BASIC BASH PORT SCANNER

/in /by

 In attached File is the starter code 

1 Overview

For this project you will be given a bash script that implements a basic TCP port scanner, which you will improve by adding several features. You will also submit a report documenting your code changes and describing how to use the script.

2 Motivation

This project concerns the scanning phase of penetration testing. A network port scanner is an essential tool for any penetration tester. Finding open ports on hosts is a key first step to finding vulnerabilities.

Though there are already exist full-featured port scanning tools, the ability to script such a tool could be very valuable to a penetration tester, who may wish to scan from an environment where no such tool installed and has no privileges to install one.

More importantly, writing such a tool for yourself in bash is a good way to build your scripting ability and gain an understanding of network and network programming.

3 Required code features

In class, we described the command-line usage of the bash port scanner script distributed with the project. You are to add the following features to the program. All the features described must work correctly, separately and in combination.

3.1 Command-line argument for timeout (25 points)

Modify your program to accept an optional command-line argument -t, followed by a space and an additional numerical argument, which sets the timeout value for the echo command in the portcheck function. The argument must come before the hostname and start and stop ports. If the argument is not given, the timeout should remain at a default value of 2. If the argument is given, in addition to changing the timeout, the script should print out an informational message “Timeout changed to <value>”.

For example, ./portscanner.sh -t 3 www.yahoo.com 40 80 should change the default timeout for each write to /dev/tcp to 3 seconds.

Note: adding this feature will also require you to change the way you scan and save the command line arguments for hostnames. The number and place of command line arguments will now vary depending on whether the user uses the ’-t’ option or not. You will have to add program logic to account for this, so that everything works correctly in either case.

3.2 Interactive/batch mode (25 points)

Modify the script so that it also works interactively. Specifically, if no hostname is given on the command line, the program should interactively ask for a hostname, starting port, and ending port with three separate prompts, and carry out its scan using those values. After scanning finishes, the program should loop to receive another set of values, stopping only when the user enters a blank host name.

If this feature is implemented properly, it will also allow you to run the script in ’batch’ mode, by “piping in” a plain text file with the hostname on the first line, start port on the second, stop port on the third, and repeating for as many hosts as you wish to scan.

For example, if a file named hosts_to_scan.txt contains a list of hosts and ports in the proper format, the program should now work as follows:

cat hosts_to_scan.txt | ./portscanner.sh

The timeout argument should still work in this case as well:

cat hosts_to_scan.txt | ./portscanner.sh -t 3

3.3 Argument number check (15 points)

After correctly implementing the above features, the result will be a script that can be run with either 0, 2, 3, or 5 command-line arguments. As a basic sanity check, Your program should test at the beginning that the number of arguments given is one of these. If not, the user has entered something incorrectly, and the script should output the error message

Usage: ./portscanner.sh [-t timeout] [host startport stopport],

and immediately exit.

4 Required documentation (25 points)

Along with your code, you will submit a plain-text documentation file describing the purpose and function of your program, and with detailed instructions for how to run your program in both interactive and command mode, documenting each of the command-line arguments. You also need to document the format of the input file that the program accepts in batch mode.

You are to write your documentation in the form of a Unix “man” page, with appropriate sections and headers. A template will be given with a suggested format for this. You can also look at some man pages on the Kali VM for inspiration.

If your program has known bugs or limitations, these must also be documented. Clearly documenting any bugs or issues you could not solve may help your grade. However, “I waited until the last minute and ran out of time” is not an acceptable justification.

5 What to turn in

Please submit your project to the Blackboard assignment page as a zip or tar archive containing the following three files:

  • The bash source file for your program, named portscanner.sh. Below the #!/bin/bash line, the file should have a comment line or lines including your name, the course number, and the submission date.
  • A sample input file hosts_to_scan.txt to run your program in batch mode, containing three different hosts and start/stop port settings.
  • The documentation file README.txt, as described above.

Please do not include any additional files or program versions in your submission.

6 Grading

Your submitted program will be tested for correctness on a Linux virtual machine running the same version of Kali that we installed in class. I will test for correct implementation of the above features by running your script with a variety of command-line and file inputs.

To receive full credit, your program must continue to perform port scanning properly, with the features implemented exactly as described above. Bugs will cause a loss of credit in proportion to how much they affect the running of the program.

