Week 09 Lab 2
.docx
keyboard_arrow_up
School
University of Texas, Dallas *
*We aren’t endorsed by this school
Course
3377
Subject
Computer Science
Date
May 8, 2024
Type
docx
Pages
6
Uploaded by CoachSparrowMaster99 on coursehero.com
Week 09 Lab 02
Muhammad
login as: axm210331
Pre-authentication banner message from server:
| University of Texas at Dallas
| Department of Computer Science
|
| Use of UTD Information Systems is subject to
| the UTD Information Security and Acceptable Use Policy.
|
| Pursuant to Texas Administrative Code 202:
| (1) Unauthorized use is prohibited;
| (2) Usage may be subject to security testing and monitoring;
| (3) Misuse is subject to criminal prosecution; and
| (4) No expectation of privacy except as otherwise provided by applicable
| privacy laws.
|
| ATTENTION: utdnetid != utdnetid@utdallas.edu (UTD != Google!)
|
| Just use utdnetid, and for the love of programming, STOP USING ALL CAPS!
|
| [[NOTE: All CS Graduate Students should use csgrads1.utdallas.edu ]]
| [[ If you are a CS Graduate Student, you cannot logon to this server.]]
|
|
| ***** This system will require a connection to the GlobalProtect VPN startin
> g
| on the following dates:
|
| cslinux1.utdallas.edu - June 15, 2020
| cslinux2.utdallas.edu - June 22, 2020
|
| ***** GlobalProtect VPN Instructions: https://www.utdallas.edu/oit/howto/vpn
> /
|
End of banner message from server
Keyboard-interactive authentication prompts from server:
End of keyboard-interactive prompts from server
+----------------------------------------------------------------------+
MobaXterm Personal Edition v23.2 (SSH client, X server and network tools) ? SSH session to axm210331@cslinux1.utdallas.edu Direct SSH : ?
SSH compression : ? SSH-browser : ? X11-forwarding : ? (remote display is forwarded through SSH) ? For more info, ctrl+click on help or visit our website. +----------------------------------------------------------------------+
Last login: Fri Oct 20 22:50:54 2023 from 10.50.240.241
***---***---***---***---***---***
csgrads1.utdallas.edu - CentOS Linux 7.9
--All CS Graduate Students should use csgrads1--
cs1.utdallas.edu - CentOS Linux 7.9
cs2.utdallas.edu - CentOS Linux 7.9
***---***---***---***---***---***
This system is for use by CS students who need a general purpose Linux system
to complete homework assignments. Computationally or resource intensive
simulations will be throttled automatically.
Thank you,
CS Lab Manager
cs-labs@utdallas.edu
/scratch disk space can be used for temporary files.
All files within /scratch will be erased on a regular basis (Sunday 0300).
{cslinux1:~} whoami
axm210331
{cslinux1:~} date
Fri Oct 20 23:52:29 CDT 2023
{cslinux1:~} ls
abc.txt dog lab1 pwd w5l1 Week05Lab2 welcome.c
a.out first.txt lab2 sample.txt w5l2 week07Lab1 welcome.h
apue hello lab3 scriptForNew w6l1 week07Lab2 welcome.h.gch
cat.txt hello(2).c Makefile script.sh w7l1 week08Lab01
ch4lab1 hello(3).c new.txt short w7l2 week09Lab01
ch4lab2 hello.c perl5 typescript Week05Lab1 Week4Lab1
data.txt hey practice Untitled.txt Week05Lab12 week4lab2
days hey.txt public_html w4l1 Week05Lab13 week5lab1
{cslinux1:~} cd week09Lab02
{cslinux1:~/week09Lab02} script w9l2
Script started, file is w9l2
{cslinux1:~/week09Lab02} ls
w9l2
a)Program Startup / Building
{cslinux1:~/week09Lab02} vi shell22.c
{cslinux1:~/week09Lab02} gedit shell22.c
** (gedit:48765): WARNING **: 23:53:47.652: Set document metadata failed: Setting attribute metadata::gedit-spell-language not supported
** (gedit:48765): WARNING **: 23:53:47.653: Set document metadata failed: Setting attribute metadata::gedit-encoding not supported
** (gedit:48765): WARNING **: 23:53:50.032: Set document metadata failed: Setting attribute metadata::gedit-position not supported
{cslinux1:~/week09Lab02} cat shell22.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <string.h>
int alarm_duration = 0;
// Signal handler for SIGINT (Ctrl+C)
void mysig_handler(int signo) {
printf("\n ** This is the message from week09 lab2 - Signal Handler! ** \n");
}
// Signal handler for timer-alarm
void alarm_handler(int signo) {
if (alarm_duration > 0) {
printf("\nAlarm set for %d seconds has expired. Exiting.\n", alarm_duration);
exit(0);
}
}
int main() {
struct sigaction sa;
sa.sa_handler = mysig_handler;
sigaction(SIGINT, &sa, NULL);
sa.sa_handler = alarm_handler;
sigaction(SIGALRM, &sa, NULL);
while (1) {
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Questions
Hi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format:
Discussion: Misadventures of a Nation State Podcast
Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do.
Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix.
Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…
arrow_forward
113
Spoofing attack is
a) an application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network.
b) a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access.
c) a toolkit for hiding the fact that a computer’s security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate (in accordance with established rules) operators.
d) None of these
arrow_forward
You've been warned about a ransomware assault known as Ryuk. Assume that each infected device will cost you $100 to restore your files.
Write a one-page executive briefing (in memo style) outlining the following actions to address the danger you've identified:
Find out about a security danger and/or breach and study the information you findAssess the danger and prepare a briefing for senior management (a one-page paper in Word, PDF, etc.)Write a concise summary of the main aspects of the problemWhat effect, if any, could it have on St. Eligius?Make suggestions for short-term measures to reduce the risk.Suggestions for long-term mitigation
arrow_forward
Joe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do?
Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…
arrow_forward
True or false: Intrusion Detection Systems have the ability to block threats
True
False
Question 25
The intrusion response Trace Recording
collects artifacts to determine TTP
sends an alert to systems capable of SNMP communication
brings in additional specialized resources
opens the application trace route
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain.
After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…
arrow_forward
Discuss the concept of end-to-end encryption in messaging apps. How does it work, and what are the benefits and limitations of implementing it?
arrow_forward
What precisely is meant by the term "spoofing," and how may it be used to the detriment of a victim?
arrow_forward
Make a distinction between spoofing and session hijacking. In the case that you're a web user, what are some of the countermeasures you use to protect yourself against session hijacking?
arrow_forward
How do you think the introduction of new technologies has affected how people think about and approach internet security?
arrow_forward
Data Security is considered a senior Management concern and responsibility. It affects every company’s operation, reputation and ultimately impacts revenue, profits, and a competitive edge. Yet many companies do not implement defenses that could help to prevent and control data breaches. In June 2012 LinkedIn a business social network site was hacked, this data breach was discovered when IT security experts discovered millions of LinkedIn passwords on a Russian underground site. The reason this happened was that the company was using outdated encryption methods and within 2 days, most passwords were cracked. What steps can a business take to keep control of its data security? What security management processes and activities in each process should a business follow to ensure they have an Information Technology Risk management strategy in place?
arrow_forward
In October 19, 2012, HSBC servers came under a denial of
service (DoS) attack which affected a number of HSBC websites
around the world. The London-based banking giant said in a
statement, "This denial of service attack did not affect any
customer data, but did prevent customers using HSBC online
services, including internet banking."
a) Explain how the objective of DoS differs from other types of
network attacks
b) How the DoS attack is carried out?
c) How the Dos attack works?
d) As an expert in computer security, explain the challenges in
identifying the real attacker
who launched the DDOS attack against HSBC website.
e) Discuss the relationship between DDOS attack and Botnet
arrow_forward
A researcher working on a study has been aware of a problem referred to as "security breakdowns in social media," and they want to look into it more. What are the steps that he has to follow in order to complete his research? Please provide a condensed description of each step.
arrow_forward
Describe the ways in which people's perspectives and behaviors about internet security have changed as a direct result of the development of new technologies?
