MITS5004 IT Security Assignment 3 Group Assignment Critical Analysis of Security Tools MITS5004 Assignment 3 Copyright © XXXXXXXXXXVIT, All Rights Reserved. 2 Assignment 3 Group Assignment: 30% -...

1 answer below »
submit my assignment on time


MITS5004 IT Security Assignment 3 Group Assignment Critical Analysis of Security Tools MITS5004 Assignment 3 Copyright © 2015-2018 VIT, All Rights Reserved. 2 Assignment 3 Group Assignment: 30% - Critical Analysis of Security Tools (Due Session 12) Objective(s) This assessment item relates to the unit learning outcomes as in the unit descriptor. This assessment is designed to improve the ability of students to critically analyse security tools and present their findings. The assignment provides an opportunity to work in a group and to achieve a joint objective. Description Each group is required to critically analyse any 2 security tools from the list and demonstrate the functionality of the tools in a video presentation. The list of tools for the assignment include: • Hydra • Maltego • NMap • Zed Attack Proxy • SqlMap • Metasploit Framework • Burp Suite • Nessus • Nikto • Snort The tools need to be launched in Linux terminal (a user could be created for any member of the group). Each group is required to: 1. Install and launch the 2 security tools in Linux terminal (a user could be created for any member of the group). Screenshots need to be provided with a brief description. 2. Evaluate 4 features of each tool. Description and screenshots need to be provided for each tool. MITS5004 Assignment 3 Copyright © 2015-2018 VIT, All Rights Reserved. 3 3. Critically analyse each tool in terms of: a) Ease of Use b) Performance c) Scalability d) Availability e) Reporting and analytics 4. Demonstrate the 4 features of the tool in a short video not more than 5 Minutes. Each student is required to demonstrate 1 feature for each tool. If a student does not demonstrate in the video, the student will not be marked for the demonstration marks Instructions These instructions apply to Assignment 3 Group Assignment – Critical Analysis of Network Security Tools. The students are required to form a group comprising of 2 to 4 students from the same session. The group is required to notify the lecturer of the students in the group and the network security tools that they have opted for by the end of week 6. Submissions Each group is required to submit a single report and a video presentation on the given link on moodle. Each student is required to demonstrate 1 feature of each network security tool in the video presentation. Submit your report to the Moodle drop-box for Assignment 3. Note that this will be a turn-it-in drop box and as such you will be provided with a similarity score. This will be taken into account when grading the assignment. Note that incidents of plagiarism will be penalized. If your similarity score is high you can re-submit your report, but re-submissions are only allowed up to the due date. If you submit your assignment after the due date and time re-submissions will not be allowed. Please Note: All work is due by the due date and time. Late submissions will be penalized at the rate of 10% per day including weekends. Your report should be limited to approx. 2000 words (not including references). Use 1.5 spacing with a 12 point Time New Roman font. Citation of sources is mandatory and must be in the IEEE style. MITS5004 Assignment 3 Copyright © 2015-2018 VIT, All Rights Reserved. 4 Marking Guide: 75 Marks Task Description Marks Introduction This section should include a few sentences which provide an outline of the assignment. 5 Report Layout The report style, language and structure should be appropriate. 5 Tool Launch Install and launch the 2 security tools in Linux terminal (a user could be created for any member of the group). Screenshots need to be provided with a brief description. 6 Evaluation Evaluate 4 features of each tool. Description and screenshots need to be provided for each tool. 16 Analysis Critically analyse each tool in terms of: a) Ease of Use b) Performance c) Scalability d) Availability e) Reporting and analytics 20 Demonstration Each group is required to submit a video demonstration of not more than 5 minutes, each member is required to demonstrate 1 feature of each tool. 15 Conclusion Summary of the report. 4 References Follow the IEEE style 4
Answered Same DayOct 15, 2021MITS5004

Answer To: MITS5004 IT Security Assignment 3 Group Assignment Critical Analysis of Security Tools MITS5004...

Ankit answered on Oct 17 2021
133 Votes
Student Name
Student Id
            Security Tools (NMap and MetaSpolit framework)
            Date of Submission
Contents
Introduction    3
Tool Launch    4
Evaluation    7
Features of NMap    7
Evaluation of each of above feature of Nmap    10
Features of MetaSpolit    10
Evaluation of each of above feature of Metasploit    13
Analysis    13
Conclusion    14
References    16
Introduction
This section is going to give brief background about
security tools. The tools that is selected for critical analyse are Nmap and Metasploit Framework.
Nmap is developed by Gordon Lyon in 1997 as open source security tool. The tool Nmap is utilized to identify services and hosts on server by transferring the messages. There is vast list of features that NMap offers such as mapping of network and port scanning, host discovery, discover Services, test for Vulnerabilities, security auditing etc. Nmap is open source design under GPL licence. The tool was originally designed for OS Linux but it is also ported for various OS like windows, BSD, mac etc.
MetaSpolit framework is ruby based which is self-described framework for cyber threats. It is the most widely used penetration testing tool. The process of hacking is easier by using this tool. The Metasploit Framework is in great demand for building and implementing exploit script against system of a remote target. The penetration testing is done by IT professionals by utilizing built in tools of this frameworks, verify patch deployments and perform regression testing. This tool provides a genuine platform for penetration testing. This tool is free to use, high quality, open source and mostly used in the IT security.
The main purpose of this document is to launch these tools on Linux server and four features of this tool will be evaluated. Then critical analysis of these tools will be performed on the basis of availability, scalability, ease of use, performance and reporting and analytics. The document also does video demonstration of tools features. At last conclusion will be given for this report.
Tool Launch
The security tool Nmap and Metasploit Framework is to be launch on Linux server.
ZenMap is the graphical user interface of Nmap on Linux. First of all, NMap package is to be installed on system by using following command for different Linux Distribution:
CentOS: yum install nmap
Debian: apt-get install nmap
Ubuntu: sudo apt-get install nmap
Here is screenshot for NMap tool installation on Linux using Ubuntu Linux distribution:
Here are few commands for Nmap security scanner for Linux as listed below:
a) It is basic command to verify whether particular website is up or down. The following command is type on command prompt: [1]
sudo nmap -sS [IP address] or [website address]
b) It is command used to check which Operating system is running on remote target system. The following command is type on command prompt:
sudo nmap -O --osscan-guess [IP address] or [website address]
c) It is ping scan command used to check open ports of a target system. The following command is type on command prompt:
sudo nmap -vv [IP address] or [website address]
d) It is command used to check services run on target system. The following command is type on command prompt:
sudo nmap -sV [IP address] or [website address]
Installing Metasploit Framework on Ubuntu 18.04 Linux
The Framework of Metasploit is an integral part for toolkit of penetration testers. In this we will look how to install Metasploit Framework in Ubuntu 18.04. There is need to deploy and configure RVM and Postgres.
Step1: Following is the command for installing Metasploit dependencies:
‘sudo apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev ruby1.9.3
Here is screenshot of instalment:
Step 2: For good operations, there is need to install the database Postgres to deployed properly after you install Metasploit Framework. It will help you in searching quicker and you will also take advantage of...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here