You will learn how to install Wireshark and Virtualbox. You will examine the protocol messages being exchanged between your Web browser and the Web server.
Tools used: Wireshark, Virtualbox, your favorite Web browser
You will analyze the client- and server-side traces to explore aspects of TCP. You will trace TCP's window behaviour, and infer packet loss, retransmission, flow control and congestion control behavior, and estimated round trip time. After exploring TCP, you will do a packet capture analysis of your favorite application that uses UDP (for example, DNS or a multimedia application such as Skype). You will investigate the header fields in the UDP segment as well as the checksum calculation.
-Tools used: Wireshark, your favorite Web browser
A multithreaded Web server that is capable of serving multiple request in parallel is developed. Version 1.0 of HTTP, as defined in RFC 1945 is implemented. HTTP/1.0 creates a seperate TCP connection for each request/response pair. A seperate thread handles each of these connections. There will also be a main thread, in which the server listens for clients that want to establish connections.
-Tools used: Java IDE (Eclipse, Netbeans etc), your favorite Web browser
Packet capture (PCAP) files contain information about the network traffic that can be explored in detail. The goal of this exercise is to examine PCAP files containing attacks, and analyze the traffic in detail. We look into attacks over transport- (TCP) and application-layer (SMB, RPC, HTTP). Wireshark (and the command-line tool, tshark) will be used in the tasks. - Tools used: Wireshark, tshark (command-line interface), your favorite search engine
WebGoat is an intentionally insecure web server used for demonstrating various attacks against web servers. Exercises include performing attacks such as sniffing, parameter tampering, SQL injection, XSS, session forgery against a locally hosted WebGoat server. - Tools used: WebGoat, Tamper Data, Firefox/Iceweasel
GnuPG is a free implementation of OpenPGP standard, used for both symmetric- and public-key cryptography. "Web of trust" is a decentralized trust model used for establishing the authenticity of public keys. The exercises include creating public/private keys, distributing keys to peers, signing documents, and encrypting documents in a way that only the intended recipient can see the content. - Tools used: GnuPG, your favorite FTP tool