Some sample command-lines that I will use to test your program include, but are not limited to, the following:

./portscanner.sh www.yahoo.com 40 90



./portscanner.sh -t 3 www.yahoo.com 45 85



./portscanner.sh 



./portscanner.sh -t 1



cat hosts_to_scan.txt | ./portscanner.sh 



cat hosts_to_scan.txt | ./portscanner.sh -t 3

If you have any doubts about how the program should behave for any of these inputs, please ask.

As this project is a simple proof-of-concept script, your program is not required to check for every possible error condition or wrong input–only what is implied by the requirements above.

Your documentation will be graded on completeness, organization, and clarity of writing.

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Python help

/in /by

In this assignment you will use PLY, a scanner and parser generator tool to create a scanner and parser for a grammar that is a slight modification to the one in last week’s homework (shown below). PLY is a Python version of the popular C tools lex and yacc. Note that using a generator is a simplified way of creating a scanner or parser and is much easier than writing either one manually. Begin by reading the following sections of the PLY documentation (found here). The docs for PLY are very well-written and easy-to-understand. I recommend reading the material closely and tracing through the examples as this will help immensely when you write your scanner/parser generator.

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

INFS 4950 Project

/in /by

Develop your own Comprehensive Web Application

  • Synthesize the conceptual information covered in previous modules to propose your own comprehensive web-based application that you will develop
  • Design a consistent look for your web application 
  • Create an intuitive navigation structure for your web application
  • Develop your proposed web application using the ASP.NET Core MVC tools and coding techniques covered in previous modules
  • Incorporate at least one user story within your application for adding, updating, and deleting data in a database table

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

For loops – Zybooks

/in /by

 Hi! Can everyone help me solve this java problem? 

Write code that prints: Ready! firstNumber … 2 1 Blastoff!
Your code should contain a for loop. Print a newline after each number and after each line of text.   

Ex: If the input is:  

3  

The output is:  

Ready! 

3

2

1

Blastoff!

This is my code: 

import java.util.Scanner;

public class ForLoops {

   public static void main (String [] args) {

      int firstNumber;

      int i;

      Scanner input = new Scanner(System.in);

      firstNumber = input.nextInt();

      System.out.println("Ready!\n"+firstNumber);

      for (i=firstNumber;i>1; i--){

           firstNumber--;

           System.out.println(""+firstNumber);

       }

       System.out.println("Blastoff!");

   }

}

When running the program, my output only matches the two outputs as shown in the attached picture. The rest do not match. How can my code be the same as the expected output as in the attached image?

Thanks, everyone!

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Discussion 1- Initiating the Project

/in /by
  1. Using an example of your own, describe a project in terms that are common to most projects. Define the terms based on Kloppenborg text and then apply these to your example.
  2. Discuss how a project could be successful in terms of some measures yet unsuccessful by others.
  3. Compare and contrast project managers and functional managers.

Your post must be substantive and demonstrate insight gained from the course material. Postings must be in the student’s own words – do not provide quotes.

APA format required.

Text-

Title: Contemporary Project Management 

ISBN: 9781337406451 

Authors: Timothy Kloppenborg, Vittal S. Anantatmula, Kathryn Wells 

Publisher: Cengage Learning 

Publication Date: 2018-02-08 

Edition: 4th

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Survey Instrument

/in /by

One of the ways in which usability professionals collect data, and for that matter academic professionals, is the use of a Survey Instrument

Create a paper-based survey instrument evaluating the Amazon Website. 

In the assignment, you are expected to include: 

1. Participant Demographic Data (Name, Age, Gender, Location, Education etc.) 

2. Participation Consent

3. 8 – 10 Measurable Quantitative Questions (Using a scale to support measurement, i.e., Likert)

4. 2 – 4 Qualitative Questions 

This survey is a PAPER PROTOTYPE not to be completed using a survey instrument such as Survey Monkey.

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Need Help

/in /by

1) Discussion – InfoTech_Mobile_application 

2) Research Paper – Emerging Threats and countermeasure

3) Project_InfoTech_Mobile_Application

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

Policy Drafting Exercise: Internet of Things (IoT)

/in /by

Deadline: 24 Hours from now

Instructions are attached: 

Make sure you read every part of the instructions document. I need every part and every information covered. I would not like to have problems with you when the work is done.

