Advanced Network Security- 2021 CQU assignment Term 2

<script async src=""

The answer to this question is given below the question so do scroll down

COIT20262 Assignment 1 Questions Term 2, 2020
Advanced Network Security
COIT20262 – Advanced Network Security, Term 2, 2020
Assignment 1 Questions
Due date:
10am Monday 24 August 2020 (Week 6)
Attempt all questions. This is an individual assignment, and it is expected students answer the questions themselves. Discussion of approaches to solving questions is allowed (and encouraged), however, each student should develop and write up their own answers. See CQUniversity resources on Referencing and Plagiarism. Guidelines for this assignment include:
• Do not exchange files (reports, captures, diagrams) with other students.
• Complete tasks with virtnet yourself – do not use results from another student.
• Draw your own diagrams. Do not use diagrams from other sources (Internet, textbooks) or from other students.
• Write your own explanations. In some cases, students may arrive at the same numerical answer, however, their explanation of the answer should always be their own.
• Do not copy text from websites or textbooks. During the research, you should read and understand what others have written, and then write in your own words.
• Perform the tasks using the correct values listed in the question and using the correct file names.
File Names and Parameters
Where you see [StudentID] in the text, replace it with your actual student ID. If your student ID contains a letter (e.g. “s1234567”), make sure the letter is in lowercase.
Where you see [FirstName] in the text, replace it with your actual first name. If you do not have a first name, then use your last name. Do NOT include any spaces or other non-alphabetical characters (e.g. “-“).
Submit two files on Moodle only:

