Group Assignment Network Security

ASIA PACIFIC UNIVERSITY (A.P.
U)
GROUP ASSIGNMENT
CT037-3-2-NWS
NETWORK SECURITY
Student Name: HIMESH VORA (TP022558)
DEREK CHIEW (TP022856)
NAGASHAVINDRAN (TP030656)
Lecturer Name: YOGESWARAN A/L NATHAN
Due Date: 11th November 2013
NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 1

ASIA PACIFIC UNIVERSITY (A.P.U)
Table of Contents
Marking Table ................................................................................................................................. 4
Gantt chart ....................................................................................................................................... 5
Work Breakdown Structure ............................................................................................................ 6
Section A......................................................................................................................................... 7
Security thread in Smartphone security (Himesh Vora TP022558) ........................................... 7
Introduction ............................................................................................................................. 7
Research Contents ................................................................................................................... 8
Conclusion .................................................................................................................................... 11
Introduction of Smartphone Security (Nagashavindran TP030656) ............................................ 12
Introduction ............................................................................................................................... 12
How to secure the Smartphone Security ................................................................................... 13
Security Issues of a Smartphone Security................................................................................. 15
Legal, Security and Ethical Issues of a Smartphone Security .................................................. 16
Conclusion ................................................................................................................................ 16
Applications of Mobile Security (Derek Chiew TP022586) .................................................... 17
Recommendations (Section A) ..................................................................................................... 21
Section B ....................................................................................................................................... 22
Introduction ............................................................................................................................... 22
Network Topology between Two companies ........................................................................... 23
Figure 9: Shows the Topology between the two companies..................................................... 23
Solution ..................................................................................................................................... 24
No. 1 - HTTP & HTTPS ........................................................................................................... 24
No.2 - HTTP & HTTPS with DNS ........................................................................................... 25
No 3, 4&5 – Email (POP3&SMTP) ......................................................................................... 26
No 6- Access Lists .................................................................................................................... 28
No 7 - Layer two Securities ...................................................................................................... 30
No 8 – Bastian Host in Application Proxy................................................................................ 33
No. 9 - Connectivity between Company-A and Company-B ................................................... 35
No.10 - Disguised and Encrypted Data Transmission .............................................................. 36
NO 11: Implementing FTP with username and Password ........................................................ 38

No.12 – IDS Intrusion Detection System ................................................................................. 40

No 13 – Virtual Private Networks (VPN) ................................................................................. 42
No. 14 – Secure Socket Layer (SSL) ........................................................................................ 45
Conclusion .................................................................................................................................... 46
Reference ...................................................................................................................................... 47

Marking Table
Individual (60%)
Group (40%)
Diagram/Figures (10)
Critical Thinking and

Documentation (10)
Configurations (10)
Grand Total (100)

Applicability (20)
Presentations (10)
Investigation (10)
Referencing (10)
Analytical (20)
Research and
Names
1 HIMESH JITENDRA VORA

(TP022558)
2 DEREK CHIEW (TP022586)
3 NAGASHAVINDRAN (TP030656)

Gantt chart
Gantt chart showing from Task Name, Start date, Finish Date and the Month Of
September
Gantt chart showing from October-to-November

Work Breakdown Structure
Himesh Derek Nagashavindran

Vora Chiew
Introduction 33.3% 33.3% 33.3%

No.1 - HTTP & HTTPS - - 100%
No.2 - FTP 33.3% 33.3% 33.3%
No.3 - HTTP & HTTPS with 33.3% 33.3% 33.3%
DNS
No.4 & 5 - Email - 100% -

No.6 - Access Lists 100% - -
No.7 - Layer Two Securities 0% 100% -
No.8 - Bastian Host 100% - -

No.9 - Connectivity Between - - 100%
company-A & company-B
No.10 – Disguised and 33.3% 33.3%- 33.3%

encrypted data transmission
No.11 - IDS - - 100%

No.12 - VPN 100% - -
No.13 - SSL - 100% -
Conclusion 33.3% 33.3% 33.3%

Section A
Security thread in Smartphone security (Himesh Vora TP022558)
Introduction
The prominence of the place in security threat in Smartphone security in future converged
network is unquestionable. Phone can also be infected by virus threats same like PC. User can
also receive thread from SMS example like SMS spam. The term name phishing attempts are
sent via SMS, and are used to fool victims into giving up personal data; perhaps it might fake
delivery of the company. Smishing also can be achieved either wholly through a return message
or by being prompted to call a number where the information is recorded. However, these new
Smartphone security have come up with new security vulnerabilities, including security concerns
whose full impact still evolving.
Each of the Smartphone operating system has its own distinct strengths and weaknesses:
however, many are the same and are up to the user and configuration of the password. To avoid
any security thread, user need to remember no to install unnecessary apps, especially if there are
unknown. Malware commonly comes from, with backdoor apps masquerading as secure
application. The consumer must always be careful when visit to unknown sources because;
consumer privacy could lead to catastrophic. Without having any standard security on the
Smartphone, customer could face a lot of problem and prone to hacker more often.

Research Contents
Researcher will be discussing few of the top threats that Smartphone Security found in the
survey one of the greatest vulnerabilities within Smartphone security. Below are some survey
done by customer, the most top is one of the main critical threats.
Ranking Types of Security Treats

1 Spam SMS
2 Data Loss
3 Malicious Insiders
4 Virus
5 Abuse of phone security
6 Shared Technology Issues
Table 1: Ranking of the Smartphone Security
First of all, let’s begin with the Spam SMS is Smartphone Security. As the mobile phone start to
surge in the early 2000s, frequent user of text messaging began to see an increase in the number
of unsolicited (generally unwanted) commercial advertisement that is being sent to their
telephones or through text messaging. Will all this spam SMS is being sent, users might give out
their information to unknown people. Besides that, recipient will also be charge a fee for every
message received, including spam. In North America, mobile spam has steadily increased from
2008 through 2012, but it still remains 1% as December 2012. Parts of Asia increase up to 30%
of messages we spam in 2012. Today in the world most mobile phone is sent from mobile
devices that have prepaid unlimited messaging rate plan.
Data loss is also one of the major threats in Smartphone security. Although account or service
hijacking has been around for quite some time, Smartphone security has brought the threats to a
new platform whereas stolen information, manipulating data, monitoring your mobile transaction
with the browser and also monitoring your calls and SMS. It will be catastrophe if the customer
sensitive information falls into the hands of the hackers. In order to avoid this problem, users

