IT(B1 Batch) 130040116019

Practical : 1
Aim: Understanding spying activity using tool.
 What is actual spy::-
 Actual Spy is the infection that steals the personal information of the user and traces
his or her activity.
 This program can record all the information about you, including your credit card
numbers and passwords because it records everything that you are typing. It also
remember all the visited by you Websites.
 The program can make some screen-shots of your screen and can send all these
information per e-mail to the people who are interested to become it and who are
going to use it in their own malicious actions.

 Positive & Negative uses of Actual Spy::-

 We can hack the passward with actual spy.
 We can even take screen shots of users computer with the use of actual spy.
 We can control others computer.
 Any parents can know what their child are doing in computer.
 We can help our nation by knowing.

 Essential features of a cyber security tools::-

 It benefits of Broadband.
 Securing, Empowering Small Business with Technology.
 Protect information, computers and networks from cyber attacks.
 Provide firewall security for your Internet connection.
 Create a mobile device action plan.
 Make backup copies of important business data and information.
 Control physical access to your computers and create user accounts for each person.
 You can secure your Wi-Fi networks.
 We can do passwords and authentication.

 Limitation of secure tools::-

 In a continuously changing environment, a Computer Security Incident Response
Team (CSIRT) has to evolve to sustain or improve its effectiveness.
 The main task of a CSIRT is to mitigate the effects of computer security incidents. A
frequently identified problem is that CSIRTs are over-worked, under-staffed and
under-funded.
 Based on theory from process improvement and information from the case study, we
identified that short-term pressure from a growing incident work load prevents
attempts for developing more response capability long-term, leading the CSIRT into a
“capability trap”.
 Fundamental solutions will typically involve a worse-before-better trade-off for
management.

[BHGCET]
IT(B1 Batch) 130040116019

 Conclusion:
 By this practical, we know more about the actual spy and actual spy with key
logger.And also came to know about where the actual spy is used and how to
prevent.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 2
Aim: Identify precautions to prevent yourself caught in a phishing pray.

1. Guard against spam. Be especially cautious of emails that:

* Come from unrecognized senders.
* Ask you to confirm personal or financial information over the Internet and/or make
urgentrequestd for this inform
* Try to upset you into acting quickly by threatening you with frighten in information.

2. Communicate personal information only via phone or secure web sites. In fact:
When conducting online transactions, look for a sign that the site is secure such as a lock
icon on the browser’s status bar or a “https:” URL whereby the “s” stands for “secure”
rather than a “http:”.Also, beware of phone phishing schemes. Do not divulge personal
information over the phone unless you initiate the call. Be cautious of emails that ask you to
call a phone number to update your account information as well.

3. Do not click on links, download files or open attachments in emails from unknown
senders. It is best to open attachments only when you are expecting them and know what they
contain, even if you know the sender.

4. Never email personal or financial information, even if you are close with the recipient. You
never know who may gain access to your email account, or to the person’s account to whom
you are emailing.

5. Beware of links in emails that ask for personal information, even if the email appears to
come from an enterprise you do business with. Phishing web sites often copy the entire look
of a legitimate web site, making it appear authentic. To be safe, call the legitimate enterprise
first to see if they really sent that email to you. After all, businesses should not request
personal information to be sent via email.

6. Beware of pop-ups and follow these tips:

* Never enter personal information in a pop-up screen.

* Do not click on links in a pop-up screen.
* Do not copy web addresses into your browser from pop-ups.
* Legitimate enterprises should never ask you to submit personal information in pop-
up screens, so don’t do it.

7. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software.
Do some research to ensure you are getting the most up-to-date software, and update them all
regularly to ensure that you are blocking from new viruses and spyware.

8. Check your online accounts and bank statements regularly to ensure that no unauthorized
transactions have been made.
[BHGCET]
IT(B1 Batch) 130040116019

Conclusion:
 After this practical, we came to know about the phishing and how to prevent
from phishing and what are important points that we need to care about
phishing.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 3
Aim : Open Ended Problem Introduction: ‘Steganography’. Choose any flavor of
steganography and design your solution for it. Student can extend their OEP to
implement their design.

Q.1 What is Steganography?

 Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or

"covered," and graphie, or "writing") is the hiding of a secret message within an
ordinary message and the extraction of it at its destination.
 In steganography, the message itself may not be difficult to decode, but most people
would not detect the presence of the message
 Steganography takes cryptography a step farther by hiding an encrypted message so
that no one suspects it exists. Ideally, anyone scanning your data will fail to know it
contains encrypted data.
 Steganography is the practice of concealing a file, message, image, or video within
another file, message, image, or video.The word steganography combines the Greek
words steganos meaning "covered, concealed, or protected", and graphein meaning
"writing".

Q.2 Explain an example to demonstrate concept of Steganography.

 Steganography Example:
 Here is a simple example of steganography. In this case a message will be include in a
image. For simplicity, the message is not encrypted although it could be. outguess is
the application being used. It is freely available for Linux operating systems.
 The original image is that of a Thai flag. It is in JPEG format.

 The message we want to send is:

 Lets meet at 2pm behind the library.
 The message is saved in the file mymessage.txt. To encode it into the JPEG image,
creating a new JPEG image, outguess is used:
 outguess -d mymessage.txt thai-1.jpg thai-2.jpg
 The original image and the image with the message are given side-by-side below. Can
you see any differences?

[BHGCET]
IT(B1 Batch) 130040116019

 The message can be extracted from the image:

 outguess -r thai-2.jpg received.txt
 Of course the contents of the file received.txt should be:
 Lets meet at 2pm behind the library.

 Conclusion:

Steganography is useful for hiding messages for transmission. One of the major discoveries
of this investigation was that each steganographic implementation carries with it significant
trade-off decisions, and it is up to the steganographer to decide which implementation suits
him/her best. teganography detection can be used to prevent communication of malicious
data.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 4

Aim: Demonstrate your idea and project of Steganography.

1) Explain Idea.
 Our idea of steganography is to hide our data or information behind the
Sudoku.In this idea , Sudoku have 81 boxes.but,some different 6 box are
choosen that have own condition that they should get that value.so, message
will be getting.

2) Demonstrate design/algorithm/flowcharts for idea(your sheet's snaps can be included).

Step -1:- Compile the program.And then Run the program.
Step-2:- Enter the Box No. Which you want to enter in which Box no.
Step-3:- Then Press the space bar.
Step-4:- enter the eqivalent value between 1-9 of Ascii values. So value will
be printed according that box no.
Step -5:- Give the value according the condition so hidden message will be
printed.
Step-6:- Otherwise Sudoku Game will remain Continuosly.

3) Explain your Model/Implementation/Software.

 In our project there is one Sudoku.and user have to give the input in the form of
number.
 Left hand side user entering the box number and then press the space bar and then
give the ascii value of number which they want to enter the number.

4) Conclude Topic.
 By our idea, the data is successfully hidden and secur from unwanted users.
 There is 81*81 posibilites to fail the crack our message.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 5
Q:1 What is e-governance?

 Electronic governance or e-governance is the application of Information and

Communication Technology (ICT) for delivering government services
exchange of information communication transactions, integration of various
stand-alone systems and services between government-to-customer (G2C),
government-to-business (G2B), government-to-government (G2G) as well as
back office processes and interactions within the entire government
framework. Through e-governance, government services will be made
available to citizens in a convenient, efficient and transparent manner. The
three main target groups that can be distinguished in governance concepts are
government, citizens and businesses/interest groups. In e-governance there are
no distinct boundaries.

Q:2 Services provided by e govenance

 Education:
Student & Scholarship
School/highschool
Exams & Results
Certificates
Engineering Course
P.T.C. Course
Citizen Charter matter
Education Office Directory
The state department of education website
Center of the department of education’s website
Important phone numbers
Others

 Land
Document of the Land
N.A.Permission
Stamp Calculator to calculate duty
Transformation from new condition to old condition

 Food & civil supply

Ration Card
Consumer Affairs

 RTO
Driving licence
Vehical Registration
Rates of RTO structure
Learner driving licence
Driving license on- line application ( only for Ahmedabad RTO )
Learning License Exam

Financial details
[BHGCET]
IT(B1 Batch) 130040116019

Insurance matters
Stamp Paper Details
Treasury Challan

 Health and Family

For Healthy Health
Mother’s / Pragnet Women's Health
Child care and vaccinations
Diseases , protection and therapy
Eye diseases

 Animal Husbandry
Milk production
Animal Health
Poultry Compliance
Bird breeding
Economic stability by animal husbandry
Statistic fodder

