Lab today is about the security network. Network security involves all activities that organizations, enterprises, and institutions undertake to protect value and ongoing usability of assets and the integrity of operations. Firewall, Intrusion detection system (IDS), Intrusion Prevention system(IPS), Honeypot and Kerberos is among application introduce to protect network services on network from being attack by hackers. On the other hand, IPSec is a set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs).
In this practical lab, the task 1 is capturing File Transfer Protocol (FTP) Username and password. FTP and Telnet is not secure because send username and password in clear text. Using Wireshark can sniff all the packet transfer during session. Before doing this task, we have to make sure that Wireshark installed in PC. This activity required 2 Win Server 2003 Virtual Machine.
Task 2 is using IPSec to secure FTP Transaction. IPSec is one of the solutions to safeguard the transmission of data over FTP from being seen by an unauthorized user. IPSec will encrypt the data sent using normal FTP connection. Thus only the authorized party can see the content. After setting all configuration, we are try to login according to task 1. We found that username and password cannot be display in task 2.
As a conclusion, we can identify the vulnerabilities of FTP by using Wireshark and enabling IPSec for securing FTP session. Security for a network is very important to prevent unauthorized user get the data or modify it.
No comments :
Post a Comment