Malware Threats and Sniffing Lab Report

docx

School

ECPI University *

*We aren’t endorsed by this school

Course

403L

Subject

Computer Science

Date

Apr 3, 2024

Type

docx

Pages

7

Uploaded by kitapatel4923

Report
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions Student Name Kirtan Patel Activity Type Guided Practice / Computer Lab Instructions Perform the Guided Practice per the instructions in your course. As you complete each lab, insert a screenshot of your results. Perform all the tasks shown below. Note: Some tasks in the labs are not completed in this class, instead they are completed in the associated lab class. Only provide screenshots for the tasks that specify a screenshot. There should be a total of 6 screenshots for this lab. Complete the following lab tasks in the Footprinting and Malware ILab Module: 1. Lab 2 - Infect the target system using a virus o Task 1 - Create a virus using the JPS Virus Maker Tool and infect the target system 1. Screenshot step 23. 2. Lab 3 - Perform static malware analysis o Task 1 Perform online malware scanning using Hybrid Analysis o Task 2 Perform a string search using BinText o Task 3 Identify packing and obfuscation methods using PEid Lab Version: 12.13.2016
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions o Task 4 Analyze ELF Executable File using Detect It Easy (DIE) o Task 5 Find the portable executable (PE) information of a malware executable file using PE Explorer o Task 6 Identify file dependencies using Dependency Walker o Task 7 Perform malware disassembly using IDA and OllyDbg o Task 8 Perform Malware Disassembly using Ghidra 1. Screenshot step 21. 3. Lab 4 - Perform dynamic malware analysis. o Task 1 Perform port monitoring using TCPView and CurrPorts o Task 2 Perform process monitoring using Process Monitor o Task 3 - Perform Registry Monitoring using Reg Organizer o Task 4 Perform Windows services monitoring using Windows Service Manager (SrvMan) o Task 5 Perform startup program monitoring using Autoruns for Windows and WinPatrol o Task 6 Perform installation monitoring using Mirekusoft Install Monitor Lab Version: 12.13.2016
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions o Task 7 Perform files and folder monitoring using PA File Sight o Task 8 Perform device driver monitoring using DriverView and Driver Reviver o Task 9 - Perform DNS Monitoring using DNSQuerySniffer 1. Screenshot step 18. Complete the following lab tasks in the Sniffing ILab Module: 1. Lab 1 - Perform active sniffing o Task 4 Perform a Man-in-the-Middle (MITM) attack using Cain & Abel o Task 5 Spoof a MAC address using TMAC and SMAC o Task 6 - Spoof a MAC Address of Linux Machine using macchanger Lab Version: 12.13.2016
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions 1. Screenshot step 15. 2. Lab 2 - Perform network sniffing using various sniffing tools. o Task 2 Analyze a network using the Omnipeek Network Protocol Analyzer o Task 3 Analyze a network using the SteelCentral Packet Analyzer Lab Version: 12.13.2016
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions 1. Screenshot step 39. It does not have the demo that is in the instruction 3. Lab 3 - Detect network sniffing o Task 2 - Detect ARP Poisoning using the Capsa Network Analyzer Lab Version: 12.13.2016
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions 1. Screenshot step 41. Summary: As a result of this lab, I have learned: Include a few paragraphs summarizing the key skills you have acquired during this guided practice. Capsa Network Analyzer is an effective tool for network monitoring and analysis, allowing users to discover anomalies such as ARP poisoning attacks. Practitioners can learn how to spot unusual ARP traffic patterns, comprehend the signs of ARP poisoning, and implement countermeasures to reduce the risks associated with ARP spoofing attacks using Capsa exercises. This hands-on experience not only improves ability to use network analysis tools, but it also encourages a better grasp of network protocols and security processes. MAC address spoofing, a typical technique for network reconnaissance and evasion, may be accomplished on Linux systems with utilities such as macchanger. Spoofing MAC addresses allows individuals to modify network traffic in order to conceal their identity or impersonate legitimate devices. Through MAC address spoofing activities, practitioners can learn how to change MAC addresses, comprehend the ramifications of MAC address manipulation, and build mechanisms to detect and prevent MAC spoofing attacks. Lab Version: 12.13.2016
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
ECPI University School of Technology: Department of Computer Information Science- Learning Activity Instructions Virus development, while inherently unsafe and immoral outside of controlled circumstances, gives important insights into malware analysis and digital forensics. Individuals can use tools like the JPS Virus Maker Tool to develop and tweak viruses for educational purposes. Practitioners can improve their understanding of malware behaviors, analyze infection vectors, and deploy malware detection and removal procedures by developing viruses and infecting target systems in a controlled environment. This experience is critical for cybersecurity professionals working on incident response, malware analysis, and security research. Performing string searches using tools like BinText improves digital forensics and malware analysis skills by allowing users to find and extract strings of interest from binary files. String searches can reveal significant information such as hardcoded URLs, cryptographic keys, or dangerous commands hidden within binary executables. Individuals can learn how to apply forensic analysis tools, analyze search results, and correlate findings through string searching exercises in order to comprehend the purpose and functionality of binary files. Lab Version: 12.13.2016

Related Documents

bball.py
word_search.py
linked_list.py
OPIM Quiz 9.docx
2.2H1L-Scanning and Enumeration Lab Report.docx
3.3 System Hacking Lab Report.docx
Social Engineering and Denial of Service Lab Report.docx
Malware and Sniffing Lab Report.docx
Homework-6-Q-2 p1.pdf
LucianoRosario_IT640_IP5.pptx
HW3.docx
Laudando_Sara_Hardware_Shopping.docx
Recommended textbooks for you
Text book image
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
New Perspectives on HTML5, CSS3, and JavaScript
Computer Science
ISBN:9781305503922
Author:Patrick M. Carey
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Text book image
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Text book image
CMPTR
Computer Science
ISBN:9781337681872
Author:PINARD
Publisher:Cengage
Text book image
New Perspectives on HTML5, CSS3, and JavaScript
Computer Science
ISBN:9781305503922
Author:Patrick M. Carey
Publisher:Cengage Learning
SEE MORE TEXTBOOKS