should be more careful to connect to the internet. Basically user must try to avoid using public
Wi-Fi as unknown users are able to monitor your activity. It is better for the user’s to use the 3G
connection where only authorize user’s are allow to connect by using hotspot.
In addition, Malicious Insider is Underappreciated thread, most of the people don’t do not threat
these threat seriously. This type of thread can include fraud, sabotage and theft or loss of
confidential information of the user. This thread can go beyond negligence. Antivirus software,
firewalls are all aimed at these threats.
Figure 1: Percentage viewing of each type of malicious insider.
As a customer, we can be lulled into a false sense of security when it comes to electronics and
download. Most of the user always believes that if they visit one reputable websites and only
download apps, music and games from reputable sites, then all is well. Unfortunately all is not
well; everyone loves all to try all of the new things we discover on mobile phones – sending or
posting messages, organizing business or recreation. Unfortunately just as now this the
Smartphone have become more sophisticated and mainstream, so there is a high possibility user
can have threats, viruses, spyware and also malware. Phone viruses are really harmful because
they can steal personal information entered by the user that is useful in identity theft, make
expensive calls using the victim’s account, or also possible to run down the battery quickly. It is
also becoming increasingly difficult to ensure the safety and security against electronic attacks in
the form of viruses or malware. The first mobile virus is known as “Timofonica” originated from
Spain, which was then identifying by the antivirus labs in Russia and Finland in June 2000.

Rapid advance and continuous innovation in technology have made the world a smaller place.
Following is the abuse of Phone technology, do you ever suspect of someone committing fraud,
waste or abuse against social security. It is amazing how technology has slowly sneaked into our
lives and has become a part of our day to day activities even without a conscious knowledge.
Sadly the cutting edge technology and convenience comes with downsides as well because
information is easily accessible online. Easy access to information has result in new kinds of
crime such as cases of credit frauds and password hackers. Some people use technology to abuse
people like harassing small children by starting a friendly conversation, taking of their shirt
before they know it. This abuse of technology has gross misuse of information has to be tackled
and severed at its roots before it spreads out of control. In order to avoid, cell phones companies
should also strive harder at protecting the customer identity. With a little education and also
awareness, technology can be indeed being made fun, secure and useful. Technology should not
just allow us to do traditional in a different way, it should allow to do things that we though not
possible.
Mobile phones allow people to communicate when, where and with whom they wish. However,
users are often troubled to find themselves available to others. Technology came off period in the
1990s alongside progress of the GSM web in Europe, the emergence of countless transmission
arrangements in the U.S., dispatching of NTT DoCoMo in Japan, and simultaneous development
in the Middle East, the rest of Asia, and Africa (Agar, 2003; Ling and Donner, 2009). As of
2009, there were nearly 4.7 billion mobile phone subscriptions (ITU, 2009), out of a globe
populace of concerning 6.8 billion. Shared Technology issues also has become one of the major
issues in the world, most of the phone share the same technology such as sharing of Music,
Videos and Photos which have become commonplace. Different manufacture has different
technology but overall the concept still remains the same. Privacy also can be in trouble because
some user might share their location such as foursquare and Gowalla which have millions of
users checking every day. In UK, the respondent, 52% say that they were “Very or extremely
concerned”. When mobile phone was first introduced, mobile have enjoyed an especially high
uptake among teenagers and young adults.

Figure 2: Picture of Child being abuse on the Mobile Phone
Conclusion
“One of the best way to manage risk in Smartphone security, it is essential for the Operating
system Organization to understand todays and tomorrow’s threats specific to the Smartphone
security. Security is every bit as important for your Smartphone, especially if you are using a
Smartphone as it was intended: to do your banking, check your emails and generally live your
online life. In addition, it is also important for user to understand the security risks when using a
Smartphone before doing anything. User should always be careful when download application,
files, videos, images from unknown resources and also make sure to make the right decision.
These securities can include privilege user access, regulatory compliance, data location, recovery
and many more. If the giant companies manage to solve this issue, thus the operating system
manufacture can enjoy the advantage of the security that is being provided by the Smartphone
security. Besides that, user should also update their operating system often in order to have
better security and also privacy. On the other hand, another best way to manage security risk also
is to install security software because it helps to protect against malware, remove data wipe. Now
this Smartphone’s are able of doing so much more that the mobile phones compare too few years
ago, with all this great innovation there is also a lot of security risk.

Introduction of Smartphone Security (Nagashavindran TP030656)

Introduction
Nowadays Smartphone securities in the mobile industry around the world are increasing
rapidly. There are many steps are being taken to achieve the greater security for the Smartphone.
Advances in technology nowadays mean that mobile phones can furnish services and features
comparable to desktop or laptop computers. These Smartphone proposals countless new methods
are to converse and arrest and disseminate media. To furnish these new functionalities, the
Smartphone not merely use the mobile web, but additionally link to the internet whichever via a
Wi-Fi connection (similar to a laptop at an internet cafe) or via data connections across the
mobile web operator.
In recent mobile technology, Smartphone normally prop a expansive scope of

functionality web browsing, email, voice and instant messaging above the internet, seizing,
storing and sending audio, videos and photos, enabling communal networking, multi-user games,
investment and countless supplementary activities. Though, countless of these instruments and
features familiarize new protection subjects, or rise continuing risks.
Figure 3: The figure above shows the top 5 enterprise mobile security concerns

How to secure the Smartphone Security
1. Always safeguard your Smartphone alongside a password
One of the most frank protection tips, but one that is from time to time completely overlooked!
Possessing no admission protection at all is just foolish. Swipe outlines are ok, but greasy finger-
trails might expose too much. A four-digit PIN is an enhancement but employing a forceful
passcode is the flawless phone protection.
2. Safeguard that your mechanism locks itself automatically
If you set up password-protection on your phone but next depart it unlocked on your desk for 15
minutes, you won't have attained extremely much. Most Smartphone permit you to set them up
to automatically lock themselves afterward an era of inactivity. Make sure you select the shortest
timeout you are cozy with. Two to five minutes is larger than ten to thirty, even if it does sense
somewhat inconvenient.
3. Mount protection software
Your Smartphone is a computing mechanism and ought to be protected accordingly. Gaze for an
app like Sophos Mobile Protection that includes malware prevention, remote data scrub, privacy
study of apps and an automatic protection escort to alert you to possible dangers after you change
a mechanism setting.
4. Merely download apps from agreed sources
Apple's App Store seizes protection pretty seriously. They are extremely prudent concerning
what apps they make obtainable and will remove apps that rise concerns afterward release.
5. Check your apps' permissions
.Many apps need extra than the frank default permissions. For instance, you can reasonably
anticipate an SMS app to dispatch and accord text memos just as a mapping app will appeal your
location. But something like a alarm clock that needs web admission or an alarm timepiece that
wants to elucidate your link database ought to be indulged alongside great caution!

