuration of the network for the remote accessibility a large number of security risks can arise. Hence, this gives rise to the requirement of the intrusion detection system. This would help the network to restrict the access of the remote accesses to the network.  

a.  The MAC address filtering provides the user the option of defining a list of devices on the Wifi based network. This is not suitable for selecting it as security measure as the implementation of the system is very tedious and is also very easy to breach. This system basically gives false sense of security to the users.

b. The maximum key size that can be used for the WAP by AES is 256-bits. The maximum key size of typical passphrase is 25 characters.

The differences between the typical passphrases and the AES are:

• Decrypting the AES is more difficult than the Passphrases.
• The length of the AES is more than any typical passphrase.
• The performances of the AES on low configurations are also very efficient than the typical passphrases.

Option 1

(a) Recommendations:

1. You select a password that is private and is known only to one user that is only you. The main advantage of doing this that, the password is known only to you and cannot be detected by anyone easily. The disadvantage of doing this that, the password is available to only a single user an if the user forgets the password there are very less chance of it to be recovered.
2. You should choose a password that is secret that means it can be written or stated clearly or drawn in a paper so that it cannot be decrypted easily. The main advantage is that it cannot be guessed by everyone and very high level of decryption mechanism would be required to decipher the password. The main disadvantage is defining the password. If the secret is very difficult ot express the user would be facing difficulty in setting password for the first time.
3. You should be using a password that is very easy to remember. The main advantage of this is that you can remember the password very easily and do not require to write it down in any paper. The main disadvantage of this is that it can be guessed very easily by anyone so this process involves some amount of risk with itself.

WiFi Security

(b) Rules

1. You should include different characters and numeric values within the password. The main advantage of this is that it would be very difficult for the decoder to decode the password and guess the correct one. The main disadvantage with the system is that the user might misplace the character and might be forgetting the password as a result of it.
2. You should not be using any important date for any important event. The main advantage of this is that the hacker would not be able to guess the password by the date of any kind of important event. The main disadvantage of this method is that, the dates are very remembered by the users but, the rule would prohibit the user from this facility. Hence the, user might forget the more complex passwords.
3. You should select a password that is not listed in the dictionary. The main advantage of this that that an algorithm that is used to list all the words in the dictionary can be used in the password field to detect the password. The main disadvantage of the system is setting up such a word by the user for setting up the password is very difficult.

Option 2

(c) The password manager is a software that helps the users to organize their password and store it in a place. The passwords can be stored in a single place very easily and can also be used for creating a master password, which a single but very powerful password that the user can create in order to set password to all of their systems.

(d) Advantages of Password management Application.

1. The password manager can protect the password against the key loggers and the key stroke logging malwares.
2. The password also remembers the passwords for the user and hence, the user does not have to type the password again and again as because the password manager logs on the user automatically on the password field.

Disadvantages of Password management Application

1. If the password manager stores the password in an unencrypted fashions then it is possible for the hacker to obtain the password of the user.
2. In addition to this, if the hacker gets access to the password manager all the passwords that are stored in the application can be accessed by the hacker very easily.

(e) The differences between the LastPass and the KeePass are:

• The Keepass is very straightforward database but the LastPass requires can store the passwords in the database with the browser plug-ins that are installed.
• The KeePass provides a better security for the passwords than the LastPass
• The Auto-fill techniques of the KeePass are easier than that of the LastPass.
• The KeePass can be used across multiple devices but the LastPass cannot be.
• The KeePass has a greater longevity than the LastPass.

(f) In the standalone Password managers the database should store the password of the different users in the different drives and no users should have access to the passwords of the other users.

(a). Topology 5 and the its three nodes 1,2 and 3 are created.

 

The My Uni website is deployed 

The certificate file of the website 

The http.pcap file

 

(b)

(c)

1. The HTTPS uses the port number 443 on the web server.
2. single bit symmetric key ciphers are used for encoding the messages.
3. A four bit public key was used for the public key cipher.
4. The RSA algorithm was used for the cipher and the SHA-1 algorithm was used for the hash function.