arrow_forward
TASK 01 (SHODAN)•For this assignment you will have to do some observation task on some vulnerabilities that can be exploited to attack ICS security.•Remember: ONLY OBSERVE for study purpose. UNITEN will not be responsible for your experimentation beyond the required task.Search for potential location of ICS devices•Use Shodan website•Search for location that is linked to port 102 in Malaysia•Note how many are there in Malaysia1.Find out what all those displayed information mean from the search. Explain it in your report. [5 marks]2.Use the map in SHODAN to actually find out where these location actually is. [2 marks]3.Cross check with google map if the location is actually real. List at least TWO detailed address and information found through SHODAN, [3 marks]4.Extra bonus marks: Find out other port number that might be used by ICS device and perform a search. List them out and perform the same test. Write the same report of your findings.
TASK 02 (GOOGLE HACKING)•For this assignment…
arrow_forward
Discuss the differences between symmetric and asymmetric encryption algorithms and their applications in network security.
arrow_forward
▾ Topic 1
(Refers to Lesson #1) Discuss how the definition of privacy that is commonly used (freedom from observation) may differ from the
definition of privacy from the information security perspective (freedom from unsanctioned intrusion).
Topic 2
▸ Topic 3
8
f
ion_topics/2947715?module_item_id=12935597#
Q Search
S
T
Q Search entries or author
G
H
N
& 7
M
Unread
hp
3
K
fo
↑
©
E
fo
F11
P
alt
112
C
**
ļ
Insert
ctn
E
pause
10:14
10/30/20
backspace
arrow_forward
For the Agent Tesla malware, please write a short paragraph based on the given background and website info:
Agent Tesla is a RAT that targets Windows operating systems. It is available for purchase on criminal forums as Malware-as-a-Service (MaaS). It has various capabilities depending on the version purchased, including capturing keystrokes and screenshots, harvesting saved credentials from web browsers, copying clipboard data, exfiltrating victim files, and loading other malware onto the host.
https://www.cisecurity.org/insights/blog/top-10-malware-december-2022
Agent Tesla is an extremely popular spyware Trojan written for the .NET framework that has been observed since 2014 with many iterations since then. It is used to steal sensitive information from a victim’s device such as user credentials, keystrokes, clipboard data, credentials from browsers, and other information. This information can then be traded or used for business intelligence or ransom. Agent Tesla is most commonly…
arrow_forward
A researcher for a study has observed a problem referred to as "security flaws in social media" and wants to analyze it further. What steps should he take to do his research? Describe each procedure succinctly.
arrow_forward
Conduct research on user authentication as a form of access control and compose a report on your findings.
arrow_forward
Is there a way to protect vehicle-to-vehicle communication by using security approaches and mechanisms? * The second question is how long each security method takes to encrypt and decode a message.
arrow_forward
Describe the security techniques used for the following
situations and justify their uses:
a) Separating files of one user from another
b) Making data secure and hard to read by unauthorised users
c) Detecting malicious files received from the Internet
d) Blocking unwanted traffic trying to access a network
criteria
List the names, purposes and characteristics of a range of security techniques.
Justify the use of a range of security techniques in typical situations.
note
just listing isn’t enough. We need to know the purpose and technical details of each security technique
no handwriting please
arrow_forward
a) Alice is an employee at the Xiamen University of Technology (XUT). Recently, Alice's
computer had some issues, and the IT department of XUT provided Alice with a
temporary computer. While using this temporary computer, Alice notices (from the
browser history, downloaded files) that the temporary computer was previously used by
some other employees of XUT, and contains sensitive information such as several user's
ID and passwords (stored in the browser), PowerPoint slides containing confidential
employee information etc.
To address the security issues discussed in this scenario, answer the below questions:
i) Describe a control measure based on policy and procedures, and a control measure
based on education, training and awareness.
i1)
Compare the control measures described above. Which of these do you think will
be the most effective in this scenario? Justify your answer.
arrow_forward
Discuss the significance of access control lists (ACLs) in network security.
arrow_forward
1)Discusss the security aspects of gmail system
arrow_forward
Describe the concept of end-to-end encryption in the context of secure messaging applications. How does it ensure the privacy of communication?