6. Don't miss working arrangement updates
Updates to your OS frequently contain arrangement vulnerability patches, so it's vital to mount
them. You could desire to be counseled of updates rather than possessing them automatically
installed, as main adopters from time to time experience teething setbacks - but the absent amid
you could favor that to missing updates altogether.
7. Be watchful of each links you accord via email or text message
Now you can select up email on your phone, exercise alert after clicking on links. And phishing
scams are not manipulated to email - a text memo can incite you to click on a dodgy link or ask
for confidential information. Even plainly responding to unfamiliar SMS or email senders can
raise the crooks' attention in you, managing to extra pressure to respond.
8. Encrypt your Smartphone
Even if you've safeguarded your Smartphone alongside a password, a robber might yet plug your
mechanism into a computer and gain admission to all of your confidential information.
Employing encryption on your Smartphone can aid to stop such data theft.
9. Coil off automatic Wi-Fi connection
Wi-Fi of the outstanding things concerning present mobile phones is their skill to link to the
internet in countless methods, but continually probing for wireless webs gives away data
concerning your individuality and locale, and blindly relating to unencrypted admission points
can allow your phone leak all sorts of functional things for malicious actors to interrupt and deed
upon. So notify your phone to ignore webs you no longer use, so as to minimize the number of
data leakage and configure your phone to automatically coil on/off wireless in precise locations
employing a location-aware Smartphone app.
10. Coil off Bluetooth and NFC after not in use
Bluetooth and NFC (near earth communication) are outstanding in words of connectivity,
permitting you to use accessories such as wireless keyboards and headsets or make payments
alongside a wave of your Smartphone.

Figure 4: The figure above shows of how simple steps to secure your smartphone against
Data Theft
Security Issues of a Smartphone Security
The protection concerns of Smartphone might potentially lead to ethical subjects at the
workplace. After you are employing Smartphone to download documents from your phone, your
firm strategy could be prohibiting firm documents to outsiders, but a little people could be
destroying the principals by downloading the workplace data on their phone. There might
additionally be destroying the firm strategy by employing Smartphone to record encounter or
seizing pictures. Extra and extra associations are destroying their firm strategy by employing
Smartphone at workplace instead of employing a confidential phone endowed by their company
(Iphoneandevo, 2013).

Legal, Security and Ethical Issues of a Smartphone Security
The upcoming outlook for Smartphone looks positive; though, their protection and lawful
concerns are not looking so bright. The sensitive chance for these mechanisms is losing data and
confidential data if the recollection card is stolen or capitulated. One more concern concerning
the Smartphone is exposing confidential data if the phone is vended or dispatched to overhaul
lacking its recollection removed. Moreover, supplementary possible chance is the producing
number of viruses in Smartphone across texting or SMS and supplementary exploits; one more
chance is that VPN related mechanism might expose company web to hackers. As the
Smartphone are becoming a new form of the confidential computer, they are even extra exposed
to chance of lawful and protection concerns in words of password association, encryption,
approval, and others. After you are employing a confidential computer to use supplementary
workplace materials, you are at least confident that you can delete the files; though, after you
download the files on a phone and lose it alongside the recollection card, one can illegally use
your work to damage your firm as well your confidential information (Iphoneandevo, 2013).
Conclusion
In a wider world where the mobile world conquers everything, the smart phone securities in this
world have been increasingly getting worst. The Smartphone is a device where it gives an instant
access to the internet or any apps. If the security of the mobile gets worst the apps and the access
to the internet will be corrupted.
Furthermore, there are many steps and precautions are being followed or taken in securing the
Smartphone security. There are also many apps that can protect the security of a Smartphone.
This will be able to fight off any security viruses that be able to attack the phone security. This
type of security problem can also affect the consumers of the company whom is supplying the
Smartphone. Moreover, with this steps carefully being followed this will create a opportunity to
maintain and attract customers of getting the Smartphone security with a good security
implemented in the device.

Applications of Mobile Security (Derek Chiew TP022586)
Mobile security has become an important role in mobile computing. Mobile security means the
protection of Smartphone, tablets, laptops and other portable computing devices, and the
networks they connect to, from threats and vulnerabilities associated with wireless computing.
With an increase in mobile device capabilities and subsequent consumer adoption, devices have
become an integral part of how people accomplish task. The ubiquity of mobile devices in the
corporate environment has allowed the further expansion of the corporate office. From a security
perspective, the risks and potential effects of deploying and supporting mobile devices as a
corporate tool must be understood.
Stolen or lost devices
A fundamental problem of mobile devices is physical access control. Mobile devices are most
useful outside of the office and on the move with the owner. Therefore, as a device on the move
is more likely to be lost or stolen and subsequently used by malicious attacker.
There are facts that suggest four capabilities that should be at the heart of any mobile security
strategy which are:
1. User authentication at the device level

- Mobile workers has password logins in order to access company applications and data.
2. Remote locks and wipe.

- This enables companies to remotely disable mobile devices so no one can use them, and to
remotely wipe data from devices.
3. Data encryption
- In any cases of lost of a device, any business data it contains should be encrypted.
4. Data Control
- If a user does not log into the network within a certain amount of time, the device will delete its
own data or block access to corporate email.

Figure 5: The figure above shoes the life-cycle approach to a mobile security strategy.
1. Provision Phase
- The time when a device is first brought into business service. Whether it is a business issued
device or a personal device that is being enabled for business use., this is the best time to
configure for security through the rest of the device's service life. Device "initialization" could
include segregating business and personal functions, installing antivirus software, provisioning
with a basic set of business applications, provisioning with data, configuring corporate email and
etc.
2. Production Phase
- Whenever a device is properly configured, it is ready for business use. It then becomes an
operational matter to keep the mobile device updated with the latest security and software
patches.
3. Decommission Phase
- This is when a device is then retired from service. It could happen when it's time to replace the
device with a newer model, or when an employee leaves the organization and etc. Removing all
business data, applications and etc from the device is called decommissioning.

Figure 6: The figure above shows the concerns of mobile security.
There are many reasons why we use mobile security application.

1. Protect against Viruses and Malware
- Mobile Security Application scans for malicious code in files, memory cards, applications,
Internet download and etc.
- Blocks against risky websites to protect against phishing and scams.
2. Protect from Theft and Loss

- Backup and restore data from the phone of remotely on cloud storage.
- Locate your smartphone or Android tablet on a map.
3. Privacy
- Block unwanted calls and texts
There are many types of mobile security application such as McAfee, Kaspersky, Nortan
Antivirus, BitDefender and etc.

Figure 7: The figure above in an example of Kaspersky Mobile Security Application for
Android devices.
How Mobile Security Work
Figure 8: The figure above shows how Kindsight Security Works for devices.