(d) The certificate is generated on node 1 and the website is deployed on the node 3. The certificate that was generated from the node 1 was uploaded to the website on the node 3. In addition to this, in basic web browser the certificate is already in the web browser during a single session  of the user.  

(a) A malicious user can easily get to know the machine addresses of the server and the client and also get information about the location and the time of the users.

(b) If the NAT is used the mal practitioner would be unable to obtain the IP address of C and hence, would be unable to trace the existence of the user.

(c) The malicious user can also track the IP addresses and the location of the other machines that are communicating with VPN servers.

(d) The disadvantages of VPN servers:

Reduced performance between C and S: the VPNs would reduce the performance as the servers would take more time to identify the users as the IP addresses would be encrypted.

Required to trust the VPN server: The Clients would be required to trust the server and depend on the security of the severs.

VPN server logs may be requested/accessed: The Logs of the clients might be requested by the servers for identifications, but this might also by mal practitioners. Hence, the user would be unaware of their security.

(e) The Tor router shows the unindexed contents for the users. The contents of the tor router cannot be blocked by the ISDN firewalls. The communication between C and S would not be secure and they can communicate directly and the actual location and address of the user would be provided in the communication process.

(f) The main advantage of Tor is that the users can communicate in between the without any kind of restrictions.

(g) The main disadvantage of the Tor is that communications are nor secure neither restricted.

Bitansky, N., Canetti, R., Kalai, Y.T. and Paneth, O., 2014, August. On virtual grey box obfuscation for general circuits. In International Cryptology Conference (pp. 108-125). Springer Berlin Heidelberg.

Brakerski, Z. and Rothblum, G.N., 2014, February. Virtual black-box obfuscation for all circuits via generic graded encoding. In Theory of Cryptography Conference (pp. 1-25). Springer Berlin Heidelberg.

Fernandes, D.A., Soares, L.F., Gomes, J.V., Freire, M.M. and Inácio, P.R., 2014. Security issues in cloud environments: a survey. International Journal of Information Security, 13(2), pp.113-170.

Goyal, V. and Arora, G., 2017. Implementation of Enhanced Interior Gateway Routing Protocol (EIGRP) in IPv6 Network. Research Journal of Advanced Engineering and Science, 2(1), pp.90-95.

Javid, S.R., 2014. Role of Packet Tracer in learning Computer Networks. International Journal of Advanced Research in Computer and Communication Engineering, 3(5), pp.6508-6511.

Lin, P.C., Hou, H.T., Wu, S.Y. and Chang, K.E., 2014. Exploring college students’ cognitive processing patterns during a collaborative problem-solving teaching activity integrating Facebook discussion and simulation tools. The Internet and Higher Education, 22, pp.51-56.

Prasad, N.H., Reddy, B.K., Amarnath, B. and Puthanial, M., 2016. Intervlan Routing and Various Configurations on Vlan in a Network using Cisco Packet Tracer. International Journal for Innovative Research in Science and Technology, 2(11), pp.749-758.

Sra, M. and Schmandt, C., 2016, March. Bringing real objects, spaces, actions, and interactions into social VR. In Collaborative Virtual Environments (3DCVE), 2016 IEEE Third VR International Workshop on (pp. 16-17). IEEE.

Wang, C. and Chen, J.Y., 2014, May. Implementation of GRE Over IPsec VPN Enterprise Network Based on Cisco Packet Tracer. In 2014 2nd International Conference on Soft Computing in Information Communication Technology (pp. 142-146). France: Atlantis Press.

Zielinski, D.J., Nankivil, D. and Kopper, R., 2017, March. Specimen Box: A tangible interaction technique for world-fixed virtual reality displays. In 3D User Interfaces (3DUI), 2017 IEEE Symposium on (pp. 50-58). IEEE.