IMT 92 Network Security M1

Contact www.solvedcare.com for best and lowest cost solution or email solvedcare@gmail.com

IMT 92 Network Security M1
ASSIGNMENT – 1

 

1. What are the differences between DNS lookup and Reverse DNS lookup?

2. How can you trace an abusive email on the Internet?

3. What steps do you need to follow to send a spoofed email from billgates@microsoft.com to your best friend?

4. Carry out a line-by-line detailed analysis of the following email header:

 

X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.39; Tue, 01 Jan 2008 07:51:02 -0800

X-Originating-IP: [209.191.124.119]

Return-Path: <chaf_top@yahoo.com>

Authentication-Results: mta294.mail.mud.yahoo.com from=yahoo.com; domainkeys=pass (ok)

Received: from 209.191.124.119 (HELO web38008.mail.mud.yahoo.com) (209.191.124.119) by mta294.mail.mud.yahoo.com with SMTP; Tue, 01 Jan 2008 07:51:02 -0800

Received: (qmail 75045 invoked by uid 60001); 1 Jan 2008 15:51:02 -0000

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=n7Z8yvU8dl5/5NCv241EXAL18FKFTIg5kB5HNAW/Fvq5KhRBexLBlGsm2ogSq3cu0/R2hZoWtEqZiNZROx/mI4a2CndacN24yGyxIKfC1b1ixeEhTN9/k1gD85U0UQDMFNzNcdVoFk922SncG2BCntFxCkIo2Jut3VVdnrv1C9Y=;X-YMail-OSG: QNpAifEVM1lcfKFx3Ay.9VdiBphyL7jT0E_mg5qVL9gPn1tbfN8A7fSXAo0xtJJF0XteyqMgtVyzD4d5tRv.njZ_cSrdbXVKvPB5dMl5BqR1IpoKEZj2pcLunC7dUw-

Received: from [196.201.201.177] by web38008.mail.mud.yahoo.com via HTTP; Tue, 01 Jan 2008 07:51:02 PST

Date: Tue, 1 Jan 2008 07:51:02 -0800 (PST)

From: “chaf de souza” <> Add to Address Book Add Mobile Alert

Yahoo! DomainKeys has confirmed that this message was sent by yahoo.com. Learn more

Subject: IMPORTANT FOR FOREIGN STUDENT

To: ankitfadia2001@yahoo.com

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary=”0-599614051-1199202662=:73737″

Content-Transfer-Encoding: 8bit

Message-ID: <476717.73737.qm@web38008.mail.mud.yahoo.com>

Content-Length: 1829

 

5. Find out the exact geographical location of the sender of the email with the following headers:

 

X-Apparently-To: ankitfadia2001@yahoo.com via 68.142.206.41; Mon, 31 Dec 2007 20:02:37 -0800

X-Originating-IP: [209.191.90.74]

Return-Path: <vineet@udaantravel.com>

Authentication-Results: mta261.mail.re4.yahoo.com from=udaantravel.com; domainkeys=neutral (no sig)

Received: from 209.191.90.74 (HELO web801.biz.mail.mud.yahoo.com) (209.191.90.74) by mta261.mail.re4.yahoo.com with SMTP; Mon, 31 Dec 2007 20:02:37 -0800

Received: (qmail 73717 invoked by uid 60001); 1 Jan 2008 04:02:36 -0000

X-YMail-OSG: vj_jELkVM1m.5nfWWK8MNyd4s6PSk7kF9QqubwddySNz8vkLb_G3hvRRfO9jxI5DyCCxA9FcAi. xsqWsn4LYMPOyg6qEtF0cpGnIjotB2Y4pgo4-

Received: from [71.177.119.70] by web801.biz.mail.mud.yahoo.com via HTTP; Mon, 31 Dec 2007 20:02:36 PST

Date: Mon, 31 Dec 2007 20:02:36 -0800 (PST)

From: “VINEET BADHWAR” <vineet@udaantravel.com> Add to Address Book Add Mobile Alert

Reply-to: VINEET@

Subject: HAPPY NEW YEAR

To: vineet@

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary=”0-1640175783-1199160156=:73312″

Content-Transfer-Encoding: 8bit

Message-ID: <538044.73312.qm@web801.biz.mail.mud.yahoo.com>

Content-Length: 1290

6. How can you check your POP email manually? How can you crack POP

email account passwords?

7. How can you secure email communication?

8. How can you attach files to a forged email sent through Sendmail?

9. Describe some risks associated with Instant Messengers.

10. If you have received an email from your friend, how can you tell whether it is spoofed or not?

ASSIGNMENT – 2

1. What are SQL Injection attacks? How do they work? What are some dangers associated with them? Suggest some counter-measures against SQL Injection.

2. How can a system administrator prevent email forging from taking place on their network?

3. What are the different types of ports on a system?

4. How can you prevent input validation attacks on a system?

5. Describe some strategies to fight email spam.

6. How can a system administrator mislead an attacker probing different ports?

7. Discuss the pros and cons of the various types of mail bombing strategies.

8. How can you send a forged email to multiple individuals through BCC?

9. How would you crash a remote system through Instant Messengers?

10. Is this possible: You telnet to Port 23 and the FTP daemon shows up? What is going on if this happens? How is it done?

ASSIGNMENT – 3

1. Explore the various ports (1-100) of the following systems (Kindly submit actual logs as your answer):

 

www.hackingmobilephones.com

ww.imt.edu

2. Give examples of 3 REAL Websites that actually exist on the Internet that suffer from an input validation loophole or an SQL Injection loophole.

Contact www.solvedcare.com for best and lowest cost solution or email solvedcare@gmail.com

Comments are closed.