Recommendations (Section A)
It is recommended that immediate actions can be taken immediately measures in order to reduce
the dangerous of using Smartphone. Smartphone is an important tool to everyone, thus
implementing a better security is important. With the talk of security issues with Smartphone
gathering momentum, there’s never been a better time to increase awareness of the ways you
might be putting your data at risk. Threat to your mobile device is never easy to see. In order to
avoid user should be more careful of what they do and always make sure that the website is
trustable and also protected. Simple method can be done to avoid stranger from finding out your
information example by locking your phone, time out, require a password, and face recognition.
Besides that, user must be careful of the application they download and also pay attention to the
requirement of the software demands upon install. Users should also exercise caution to ensure
the realistic demands that are being made on access to various features of a phone, particularly if
the software isn’t well known. It is definitely much safer to use the “Official” channels to
download application, and if there is any secured for alternatives sources should be treated as a
potential risk.
This may sound like scaremongering, but it is just to show how important of being aware of the
potential dangers involved with the modem Smartphone, thus backing up data is also important
so that user won’t be disappointed if anything happen to the phone. One of the recommend
software is cloud storage which means backing up data using online storage example dropbox,
Google drive and many more.

Section B
Introduction
Basically Company A is a food manufacturer that it’s based company in Kuala Lumpur, it
consist three department which are Sales, Engineering and also Finance. Furthermore it also has
a sales office in Singapore. Both of these companies are also located in different geographical
area and also they are far in distance. This food company are basically requesting for a solution
in order to maintain a safe connection between two companies over the internet in order to
protect their properties. The company also wants to protect the internal and DMZ hosts from
being attack by the external threats.
Thus, a proper security connection is required for both connection of both companies in Kuala
Lumpur and also Singapore so that their connection can be secured and protected in order to
avoid any information leakage. Several considerations must be taken into account in order to
have a proper security design, and they will be further explained in the following sections.

Network Topology between Two companies
The diagram below is showing the network topology that is designed for the companies. Below
is the security solution that is designed and configured according to the network architecture
shown below.
Figure 9: Shows the Topology between the two companies.

Solution
No. 1 - HTTP & HTTPS

Client workstations (sales, engineering and finance) must be able to access the web server
at the DMZ over HTTP and HTTPS.
Based on the first solution of the scenario the client workstations of each department that is sales,
engineering and finance department must be able to access the web server at the DMZ over
HTTP and HTTPS. DMZ another name called as (demilitarized zone) is a computer host or
small network inserted as a "neutral zone" amid a company's private network and the beyond
area network (Margaret Rouse, 2007). HTTP which is defined as Hypertext Transfer Protocol
can provides a standard for Web browsers and servers to communicate (Bradley Mitchell, 2013).
HTTPS which is defined as Hypertext Transfer Protocol over SSL (Secure Socket Layer), it is a
protocol used by Web servers to transfer and display Web content securely (Jennifer Kyrnin,
2013). Compared to HTTP, HTTPS data that is transferred can be encrypted so that it can’t be
read by anyone except the person who is sending it.
In this part a Figure 1 screenshot on the configuration of HTTP and HTTPS have been
configures. Below is the screenshot of HTTP and HTTPS.
Figure 10: FTP (HTTP and HTTPS created (Source: Self-made)

No.2 - HTTP & HTTPS with DNS
“Engineering and sales workstations must be able to access the Internet (to reach company B)
over HTTP and HTTPS with DNS. No other protocol access is allowed to the Internet
(Solution and configuration)”
The 3rd requirement of the scenario is that the client workstation in engineering and sales
department can be able to access the internet over HTTP and HTTPS with Domain Name
System. The 3rd requirement is almost similar to the first requirement. But then in the 3rd
requirement, we will need to direct both of the department client workstation to the DNS server
beforehand to access the internet over HTTP and HTTPS. The DNS is actually a protocol within
a set of standards for how computer exchange data over the internet. Client workstation on the
internet uses an IP address to route the user’s request to the site that they were trying to reach
(Crawford,2011).
In order to permit both department client workstations able to admission the internet alongside
DNS to grasp Singapore workplace, the configuration of DNS is demanded and every single
workstation demand to safeguard the IP address of DNS server is match. Firstly, we have to
safeguard the DNS ability is coiled on to permit both department admissions to grasp Singapore
workplace across DNS server.
In the previous program, we showed the access list of the sales and engineering department.
Configuration of the access list is done at the router of the Kuala Lumpur Office. The IP address
of the Singapore office is 192.168.10.0, IP address of the Sales Department is 192.168.3.0 and IP
address of engineering department is 192.168.2.0. Thus, allowing access to 192.168.10.0 which
is the Singapore Office.
After that, we might also need to allow the IP address of the sales and engineering department to
be able to access the DNS protocol, and the DNS protocol in the access list.

No 3, 4&5 – Email (POP3&SMTP)

“Client workstations must be able to check their e-mail on the e-mail server at the DMZ. (Solution and
configuration.)”
“The web server should be reachable from the external clients over HTTP and HTTPS only.
(Solution.)”
“The e-mail server should be able to receive e-mail from external hosts over the simple mail transfer
protocol (SMTP). (Solution.)”
There is a suitable solution to make sure that the client workstation is able to check on their
email on the email server at DMZ and the email server will also be able to receive emails from
external hosts over the simple mail transfer protocol (SMTP), which is known as the access-list.
SMTP and POP3 is used to allow workstations to send emails as well as receiving emails from
the external host. During the configuration process, we must include the port number of SMTP
and POP3 so that the workstations can perform such requirement.
The use of the simple mail transfer protocol (SMTP) is to allow user to send email over the
internet. Whenever an email goes over the internet, it then converts into a string of text and
separated by numbers. The job of SMTP is to provide code or numbers to make it
understandable. The other purpose of SMTP is to set up a communication rules between servers.
One of an example is like a prompt out auto reply error message whenever any errors occur in
the process of sending emails.
Post Office Protocol 3 (POP3), is a method of receiving email. POP3 allows storing of email and
downloading of email on the server but then POP3 will not automatically make copies of the
email. Because POP3 allows storing of attachment on the PC, therefore POP3 is able to open any
attachment in a quick speed.

Figure 11: Email (Email created for the client’s workstations (Source: Self-made)

No 6- Access Lists
“No client from sales, engineering and finance department are able to access the client in the
other departments. (Solution and Configuration)”
The reason why Access list is creates is to restrict every client in sales, engineering, and finance
department that won’t be able to access client in the other department. In order for this
configuration to work, the configuration for access list (ACL) on the router is needed. Access list
job is to also filter network traffic by controlling whether router packets are forwarded or block
at the router interfaces (Cisco System, Inc, 2013). One of the main reasons we configure Access
Lists is to also provide better level of security for accessing the network. If we do not configure
the access list on the router, any packets will be able to pass through the router. Access list are
also able to provide one host to access a part of network and also prevent another host from
accessing the same area.
As we can see from the Figure above, first we need to deny all the traffic access to any protocol,
port or IP address for the three department mention above. Since the purpose of ACL is to deny
traffic to each other, means the client workstation from sales, engineering, or finance is unable to
access to other department. If we want to allow the client access to the other protocol, we need to
manually configure access list so that the particular protocol will be able to access.
We also need to include the access-group for the encapsulation. The purpose of encapsulation is
to split a fast Ethernet into multiple networks. Above network show the Faster Ethernet has split
into three different networks, and the access group has been applied in each of the network.