 Other lift
Persons with disabilities
Destitute
Widow

 Other information / Web Site

States District Court Case
Gujarat High Court Case Status
Gujarat government Authentic Website
Gujarat Assembly Website
Websites districts
Director of Employment Office
Government employee pension details
The e-Gram Gram world
Labor
Income Tax
Excersize and Custom
Service Tax

 Agriculture
Soil Health Card
Agricultural product
Seeds and fertilizers
Modern farming methods
To be broadcast on radio agricultural programs
Television broadcasting from the upcoming agricultural programs
About the price of agricultural commodities
Market Committees

 Government Schemes
Housing schemes

[BHGCET]
IT(B1 Batch) 130040116019

Employment Information
Self-employment schemes
BPL
Water and irrigation schemes
Women
Anu . Caste and Scheduled . Tribes
Farmers
Destitute disabled

 Utility
Lightning
Water
S & T Bus Service
Railway
Airservice
Booking of travelling
Telephone / landline

 Service Portal
Application Status
GP registration ID verification

Q:3 Find out implementation & security challenges in e-governance projects.

 challenges
e-Infrastructure, which is inadequate and uneven. Then there is a need for
better awareness and e-Literacy. Capacity is another area of concern, both
within and outside of the government, and for long-term sustainability there is
an urgent need to address these at the national level.
 Complex governance structure, size and complexity of the need on the ground,
makes implementation models very complex and diffi cult to achieve. Last but
not the least, evolving Public Private Partnership (PPP) models, harnessing
and engagement of private sector resources is still an issue, which needs to be
addressed.

1.Taking a holistic view and arriving at an integrated solution

2. Enhancing technology penetration to the last mile in e-Governance
3. Timely completion of e-Governance projects
4. Capacity building to make e-Governance solutions sustainable in the medium and
long term
5. Hiring the right mix of personnel for sustaining the project
6.Lack of high level (cabinet) sponsorship for e-Governance programmes.
7. Lack of interest and understanding of the senior management of the government in
overall eGovernance principals.
3. Long delays in implementing e-Governance projects due to technical issues or lack
or government agency support.

[BHGCET]
IT(B1 Batch) 130040116019

4. Lack of access to Internet , especially for rural population to reap the benefi ts of e-
Governance.
5. Lack of ICT HR development and sustainable plan in government

Q:4 Identify and Explain any 5 cyber security methods used to protect e-governance.

 A digital signature is a mathematical scheme for demonstrating the authenticity of a

digital message or documents. A valid digital signature gives a recipient reason to
believe that the message was created by a known sender, that the sender cannot deny
having sent the message (authentication and non-repudiation), and that the message
was not altered in transit (integrity). Digital signatures are commonly used for
software distribution, financial transactions, and in other cases where it is important to
detect forgery or tampering.
 A smart card, chip card, or integrated circuit card (ICC) is any pocket-sized card
with embedded integrated circuits.
 Smart cards can be either contact or contactless smart card. Smart cards can provide
personal identification, authentication, data storage, and application processing.Smart
cards may provide strong security authentication for single sign-on (SSO) within large
organizations.
 Public-key cryptography, also known as asymmetric cryptography, is a class of
cryptographic protocols based on algorithms that require two separate keys, one of
which is secret (or private) and one of which is public. Although different, the two
parts of this key pair are mathematically linked. The public key is used, for example,
to encrypt plaintext or to verify a digital signature; whereas the private key is used for
the opposite operation, in these examples to decrypt ciphertext or to create a digital
signature. The term "asymmetric" stems from the use of different keys to perform
these opposite functions, each the inverse of the other – as contrasted with
conventional ("symmetric") cryptography which relies on the same key to perform
both.

 Conclusion:-

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 6
Aim:TCP Scan using NMAP

Q.1 Which are the six port states recognized by Nmap?

