BIT354: Network Vulnerability and Penetration Testing
November 29, 2022Inderpal Group Assignment- Economics
December 5, 2022Question –
BIT354: Network Vulnerability and Penetration Testing Sample
Executive Summary
The report encompasses the process of installing a computer system. The report also elaborates on the procedures for hardening the operating system to prevent security breaches and other kinds of threats. There is an illustration of 8 kinds of hardening ways for the computer system that is installed. Further, there is a description of the evaluations and recommendations in this regard.
Introduction
According to the requirements, setting up a 64-bit operating system on Virtual Box has to be done. It is to be noted that Virtual Box is regarded as the virtualization software for free which facilitates home users for playing with various operating systems within the main system. The most important aspect that is necessary for the installation of a Virtual Box is the proper configuration (Cheng, Ding & Deng, 2015). Virtual Box is very fair and simple to use. There are certain tricks that are necessary for the effective implementation and operation of the entire system. It has to be also noted that loading 64 bits consume more time as compared to the systems of other configurations.
Installation process
The steps for installing s the 64-bit operating system on Virtual Box are as follows:
- Downloading and installation of Virtual box of the latest version
The first step regarding the installation of the 64-bit operating system is to download and install the latest version of Virtual Box. The host denotes the computer system that has to be run on the Virtual Box (Chapple & Seidl, 2017).
- Downloading and installation of the latest additions of Virtual Box.
This has to be followed by rebooting the system into BIOS and integrating hardware virtualization. This will be displayed as AMD-V or VT-x and or “Virtualization Technology” depending upon the manufacturer and the operating system of the host (Dulaney & Easttom, 2017).
- After starting the Virtual Box, the New button has to be clicked and there will be a display of the 64-bit operating system which denotes that the system can be installed. If it does not appear on the system, BIOS might have to be re-evaluated and a selection of either updating of BIOS or a different option has to be made (Ferguson, 2015).
- Getting into the New Phase, a meaning full name has to be done be given and the kind of installation that has been used has to be defined.
- Allocation of memory has to be done apart from the defaults.
- Further, installing Linux on the new system has to be done. For this step, the use of 64-bit Ubuntu 12, 04 has to be done. Among many flavours of Linux, Ubuntu is one of the very popular operating systems of Linux desktops. This has to be followed by downloading an. ISO image and has to be used on the Virtual Box for installing directly from the.IOS image.
- This process has to be continued by downloading the install image of Ubuntu which can be done by going to the defined links for the purpose and then choosing a 64-bit version for the process of
- Further, installation of Ubuntu within the 64-bit operating system of Virtual Box has to be carried out by clicking on the Machine and then on New. The virtual machine has to be given a name. In regards to the type of Operating system, Linux along with 64-bit Ubuntu has to be chosen for the version. Default settings are predefined based on the version and type of operating system. Hence, next has to be selected for the following menus that keep arriving at the display screen (Montgomery & Olson, 2018). If there is a need to change the settings in any part, it can be done later. Right-click has to be done on the new machine present in the Virtual Machine after the creation of the Virtual Box manager. Then the Start button has to be selected. When the computer system starts for the first time, there will be an execution of a wizard of Virtual box which would further as “Select Installation Media”. The folder icon can be used for navigation in Ubuntu. ISO image which was downloaded. Further, selecting the Next has to be done through the options that are remaining which will result in the installation process of Ubuntu 12.04 in the virtual machine.
- One can also highlight the drive which was created and then select Settings. The navigation of the systems has to be processed which will be followed by the setting up of the order of the boot. Choosing the Processor tab and choosing a minimum of 3 virtual processors. This will be followed by selecting the Acceleration and ensuring the enabling and evaluation of AMD-V and VT-x (McDonald et al., 2017).
This has to be conducted with careful consideration that all kinds of defaults have to be accepted. However, one has to configure and explore all the aspects.