Figure 12: It is showing the KL Internal Router Encapsulation with ACL List

No 7 - Layer two Securities
“Layer two securities is a requirement in the company-A LAN. (Solution and configuration.)”
There are many types of layer two security but the security method that is implemented in this
project is the Port Security also known as MAC Flooding consideration. The use of port security
is to control the MAC address on port and to prevent unauthorized MAC addresses.
Configuration can be done on various types of ports but the VLAN port is being configured.
After applying the Port Security, it will recognise the MAC address and block it from accessing
on other port off from VLAN.
VLAN is a type of method that can only allow certain workstation communicate with each other
when they are in the same group. The main purpose of using VLAN is to that it will prevent
collision from different workstations. Therefore, port security and VLAN are the best
combination to apply in this project.
Figure 13: Finance Workstations VLAN configurations

Figure 14: Engineering Workstations VLAN configurations
Figure 15: Sales Workstations VLAN configurations

Figure 16: Encapsulation for Internal Router Configurations in VLAN

No 8 – Bastian Host in Application Proxy
“Bastion host works as an application proxy. You are required to explain the solution in
detail. (Configuration is not required.)”
According to (Lambert, 2013), proxy server will be use for security & privacy. Basically Bastion
Host is one of the methods that allow using as an application proxy. Besides that, it is also able
to remove or disable all unnecessary services, programs, protocols and it will not also share any
authentication services. One of the main reasons of using this is to prevent workstation to get
harmful data from external network (Internet).
On the other hand, bastion host is a special purpose computer on a network specifically
designed and configured to withstand attacks. It also prohibits a lot of things including the
service provided by normal network server such as login, print and also other services. There
will be no user account for bastion host, so it will be difficult for unauthorized user to break in.
Even though they break in, and they have no many things to do.
On the Internet, a bastion host is the merely host computer that a firm permits to be addressed
undeviatingly from the area web and that is projected to screen the rest of its web from
protection exposure. Bastion host as an application proxy are able to log all actions and so the
administrator can search for the attacks. There are about two copies of system logs for security
reason, in order to prevent one of the log is to destroy and there will be another log for backup
said by (Work, ND)
Last but not the least, Bastion host are not able to handle to handle more relay requests among
intranet and internet, and it also able to use FTP in bastion host to adjust files from intranet to
internet such as blocking the file. There is also an advantage for using bastion host as application
proxy which is improving the speed of accessing data which from external network (Internet),
because application proxy already save it into the cached memory and the next time it will be
faster access for employees say by (Work, ND)

Figure 17: Show the Bastion Host

No. 9 - Connectivity between Company-A and Company-B
Connectivity between company-A in Kuala Lumpur and company-B in Singapore is a

requirement. What is the best solution? Elaborate on the solution. (Configuration is not
required).
To make the connectivity between company-A in Kuala Lumpur and company-B in Singapore to
be faster, stable and no any errors for the connection, the best solution to implement the faster
connection is by having the fiber-optic cable connection between the both companies.
A fiber-optic cable connection is one of the latest technologies in the IT world. These cable
connections can provide the faster and stable connection to any places with secure and faster
connections. Fiber-optic internet works alongside distinct glass cables below the earth instead of
employing copper wires utilized in landline, therefore bestowing a faster and extra stable
connectivity due to its structure. Slender strains of pure glass are coordinated in package and
light signals are sending in light speed above long distances inside the fiber-optic cable.
Using fiber-optic brings countless gains to the firms; early it’s employing the transmission of
light signals that permit gesture send in light speed hence providing higher connectivity. Next, it
has less gesture degradation that makes the gesture strength stays outstanding lacking weakening
even afterward travelling long distance, and therefore bestowing higher connection speed.
The benefits of the fiber-optic connection that can be implemented in the companies, it is trusted
that the contact amid two firms in Kuala Lumpur and Singapore will not be an issue. A stable
and stable contact mass media will be endowed to link the operatives from both countries.

No.10 - Disguised and Encrypted Data Transmission
“Data transmitted over the network must be kept disguised and only intended recipient can
read it. (Solution on the techniques, no configuration is required)”
In order to prevent unauthorized recipient from accessing the data transmission over the network
and to read and understand the content of data, a Virtual Private Network (VPN) is implemented.
Company staff between Kuala Lumpur and Singapore can gain access to network resources even
when both companies are not physically on the same local area network (LAN).
Virtual Private Network (VPN) extends a private network across a public network such as the
internet. It enables a computer to send and receive data across shared or public networks as if it
were directly connected to the private network, while it helps in benefitting from the
functionality, security and management policies of the private network. VPN is a method of
providing a secured and encrypted communication happening in an un-trusted public network.
Virtual connections are established through the Internet to allow only authenticated party to gain
access to use the connection. Whenever a VPN client is launched on a computer, the computer
exchanges trusted keys with a faraway server. All internet communications between both parties
will be encrypted only when authentication is made by both computers. The encryption secures
the company internet connection to ensure that all the confidential business data that the staffs
are sending and receiving is saved from eavesdropping by third party (LifeHacker, 2013)
Encryption process is a very important step in VPN because VPN uses encryption to protect the
data and files. Internet protocol security protocol (IPSec) is used to secure the traffic on the IP
networks. It is to encrypt data between various devices. There are two types of sub-protocols that
are used to secure the packets which are Encapsulated Security Payload (ESP) and
Authentication Header (AH). ESP's main task it to encrypt transporting data using a symmetric
key whereby hashing operation is used by AH to modify the packet header in order to hide
particular packet information when it is transporting to the destination (HowStuffWorks, 2013).
Both sub-protocols play an important role to provide secured protection for data transmission.

By using VPN, the security level for businesses or organisation is highly increased because no
unauthorized recipient can be able to wiretap the communication. Even if so unluckily hackers
are able to intercept the connection, data is not easily readable because the data are encrypted.
Thus, a secured communication can be guaranteed between companies in Kuala Lumpur and
Singapore if a VPN is configured between them. Therefore, it will be safe to exchange business
information to each other and confidential data transmission is protected.

