long long int power(int a, int b, int mod)

{
long long int t; if(b==1)
return a; t=power(a,b/2,mod); if(b%2==0)
return (t*t)%mod; else
return (((t*t)%mod)*a)%mod;
}
long int calculateKey(int a, int x, int n)
{
return power(a,x,n);
}
void main()
{
int n,g,x,a,y,b; clrscr();
printf("Enter the value of n and g : "); scanf("%d%d",&n,&g);
printf("Enter the value of x for the first person : "); scanf("%d",&x);
a=power(g,x,n);
printf("Enter the value of y for the second person : "); scanf("%d",&y);
b=power(g,y,n);
printf("key for the first person is :
%lld\n",power(b,x,n));
printf("key for the second person is :
%lld\n",power(a,y,n)); getch();
}

OUTPUT:
 Experiment No. -4

Installation of Wire shark, tcpdump, etc and observe data transferred in client
server communication using UDP/TCP and identify the UDP/TCP datagram.

Introduction
The first part of the lab introduces packet sniffer, Wireshark. Wireshark is a free open- source network
protocol analyzer. It is used for network troubleshooting and communication protocol analysis. Wireshark
captures network packets in real time and display them in human-readable format. It provides many
advanced features including live capture and offline analysis, three-pane packet browser, coloring rules
for analysis. This document uses Wireshark for the experiments, and it covers Wireshark installation,
packet capturing, and protocol analysis.

Figure 1: Wireshark in Kali Linux

Background

TCP/IP Network Stack

Figure 2: Encapsulation of Data in the TCP/IP Network Stack

In the CSC 4190 Introduction to Computer Networking (one of the perquisite courses), TCP/IP network
stack is introduced and studied. This background section briefly explains the concept of TCP/IP network
stack to help you better understand the experiments. TCP/IP is the most commonly used network model
for Internet services. Because its most important protocols, the Transmission Control Protocol (TCP) and
the Internet Protocol (IP) were the first networking protocols defined in this standard, it is named as
TCP/IP. However, it contains multiple layers including application layer, transport layer, network layer,
and data link layer.
- Application Layer: The application layer includes the protocols used by most applications
for providing user services. Examples of application layer protocols are Hypertext
Transfer Protocol (HTTP), Secure Shell (SSH), File Transfer Protocol (FTP), and Simple
Mail Transfer Protocol (SMTP).
- Transport Layer: The transport layer establishes process-to-process connectivity, and it
provides end-to-end services that are independent of underlying user data. To
implement the process-to-process communication, the protocol introduces a concept of
port. The examples of transport layer protocols are Transport Control Protocol (TCP) and
User Datagram Protocol (UDP). The TCP provides flow- control, connection
establishment, and reliable transmission of data, while the UDP is a connectionless
transmission model.
 - Internet Layer: The Internet layer is responsible for sending packets to across networks.
It has two functions: 1) Host identification by using IP addressing system (IPv4 and IPv6);
and 2) packets routing from source to destination. The examples of Internet layer
protocols are Internet Protocol (IP), Internet Control Message Protocol (ICMP), and
Address Resolution Protocol (ARP).
- Link Layer: The link layer defines the networking methods within the scope of the local
network link. It is used to move the packets between two hosts on the same link. An
common example of link layer protocols is Ethernet.