  1. The report, based on the answer template, called [StudentID]-report.docx.
  2. A ZIP file, called to [StudentID], containing all other files. Do not include your report in this ZIP file, and do not include any directories. Only include those files named in the questions. Do not use rar, 7z, tgz or other formats – only ZIP.
    Marking Scheme
    A separate spreadsheet lists the detailed marking criteria.
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 2 of 8
    Discuss, Explain, Design Style Questions
    A number of questions in this assignment require short, specific answers. These will normally
    be marked on correctness. That is, if the answer given is correct, then full marks, otherwise 0
    marks. In some cases, partial marks may be given.
    Other questions require more elaborate answers. They typically include words such as discuss,
    explain, design, compare or propose. For such questions, to achieve full marks your answer
    should not only be correct, but also clear and detailed. While your answers don’t necessarily
    have to be long (many paragraphs), the level of detail should be similar to that covered in
    lectures. Some hints on writing your answers to these style of questions include:
    • Use terminology that has been used throughout the lectures. Using non-standard
    terminology, or terminology that significantly differs from that in this topic, is an
    example of unclear writing.
    • Be specific, referring to files, algorithms, keys or other relevant data elements.
    • When relevant, use examples to assist your explanation (although don’t use just
    examples; give a general explanation as well).
    • Including wrong or irrelevant information in your answer will result in low marks. An
    answer with multiple wrong/irrelevant statements as well as a correct statement, may
    receive 0 marks.
    • Don’t rely heavily on images (unless they are asked for). If you do include images, then
    draw them yourself – don’t take images from the Internet, textbook or lecture notes.
    You are a cyber security analyst for an educational institution (e.g. university). You are to
    conduct tasks and perform on issues impacting the university.
    You must use virtnet (as used in the tutorials) to perform tasks. This assumes you have
    already setup and are familiar with virtnet. See Moodle and tutorial instructions for
    information on setting up and using virtnet. Specifically, you must setup:
    • virtnet topology 5, with node1 as a client, node2 as a router and node3 as a server.
    • MyUni grading website is running on node3.
    • Set the domain of the MyUni grading website to be http://www.[StudentID].edu. (you can
    change the domain by editing /etc/hosts file on node1 – see NSL 16.2.3).
    • For the cryptography tasks, openssl must be used.
    Whenever you perform tasks you should be recording important information in your online
    journal. This may include notes, parts of files you edited and screenshots. While your online
    journal is not submitted or marked for this assessment, it may be referred to when marking
    your submission. For example, if the marker sees two student submissions with very similar
    answers, they may refer to the journal to review the entries that indicate that both students
    performed the tasks independently. Therefore, it is in your best interest to maintain your journal
    as you complete tutorial and assessment tasks.
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 3 of 8
    Question 1. HTTP Interception [19/70 marks]
    Your aim is to demonstrate the weakness of communicating in networks without encryption,
    in particular when web browsing. To do this, you will demonstrate how easy it is to intercept
    traffic in a network, and explain what information can be extracted from interception of HTTP
    Complete the following phases, in order.
    Phase 1: Setup
  3. Add a new student user to the MyUni grading system (see NSL 16.3.6). The user
    must have:
    • Username: [StudentID]
    • Password: [FirstName]
  4. Add a grade for the new student user for unit/course ‘coit20262’ with a grade of what
    you expect to receive this term, e.g. HD, D, C, P or F.
  5. Change the domain of the MyUni website to http://www.[StudentID].edu by editing the
    /etc/hosts files.
  6. Test that the existing users and new student can access the grading website.
    Phase 2: Intercept HTTP Traffic
  7. Start capturing on node2 using tcpdump.
  8. The new student user must do the following on node1:
    a. Visit the MyUni grading website, e.g.:
    b. Follow the “Login” link and login
    c. Follow the “View grades” link and enter their username and ‘coit20262’ to view
    the course/unit grade, and submit.
    d. Follow the “Logout” link.
    e. Exit lynx by pressing q for quit.
  9. Stop capturing on node2. Note that it is important that the start of the TCP connection
    (i.e. 3-way handshake), as well as all HTTP requests/responses are included in the
  10. Save the capture file as [StudentID]-http.pcap.
    Phase 3: Analysis
    Answer the following sub-questions regarding the previous phases.
    (a) Submit the capture file.
    (b) Draw a message sequence diagram that illustrates all the HTTP messages for the new
    student user viewing the grades (i.e. the HTTP messages from [StudentID]-
    http.pcap from phase 2 above). Do not draw any packets generated by other
    applications or protocols, such as ARP, DNS or SSH, and do not draw TCP connection
    setup or ACKS. Only draw HTTP messages. A message sequence diagram uses vertical
    lines to represent events that happen at a computer over time (time is increasing as the
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 4 of 8
    line goes down). Addresses of the computers/software are given at the top of the vertical
    lines. Horizontal or sloped arrows are used to show messages (packets) being sent
    between computers. Each arrow should be labelled with the protocol, packet type and
    important information of the message. Examples of message sequence diagrams are
    given in workshops. Note that you do not need to show the packet times, and the
    diagram does not have to be to scale. Draw the diagram yourself (e.g. using drawing
    software or by hand) – do NOT use Wireshark to generate the diagram.
    (c) As the attacker you can learn information from intercepting the packets. Based on the
    packet capture file, write a brief report on what useful information you can learn from
    the interception. The report, no longer than 1 page, must refer to specific values and
    packet numbers, as well as give a brief explanation of how the information may be
    useful for the attacker. For example, if you think the server port number is useful, then
    your report may say: “The port number used by the web server was 80, as seen in packet
    13 in the capture file. The port number is useful for the attacker because …”.
    (d) On the message sequence diagram from part (a), identify any messages that contain
    information you discussed in part (b). For example, if the first message on the message
    sequence diagram contains the server port number, then include the value of the port
    number on or next to the first message in part (a).
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 5 of 8
    Question 2. Vulnerability Assessment [18/70 marks]