NO 11: Implementing FTP with username and Password
“The company requires implementing FTP with user and passwords are essential for each
transaction”
Second requirement for the scenario is to be able and upload and download files via FTP (File
transfer Protocol) with the username and password. FTP is a way to transfer file between
computers. (Gookin, 2013).
Besides that, in order to allow the client to access the FTP, the FTP service in the web server
must be turned on. Once you turned out the service of FTP, we also need to setup for the
username and password in order to allow authorized clients access the FTP service. FTP user
may authenticate them using a clear-text sign-in protocol. FTP also is often secured with
SSL/TLS (“FTPS”). Besides that, the first ever FTP client application were command-line
application that is being develop before the operating system had graphical user interface.
Figure 18: It is showing that the commands of display the directory of FTP server. If the user
need to receive file from the FTP server, first we need to connect to FTP server with authorize
username and password. Next we can also display the file directory of FTP server using “Get”
commands to retrieve file from FTP. Example if you type “get pt1000-i-mz. 122-128.bin” in the

command prompt in order to retrieve the file from FTP server and store in client’s computer
drive.
Figure 19: FTP Directory
Figure above shows the command display the directory of FTP server. In order to receive the
file, first we need to connect the server with authorize username and password. Then we can
display the file directory.

No.12 – IDS Intrusion Detection System
“The Company requires implementing intrusion detection systems (IDS). (Configuration is

required)”
An intrusion detection system (IDS) inspects all inbound and outbound network attention and
identifies dubious outlines that could indicate a network or arrangement attack from someone
endeavouring to break into or compromise a system (Webopedia, 2013). In a little cases the IDS
could additionally aid manipulation the dangers associated alongside public vulnerabilities such
as e-mail borne viruses, infected laptops and human factors. Some example codes shown below
will be requested to the arrangement for larger protection measurement.
Classtype Keyword (Rehman, 2003):

Rules can be assigned classifications and priority numbers to group and distinguish them. To
fully understand the classtype keyword, first look at the file classification.config which is
included in the snort.conf file using the include keyword. Each line in the classification.config
file has the following syntax:
config classification: name,description,priority
alert udp any any -> 192.168.1.0/24 6838 (msg:"DoS"; content: "server";
classtype:DoS;)
alert udp any any -> 192.168.1.0/24 6838 (msg:"DoS"; content: "server";
classtype:DoS; priority:1)
Using classifications and priorities for rules and alerts, you can distinguish between high- and
low-risk alerts. This feature is very useful when you want to escalate high-risk alerts or want to
pay attention to them first.

The content Keyword (Rehman, 2003):
One vital feature of Snort is its skill to find a data outline inside a packet. The outline could be
gave in the form of an ASCII thread or as binary data in the form of hexadecimal characters.
Like viruses, intruders additionally have signatures and the content keyword is utilized to find
these signatures in the packet. As Snort edition 1.x does not prop request layer protocols, this
keyword, in conjunction alongside the offset keyword, can additionally be utilized to gaze into
the request layer header.
The GET keyword is used in many HTTP related attacks; however, this rule is only using it to
help you understand how the content keyword works.
alert tcp 192.168.1.0/24 any -> ![192.168.1.0/24] any (content: "GET"; msg: "GET
matched";)
The offset Keyword (Rehman, 2003):
The offset keyword is utilized in combination alongside the content keyword. Employing this
keyword, you can onset your find at a precise offset from the onset of the data portion of the
packet. Use a number as argument to this keyword. The pursuing law starts hunting for the word
“HTTP” afterward 4 bytes from the onset of the data.
alert tcp 192.168.1.0/24 any -> any any (content: "HTTP"; offset: 4; msg: "HTTP
matched";)
The depth Keyword (Rehman, 2003):
The depth keyword is also used in combination with the content keyword to specify an upper
limit to the pattern matching. Using the depth keyword, you can specify an offset from the start
of the data part. Data after that offset is not searched for pattern matching.
alert tcp 192.168.1.0/24 any -> any any (content: "HTTP"; offset: 4; depth: 40; msg:
"HTTP matched";)

No 13 – Virtual Private Networks (VPN)
“Implement VPN between Singapore and Kuala Lumpur. (Solution and Configuration is
required)”
The main reason of having Virtual Private Network is to provide a protected and secured tunnel
for data transmission to occur between authenticated parties. One of the ways to secure data
transmission between the companies in Kuala Lumpur and Singapore is to set up an Internet
Protocol (IPSec) by authenticating and encrypting each and every IP packet transmitted.
To briefly explain the configuration on how to configure an IPSec VPN for the companies, the
very first step is to configure the ISAKMP policy that defines the procedures and packets format
of security associates which is a one-way relationship between sender and recipient. Next, it is
then required to define the IPSec transform set which is a combination of algorithms and
protocols that enact a security policy for the traffic. The next step is where you need to create a
crypto access-list (ACL). Next, a crypto map is required to create and apply, then follow by
configuring the ACL.
Here, it is also worth to mention the transform that we had applied in the VPN. There are two
protocols, it is known as Encapsulating Security Payload (ESP) and Authentication Header (AH),
but for the configuration it has been decide that we will use ESP. Both of these protocols have
similarities which provide authentications however ESP also has an advantage because it also
provides encryption which will be a bonus for securing the data (TCP/IPGuide, 2013).
Based on cryptographic algorithms configuration guidelines from Cisco, it also recommends that
to use Advanced Encryption Standard (AES) ask the encryption algorithms. Thus, AES will be
used in ESP as symmetric key for both parties to encrypt and data decrypt the before exchange.
When comes to the authentication algorithms, SHA-HMAC is uses instead of the MD5-HMAC.
Even though both the MD5 and SHA encode the message length in their output, it is believes that
SHA is to be more secured as it produces larger hashes.

crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key sgkl address 202.102.10.2
crypto ipsec security-association lifetime seconds 86400
crypto ipsec transform-set sgkl esp-aes esp-sha-hmac
crypto map sgkl 100 ipsec-isakmp
set peer 202.102.10.2
set pfs group2
set security-association lifetime seconds 86400
set transform-set sgkl
match address sgkl
interface Serial0/0/0
ip address 202.102.10.1 255.255.255.252
clock rate 64000
shutdown
crypto map sgkl
ip access-list extended sgkl
permit ip 202.102.10.0 0.0.0.255 202.102.10.2 0.0.0.252
permit ip 192.168.1.0 0.0.0.255 202.102.10.0 0.0.0.252
permit ip 192.168.2.0 0.0.0.255 202.102.10.0 0.0.0.252
Figure 20: KL VPN Configuration

crypto isakmp policy 1
encr aes
authentication pre-share
group 2
crypto isakmp key sgkl address 202.102.10.1
crypto ipsec security-association lifetime seconds 86400
crypto ipsec transform-set sgkl esp-aes esp-sha-hmac
crypto map sgkl 100 ipsec-isakmp
set peer 202.102.10.1
set pfs group2
set security-association lifetime seconds 86400
set transform-set sgkl
match address sgkl
interface Serial0/0/0
ip address 202.102.10.2 255.255.255.252
crypto map sgkl
ip access-list extended sgkl
permit ip 202.102.10.2 0.0.0.252 202.102.10.1 0.0.0.252
permit ip 192.168.10.0 0.0.0.255 202.102.10.0 0.0.0.252
Figure 21: Singapore VPN Configuration

