scholarly journals Hardening CISCO Devices based on Cryptography and Security Protocols - Part II: Implementation and Evaluation

2018 ◽  
Vol 2 (4) ◽  
pp. 11-27
Author(s):  
Faisal Waheed ◽  
Maaruf Ali
Keyword(s):  
Best Practice ◽  
Critical Evaluation ◽  
Security Protocols ◽  
Security Requirements ◽  
Software Components ◽  
Command Line ◽  
Penetration Testing ◽  
Testing Tools ◽  
Management Controls ◽  
Testing And Evaluation

This second part covers the implementation, testing, critical evaluation, conclusion and further study. It concentrates on the actual implementation details of hardening of network devices by referring to the hardware and software components, device operating system’s features, management controls, access-list restrictions, operational configurations and critically making sure that the data and credentials are not stored or transferred in ‘plaintext’ over the network by detailed testing and evaluation. It investigates the commands used to enable cryptography and network protocols based on encryption, in order to meet the need for essential security requirements. Substantial work is devoted to the command line details and testing of a router based on Cryptography and Security Protocols in the border router. A step-by-step hardening approach is detailed using the commands used to secure the proposed network framework’s border router. Encrypted services coupled with best practice configurations are explained and tested in an emulated environment. The use of protocol analysers, CISCO Configuration Professional’s Audit and penetration testing tools corroborated the success of the project.

scholarly journals Hardening CISCO Devices based on Cryptography and Security Protocols - Part One: Background Theory

2018 ◽  
Vol 2 (3) ◽  
pp. 27-44 ◽  
Author(s):  
Faisal Waheed ◽  
Maaruf Ali
Keyword(s):  
Operating System ◽  
Best Practice ◽  
Security Protocols ◽  
Core Layer ◽  
Security Requirements ◽  
Sensitive Data ◽  
Management Level ◽  
Testing Environment ◽  
Background Theory ◽  
Point Of Entry

Network Security is a vital part of any corporate and enterprise network. Network attacks greatly compromise not only the sensitive data of the consumers but also cause outages to these networks. Thus inadequately protected networks need to be “hardened”. The hardening of network devices refers to the hardware and software components, device operating system’s features, management controls, access-list restrictions, operational configurations and above all making sure that the data and credentials are not stored or transferred in ‘plaintext’ over the network. This article investigates the use of cryptography and network protocols based on encryption, to meet the need for essential security requirements. Use of non-secure protocols, underrating and misconfigurations of management protection are reasons behind network devices not properly being hardened; hence leaving vulnerabilities for the intruders. The gap identified after conducting intense search and review of past work is used as the foundation to present solutions. When performing cryptography techniques by encrypting packets using tunnelling and security protocols, management level credentials are encrypted. These include password encryption and exceptional analysis of the emulated IOS (Internetwork Operating System). Necessary testing is carried out to evaluate an acceptable level of protection of these devices. In a virtual testing environment, security flaws are found mainly in the emulated IOS. The discoveries does not depend on the hardware or chassis of a networking device. Since routers primarily rely on its Operating System (OS), attackers focus on manipulating the command line configuration before initiating an attack. Substantial work is devoted to implementation and testing of a router based on Cryptography and Security Protocols in the border router. This is deployed at the core layer and acts as the first point of entry of any trusted and untrusted traffic. A step-by-step hardening approach is adopted to secure the proposed network framework’s border router. Encrypted services coupled with best practice configurations are implemented and tested in an emulated environment. The use of protocol analysers, CISCO Configuration Professional’s Audit and penetration testing tools corroborated the success of the project.

Analysis of Penetration Testing Tools

2017 ◽  
Vol 7 (9) ◽  
pp. 36
Author(s):  
Palak Aar ◽  
Aman Kumar Sharma
Keyword(s):  
Penetration Testing ◽  
Testing Tools ◽  
The Given ◽  
Gain Access

Penetration testing is defined as the procedure of imposing as an attacker to find out the vulnerabilities in a system that can be used to gain access to system for malicious use. This paper provides an overview of penetration testing and list out the criteria used to select the best tools for the given purpose. It also provides a brief description of the selected tools and furthermore we compare those tools. The results of the comparison are shown in terms of graphs and tables.

scholarly journals Key Distribution and Management in WSN Security: A State of the Art

2019 ◽  
Vol 9 (2S) ◽  
pp. 462-472
Keyword(s):  
Key Management ◽  
State Of The Art ◽  
Security Protocols ◽  
Security Requirements ◽  
Current State ◽  
Management Scheme ◽  
Effective Manner ◽  
Literature Reviews ◽  
Cryptographic Keys ◽  
Wsn Security

Offering efficient key management scheme (KMS) in WSN faces many challenges that will significantly impact the design and implementation of security protocols for WSN. The goal of KMS is to provide an effective environment in which the sensor node can communicate in a secure manner. It should be able to resolve the issue of generate, allocate the cryptographic keys in WSN in an efficient and effective manner. Hence, the methods for trustworthy allocation and management of these keys are very important for security of WSN. Many KMSs have been developed in recent years. However inherent characteristics of a WSN make incorporating security a great challenge. This paper presents a comprehensive review of current state-of-the-art of KMS designed for WSN security and compare with respect to several evaluation metrics. This paper also investigates the security requirements, goals and challenges of KMS based on existing literature reviews. We also attempt to provide insight in to potential research trends in the area of WSN security and outline the approaches that are likely to play a very important role.

