System Security Tool

Submitted by:
Ravi kumar
Amitesh kumar
Vaibhav Gomber
Amit Giri

Acknowledgement

Working on this project has been a really good and challenging

experience and has been a great source of increasing knowledge in
various subjects. So, it is quite obvious that this had been just on
papers without the guidance of our teachers and mentors.
We would really like to thank our mentor Gurjapna Kaur .who is
great source of inspiration and motivation for the completion of the
project.
We would also like to thank our teacher Puneet singh for helping us
gain knowledge on programming languages make it possible to work
on Python and complete this project.

Introduction

This software is developed for a technical person who wants

to take the system security in his own hands ensuring that
his system gets the best of security and good enough to
escape from hackers and spam attacks to the system.

Software Requirement
Python
Linux
Google Earth
AWT libraries for http

Hardware Requirement
One Computer/Laptop with internet

Software Features:
Port scanning
Honey pot
Hackdoor Detection
Detects ip for websites
ip location on geo locator
Sniffing
Spoofing

Port scanning
The act of systematically scanning a computer's
ports. Since a port is a place where information
goes into and out of a computer, port scanning
identifies open doors to a computer. Port scanning
has legitimate uses in
managing networks, but
port scanning also can be
malicious in
nature if someone is looking for a
weakened access point to break into your
computer.

Port scanning

Honeypot
In computer terminology, a honeypot is a trap set to
detect, deflect, or, in some manner, counteract
attempts at unauthorized use of information
systems. Generally, a honeypot consists of a
computer, data, or a network
site that appears to
be part of a network, but is actually isolated and
monitored, and which seems to contain
information or a resource of value to attackers.
This is
similar to the police baiting a criminal and
then
conducting undercover surveillance.

Honeypot

Backdoor Detection
Backdoors is a term describing unauthorized access to your
computer system. Usually a backdoor lies in the
program code and is created by a programmer. Backdoors
in your
computer may be accessed by attackers
without your
knowledge or consent. Backdoors are
considered to be real
security threats.

BackDoor Key advantage for hackers:

Easy command and control of the server even after the
original exploit that enabled activating the backdoor was
patched.
Common usages of backdoors:
Maintain site/server access for the purposes of distribution
of malware & spam, credit card or other sensitive data theft,
perpetrating DDoS attacks.

The Challenge of Detecting Website Backdoors

Searching for a website backdoor is like looking for a needle

in a haystack. A backdoor can be installed anywhere on the
server under any name or alias.
The only currently feasible method to detect a backdoor is
by searching every directory & sub-directories on the
website, attempting to find a file/s that should not be there.
The complexity of doing this is compounded due to the fact
that most websites are built on 3rd party frameworks and
include other 3rd party extensions. Thus, detecting a single
file that should not be there is virtually impossible.
Website scanners that scan websites from the outside are
practically unable to detect such backdoors because the
possible location and filename of a backdoor is infinite and
cannot be determined from the outside.

Sniffing
A packet sniffer is a utility that has been used since the original
release of Ethernet. Packet sniffing allows individuals to capture data
as it is transmitted over a network. Packet sniffer programs are
commonly used by network professionals to help diagnose network
issues and are also used by
malicious users to capture
unencrypted data like passwords and usernames in network traffic.
Once this information is captured, the user can then gain access to
the system or network.
If you want to keep information confidential or are concerned about
packet sniffing, it is advised that you work on encrypted protocols
and encrypt all sensitive data, such as e-mails, being sent over the
Internet or network. A great encryption program is PGP, users who
are using Telnet should consider using SSH instead.

Sniffing Diagram

Spoofing

In networking, the term is used to describe a variety of ways in which

hardware and software can be fooled. IP spoofing, for example, involves
trickery that makes a message appear as if it came from an authorized
IP address. Also see e-mail spoofing.
Spoofing is also used as a network management technique to reduce
traffic. For example, most LAN protocols send out packets periodically to
monitor the status of the network. LANs generally have enough
bandwidth to easily absorb these network management packets. When
computers are connected to the LAN over wide-area network (WAN)
connections,
however, this added traffic can become a problem. Not
only can it
strain
the bandwidth limits of the WAN connection,
but it can also be expensive because many WAN connections incur fees
only when they are
transmitting data. To reduce this problem,
routers and other network devices can be programmed to spoof
replies from the remote
nodes.
Rather than sending the packets to
the remote nodes and
waiting for a reply, the devices generate their
own spoofedreplies.

Spoofing Diagram

Future Orientation:
We would like to provide tkinter library to
this software to make it a GUI based
software and to make it portable so that it
can be available on different operating
systems.