No. 14 – Secure Socket Layer (SSL)

“Implement SSL encryption between Singapore and Kuala Lumpur (Solution is required)
The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a
message transmission on the Internet (SearchSecurity, 2007). SSL has recently been succeeded
by Transport Layer Security (TLS), which is based on the SSL. SSL uses a program layer located
between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol
(TCP) layers. The "sockets" refers to the sockets method of passing data back and forth between
a client and server program in a network or between program layers in the same computer. The
TLS Handshake protocol is an important protocol for providing a secure communication between
the server and the client. It allows the server and client to authenticate each other, as well as to
negotiate an encryption algorithm and cryptographic keys before exchanging data
(SearchSecurity, 2007).
After implementation of TLS, both companies in Kuala Lumpur and Singapore can have a
secured environment for web browsing, emailing, and other client-server applications such as
providing a secure connection for Kuala Lumpur and Singapore(techsoup,2013). Only
authorized user from the office in Kuala Lumpur and Singapore can access the encrypted
confidential information.
TSL encryption uses digital certificate to identify the certified owner, as well as a public key
which is used for encrypting communications. The use of digital certificate is whenever an
exchanging of data between two parties, it will be checked if the certificate is coming from a
trusted party, then validity of the certificate will be checked to ensure that it is still valid, and
finally to ensure that the certificate has a relationship with the party from which it's coming
(HowStuffWorks, 2013)
Last but not least, the public key is used to encrypt a randomly selected symmetric key.
Whenever a initiation of a secure session done by a computer between Kuala Lumpur and
Singapore, one of the computer will then start to generate a symmetric key and send it to another
computer using a public key encryption. After that, both computer can then communicate using
symmetric key encryption. Whenever the session is ended, the symmetric key used will be
discarded.

Conclusion
At the end, the requirement for this assignment has been fulfilled with optimal solution and the
entire network configurations are working in order. In addition, the security standard of the
network has been closely control and monitor for protecting the remote connectivity between
Device A and Device B. With this network control, it will be helpful in protecting and
prohibiting any unauthorized interception of data from source to destination. With having the
access control list, a powerful tool which used for denying and permitting certain network and
protocol could help block certain unwelcome parties access to the server or network. With all the
security precautions taken into consideration, we can safely say that it is more secure to surf web
or make a transaction by using the mobile phone. Phone security has become one the main
issues when comes to security. A lot of safety precaution had been done to avoid user to have
doubt using Smartphone. With all these security precautions taken into consideration, we can
safely said that Smartphone is not this safer than before as it would take significant amount of
time for an intruder to be able to hack into the company network. The protection average of the
web has been closely manipulation and monitor for protecting the remote connectivity amid Firm
A and Firm B. With this, it should be helpful in protecting and prohibiting each unauthorized
interception of data from basis to destination

Reference
1. 4 Smartphone Security Risks To Be Aware Of. 2013. 4 Smartphone Security Risks to Be
Aware Of. [ONLINE] Available at: http://www.makeuseof.com/tag/4-smartphone-
security-risks-to-be-aware-of/. [Accessed 02 October 2013].
2. Which smartphone is the most secure? - Techworld.com. 2013. Which smartphone is the
most secure? - Techworld.com. [ONLINE] Available at:
http://features.techworld.com/security/3409454/which-smartphone-is-the-most-secure/.
[Accessed 02 October 2013].
3. Malicious Insider Threats Greater than Most IT Executives Think. 2013. Malicious
Insider Threats Greater than Most IT Executives Think. [ONLINE] Available at:
http://www.computereconomics.com/article.cfm?id=1537. [Accessed 06 November
2013].
4. Naked Security. 2013. 10 tips for securing your smartphone. [online] Available at:
http://nakedsecurity.sophos.com/2013/10/08/10-tips-for-securing-your-smartphone/
[Accessed: 7 Nov 2013].
5. Iphoneandevo.blogspot.com. 2013. Smartphones: Conclusion. [online] Available at:

http://iphoneandevo.blogspot.com/p/conclusion.html [Accessed: 7 Nov 2013].
6. Securityinabox.org. 2013. 11. How to use smartphones as securely as possible | Security

In A Box. [online] Available at: https://securityinabox.org/en/chapter-11 [Accessed: 7
Nov 2013].
7. People worry about over-sharing location from mobiles, study finds | Technology |
theguardian.com . 2013. People worry about over-sharing location from mobiles, study
finds | Technology | theguardian.com . [ONLINE] Available at:

http://www.theguardian.com/technology/blog/2010/jul/12/geolocation-foursquare-
gowalla-privacy-concerns. [Accessed 07 November 2013].
8. Device-to-Device Media Sharing that Works | MIT Technology Review. 2013. Device-
to-Device Media Sharing that Works | MIT Technology Review. [ONLINE] Available at:
http://www.technologyreview.com/news/423498/device-to-device-media-sharing-that-
works/. [Accessed 07 November 2013].
9. Concerns about mobile phones: A cross-national study | Baron | First Monday. 2013.
Concerns about mobile phones: A cross-national study | Baron | First Monday.
[ONLINE] Available at: http://firstmonday.org/ojs/index.php/fm/article/view/3335/3032.
[Accessed 07 November 2013].
10. Abuse of Technology. 2013. Abuse of Technology. [ONLINE] Available at:

http://shantalaraman.articlealley.com/abuse-of-technology-85026.html. [Accessed 08
November 2013].
11. 10 tips for securing your smartphone | Naked Security. 2013. 10 tips for securing your
smartphone | Naked Security. [ONLINE] Available at:
http://nakedsecurity.sophos.com/2013/10/08/10-tips-for-securing-your-smartphone/.
12. Top Threats Working Group, 2013. The Notorious Nine. [Online]
Available at:
https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_
Cloud_Computing_Top_Threats_in_2013.pdf
13. Trustwave, 2013. Trustwave. [Online]

Available at: https://www.trustwave.com/intrusion-detection-system.php
14. Varadarajan, S., N.D. cse.wustl. [Online]

Available at: http://www.cse.wustl.edu/~jain/cis788-
97/ftp/virtual_lans/index.htm#WhatVLAN