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Related Questions
- Hi I want to make a video presentation on this topic which should be 5 mins atleast, so need help below format: Discussion: Misadventures of a Nation State Podcast Discuss Darknet Diaries Episode 10. Why is this a video discussion instead of a written response? It is an important skill to master to be able to present and summarize the key concepts of a complex cybersecurity incident in a short time frame. Remember that unless you are talking to other cybersecurity professionals, probably no one thinks this stuff is as interesting as you do. Instructions: The main purpose of the video discussion assignments is to get you to dig into the main four cybersecurity frameworks and references we use in the class. Use the context of the specific security incident to explore and explain some aspects of the NIST CSF, the CIS CSCs, ACSC Strategies to Mitigate Cyber Incidents, and the MITRE ATT&CK matrix. Keep each discussion sub-topic focused and to approximately 1 minute for a TOTAL video…arrow_forward113 Spoofing attack is a) an application that captures TCP/IP data packets, which can maliciously be used to capture passwords and other data while it is in transit either within the computer or over the network. b) a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining illegitimate access. c) a toolkit for hiding the fact that a computer’s security has been compromised, is a general description of a set of programs which work to subvert control of an operating system from its legitimate (in accordance with established rules) operators. d) None of thesearrow_forwardYou've been warned about a ransomware assault known as Ryuk. Assume that each infected device will cost you $100 to restore your files. Write a one-page executive briefing (in memo style) outlining the following actions to address the danger you've identified: Find out about a security danger and/or breach and study the information you findAssess the danger and prepare a briefing for senior management (a one-page paper in Word, PDF, etc.)Write a concise summary of the main aspects of the problemWhat effect, if any, could it have on St. Eligius?Make suggestions for short-term measures to reduce the risk.Suggestions for long-term mitigationarrow_forward
- Joe Green, a system administrator for a large corporation, is installing a new software package on Chuck Dennis’ personal computer. The company has not authorized Joe to read the employees’ e-mail, Web logs, or personal files. However, in the course of installing the software, he accidentally comes across directories containing files with suspicious-looking names. He opens a few files and discovers they contain child pornography. Joe believes possessing such images is unethical for their profession. What should he do? Acme Corporation licenses a sophisticated software package to many private and government agencies. Kyla is one of Acme's employees who works in the support organization. She mostly provides phone support but also teaches an on-site class from time to time. In fact, she created many of the instructional materials used in these classes. One day Kyla gets a call from Maria, who works for a government agency that uses Acme's software package. Maria offers to pay Kyla Php…arrow_forwardTrue or false: Intrusion Detection Systems have the ability to block threats True False Question 25 The intrusion response Trace Recording collects artifacts to determine TTP sends an alert to systems capable of SNMP communication brings in additional specialized resources opens the application trace routearrow_forwardYou are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forward
- You are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forwardYou are assisting with the Investigation of a report of Bestiality, and have been accessed to conduct the digital forensic examination of the Suspect’s Cellular telephone. You have been provided with a Warrant, which authorizes you to acquire a forensic image of all data on the phone, and then conduct a subsequent review of the data for images or videos of obscenity involving animals. The Warrant authorizes you to search all files and folders on the phone, to include deleted files, unallocated space which may exist on the phones flash memory, and, to conduct the same examination of any SD Card the phone may contain. After conducting an acquisition of the data using the Cellebrite Physical Analyzer Mobile Device Toolkit, you realize no images or videos were extracted. After a little research, you realize that the phone uses a Cloud Based storage system, by default, to save all pictures and videos to the users Google Drive. In an attempt to verify this setting, you set up a digital…arrow_forwardDiscuss the concept of end-to-end encryption in messaging apps. How does it work, and what are the benefits and limitations of implementing it?arrow_forward
- What precisely is meant by the term "spoofing," and how may it be used to the detriment of a victim?arrow_forwardMake a distinction between spoofing and session hijacking. In the case that you're a web user, what are some of the countermeasures you use to protect yourself against session hijacking?arrow_forwardHow do you think the introduction of new technologies has affected how people think about and approach internet security?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningManagement Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,