 The six port states recognized by Nmap

 open
An application is actively accepting TCP connections, UDP datagrams or
SCTP associations on this port. Finding these is often the primary goal of port
scanning. Security-minded people know that each open port is an avenue for
attack. Attackers and pen-testers want to exploit the open ports, while
administrators try to close or protect them with firewalls without thwarting
legitimate users. Open ports are also interesting for non-security scans because
they show services available for use on the network.

 closed
A closed port is accessible (it receives and responds to Nmap probe
packets), but there is no application listening on it. They can be helpful in showing
that a host is up on an IP address (host discovery, or ping scanning), and as part of
OS detection. Because closed ports are reachable, it may be worth scanning later
in case some open up. Administrators may want to consider blocking such ports
with a firewall. Then they would appear in the filtered state, discussed next.

 filtered

Nmap cannot determine whether the port is open because packet filtering
prevents its probes from reaching the port. The filtering could be from a
dedicated firewall device, router rules, or host-based firewall software. These
ports frustrate attackers because they provide so little information. Sometimes
they respond with ICMP error messages such as type 3 code 13 (destination
unreachable: communication administratively prohibited), but filters that
simply drop probes without responding are far more common. This forces
Nmap to retry several times just in case the probe was dropped due to network
congestion rather than filtering. This slows down the scan dramatically.

 unfiltered
The unfiltered state means that a port is accessible, but Nmap is unable to
determine whether it is open or closed. Only the ACK scan, which is used to
map firewall rulesets, classifies ports into this state. Scanning unfiltered ports
with other scan types such as Window scan, SYN scan, or FIN scan, may help
resolve whether the port is open.

 open|filtered

[BHGCET]
IT(B1 Batch) 130040116019

Nmap places ports in this state when it is unable to determine whether a

port is open or filtered. This occurs for scan types in which open ports give no
response. The lack of response could also mean that a packet filter dropped the
probe or any response it elicited. So Nmap does not know for sure whether the
port is open or being filtered. The UDP, IP protocol, FIN, NULL, and Xmas scans
classify ports this way.

 closed|filtered
This state is used when Nmap is unable to determine whether a port is
closed or filtered. It is only used for the IP ID idle scan.

 Conclusion:
By this practical we come to know about different ports and their different
states.and what uses and difficulties of that states and ports.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 7

Q:1 Write a command to perform SYN scanning on port 80 of site: sun.com. Perform
the scan and note the results.

 nmap -sn -n -PS80 sun.com

Result:

Q:2 what is ping sweep? Explain with example.

 In computing, a ping sweep is a method that can establish a range of IP

addresses which map to live hosts.

[BHGCET]
IT(B1 Batch) 130040116019

Q:3 Write an NMAP command to do ping sweep and perform the ping sweep and note
the results.

 Command:-
 The option we have used is pretty straightforward if you have a look at nmap tutorial
pages. -sP option we have used is only to determine whether the host is up. Nmap will
only do a ping scan when this option is only used. The output of the above command
is saying that, nmap has scanned around 254 ip addresses and it has found 4 hosts to
be up.

RESULT:-

 Conclusion:

By this practical we also know about nmap tool and different commands.and
get the topology of different sites.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 8
Aim:- Explore and study Network Sniffers and Injection tool: Windump.

Q:1 Windump Tool:

Q:2 report.Run Commands and make a short

1) –A
Print each packet (minus its link level header) in ASCII. Handy for capturing web
pages.

Output:

[BHGCET]
IT(B1 Batch) 130040116019

2) –dd

Dump packet-matching code as a C program fragment.

Output:

3) -D

Print the list of the network interfaces available on the system and on which tcpdump can
capture packets. For each network interface, a number and an interface name, possibly
followed by a text description of the interface, is printed. The interface name or the
number can be supplied to the -i flag to specify an interface on which to capture.
This can be useful on systems that don't have a command to list them (e.g., Windows
systems, or UNIX systems lacking ifconfig -a); the number can be useful on Windows
2000 and later systems, where the interface name is a somewhat complex string.
The -D flag will not be supported if tcpdump was built with an older version of libpcap
that lacks the pcap_findalldevs() function.
Output:

4) –ddd
Dump packet-matching code as decimal numbers (preceded with a count).

Output:

5) –e
Print the link-level header on each dump line.

Output:

6) –f

Print `foreign' IPv4 addresses numerically rather than symbolically (this option is
intended to get around serious brain damage in Sun's NIS server --- usually it hangs
forever translating non-local internet numbers).
The test for `foreign' IPv4 addresses is done using the IPv4 address and netmask of the
interface on which capture is being done. If that address or netmask are not available,
available, either because the interface on which capture is being done has no address or

[BHGCET]
IT(B1 Batch) 130040116019

netmask or because the capture is being done on the Linux "any" interface, which can
capture on more than one interface, this option will not work correctly.

