Security Practical

1. Implementation of Caesar Cipher

def caesar_cipher(text, shift):

    result = ""

    

    # Iterate through each character in the text

    for char in text:

        # Check if the character is an uppercase letter

        if char.isupper():

            # Shift within the range of uppercase letters

            shifted = (ord(char) + shift - 65) % 26 + 65

            result += chr(shifted)

        # Check if the character is a lowercase letter

        elif char.islower():

            # Shift within the range of lowercase letters

            shifted = (ord(char) + shift - 97) % 26 + 97

            result += chr(shifted)

        else:

            # Non-alphabetic characters remain unchanged

            result += char

            

    return result

# Example usage:

plaintext = "Hello, World!"

shift = 3

ciphertext = caesar_cipher(plaintext, shift)

print("Plaintext:", plaintext)

print("Ciphertext:", ciphertext)

# To decrypt, you can simply use the negative shift

decrypted_text = caesar_cipher(ciphertext, -shift)

print("Decrypted Text:", decrypted_text)

2.Implementation of Shift Cipher

def shift_cipher(text, shift):

    result = ""

    

    # Iterate through each character in the text

    for char in text:

        # Check if the character is an uppercase letter

        if char.isupper():

            # Shift within the range of uppercase letters

            shifted = (ord(char) + shift - 65) % 26 + 65

            result += chr(shifted)

        # Check if the character is a lowercase letter

        elif char.islower():

            # Shift within the range of lowercase letters

            shifted = (ord(char) + shift - 97) % 26 + 97

            result += chr(shifted)

        else:

            # Non-alphabetic characters remain unchanged

            result += char

            

    return result

# Example usage:

plaintext = "Shift Ciphers are fun!"

shift = 5

ciphertext = shift_cipher(plaintext, shift)

print("Plaintext:", plaintext)

print("Ciphertext:", ciphertext)

# To decrypt, use the negative shift

decrypted_text = shift_cipher(ciphertext, -shift)

print("Decrypted Text:", decrypted_text)

RSA Implementation

import math

def gcd(a, h):

    temp = 0

    while(1):

        temp = a % h

        if (temp == 0):

            return h

        a = h

        h = temp

p = 3

q = 7

n = p*q

e = 2

phi = (p-1)*(q-1)

while (e < phi):

    # e must be co-prime to phi and smaller than phi

    if(gcd(e, phi) == 1):

        break

    else:

        e = e+1

# Private key (d stands for decrypt)

# choosing d such that it satisfies

# d*e = 1 + k * totient

k = 2

d = (1 + (k*phi))/e

msg = 12.0

print("Message data = ", msg)

# Encryption c = (msg ^ e) % n

c = pow(msg, e)

c = math.fmod(c, n)

print("Encrypted data = ", c)

# Decryption m = (c ^ d) % n

m = pow(c, d)

m = math.fmod(m, n)

print("Original Message Sent = ", m)

NMAP COMMANDS

1.open port scan

nmap <target_ip>

2.OS fingerprinting

nmap -O <target_ip>

3.ping scan

nmap -sn <target_ip_or_range>

4.TCP port scan

nmap -sT -p <port_range> <target_ip>

eg nmap -sT -p 1-1000 <target_ip>

viva questions

1. Basic Concepts

• What is network security? Network security involves protecting the integrity, confidentiality, and availability of computer networks and their services from unauthorized access, misuse, or destruction.

• Explain the CIA triad.

  • Confidentiality: Ensuring that information is accessible only to those authorized to have access.
  • Integrity: Protecting information from being altered or destroyed by unauthorized users.
  • Availability: Ensuring that authorized users have access to information and resources when needed.

• Types of attacks:

  • DoS (Denial of Service): Overwhelming a network or service to render it unavailable.
  • DDoS (Distributed Denial of Service): Similar to DoS, but from multiple sources.
  • MITM (Man-in-the-Middle): An attacker intercepts communication between two parties.

2. Encryption and Cryptography

• Symmetric vs. asymmetric encryption:

  • Symmetric: Same key for encryption and decryption (e.g., AES).
  • Asymmetric: Uses a pair of keys (public and private) (e.g., RSA).

• How PKI works: Public Key Infrastructure (PKI) manages digital keys and certificates, allowing secure communication and identity verification.

• Purpose of hashing: Hashing generates a fixed-size string from input data, ensuring data integrity. Unlike encryption, hashing is one-way and cannot be reversed.

3. Network Protocols

• Role of firewalls: Firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules, serving as a barrier between trusted and untrusted networks.

• Differences between IPv4 and IPv6: IPv4 uses 32-bit addresses, allowing about 4 billion unique addresses, while IPv6 uses 128-bit addresses, vastly increasing the number of available IP addresses and incorporating built-in security features.

4. Security Measures

• Common methods to secure a network: Implementing firewalls, using encryption, applying intrusion detection systems, and enforcing access controls.

• What is a VPN?: A Virtual Private Network (VPN) creates a secure, encrypted connection over a less secure network, allowing remote users to access network resources securely.

5. Access Control

• Types of access control models:

  • DAC (Discretionary Access Control): Owners determine access rights.
  • MAC (Mandatory Access Control): Access rights are assigned based on policies.
  • RBAC (Role-Based Access Control): Access rights are based on user roles.

• Multi-factor authentication (MFA): MFA enhances security by requiring two or more verification factors (e.g., password and SMS code).

6. Threats and Vulnerabilities

• What is a zero-day vulnerability?: A zero-day vulnerability is a security flaw that is unknown to the software vendor and has no available patch, making it particularly dangerous.

• Mitigating social engineering attacks: Training employees, implementing strict verification processes, and using security awareness programs can help mitigate these attacks.

7. Incident Response

• Steps in incident response:

  1. Preparation
  2. Detection and analysis
  3. Containment
  4. Eradication
  5. Recovery
  6. Post-incident review

• Conducting a security audit: A security audit involves evaluating an organization's security policies, procedures, and controls to ensure compliance and identify vulnerabilities.

8. Current Trends and Technologies

• Machine learning in network security: Machine learning can enhance threat detection by analyzing patterns and anomalies in network traffic to identify potential threats more quickly.

• Cloud security challenges: Key challenges include data breaches, compliance issues, and managing shared security responsibilities.

9. Regulatory and Compliance Issues

• Key regulations: GDPR (General Data Protection Regulation) and HIPAA (Health Insurance Portability and Accountability Act) are significant regulations that govern data protection and privacy.

• Ensuring compliance: Organizations implement security frameworks, conduct regular audits, and create security policies to ensure compliance with relevant regulations.

10. Practical Scenarios

• Securing a small business network: Implement firewalls, use strong passwords, enable encryption, regularly update software, and conduct employee training.

• Responding to a suspected breach: Isolate affected systems, conduct a thorough investigation, preserve evidence, and notify relevant stakeholders as necessary.