Part of the instructions include:

  

Here is the complete exercise:

· Part 1 of the paper should describe the future home identifying the types of internet connected devices that you anticipate, the benefits that such connections may offer and the issues and challenges that such connections present.

· Part 2 should provide your recommended policy concerning data collection, sharing, data usage, protection of data collected, etc. Part 2 should also have a Conclusion. In your Conclusion, present what you learned from this exercise and identify specific concerns regarding the Internet of Things (IoT) and the future it portends

I need an ideal, accurate, exhaustive and well informative paper that covers everything stated

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

work sheet

/in /by

 1. What is SCW and how is it used? 

2. Can SCW apply security policies to multiple servers at a time? 

3. Would the same policy work for any server in your network? 

 4. The SCW allows a security policy to be applied now or later. Why might a network administrator want to apply a policy later? 

5. Why would disabling services be important in securing and optimizing server performance? What determines which services are disabled? 

6. What types of Windows Firewall are built-in with the Windows 2012 operating system? What are the differences? 

 7. How are SCW policies tied with Windows Firewall? 

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now

8 Final Project Milestone Two: Draft of Memo

/in /by

 8 Final Project Milestone Two: Draft of Memo Task: Submit to complete this assignment

To complete this assignment, review the prompt and grading rubric in the Milestone Two Guidelines and Rubric document. When you have finished your work, submit the assignment here for grading and instructor feedback.

                        ISE 640 Milestone Two Guidelines and Rubric 

Overview: The milestone assignments in this course directly support you in the second final project, a memo. Consider the feedback you have received in class discussions, along with notes you have made in your non-graded investigative journal, to complete this milestone assignment. 

This is Milestone Two, a draft of Final Project Two: Memo. The final product will be submitted in Module Ten. 

Prompt: For the summative assessment, you will be taking on the role of a cybersecurity practitioner. You will need to act as a domain expert communicating to a non-expert stakeholder. For this milestone, you will be focusing on details of the investigation: resources needed, methods, and findings. Remember that the forensic notes provided to you may assist you in addressing the critical elements. 

Specifically, the following critical elements must be addressed:

   I. Key Details: Describe how the results from the forensic investigation assisted you with resolving the incident and identifying security impacts. 

  II. Implications for Legal Action: Describe the accuracy, validity, and defensibility of the investigative steps that were taken. 

   III. Audience Appropriate: Your entire internal memo should employ brevity and consumable language while presenting the necessary information. 

Rubric Guidelines for Submission: Your assignment should adhere to the following formatting requirements: Write 3 to 4 double-spaced pages using 12-point Times New Roman font and one-inch margins. You should use current APA style guidelines for your citations and reference list. 

  

                            ISE 640 Final Project Forensic Notes

Use the information in this document to help you complete your final project. 

Drew Patrick, a director-level employee, is stealing intellectual property from a manufacturing company. The company is heavily involved in high-end development of widgets. Drew has access to corporate secrets and files. He is planning on leaving the company, taking the intellectual property with him, and going to work for a competitor. There is suspicion of him doing this, so human resources (HR) notified the information technology (IT) department to monitor Drew’s past history. An internal investigation is launched due to Drew’s abnormal behavior. The IT department confirms that they have found large files and emails. Forensics identified unauthorized access, transmission, and storage of intellectual property by Drew. Evidence found will be used to support legal civil and criminal proceedings. 

Scenario ACME Construction Company designs, manufactures, and sells large construction vehicles that can cost upwards of a million dollars. They spent hundreds of thousands of hours redesigning their premier excavator. Every piece that goes into the excavator is individually designed to maximize the longevity of the equipment. Known for attention to detail, high-quality work, and industry innovation, this painstaking work is what sets ACME Construction company apart and is attributed for the excellent reputation they enjoy. This, in turn, allows them to charge a premium on their exceptionally well-built products. 

Drew Patrick is a senior manager directly involved with the overall development of ACME’s excavators. His role provides him with access to design documentation, schematics, support documents, and any other technical references maintained in the company’s research and development (R&D) database. The R&D database is maintained by ACME’s information technology (IT) department, which is supported by a security operations center (SOC). The SOC uses Snort as a core component of their security information and event management (SIEM) system to keep tabs on network traffic, authentication requests, file access, and log file analysis. 

