Ethical Hacking Using Penetration Testing

This thesis provides details of the hardware architecture and the software scripting, which are employed to demonstrate penetration testing in a laboratory setup. The architecture depicts an organizational computing asset or an environment.¬¬¬ With the increasing number of cyber-attacks throughout the world, the network security is becoming an important issue. This has motivated a large number of “ethical hackers” to indulge and develop methodologies and scripts to defend against the security attacks. As it is too onerous to maintain and monitor attacks on individual hardware and software in an organization, the demand for the new ways to manage security systems invoked the idea of penetration testing. Many research groups have designed algorithms depending on the size, type and purpose of application to secure networks [55]. In this thesis, we create a laboratory setup replicating an organizational infrastructure to study penetration testing on real time server-client atmosphere. To make this possible, we have used Border Gateway Protocol (BGP) as routing protocol as it is widely used in current networks. Moreover, BGP exhibits few vulnerabilities of its own and makes the security assessment more promising. Here, we propose (a) computer based attacks and (b) actual network based attacks including defense mechanisms. The thesis, thus, describes the way penetration testing is accomplished over a desired BGP network. The procedural generation of the packets, exploit, and payloads involve internal and external network attacks. In this thesis, we start with the details of all sub-fields in the stream of penetration testing, including their requirements and outcomes. As an informative and learning research, this thesis discusses the types of attacks over the routers, switches and physical client machines. Our work also deals with the limitations of the implementation of the penetration testing, discussing over the vulnerabilities of the current standards in the technology. Furthermore, we consider the possible methodologies that require attention in order to accomplish most efficient outcomes with the penetration testing. Overall, this work has provided a great learning opportunity in the area of ethical hacking using penetration testing

ICONA: a peer-to-peer approach for Software Defined Wide Area Networks using ONOS

Several Internet Service Providers (ISP) are plan- ning to innovate their infrastructures through a process of network softwarisation and programmability. The Software- Defined-Network (SDN) paradigm aims at improving the design, configuration, maintenance and service provisioning agility of the network through a centralised software control plane which is in charge of managing the entire system. This is easily achievable for local area networks, typical of data centres, where the benefits of having programmable access to the entire network is not restricted by latency. However, in Wide Area Networks, a centralised control plane limits the speed of responsiveness in reaction to time-constrained network events due to unavoidable latencies caused by physical distances. A logical step towards robustness in SDN is to distribute the load of the control plane between entities, each taking care of a portion of the entire geographical network and each providing an east-west communication interface to enable programmability of the entire network. Moreover, a key objective of an SDN control plane targeting an ISP networks is the east-west interface with external domains under the control of other providers. In this article we present ICONA (Inter Cluster Onos Network Application), a tool that has the objective of enabling programmable networks to span multiple clusters of controllers within either a single or multiple administrative domains. In particular, the paper describes the architecture behind ICONA and provides an initial evaluation obtained on a preliminary version of the tool, built on top of the cutting-edge network controller ONOS, Hummingbird release

Turkey’s Internet Policy After the Coup Attempt: The Emergence of a Distributed Network of Online Suppression and Surveillance

In July 2016, Turkey was shaken by a bloody coup attempt. Although the would-be putschists failed, their insurgency led to an unprecedented reshuffling of Turkey’s political economic and socio-cultural landscapes. Notwithstanding the critical reverberations on the army, judiciary, law enforcement and civil society, the abortive coup set in motion a massive purge of civil servants, closure of media outlets, arrests of journalists, and blocking of websites and social media accounts. This report offers an examination of the evolution of internet policy in Turkey from the early 2000s to the post-coup conjuncture. It begins with an overview of internet legislation in Turkey during the 2000s under the AKP government (Justice and Development Party), and proceeds to discuss the deployment of different forms of control between 2013-2016 to contain the fallout from political and security crises and the potentially disruptive affordances of social media platforms. The report then focuses on the emerging policy developments and online restrictions in the aftermath of the coup attempt, which include 1) the closure of the TIB—Turkey’s telecommunications authority, 2) direct government control of ISPs (Internet Service Providers) and interception of digital communications by way of decree laws, 3) facilitation of social media censorship by means of Twitter, Facebook and YouTube content removals and 4) coordinated online harassment campaigns by pro-government users against alleged coup planners, Kurdish activists and government critics in general