    Your aim is to conduct a (partial) vulnerability assessment on the educational institution. (It is
    only a partial assessment, rather than complete, as you will only assessment a small number of
    threats). You are to produce a brief report that could be presented to non-technical management
    (e.g. the university vice-chancellor or academic board).
    Phase 1: Asset and Threat Identification
    Identify three (3) different threats on assets relevant to the educational institution. These must
    come from the Attacks on a University database on Moodle. At least two (2) of the threats must
    be from you (i.e. have your name and not copied directly from others), and none (0) of the
    threats can be from staff (e.g. Unit Coordinator, Lecturers, Tutors). If you are not sure which
    entry in the database is from a student or staff, click on the link to their name. Include
    screenshots of each of the threats from the database in your report.
    Phase 2: Vulnerability Appraisal
    For each of the three (3) threats, provide a detailed explanation of a vulnerability that can lead
    to the threat. This should be a specific vulnerability, and refer to computer and network
    technologies, but still should be understandable by non-technical management.
    Phase 3: Risk Assessment
    For each of the three (3) threats, assign a vulnerability impact level, likelihood level and risk
    level, and explain why they are those vulnerability and likelihood levels. You may choose your
    own scale for impact and likelihood.
    Phase 4: Risk Mitigation
    Recommend actions to take or countermeasures for each of the three (3) threats.
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 6 of 8
    Question 3. Ransomware [17/70 marks]
    Your aim is to write a brief report to university staff (including management) as follow up to a
    ransomware attack on the university.
    Phase 1: Research and Report
    Your university has been infected by ransomware, affecting primarily their grading system
    (e.g. MyUni style grading system or Moodle Gradebook). You know that the ransomware
    encrypted files containing grade information using AES, and the AES secret key was encrypted
    and saved on the system with RSA public key encryption. The RSA public key is stored on the
    ransomware code (which you have access to). The university was able to restore some parts of
    the grading system from backup and manually enter any missing grades.
    Write a report addressing the following:
    a) What is ransomware? Give a short introduction/overview so that management can
    b) Briefly describe real ransomware that has infected other organisations recently. Indicate
    the name of the ransomware, the organisations(s) it impacted, and what impact it had.
    c) Explain the role of the cryptographic mechanisms and why you cannot simply decrypt
    the files. This should be explained for a technical audience, that is, the IT staff in the
    university. Refer to types of algorithms used and how they are used.
    d) Recommend methods the university should take in the future to avoid becoming
    Your report must have four (4) sections, each section addressing a point above. While there is
    no page limit, each section should be less than half a page, and a good answer could be given
    in 1 to 3 paragraphs. Do NOT include pictures or tables in the report. Use text only.While you
    may use numbered lists and dot points, the report cannot entirely be lists. References are not
    necessary (although the normal rules of academic integrity are expected).
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 7 of 8
    Question 4. Encryption and Signing [16/70 marks]
    Your aim is to demonstrate skills and knowledge in cryptographic operations, especially key
    management. You will do this in pairs (that is, with a partner student).
    When performing cryptographic operations you must be very careful, as a small mistake (such
    as a typo) may mean the result is an insecure system. Read the instructions carefully,
    understand the examples, and where possible, test your approach (e.g. if you encrypt a file, test
    it by decrypting it and comparing the original to the decrypted). It is recommended you use
    virtnet to perform the operations.
    Phase 1: Key Generation
  11. Generate your own RSA 2048-bit public/private key pair and upload your public key
    to the Public Key Directory on Moodle. (If you have already done this in the tutorial,
    you do not need to do it again). Save your keypair as [StudentID]-keypair.pem.
  12. Generate a secret key to be used with AES-256-CBC, saving it in the file [StudentID]-
  13. Generate an IV to be used with AES-256-CBC, saving it in the file [StudentID]-
    Phase 2: Message Creation and Signing
  14. Create a message file [StudentID]-message.txt that is a plain text file containing
    your full name and student ID inside.
  15. Digitally sign [StudentID]-message.txt using RSA and SHA256, saving the
    signature in the file [StudentID]-message.sgn.
    Phase 3: Encryption
  16. Encrypt [StudentID]-message.txt using symmetric key encryption, saving the
    ciphertext in the file [StudentID]-message.enc.
  17. Encrypt [StudentID]-key.txt using public key encryption (RSA), saving the
    ciphertext in the file [StudentID]-key.enc.
  18. Encrypt [StudentID]-iv.txt using public key encryption (RSA), saving the
    ciphertext in the file [StudentID]-iv.enc.
    Phase 4: Upload to your Partner
  19. To send files to your partner, you must upload them to the Encrypted Files database on
    Moodle. Your partner can then download from the database.
    Phase 5: Decryption and Verification
  20. Download the files from your partner from the Encrypted Files database.
  21. Decrypt to obtain the message, saving it in the file [StudentID]-received.txt.
  22. Verify the signed message.
  23. Take a single screenshot showing the OpenSSL verification command and the contents
    of the message. That is, the single screenshot should show the output of two commands:
    COIT20262 Assignment 1 Questions Term 2, 2020
    Advanced Network Security Page 8 of 8
    openssl dgst …
    cat [StudentID]-received.txt
    Phase 6: File Submission
    a) Submit the files on Moodle. As output from these phases you should have the following
    files for submission on Moodle:
    • [StudentID]-message.txt
    • [StudentID]-keypair.pem
    • [StudentID]-pubkey.pem
    • [StudentID]-key.txt
    • [StudentID]-iv.txt
    • [StudentID]-message.sgn
    • [StudentID]-message.enc
    • [StudentID]-key.enc
    • [StudentID]-iv.enc
    • [StudentID]-received.txt (this will contain the message you received from your
    Even though the encrypted files and public keys must be available on the Moodle databases,
    you should also include a copy of the files in your assessment submission. Ensure the files in
    the database and your submission are the same – the marker may use either version.
    Phase 7: Reflection
    Think about the tasks you performed in this question and write a brief reflection. You should
    b) Which parts were most challenging or lead to mistakes, and why there were mistakes.
    What could be changed to make it easier and/or reduce mistakes. Consider OpenSSL
    as well as the method for sharing files via Moodle databases.
    c) Identify potential security weaknesses in the process and/or the steps you took.
<script async src=""


