Completed

Software dev, network analysis and risk assessment. (code & report 1500-2000 words)

This project was successfully completed by mdakteruzzaman for $70 USD in 3 days.

Get free quotes for a project like this
Employer working
Completed by:
Project Budget
$30 - $250 USD
Completed In
3 days
Total Bids
5
Project Description

Task consists of software development task, an network analysis task and a risk

assessment. It will test the following module level learning outcomes:


Task details Instructions

Read the entire Task specification sheet thoroughly.

Task specification

You must choose one of the projects detailed below and use that for their

Task, unless you have been given permission otherwise.



Each Candidate must identify at least 4 security issues with their chosen project and fix at

least 2 major issues. You find and fix more security issues if you wish and credit will be

given for the range of security issues that you have identified. Credit will also be given

for finding vulnerabilities that nobody else has found

The security issues may be design issues, implementation issues or a mixture of the

two.

All fixes must be implemented in a secure manner. The design, implementation and

testing of the fixes must be given in your final report.

All Candidates must perform a pen test of their DVL VM (with all the services running)

using, as far as possible, the framework given in the lecture (some stages will obviously

not be appropriate and you may omit those stages).

All Candidates must present a technical and a management report of their findings. The

reports should contain the following

o An overall summary of what the software chosen does (both reports)

o An overall summary of the results of the pentest (both reports)

o A high level design of the software (technical report)

o A detailed design of changes made (technical report)

o A detailed justification of changes made, showing how they comply with secure

coding guidelines (technical report)

o A detailed list of services running on DVL (technical report)

o A detailed summary of the implications of the vulnerabilities found in the pentest,

grouped in a logical manner (technical report)

o A high level list of recommended actions to take to resolve the vulnerabilities

(management report)

o A detailed list of recommended actions to take to resolve the vulnerabilities

(technical report)

o A discussion of implications of not fixing the vulnerabilities (both pentest and

software) and of the resources required to fix the issues (management report)

All Candidates must hand in a short additional reflective report, reflecting on their learning

experience


Project choice

For this piece of Task you are expected to develop a system that closely follows the secure coding requirements. You can choose any of the following three projects:

Shimmer [url removed, login to view]

Shimmer is a pair of small programs (a client and a server) that provide an

alternative to port knocking program and are used to hide a valuable port (such as

a hidden web server or SSH) on a public IP address.

Unlesbar [url removed, login to view]

Unlesbar is thought to be an electronic safe for sensitive data you want to keep in

a safe place.

OpenStego [url removed, login to view]

OpenStego is the free Steganography solution. Steganography is the science of

hiding secret message inside another larger and harmless looking message. You

should use the latest version of OpenStego



These projects have been chosen because they are known to have security issues. If you want to choose a different project altogether, you will need to get approval from Faye Mitchell or Mark Green in advance. Note that Task submissions that have not been approved will be severely marked down for not obeying Task guidelines.

Submission details

You must submit paper and electronic copies of the technical and management reports and electronic copies of the code and reflective report.
Electronic copies of the original code and your modifications (clearly commented)

The Technical report

The Management report

The reflective report

55% of the marks will be allocated to the software aspects. 35%of the marks to the penetration aspect. 10% to the reflective report.

Please see attachment.

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online