The process to harden the computer system
The process to harden the computer system includes the ensuring of creating backups. This is one of the most important aspects that have to be done to protect the data from various kinds of encryption (Jann et al., 2015). By having backups, one can effective removal the infection that may happen to affect the system which will also assist in restoring the data after clearing up the system. having an external hard disk for storing or backing up the data will not be effective ad ransom will be encrypted and target all kinds of drives attached to the computer system. Hence, the system of cloud backup is more effective in this regard. Installing an antivirus solution which can detect the behaviour of the threats will assist in hardening the system. Further, installing the updates of the operating system will ensure the hardening of the computer systems. This way many updates, in this regard, will protect the computer system from various vulnerabilities.
The operating system of Linux can be hardened by using the following steps:
-
Patching of the Operating System
It is very crucial to update the installation of different packages and operating systems which will protect the entire system from getting affected. Hardening can only be effective in the presence of a secured and stable Linux operating system.
-
Patching of the Third-Party Applications
The other custom applications that are installed by the user have to be maintained by any package manager regularly which would facilitate the application of the latest updates of security features (McDonald et al., 2017).
-
Disabling root logins
Login in as a root user should be completely avoided. Hackers make frequent attempts of cracking the password and obtain access disabling the logins from the user name of roots will assist in the hardening of the system.
-
Configuring a firewall
Ensuring the placement of a firewall will assist in the effective protection of the entire operating system. one can use NetFilter which is a firewall which is integrated with the kernel Linux which will assist in preventing unwanted traffic (Montgomery & Olson, 2018).
-
Having a strong policy for password
Users should not allow the accounts to exhibit empty fields of passwords or use simple passwords.
-
Removal of unwanted packages or modules
A user never needs all kinds of services and packages that came with the distribution of Linux. Users can remove the applications and packages that are not used frequently. This will assist in hardening the operating system as it will result in less worry through which the system will be affected.
-
Disabling the unused ports of networks
Unused and open network services and ports are very vulnerable to get affected by hackers, hence, they have to protect against various kinds of exploitation. One can use the command of “ nets” for seeing all kinds of open ports of the network that are used currently along with the associated services. One can also consider the configuration of “iptables” for closing all the open ports. The use of command “chkconfig” can also be sued to disable unwanted services (Dulaney & Easttom, 2017).
-
Using the GbnuPG encryption
Most of the time, hackers make targets for the data during the transition over a network. This makes it very crucial for encrypting the transmissions for the servers by using passwords, certificates and keys. Among the popular tools for encryption is GnuPG which is an authentication system based on a key and can be used for encrypting communications.
Evaluation and recommendations
After starting the system, the user needs to maintain the optimization of the system by ensuring the maximum installation of errata and patches that would include the corrections, updates and fixes to the system along with the applications that are running on the platform. Security Enhanced Linux has to be integrated into the operating system which would make the entire system highly robust and encrypted.
Conclusion
Various aspects of the hardening of the operating system as well as the overall computer system are described in the report. The report has provided in-depth insights into different elements that are used for the installation as well as protecting the operating system.
References
Cheng, Y., Ding, X. and Deng, R.H., 2015, April. Efficient virtualization-based application protection against the untrusted operating system. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (pp. 345-356). ACM.
Chapple, M. and Seidl, D., 2017. CompTIA CSA+ Study Guide: Exam CS0-001. John Wiley & Sons.
Dulaney, E. and Easttom, C., 2017. CompTIA Security+ Study Guide: Exam SY0-501. John Wiley & Sons.
Ferguson, B., 2015. CompTIA Network+ Review Guide, (Exam: N10-006). John Wiley & Sons.
Montgomery, T. and Olson, S., 2018. CompTIA Cloud+ Study Guide Exam CV0-002. John Wiley & Sons.
McDonald, J.T., Manikyam, R., Glisson, W.B., Andel, T.R. and Gu, Y.X., 2017, August. Enhanced Operating System Protection to Support Digital Forensic Investigations. In Trustcom/BigDataSE/ICESS, 2017 IEEE (pp. 650-659). IEEE.
Jann, J., Pattnaik, P., Burugula, R.S. and Dubey, N., International Business Machines Corp, 2015. Method and apparatus for operating system event notification mechanism using file system interface. U.S. Patent 8,935,579.