COIT20262 – Advanced Network Security, Term 2, 2020

Assignment 1 Submission

Due date:10am Monday 24 August 2020 (Week 6)ASSESSMENT

Student Name:                       

Student ID:                       

Campus:                      Syd

Tutor:                          M

  • HTTP Interception

Part (a) Message Sequence Diagram

Sequence Diagram

Part (b) Information Learnt

This time we did not learn

  • Vulnerability Assessment

Vulnerability, Likelihood, and Risk Levels

Define the scales you are using for vulnerability impact, likelihood, and risk.

Threat 1

Threat 1


Whenever an attacker sends a suspicious email it may include some unwanted or harmful link which may be a trojan or a worm so it may gather all the information regarding the user which is a great issue because this whole process can be done without the consent of the user

Vulnerability Impact Level: Medium

Vulnerability Impact Explanation

Regardless of whether an effect is little (e.g., a worker not working for 100 ms) or huge (e.g., database has been defiled) it completely relies upon the part being referred to. Our agendas should give us away from the effect of every section.

Likelihood Level: Very High

Likelihood Explanation

Likelihood relies upon the repeatability of the issue – regardless of whether it can every now and again and effectively reoccur. Issues go from exceptionally uncommon (e.g., coming up short on memory when sending extremely a lot of messages, something that happens no regularly than once every year), and stable (e.g., coming up short on memory each time while getting 2²⁵⁶ udp bundles by means of open tcp port).

Risk Level: Medium

Risk Mitigation

Any pointless information, put away on the worker, basically enlarges potential assault surface and adds to harm costs if there should arise an occurrence of an assault. Ensure that utilizing any superfluous programming and that every opened port are being used and completely secured (for instance, by means of approval necessities).

Programming consistently contains weaknesses and when one is found, sellers generally issue a fix throughout couple of days. We have to ensure that all the parts of the worker are consistently in the know regarding all the most recent security fixes and fixes.

