Advance Computer Security (ACS) Individual Assignment – 40% Due Date

For this assignment, student should have configure the following environment. 01. Microsoft windows 7 or later OS as host OS 02. Configure Virtual environment on Host OS 03. Create a Guest OS on virtual environment. Guest OS Must be a Linux flavour 04. Install Apache on Guest OS 05. Host a simple web page at your web server. The page name MUST be index.htm 06. Install packet sniper at Host OS

ContentsInstallation...................................................................................................................................................3

Question 01.................................................................................................................................................4

Answer.....................................................................................................................................................4

Question 02.................................................................................................................................................5

Answer.....................................................................................................................................................5

Question 03.................................................................................................................................................6

Answer.....................................................................................................................................................6

Question 04.................................................................................................................................................8

Answer.....................................................................................................................................................8

Disabling the server signature.............................................................................................................8

Testing Result......................................................................................................................................9

Disabling directory listening................................................................................................................9

Testing Results...................................................................................................................................10

Evidence....................................................................................................................................................11

Reference..................................................................................................................................................12

Installation

CentOS 7 was installed in a virtual environment, and apache was installed in CentOS 7.

Apache was added to the services

Default apache web page

My sample web page

Wireshark was used as the packet capturing software in the host machine which is a windows 7 host.

Question 01While running packet capture software, ping the web server and collect packets. Inspect the packets. Identify the following fields. IPv4 Header information and protocol information. You must describe the findings.

Answer Figure below shows data of an ICMP packet capture by the software “wireshark”. The first box shows the internet protocol version as IPv4

And the second box show the protocol used as ICMP (1)

Question 02While running the packet capture, access the web page and collect packets pertaining ONLY to the transaction you made. Identify the following. Three way handshake. You must describe the findings.

Answer The below figure shows the TCP 3 way handshake of the web server and the host machine.

1. Fist the host machine with IP address 192.168.1.7 sends a [SYN] to the webserver which is 192.168.1.6.

2. The webserver sends back a [ACK] as an acknowledgment of receiving the [SYN] from the host machine.

3. The webserver also sends a new [SYN] to the host.4. The host the sends a [ACK] to acknowledge the [SYN] sent by the webserver.

At this point the 3 way hand shake is completed

Question 03While running the packet capture, access the following URL

URL: http://your_web_server_IP/test

Collect packets pertaining ONLY to the transaction you made. Identify the following.

Error code, server information and version information

Answer

Identifying the error code

Identifying server information and version information

HTTP v1.1

Apache 2.4.6

OS : CentOS

Question 04 Disable the following options in web server.

Retuning the server signature

Directory Listing

Limit the no of HTTP request to 1 you must show the evidence of pre and post configurations

Answer

Disabling the server signature Access the httpd.conf configuration file for apache

Add the lines

SeverSignature Off ServerTokens Prod

Testing Result

The server information, OS information, version information cannot be seen

Disabling directory listening

Fist more directories were added to the webserver.

A folder with name “PIC” was added to the webserver and the web page is accessing a picture from the directory to display it in the web page.

The Path to the PIC folder can be viewed as show below.

In the httpd.index configuration file the symlinks option should be modified as follows

Save and restart th apache, and test on the directory listening.

Testing Results

The PIC folder cannot be accessed as earlier. But the picture will be accessed by the web server to display it in the webpage.

Evidence Packet capture of ping

Packet capture of accessing the webpage

Packet capture of ERROR page

Packet capture of version information removing

Reference

Apache Software Foundation (December 2, 2005) 'Apache HTTP Server Documentation ', pp. [Online]. Available at: http://archive.apache.org/