Packet Sniffer

Packet sniffer is a basic tool for observing network packet exchanges in a computer. As the name
suggests, a packet sniffer captures (“sniffs”) packets being sent/received from/by your computer; it will
also typically store and/or display the contents of the various protocol fields in these captured packets. A
packet sniffer itself is passive. It observes messages being sent and received by applications and protocols
running on your computer, but never sends packets itself.
Figure 3 shows the structure of a packet sniffer. At the right of Figure 3 are the protocols (in this case,
Internet protocols) and applications (such as a web browser or ftp client) that normally run on your
computer. The packet sniffer, shown within the dashed rectangle in Figure 3 is an addition to the usual
software in your computer, and consists of two parts. The packet capture library receives a copy of every
link-layer frame that is sent from or received by your computer. Messages exchanged by higher layer
protocols such as HTTP, FTP, TCP, UDP, DNS, or IP all are eventually encapsulated in link-layer frames
that are transmitted over physical media such as an Ethernet cable. In Figure 1, the assumed physical
media is an Ethernet, and so all upper-layer protocols are eventually encapsulated within an Ethernet
frame. Capturing all link-layer frames thus gives you access to all messages sent/received from/by all
protocols and applications executing in your computer.
The second component of a packet sniffer is the packet analyzer, which displays the contents of all fields
within a protocol message. In order to do so, the packet analyzer

Figure 3: Packet Sniffer Structure

must “understand” the structure of all messages exchanged by protocols. For example, suppose we are
interested in displaying the various fields in messages exchanged by the HTTP protocol in Figure 3. The
packet analyzer understands the format of Ethernet frames, and so can identify the IP datagram within an
Ethernet frame. It also understands the IP datagram format, so that it can extract the TCP segment within
the IP datagram. Finally, it understands the TCP segment structure, so it can extract the HTTP message
contained in the TCP segment. Finally, it understands the HTTP protocol and so, for example, knows that
the first bytes of an HTTP message will contain the string “GET,” “POST,” or “HEAD”.
We will be using the Wireshark packet sniffer [http://www.wireshark.org/] for these labs, allowing us to
display the contents of messages being sent/received from/by protocols at different levels of the protocol
stack. (Technically speaking, Wireshark is a packet analyzer that uses a packet capture library in your
computer). Wireshark is a free network protocol analyzer that runs on Windows, Linux/Unix, and Mac
computers.

Getting Wireshark
The Kai Linux has Wireshark installed. You can just launch the Kali Linux VM and open Wireshark there.
Wireshark can also be downloaded from here:
https://www.wireshark.org/download.html

Figure 4: Download Page of Wireshark

Starting Wireshark
When you run the Wireshark program, the Wireshark graphic user interface will be shown as Figure 5.
Currently, the program is not capturing the packets.
 Figure 5: Initial Graphic User Interface of Wireshark
Then, you need to choose an interface. If you are running the Wireshark on your laptop, you need to
select WiFi interface. If you are at a desktop, you need to select the Ethernet interface being used. Note
that there could be multiple interfaces. In general, you can select any interface but that does not mean that
traffic will flow through that interface. The network interfaces (i.e., the physical connections) that your
computer has to the network are shown. The attached Figure 6 was taken from my computer.

After you select the interface, you can click start to capture the packets as shown in Figure 7.

Figure 6: Capture Interfaces in Wireshark

 Figure 7: Capturing Packets in Wireshark

Figure 8: Wireshark Graphical User Interface on Microsoft Windows

 packets captured since you began packet capture see image below:

5. Color Coding: You’ll probably see packets highlighted in green, blue, and black.
Wireshark uses colors to help you identify the types of traffic at a glance. By default,
green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic, and black identifies
TCP packets with problems — for example, they could have been delivered out-of-order.
6. You now have live packet data that contains all protocol messages exchanged between
your computer and other network entities! However, as you will notice the HTTP
messages are not clearly shown because there are many other packets included in the
packet capture. Even though the only action you took was to open your browser, there
are many other programs in your computer that communicate via the network in the
background. To filter the connections to the ones we want to focus on, we have to use
the filtering functionality of Wireshark by typing “http” in the filtering field as shown
below:
Notice that we now view only the packets that are of protocol HTTP. However, we also still do not have
the exact communication we want to focus on because using HTTP as a filter is not descriptive enough to
allow us to find our connection to http://www.wayne.edu. We need to be more precise if we want to
capture the correct set of packets.
7. To further filter packets in Wireshark, we need to use a more precise filter. By setting
the http.host==www.wayne.edu, we are restricting the view to packets that have as an
http host the www.wayne.edu website. Notice that we need two equal signs to perform
the match “==” not just one. See the screenshot below:

8. Now, we can try another protocol. Let’s use Domain Name System (DNS) protocol as an
example here.
9. Let’s try now to find out what are those packets contain by following one of the
conversations (also called network flows), select one of the packets and press the right
mouse button (if you are on a Mac use the command button and click), you should see
something similar to the screen below:

Click on Follow UDP Stream, and then you will see following screen.
10. If we close this window and change the filter back to “http.host==www.wayne.edu”
and then follow a packet from the list of packets that match that filter, we should get
the something similar to the following screens. Note that we click on Follow TCP
Stream this time.
Network sniffing is the process of intercepting data packets sent over a network. This can be
done by the specialized software program or hardware equipment. Sniffing can be used to;

 Capture sensitive data such as login credentials

 Eavesdrop on chat messages
 Capture files have been transmitted over a network

The following are protocols that are vulnerable to sniffing

 Telnet
 Rlogin
 HTTP
 SMTP
 NNTP
 POP
 FTP
 IMAP

The above protocols are vulnerable if login details are sent in plain text

Passive and Active Sniffing

Before we look at passive and active sniffing, let’s look at two major devices used to network
computers; hubs and switches.

A hub works by sending broadcast messages to all output ports on it except the one that has
sent the broadcast. The recipient computer responds to the broadcast message if the IP address
matches. This means when using a hub, all the computers on a network can see the broadcast
message. It operates at the physical layer (layer 1) of the OSI Model.
The diagram below illustrates how the hub works.

A switch works differently; it maps IP/MAC addresses to physical ports on it. Broadcast
messages are sent to the physical ports that match the IP/MAC address configurations for the
recipient computer. This means broadcast messages are only seen by the recipient computer.
Switches operate at the data link layer (layer 2) and network layer (layer 3).

The diagram below illustrates how the switch works.

Passive sniffing is intercepting packages transmitted over a network that uses a hub. It is called
passive sniffing because it is difficult to detect. It is also easy to perform as the hub sends broadcast
messages to all the computers on the network.

Active sniffing is intercepting packages transmitted over a network that uses a switch. There
are two main methods used to sniff switch linked networks, ARP Poisoning, and MAC flooding.
Sniffing the network using Wireshark

The illustration below shows you the steps that you will carry out to complete this exercise without
confusion

Download Wireshark from this link http://www.wireshark.org/download.html

 Open Wireshark
 You will get the following screen

 Select the network interface you want to sniff. Note for this demonstration, we are using a
wireless network connection. If you are on a local area network, then you should select the
local area network interface.
 Click on start button as shown above

 Open your web browser and type in http://www.techpanda.org/

 The login email is admin@google.com and the password is Password2010
 Click on submit button
 A successful logon should give you the following dashboard

 Go back to Wireshark and stop the live capture

 Filter for HTTP protocol results only using the filter textbox
 Locate the Info column and look for entries with the HTTP verb POST and click on it

 Just below the log entries, there is a panel with a summary of captured data. Look for the
summary that says Line-based text data: application/x-www-form-urlencoded

 You should be able to view the plaintext values of all the POST variables submitted to the
server via HTTP protocol.
STEP-11: Add the path variable in windows environment variable by selecting new classpath.
STEP-12: Create a path variable and point it at snort.exe variable name € path and variable value €
c:\snort\bin.
STEP-13: Click OK button and then close all dialog boxes. Open command prompt and type the
following commands:

INSTALLATION PROCESS :
RESULT: Thus the demonstration of the instruction detection using Snort tool was done
successfully.
Experiment No.- 8

Demonstrate how to provide secure data storage, secure data transmission and
for creating digital signatures.