Set an intricate secret phrase necessity for any record used to get to the worker. This will forestall a beast power assault, which is one the most effortless approaches to split a secret phrase. Other safety efforts rely upon your equipment and programming setup, for example, sort of the worker and OS being used, and so forth.

Ensure that assault surface of worker is as little as could be expected under the circumstances. The most ideal approach to do this is to set up a system edge that will ensure your corporate system. An intermediary application inside the edge (for Exchange Server it tends to be Edge Transport worker) can be connected to an email worker and used to move messages from and inside your corporate system.

Continuously apply encryption on any phase of information move. Never utilize self-composed declarations, and rather cautiously select SSL endorsement for every segment of the worker.

Furthermore, last, however not least, set two MX DNS records and must remember to reinforcement your information

Threat 2


Student name, addresses, phone number, date of birth and signatures are uploaded to the college website so there is a high chance of getting that information by an attacker and misusing it, like for posting the information in different websites. Ransomwares for college students as well as for the university might be sever in some case. Schools and colleges are likely focuses for programmers because of the immense measure of individual data in their ownership, for example, the individual data of ebb and flow understudies and workforce, candidates, regulatory staff, graduated class, colleagues, exploration and venture members, sellers, and even guardians. They likewise may become targets if their examination offices are creating protected innovation that may become important items, similar to professionally prescribed medications, or may be utilized by government organizations. At last, the systems of numerous schools and colleges give online conditions to learning and joint effort that are available to incalculable understudies and staff individuals signing in with their own PCs; numerous onlookers accept that these frameworks are more earnestly to make sure about those of significant partnerships

Vulnerability Impact Level: Medium

Vulnerability Impact Explanation

There is a great impact on how student share the information the websites of universities.

Likelihood Level: high

Likelihood Explanation

The attacks can be high as it be performed by a hacker to gain financial as well as other information of the student and they can use the student information for identity theft. They can also be performed by a insider or they can share the information to a hacker.

Risk Level: Medium

Risk Mitigation

Show students digital citizenship

Exercises around advanced citizenship should begin before understudies even press the force button. These days, understudies might be advanced with messaging, long range interpersonal communication, and playing computer games, however without legitimate direction, many don’t have the foggiest idea how to explore web crawlers, assess online hotspots for believability, or carry on securely and properly on the web.

Set up protocols and build strong passwords

Any framework that stores, utilizes, or coordinates with understudy data ought to be secret key secured for any client. Besides, educators should bolt their pcs when they’re away from them, and everybody—workforce and understudies—ought to be instructed on the best way to make a solid secret word, just as what touchy data ought not be imparted to other people.

Remember security with device rollouts

Security issues will in general increment when more gadgets are associated with systems. Consider fragmenting traffic so each piece of your system can have separate security authorizations to give various sorts of clients (e.g., teachers, understudies, guests, and so on.) Withvarious, suitable access.

Increment network monitoring

Intently observing your systems and consistently upholding rules around arrange switches, switches, and firewalls can help guarantee that everybody is careful about system security consistently.

Have backups and keep systems updated

Back up basic data and store it in a disconnected gadget as regularly as could be expected under the circumstances. Moreover, ensure every single working framework and antivirus programs on all gadgets that are associated with your system are exceptional. (Here are some different tips on building the best locale server farm.)

Threat 3

Threat 3


The behaviors and patterns of how students share the data can be used as a tool to develop new articles journals lots of information can be generated about their pattern so similar kinds of software and websites can be made upon their feedback.