15. Keith B- Cisco Team [Online]

Available at: https://learningnetwork.cisco.com/index.jspa
16. Eight ways to keep your smartphone safe . 2013. Eight ways to keep your smartphone
safe . [ONLINE] Available at: http://www.bullguard.com/bullguard-security-
center/mobile-security/mobile-protection-resources/8-ways-to-keep-your-smartphone-
safe.aspx. [Accessed 10 November 2013].
17. Smartphone Security: How to Keep Your Handset Safe | PCWorld. 2013. Smartphone
Security: How to Keep Your Handset Safe | PCWorld. [ONLINE] Available at:
http://www.pcworld.com/article/216420/how_much_smartphone_security_do_you_need.
html. [Accessed 10 November 2013].
18. Lifehacker. 2013. Why You Should Start Using a VPN (and How to Choose the Best One for
Your Needs). [online] Available at: http://lifehacker.com/5940565/why-you-should-start-
using-a-vpn-and-how-to-choose-the-best-one-for-your-needs [Accessed: 10 Nov 2013].
19. Pic.dhe.ibm.com. 2013. Enabling Secure Socket Layer (SSL). [online] Available at:
http://pic.dhe.ibm.com/infocenter/reqpro/v7r1m0/topic/com.ibm.rational.reqpro.install_upgra
de.doc/topics/rw_enable_ssl.html [Accessed: 10 Nov 2013].
20. Searchsecurity.techtarget.com. 2013. What is Secure Sockets Layer (SSL)? - Definition from
WhatIs.com. [online] Available at: http://searchsecurity.techtarget.com/definition/Secure-
Sockets-Layer-SSL [Accessed: 10 Nov 2013].
21. Tyson, J. and Crawford, S. 2013. Untitled. [online] Available at:

http://www.howstuffworks.com/vpn.htm [Accessed: 10 Nov 2013].
22. YouTube. 2013. What is SSL or Secure Sockets Layer? How SSL works?. [online] Available
at: http://www.youtube.com/watch?v=GUkVyQZBaqU [Accessed: 10 Nov 2013].
23. Garrestson, Rob. “IDC: Mobile Workers Will Pass 1 Billion in 2010.” CiO Zone. February
24, 2010. [Accessed: 10 Nov 2013].
24. Waltz, Martha. “Mobility Threats.” Mobile Enterprise. March 7, 2011; Info security. “40% of
businesses looking to deploy mobile data encryption.” June25, 2010; Check Point. “Check
Point Survey Reveals Growing Mobile Workforce Expected to Increase Security Complexity
in 2011.” December 7, 2010. [Accessed: 10 Nov 2013].

25. Sinrod, Eric. “Data Security Breaches Cost Real Money.” FindLaw. February 2, 2010.
[Accessed: 10 Nov 2013].
26. Lennartsson, Kurt. “How to Use Data Encryption to Secure Mobile Business Data.”
eWeek. November 10, 2010. [Accessed: 10 Nov 2013].
27. Margaret Rouse, 2007.Searchsecurity.techtarget.com. 2013. What is DMZ (demilitarized

zone)? - Definition from WhatIs.com. [online] Available at:
http://searchsecurity.techtarget.com/definition/DMZ [Accessed: 11 Nov 2013].
28. Mitchell, B. 2013. HTTP. [online] Available at:

http://compnetworking.about.com/od/networkprotocols/g/bldef_http.htm [Accessed: 11
Nov 2013].
29. Kyrnin, J. 2013. HTTPS. [online] Available at:

http://webdesign.about.com/od/http/g/bldefhttps.htm [Accessed: 11 Nov 2013]
30. Margaret Rouse, 2007.Searchexchange.techtarget.com. 2013. What is POP3 (Post Office

Protocol 3)? - Definition from WhatIs.com. [online] Available at:
http://searchexchange.techtarget.com/definition/POP3 [Accessed: 11 Nov 2013]
31. Cdn.ttgtmedia.com. 2013. Untitled. [online] Available at:

http://cdn.ttgtmedia.com/rms/security/Top_5_enterprise_mobile_security_concerns.jpg
[Accessed: 11 Nov 2013]
32. Images.pcworld.com. 2013. Untitled. [online] Available at:

http://images.pcworld.com/images/article/2011/03/geinimi-trojan-lookout-infographic-
5150462.jpg [Accessed: 11 Nov 2013]
33. Rehman, R. 2013. Rule Options | Working with Snort Rules | InformIT. [online]
Available at: http://www.informit.com/articles/article.aspx?p=101171&seqNum=6
[Accessed: 11 Nov 2013]
34. Margaret Rouse, 2007.Searchenterprisewan.techtarget.com. 2013. What is File Transfer

Protocol (FTP)? - Definition from WhatIs.com. [online] Available at:
http://searchenterprisewan.techtarget.com/definition/File-Transfer-Protocol [Accessed:
11 Nov 2013]
35. What is bastion host? - Definition from WhatIs.com. 2013. What is bastion host? -
Definition from WhatIs.com. [ONLINE] Available at:
http://searchsecurity.techtarget.com/definition/bastion-host. [Accessed 11 November
2013].

Group Assignment Network Security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Group Assignment Network Security

Uploaded by

Copyright:

Available Formats

ASIA PACIFIC UNIVERSITY (A.P.

Student Name: HIMESH VORA (TP022558)

DEREK CHIEW (TP022856)

Lecturer Name: YOGESWARAN A/L NATHAN

Due Date: 11th November 2013

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 1

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 2

No.12 – IDS Intrusion Detection System ................................................................................. 40

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 3

Critical Thinking and

Grand Total (100)

1 HIMESH JITENDRA VORA

2 DEREK CHIEW (TP022586)

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 4

Gantt chart showing from October-to-November

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 5

Work Breakdown Structure

Himesh Derek Nagashavindran

Introduction 33.3% 33.3% 33.3%

No.4 & 5 - Email - 100% -

No.8 - Bastian Host 100% - -

No.10 – Disguised and 33.3% 33.3%- 33.3%

No.11 - IDS - - 100%

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 6

Security thread in Smartphone security (Himesh Vora TP022558)

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 7

Ranking Types of Security Treats

Table 1: Ranking of the Smartphone Security

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 8

Figure 1: Percentage viewing of each type of malicious insider.

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 9

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 10

Figure 2: Picture of Child being abuse on the Mobile Phone

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 11

Introduction of Smartphone Security (Nagashavindran TP030656)

In recent mobile technology, Smartphone normally prop a expansive scope of

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 12

How to secure the Smartphone Security

1. Always safeguard your Smartphone alongside a password

2. Safeguard that your mechanism locks itself automatically

3. Mount protection software

4. Merely download apps from agreed sources

5. Check your apps' permissions

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 13

6. Don't miss working arrangement updates

7. Be watchful of each links you accord via email or text message

8. Encrypt your Smartphone

9. Coil off automatic Wi-Fi connection

10. Coil off Bluetooth and NFC after not in use

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 14

Security Issues of a Smartphone Security

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 15

Legal, Security and Ethical Issues of a Smartphone Security

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 16

Applications of Mobile Security (Derek Chiew TP022586)

Stolen or lost devices

1. User authentication at the device level

2. Remote locks and wipe.

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 17

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 18

Figure 6: The figure above shows the concerns of mobile security.

There are many reasons why we use mobile security application.

2. Protect from Theft and Loss

NWS – NETWORK SECURITY GROUP ASSIGNMENT 2013 Page 19