The SIEM alerted SOC personnel of potential peer-to-peer (P2P) traffic originating from the internet protocol (IP) address associated with Drew’s computer. However, analysis of Active Directory logs indicated that Drew was not logged into his account at the time the files were transferred via the P2P application. ACME enforces two-factor authentication and does not allow for computer sharing. The SOC personnel began an incident report based on the identification of P2P traffic, which violates company policy. As per company policy, the SOC personnel gave human resources (HR) and the legal team the incident report. The legal team asked for further investigation. Upon further inspection of the P2P activity, several file transfers were discovered. The files transferred match the names of files in the R&D database containing intellectual property developed by Drew’s development team. Additionally, the files were transferred to IP addresses that are not owned or controlled by ACME Corporation. 

Analysis of the server access logs indicated that Drew had been logging into the R&D database for several weeks prior to the external file transfers taking place. Network logs from the Intrusion Prevention Systems (IPSs) indicated that the files of interest had been transferred to Drew’s desktop computer prior to the external transfer. ACME has a strict policy against maintaining intellectual property anywhere other than the designated servers. File access logs on the R&D servers confirmed that the account belonging to Drew had copied the files in question. 

At this point, fearing a loss of intellectual property, in addition to numerous policy violations, ACME called in the digital forensic team to take over the investigation. The forensics team proceeded to capture the log files from relevant computer systems and created a forensically sound copy of the hard disk drive on Drew’s computer. The log files investigated included the corporate mail, domain name server (DNS), and dynamic host configuration protocol (DHCP) servers, as well as physical access logs. Additionally, packet capture logs from the firewalls and intrusion detection system (IDS) were gathered and analyzed. This detailed investigation revealed that file transfers of intellectual property were indeed done from Drew’s computer, however, Drew’s account was not logged in at the time of the transfer. The only account active on the suspect computer was an anonymous account that had been created on 9/17/2016 at 9:57 p.m. 

The following notes were provided by the Forensic Team: 

Forensic Team Investigation Notes Notes from the investigative team about the forensic findings of the hard drive image obtained from Drew Patrick’s hard drive: 

 Chain of custody document was begun with the sizing of the Western Digital Hard Drive 500 GB with serial number NB497356F from Drew Patrick’s computer.  Hard drive was duplicated using forensic toolkit (FTK) software to preserve the original hard drive image. A hash was created for the original and the copied image to prove both images were the same.  The operating system of the image was Windows-based. The operating system used a new technology file system (NTFS) file structure.  The hard drive was analyzed using Autopsy and Windows Forensic Toolchest. The sort and index functions were used to isolate the files needed for further analysis. These files include types SQL, Excel, email, chat, and HTML. Slack space was also analyzed. 

Files and Findings EMAIL (Microsoft Outlook): Numerous emails were found that contained references to proprietary information. Some emails were to non-ACME Corporation email accounts, and they promised information pertaining to equipment design. Follow-up emails were found that asked for assurance of a promised managerial position. 

CHAT (AOL Instant Messenger): Several chat conversations were recovered containing information about possession of proprietary documents. 

SQL (Microsoft Database): SQL database files revealed proprietary information and connection logs to a remote SQL server. Two additional SQL database files were encrypted and were not successfully unencrypted. 

EXCEL (Microsoft Excel): Numerous Excel files were located on the hard drive. These files contained parts list and parts specifications concerning proprietary construction equipment. These files had csv and xls extensions. 

HTML: Recovered internet web browser cache revealed that the dark web was searched for proprietary information brokers. An email address was created to correspond in the dark web for buyer transactions called [email protected]. Internet cache also revealed that YouTube was searched for the subjects “selling intellectual property” and “selling on the dark web.” Recovered internet browser history revealed pictures and illustrations on encrypting SQL database files. Internet browser history also revealed searches concerning how to exploit the vulnerabilities of an SQL database. 

SLACK SPACE (hidden data and temporary files): Hidden information in the slack space was revealed to contain temporary internet files on searches for “advertising stolen data” and “hacking sql servers.” These files, once revealed, were in plain text and read using Notepad.

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now