AIM:
Demonstrate how to provide secure data storage, secure data transmission and for creating digital
signatures (GnuPG).
INTRODUCTION:
Here’s the final guide in my PGP basics series, this time focusing on Windows The OS in question
will be Windows 7, but it should work for Win8 and Win8.1 as well Obviously it’s not
recommended to be using Windows to access the DNM, but I won’t go into the reasons here. The
tool well be using is GPG4Win
INSTALLING THE SOFTWARE:
Visit www.gpg4win.org. Click on the “Gpg4win 2.3.0” button
On the following screen, click the “Download Gpg4win” button.
When the “Welcome” screen is displayed, click the “Next” button
When the “License Agreement” page is displayed, click the “Next” button

Set the check box values as specified below, then click the “Next” button

Set the location where you want the software to be installed. The default location is fine. Then,
click the “Next” button.
Specify where you want shortcuts to the software placed, then click the “Next” button.

If you selected to have a GPG shortcut in your Start Menu, specify the folder in which it will be
placed. The default “Gpg4win” is OK. Click the “Install” button to continue
A warning will be displayed if you have Outlook or Explorer opened. If this occurs, click the “OK”
button.

The installation process will tell you when it is complete. Click the “Next” button

Once the Gpg4win setup wizard is complete, the following screen will be displayed. Click the
“Finish” button
If you do not uncheck the “Show the README file” check box, the README file will be
displayed. The window can be closed after you’ve reviewed it.
CREATING YOUR PUBLIC AND PRIVATE KEYS
GPG encryption and decryption is based upon the keys of the person who will be receiving the
encrypted file or message. Any individual who wants to send the person an encrypted file or message
must possess the recipient’s public key certificate to encrypt the message. The recipient must have
the associated private key, which is different than the public key, to be able to decrypt the file. The
public and private key pair for an individual is usually generated by the individual on his or her
computer using the installed GPG program, called “Kleopatra” and the following procedure:
From your start bar, select the “Kleopatra” icon to start the Kleopatra certificate management
software

The following screen will be displayed From the “File” dropdown, click on the “New Certificate”
Option
The following screen will be displayed. Click on “Create a personal OpenGPG key pair” and the
“Next” button
The Certificate Creation Wizard will start and display the following:

Enter your name and e-mail address. You may also enter an optional comment. Then, click the
“Next” button
Review your entered values. If OK, click the “Create Key” button

You will be asked to enter a passphrase

The passphrase should follow strong password standards. After you’ve entered your passphrase, click the
“OK” button.

You will be asked to re-enter the passphrase Re-enter the passphrase value. Then click the “OK” button. If the
passphrases match, the certificate will be created.
Once the certificate is created, the following screen will be displayed. You can save a backup of your public
and private keys by clicking the “Make a backup Of Your Key Pair” button. This backup can be used to copy
certificates onto other authorized computers.
If you choose to backup your key pair, you will be presented with the following screen:
Specify the folder and name the file. Then click the “OK” button.
After the key is exported, the following will be displayed. Click the “OK” button.
You will be returned to the “Key Pair Successfully Created” screen. Click the “Finish” button.

Before the program closes, you will need to confirm that you want to close the program by clicking on the
“Quit Kleopatra” button
DECRYPTING AN ENCRYPTED E-MAIL THAT HAS BEEN SENT TO YOU:

Open the e-mail message

Select the GpgOL tab
Click the “Decrypt” button
A command window will open along with a window that asks for the Passphrase to your private key that will
be used to decrypt the incoming message.
Enter your passphrase and click the “OK” button
The results window will tell you if the decryption succeeded. Click the “Finish” button top close the window
Your unencrypted e-mail message body will be displayed.

When you close the e-mail you will be asked if you want to save the e-mail message in its unencrypted form.
For maximum security, click the “No” button. This will keep the message encrypted within the e-mail system
and will require you to enter your passphrase each time you reopen the e-mail message
RESULT:
Thus the secure data storage, secure data transmission and for creating digital signatures (GnuPG) was
developed successfully.