Vulnerability Impact Level: low

Vulnerability Impact Explanation

The expanding potential and practice of gathering, breaking down, and utilizing understudy information requires that advanced education organizations fundamentally look at their suspicions, ideal models and works on with respect to understudy information. There is a genuine risk that some current ways to deal with learning examination inside advanced education overlook the trustee obligation of the effect and extent of the lopsided force connection among understudies and the foundation. In the light of expanding concerns with respect to reconnaissance, advanced education can’t bear the cost of a straightforward paternalistic way to deal with the utilization of understudy information. Not many educational institutes have administrative structures set up as well as offer data with understudies in regards to the extent of information that might be gathered, broken down, utilized, and shared. It is obvious from the writing that fundamental picking in or quitting doesn’t adequately take into account a large number of the perplexing issues in the nexus of security, assent, weakness, and office. The thought of weakness (institutional and individual) permits a fascinating and helpful focal point on the assortment and utilization of understudy information.

Likelihood Level: medium

Likelihood Explanation

The attacks are not that severe however if there are many institutes competition among them creates high possibilities to create a system that is more fast and more reliable than their system this gives the advantage to build a system that is more secure and reliable.

Risk Level: low

Risk Mitigation

Foundations have a great deal of information about their understudies, including data identified with affirmations, scholastic execution, enlistment, and money related guide. Notwithstanding, data identified with understudies’ objectives and desires, change to school, certainty level, and practices ends up being more tricky.

  • Ransomware

What is ransomware?

Ransomware is malware that utilizes encryption to hold a casualty’s data at emancipating. A client or association’s basic information is encoded with the goal that they can’t get to records, databases, or applications. A payment is then requested to give get to. Ransomware is regularly intended to spread over a system and target database and record workers and can in this manner rapidly incapacitate a whole association. It is a developing danger, creating billions of dollars in installments to cybercriminals and perpetrating noteworthy harm and costs for organizations and legislative associations.

Examples of Ransomware

Digital lawbreakers have utilized the Windows Clop ransomware to assault the German NETZSCH Group, a proprietor oversaw worldwide innovation organization, which has its home office in the territory of Bavaria.

Payoff requests don’t seem to have been acknowledged and with regards to its standard practice, the lawbreakers have delivered 5.32Gb of correspondence went into by the CEO, CFO, and different laborers in the organization.

NETZSCH has 2100 workers and a yearly income of about US$1 billion (A$1.4 billion).

Reached for input, a NETZSCH representative told iTWire: “We can affirm that the NETZSCH Group has been the objective of a ransomware assault on 10 July. Our IT division responded at an early stage and was in this manner ready to limit harm altogether. Every one of our systems and workers were closed down right away.

“Along with a group of digital security and IT legal specialists, we have been taking a shot at cleaning and reestablishing the frameworks under also reinforced security conditions.

“The majority of our frameworks are presently accessible once more, we are re-associated with email correspondence and our creation and conveyance are going. All introduced IT safety efforts have just been twofold checked and also made sure about.

“We work intimately with law implementation organizations and the mindful unique office for digital wrongdoing promptly began examinations. The examinations are as yet progressing.

“As to information distributions supposedly coming about because of this episode, we are — along with law implementation offices and our legal advisors — checking on any postings so as to confirm if such postings might be phony.

“In addition, we will implement our privileges to ensure corporate secrecy and will bolster the authorization of the protection and individual privileges of all people conceivably influenced by an information take and unlawful distributions.”

Role of Cryptography

All encryption calculations depend on a similar essential numerical issue, which is the trouble in deciding if a number is prime. Encryption keys are normally the result of two value numbers, or some variety of that. Discover one prime factor and you know the other.

A prime number is a number that can’t be calculated. All other different numbers, similar to 6, can be composed as a result of prime numbers, 6=2×3. Yet, to discover those variables, a PC needs to agitate through all the numbers not exactly or equivalent to the square base of that number (See in the event that you can comprehend why you just need to go up to the square root.) to check whether any of those numbers partition the objective number. In 2,000 years no mathematician since Euclid has discovered a quicker way. Many have attempted.

What makes this hard to split is the key size is such a huge number, that today is difficult to factor with’s processing power.