Output:

7) –XX
When parsing and printing, in addition to printing the headers of each packet, print the
data of each packet, including its link level header, in hex and ASCII.
Output:

8) -X
When parsing and printing, in addition to printing the headers of each packet, print the
data of each packet (minus its link level header) in hex and ASCII. This is very handy
for analysing new protocols.

Output:

9) -x

When parsing and printing, in addition to printing the headers of each packet, print the data of
each packet (minus its link level header) in hex. The smaller of the entire packet or snaplen
bytes will be printed. Note that this is the entire link-layer packet, so for link layers that pad

[BHGCET]
IT(B1 Batch) 130040116019

(e.g. Ethernet), the padding bytes will also be printed when the higher layer packet is shorter
than the required padding.

Output:

10 ) -vv

Even more verbose output. For example, additional fields are printed from NFS reply
packets, and SMB packets are fully decoded.

Output:

 Conclusion:

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 9
Aim:- Explore Netcat tool and its command for Network scanning.
Q:1 What is Netcat?
Netcat is a utility that is able to write and read data across TCP and UDP
networkconnections. If you are responsible for network or system security it essential that
you understand the capabilities of Netcat. Netcat can be used as port scanner, a backdoor, a
port redirector, a port listener and lots of other cool things too.

Q:2 use of Netcat.

1. Preliminary Note

2. Copying A File From One System To The Other

3. Cloning Hard Drives & Partitions

4. Port Scanning

5. Serving Web Pages

6. Spoofing HTTP Headers

7. Chatting

Q:3 features of Netcat.

 Outbound or inbound connections, TCP or UDP, to or from any ports

 Full DNS forward/reverse checking, with appropriate warnings
 Ability to use any local source port
 Ability to use any locally configured network source address
 Built-in port-scanning capabilities, with randomization
 Built-in loose source-routing capability
 Can read command line arguments from standard input
 Slow-send mode, one line every N seconds
 Hex dump of transmitted and received data
 Optional ability to let another program service establish connections
 Optional telnet-options responder
 Featured tunneling mode which permits user-defined tunneling, e.g., UDP or TCP, with the
possibility of specifying all network parameters (source port/interface, listening port/interface,
and the remote host allowed to connect to the tunnel).

1) nc –help

[BHGCET]
IT(B1 Batch) 130040116019

2) nc –v –w2 –z 172.16.2.117 1-300

3) nc –v 172.16.2.117 139

nc –v 172.16.2.117 135

4) echo –e “Head/HTTP/1.0\r\n\r\n” | nc –v sun.com 80

5) echo –e “Head/HTTP/1.0\r\n\r\n” | nc –v gmail.com 80

[BHGCET]
IT(B1 Batch) 130040116019

 Conclusion:
By this practical we come to know that natcat tool is very sharp tool in
varoius hacking tool. And also by using this tool we get open and close
port of different sites.and generate the traffic in the sites.

[BHGCET]
IT(B1 Batch) 130040116019

Practical : 10
Aim:- Explore Wireshark as Network sniffing and Injection tool.
Q 1: what is Wireshark ?

Wireshark is a network packet analyzer. A network packet analyzer will try to capture
network packets and tries to display that packet data as detailed as possible.

You could think of a network packet analyzer as a measuring device used to examine what’s
going on inside a network cable, just like a voltmeter is used by an electrician to examine
what’s going on inside an electric cable (but at a higher level, of course).

In the past, such tools were either very expensive, proprietary, or both. However, with the
advent of Wireshark, all that has changed.

Wireshark is perhaps one of the best open source packet analyzers available today.

Q 2: Use Of Wireshark :

o Network analyzer.
o injection query fire.
o color coding.

Q 3: Features Of Wireshark ?

The following are some of the many features Wireshark provides:

 Available for UNIX and Windows.

 Capture live packet data from a network interface.
 Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a
number of other packet capture programs.
 Import packets from text files containing hex dumps of packet data.
 Display packets with very detailed protocol information.
 Save packet data captured.
 Export some or all packets in a number of capture file formats.
 Filter packets on many criteria.
 Search for packets on many criteria.
 Colorize packet display based on filters.
 Create various statistics

Q 4:- Different protocols.

1)

[BHGCET]
IT(B1 Batch) 130040116019

2)

3)

4)

5)

[BHGCET]
IT(B1 Batch) 130040116019

 Conclusion:-

[BHGCET]