SEC602 Labs

Lab 7 | Implementing Public Key Infrastructure The following lab is designed to help us become more familiar with the basic concepts of cryptography and partake in the process of implementing a public key infrastructure.   We started by inspecting elements inside the certificate authority, interesting to learn was that the certificate authority contains a certificate the authenticates itself, issued by itself. If subordinate CA's were produced they would instead have certificates issued by this CA instead of themselves, I also learnt that root CA's are typically kept offline unless they have actions they need to perform, this further solidifies a networks security posture. We inspecting multiple elements of a certificates authorities & the lab text gave informative information on many of them. Next, we undertook the tasks of implementing a certificate ourselves. We created a certificate in our VM that is hosting the classroom website, ...

Lab 8 | Deploying Certificates and Implementing Key Recovery In this lab, we are experimenting with key recovery whilst also learning more about some more nuances of the certificate authority service.   First, we requested a certificate to our WIN10-WS machine from a browser console, this took some problem solving from people in the class due to the original instructions not working in Microsoft edge, it only worked within internet explorer with a specific configuration. Viewing the recovery certificate thumbnails, these were noted down for later use to ensure we were still working with the correct certificate. Retrieving the certificate using the serial number of the certificate Successful recovery of the certificate file in WIN10-WS, using the password. Successfully regaining access to the files after we deleted the certificate, we used the key recovery to reinstate the certificate that was deleted. Lab Questions Ex 3 | 5 ...

Lab 5 | Using Network Scanning Tools 2 In this lab, we further explore the capability of network scanning tools that monitor the communications between hosts running on our local network. For this lab to function correctly we need to use a virtual router that has 'promiscuous' mode enabled which allows one port to read all the traffic that is going through the router it is connected to. This is also commonly known as port mirroring.  We have used the application 'Wireshark' to inspect the traffic that we are picking up, using this we can see the content of frames including the information at each layer which proves to be rather extensive in that we can see the contents of the packet entirely. Pictures above is a DHCP frame. Above we are following the content stream of an SMB2 frame, this interface shows the communication between the two hosts which is defined by the blue & red colouring. This allows us to observe the exchange between two host...

Lab 4 | Using Network Scanning Tools 1 In this lab, we experiment with network scanning tools in order to help understand their functionality and the information we can gather from using them. Our first venture was scanning a host to see what information we could freely gather in this environment, using this tool we have the ability to identify which ports are open, the devices mac address and other technical information. Following this process we used zenmap to explore the variety of information we can gather from scans without our little network, as you can see in some of the following screenshots this information was extensive and offered a lot more then what I thought was available from a simple network scan. Without going into too much detail I can describe the contents of the scan to be of critical nature, including open ports which can result in exploitable security vulnerabilities. Lab Questions Ex 2 | 2 Type nmap -sS 1...