For instance, a 256 piece key methods there are 2 raised to the 256 prospects. (It is 2 in light of the fact that each piece can be a 0 or a 1). That is a number with 77 zeros. It would take a PC many, numerous years to agitate through those conceivable outcomes. (Cryptographers at Princeton University needed to show how long it would take a PC to figure the estimation of a 1024 piece encryption key. They associated several PCs together to take a shot at the issue. It took 2 years.)

The best approach to develop one of these keys is clarified with a model in this RSA encryption calculation model.

Animal Force Proof

On the off chance that you attempt to login to Windows too often the working framework will bolt your record when you are in a professional workplace and there is a product, similar to Active Directory, that issues userids and passwords.

In any case, a ransomware casualty could attempt an animal power assault to open a record, as there is no restriction on how often they can attempt that. In any case, what makes the encryption tough is there are such a significant number of plausibility encryption keys to figure as to make that everything except outlandish.

The best way to overcome this is if there is an imperfection in its execution. At the end of the day the arithmetic behind the calculation are strong. However, a developer needs to transform that thought into working code. They do that with various programming libraries, as in Java. The facts could confirm that they committed an error there. A programmer could contemplate that and discover some shortcoming. For instance there could be a bug that may uncover information in clear content in memory.


Cerber, Locky, and Troldesh are normal ransomware contaminations. They utilize open key encryption. That utilizes two keys: an open key and a private key. The programmer encodes the information with an open key. It must be decoded with a private key.

cyber ransomware locks ransomware trollish ransomware test 1troldesh ransomware test 2

It is amazing that they would utilize this methodology and not an encryption calculation like AES. This is on the grounds that the private key would need to be available on the casualty’s machine. You should expel your private key from a PC when you encode information as that can be utilized to decode it.

So the programmer sends themselves a duplicate of the private key when they run their ransomware and afterward erases it from the casualty’s PC. The programmers undermine the casualties that they will erase the private key if the casualty doesn’t pay the payment within a specific timeframe.


Ensure that you have a mail examining arrangement executed on your system. Several variations of the ransomware malware were recognized to have begun from spam messages – as a pernicious connection.  Crypto-ransomware-related danger ordinarily enters a system by means of spam/phishing messages with pernicious connections.

Since the malware journalists can without much of a stretch transform or repack the malevolent records to make extraordinary tests to maintain a strategic distance from design signature identification, at that point extraordinary compared to other preventive measures is to use connection filtering and blocking techniques at the email or entryway level.

Great practices to forestall ransomware infections by means of email:

Always browse who the email sender is. On the off chance that the email is as far as anyone knows originating from a bank, confirm with your bank if they got the message is genuine. In the event that from an individual contact, affirm in the event that they sent the message. Try not to depend entirely on trust by uprightness of relationship, as your companion or family part might be a casualty of spammers also. Double-check the substance of the message. There are evident genuine blunders or disparities that you can recognize: a case from a bank or a companion that they have gotten something from you? Attempt to go to your as of late sent things to twofold check their case.

Such spammed messages can likewise utilize other social designing baits to convince clients to open the message. Refrain from clicking joins in email. As a rule, tapping on joins in email ought to stay away from. It is more secure to visit any site referenced in the email legitimately. In the event that you need to tap on a connection in email, make sure your program utilizes web notoriety to check the connection or utilize free administrations, for example, the Trend

Small scale Site Safety Center  Block executable document types, incorporating those in compacted record connections in messages. A record with an executable record augmentation implies that the document design underpins some capacity to run a programmed task. This is rather than other record arranges that just presentation information, play a sound or video, and so forth. On the off chance that you open a document with one of these record expansions, your PC could, without you proceeded with authorization, run at least one activity customized into that document. For new malware tests or variations that may not be in a discovery design yet, this would permit the malware to contaminate the framework it is run on.

  • Encryption and Signing


Include just 1 screenshot showing the verification command and result, as well as the message using cat.

Reflection – Challenges in the Task

Write your answer here

Reflection – Potential Weaknesses

Write your answer here