Kerberos & WINS Protocols Security Research Paper

IN PROGRESS
Bids
3
Avg Bid (USD)
$208
Project Budget (USD)
$30 - $250

Project Description:
1 Line description:
Research the Kerberos & WINS protocols and their use in Microsoft Windows. Suggest vulnerabilities in each protocol, and describe the work in a detailed technical paper.


Goals of the project:
1. Research and understand the Kerberos & WINS protocols
2. Research and understand the ways Windows uses these protocols
3. Research known vulnerabilities in these protocols
4. Write two technical papers (one per protocol) which describe and explain the protocol, and enumerate the protocol's known vulnerabilities.
Detailed Requirements:
Kerberos
1. Describe the purpose of the Kerberos protocol and its general use.
2. Describe the authentication algorithms used by the protocol. Include detailed flow diagrams to explain every use case of the Kerberos protocol.
3. Describe the different messages of the protocol, including tables representing the format of the packet. Be as detailed as possible, i.e. describe each field of every message, its size in bytes, and its possible values. For bitmask fields, explain every bit.
4. Describe Windows processes which use Kerberos for authentication. For example: user login to a domain workstation, user access of a shared folder on a file server, login to exchange, login to IIS servers, etc. Include flow diagrams to describe the different use cases. Include network captures (pcap files) of these processes. Make sure to describe both human driven processes (e.g. user login) and automatic/program driven processes (i.e. operating system services, web applications, client software, etc.).
5. Research known vulnerabilities of the protocol and explain each one. All types of vulnerabilities may be included: denial of service, brute force attacks, replay attacks, credentials theft, spoofing, etc.

WINS
1. Describe the purpose of the WINS protocol and its general use.
2. Describe the different messages of the protocol, including tables representing the format of the packet. Specify the use of every field and the possible values of every field. Include table diagrams portraying of type of message.
3. Describe Windows processes which use the WINS protocol for name resolution. Focus on when the operating system uses DNS for name resolution and when it uses WINS. List as many use cases as possible, describe each one and include a network capture (pcap file) of it.
4. Research known vulnerabilities of the WINS server. Include denial of service attacks, reply forging, WINS server spoofing, etc.

General Guidelines:
1. Do not copy&paste from popular web sites
2. Include links, citations & bibliography to back up your work
3. Use proper, well explained English.
4. In-text citations: Every description, example, quotation etc. is expected to be supported in the text by relevant links and citations. Additionally, all references should be listed in a detailed bibliography
5. Arial 10 font, 8 pages min per protocol (16 pages min total)

Skills required:
Computer Security, Technical Writing, Web Security, Windows Server
Qualifications required:
us_eng_1 US English - Level 1
About the employer:
Verified
Public Clarification Board
Bids are hidden by the project creator. Log in as the employer to view bids or to bid on this project.
You will not be able to bid on this project if you are not qualified in one of the job categories. To see your qualifications click here.


$ 250
in 8 days
$ 184
in 5 days
$ 189
in 3 days