scholarly journals Penetration Testing on Metasploitable 2

2020 ◽  
Vol 9 (05) ◽  
pp. 25014-25022
Author(s):  
Mandeep Singh ◽  
Sunny Kumar ◽  
Tushant Garg ◽  
Niranjan Pandey
Keyword(s):  
Network Protocols ◽  
Command Line ◽  
Penetration Test ◽  
Penetration Testing

Abstract— In this paper, we will discuss how to perform a penetration test on Metasploitable 2 using Metasploit. Metasploitable 2 is a vulnerable system that we decide to use, as using some other system to do the same it would be considered as hacking and could have awful results. The primary purpose of this research is to tell about the various tools used when someone trying to find possible vulnerabilities in a system. By using the Metasploit system to test a system, we can find possible vulnerabilities that need to be fixed to protect and make the system better. Different areas like firewalls, network protocols, and other basic security is-sues will be explored in this research.While there are many other different ways to do penetration testing, but we decide to use Metasploit be-cause of its broad uses and simplicity. We will have the option of either using the command line within Metasploit or by using the community version of the product, which is mostly automated. Both alternatives will be explored in this paper. If anyone going through all of the steps given in this paper should be able to try and exploit any vulnerable system.

Exploiting Windows 7 Vulnerabilities using Penetration Testing Tools

2021 ◽  
Author(s):  
Kenneth AJ G. Quilantang ◽  
James Andrei C. Rivera ◽  
Mark Vincent M. Pinili ◽  
Alphonsus Joseph Nicollo R. Magpantay ◽  
Eric Busia Blancaflor ◽  
...  
Keyword(s):  
Penetration Testing ◽  
Testing Tools

Acute care physiotherapy management of COVID-19 patients in Qatar: best practice recommendations

2020 ◽  
Vol 27 (11) ◽  
pp. 1-15
Author(s):  
MS Ajimsha ◽  
Neeraj Gampawar ◽  
Praveen J Surendran ◽  
Prasobh Jacob ◽  
Reshma Praveen ◽  
...  
Keyword(s):  
Critical Care ◽  
Extracorporeal Membrane Oxygenation ◽  
Acute Care ◽  
Clinical Reasoning ◽  
Best Practice ◽  
Critical Evaluation ◽  
Adult Patients ◽  
Consensus Process ◽  
Practice Recommendations ◽  
Reasoning Algorithm

This document outlines best practice recommendations for acute care physiotherapy for patients with COVID-19, with an emphasis on critical care rehabilitation, including patients on extracorporeal membrane oxygenation support. These recommendations were developed for practice in Qatar but are adaptable to any setting. This recommendation is the result of a combination of systematic evidence searches, subsequent critical evaluation of the retrieved evidence and a consensus process. The agreed recommendations were integrated into a physiotherapeutic clinical reasoning algorithm. It includes recommendations on physiotherapy referrals, screening, management categories and best practice recommendations. It is intended for use by physiotherapists and other relevant stakeholders, in acute care settings, for adult patients with suspected or confirmed COVID-19.

scholarly journals Acute Care Physiotherapy Management of COVID-19 Patients in Qatar: Consensus-Based Recommendations

2020 ◽  
Author(s):  
Ajimsha MS ◽  
Neeraj Gampawar ◽  
Praveen Surendran ◽  
Prasobh Jacob ◽  
Vasileios Karpouzis ◽  
...  
Keyword(s):  
Acute Care ◽  
Clinical Reasoning ◽  
Best Practice ◽  
Care Setting ◽  
Critical Evaluation ◽  
Adult Patients ◽  
Acute Care Setting ◽  
Consensus Process ◽  
Practice Recommendations ◽  
Reasoning Algorithm

This document outlines best practice recommendations for acute care physiotherapy for patients with COVID-19 infections developed for practice in Qatar but adaptable with any settings. This recommendation is the result of a combination of systematic evidence search, subsequent critical evaluation of retrieved evidence and consensus process. The agreed recommendations were integrated into a physiotherapy clinical reasoning algorithm. It includes recommendations on Physiotherapy referral, screening, management categories and best practice recommendations. It is intended for use by physiotherapists and other relevant stakeholders in the acute care setting caring for adult patients with suspected and/or confirmed COVID-19.

Critical Evaluation of RFID Security Protocols

2012 ◽  
Vol 6 (3) ◽  
pp. 56-74 ◽  
Author(s):  
Azam Zavvari ◽  
Ahmed Patel
Keyword(s):  
Radio Frequency Identification ◽  
High Speed ◽  
Low Cost ◽  
Critical Evaluation ◽  
Security Protocols ◽  
Security And Privacy ◽  
Automatic Identification ◽  
Rfid Security ◽  
Rfid Systems ◽  
Class 1

Radio Frequency Identification (RFID) system is a low-cost contactless automatic identification technology; and barcode as a traditional technology is now broadly replaced by RFID systems to make objects more manageable in supply chains and other enterprises. This technology is operational in open wireless communication spaces whereby its transmission signals can be easily accessed resulting in security problems. Consequently, it becomes an absolute necessity to develop efficient security protocols to protect the data against various attacks. This paper outlines a critical evaluation of the RFID systems, the security and privacy issues in the RFID security protocols, the EPCglobal Class-1 Generation-2 standard as it is an international standard, its lower cost of implementation, and high speed data transmission and operation.

Sign in / Sign up

Export Citation Format

Share Document