Atlantic International Univer

Write a response 1-2 strong paragraphs for the following discussion board post!

Hello Professor Daniels and Classmates:

Tools That Run on UNIX or Linux and Other Platforms

There are several tools that run on UNIX or Linux. The Unit 4 MUSE lesson mentioned several third-party tools that can be used to either add security or perform security-related functions to a Linux system. These tools include Open secure shell (OpenSSH), FTP over SSL (FTPS), Gnu-PG, Fugu, FileZilla, OpenVPN, Ethereal, and Snort. Some of the Digital Forensics Software Tools include the dcfldd command tool, ProDiscover, and GUI tools, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit. Most of these do have similar functions to tools that run on other platforms and some will also function on other platforms as well. Linux also comes with several built-in security commands. According to Nelson, Phillips, & Steuart (2019), the dcfldd tool is can function on UNIX, Linux, and Macintosh OSs; GUI tools can function in both Windows and UNIX/Linux; and there are several other tools that perform similar functions as the tools that run on UNIX or Linux that will run on DOS, Windows, Apple, NetWare, and UNIX systems.

Protection Against Hostile Code or Viruses Provided by UNIX or Linux tools

Many of the UNIX/Linux tools do provide protection against hostile code or viruses, while others provide some protection against hostile code or viruses. There are tools that can be use as supplementary protection for systems during an investigation. According to the MUSE lesson, the Open secure shell (OpenSSH) is the secure open-software solution that should be used in place of remote login and telnet to block against the invasion of hostile code or viruses. The FTP over SSL (FTPS) is a File transfer protocol (FTP) over secure socket layer (SSL) which is used to secure data as it is being transferred. FTP is used remote file transfer, and SSL is used for secure data transfers. SSL provides encryption and authentication for FTP. FTP over SSL is called secure FTP, or FTPS because it is an FTP that uses SSL security. The Gnu-PG is used for encrypting, data signatures, and secure messaging. It consists of a multipurpose key management system and access elements for all kinds of public key directories. The Fugu is a graphical front end to the command-line tool that is used to secure file transfer applications (SFTP). Contrast to FTP, SFTP encrypts the total session of SSL or TLS so that no passwords can be sent in clear-text form, reducing the likelihood of a third-party interference. FileZilla is a cross-platform client that supports FTP, FTP over SSL/TLS (FTPS), and SSH file transfer protocol (SFTP).

The MUSE lesson also mentioned that the OpenVPN is a lightweight SSL VPN. Virtual private network (VPN) is used to create channels between network sections across the Internet. The VPN router acts like a dedicated firewall. It connects to a VPN router on the other side of a public network. The VPN software routes traffic as if segments were united. The software encrypts all traffic-protected LAN. Ethereal is a graphical network analysis tool that has tcpdump functions to writes to files compatible with tcpdump and displays packets in a graphical format. Snort is an intrusion detection system (IDS) that operates in four modes: Sniffer mode, Packet logger mode, Network mode, and Inline mode. Most of Digital Forensics Software Tools like the dcfldd command tool, ProDiscover, and GUI tools, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit are used to ensure the examiner’s system does not get invaded by hostile code or viruses through extraction and examination of digital evidence. Most of the Unix and Linux tools are supplementary tools that can be used in combination with each other or other tools (Nelson, Phillips, & Steuart, 2019).

How Investigators Can Best Use This Tool

The Digital Forensics Software Tools can best be used by legal investigators to identify, collect, preserve, examine, and analyze data or digital evidence from computer hard drives or other digital devices that is believed to have been used to commit illegal activity or cybercrimes and may have to be used in a court of law (Brandel, 2008). ProDiscover, SMART, Helix 3, Kali Linux, Autopsy and Sleuth Kit. It is best to use the ProDiscover tool for Bit-by-bit stream imaging on Unix/Linux. SMART is best for analyzing a variety of file systems and Autopsy and Sleuth Kit are best image analysis on Windows devices. I would recommend using the best for analyzing evidence for that particular digital device the evidence is associated with, since certain tools only work on certain systems or devices. When examining digital evidence, investigators should select the tools that is suited for analysis the digital evidence they have collected.

References

Brandel, M. (2008, June 04). Rules of Evidence – Digital Forensics Tools.

https://www.csoonline.com/article/2117658/rules-of-evidence—digital-forensics-tools.html

Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to computer forensics and investigations (5th

ed.). Boston, MA: Cengage.

Order this or a similar paper and get 20 % discount. Use coupon: GET20

 

Posted in Uncategorized

Atlantic International Univer

write a response for the following post

What is a hash value, and why do you think it is important?

In cryptography, hash value helps with the authentication fingerprint of the sender’s private key. The hash value is a string of values, generated from the hashtag algorithm. By altering the content, the value of the hash will change also. This identifies if the file has been altered or not because the numerical value will change if altered. The website, OmniSecu.com (2021) describes the three common hash values are as follows: 

MD5 (Message Digest) – “MD5 Hashing Algorithm was invented by RSA Labs (Ronald Rivest) in 1991. MD5 was invented to replace its previous version, MD4. When Data is fed to the MD5 Hashing Algorithm, it generates a 128-bit Hash Value String as a 32-digit hexadecimal number. Hash Value Collisions are reported for MD5 Hashing Algorithm.” (para. 3) 

SHA1 (Secure Hash Algorithm 1)– “SHA-1 Hashing Algorithm was invented by United States National Security Agency in 1995. When data is fed to SHA-1 Hashing Algorithm, it generates a 160-bit Hash Value String as a 40 digit hexadecimal number.” (para. 4) 

SHA-2 (Secure Hash Algorithm 2)- “SHA-2 Hashing Algorithm was designed through The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in 2001. SHA-2 is a family of two Hash Algorithms with different block sizes. One of it is called as SHA-256 and other is called as SHA-512. Main difference between SHA-256 and SHA-512 is that SHA-256 uses 32-bit words where SHA-512 uses 64-bit words. There are six types of SHA-2 Hashing Algorithms. They are SHA-256, SHA-512, SHA-224 (224-bit truncation of SHA-256), SHA-512/224, SHA-512/256 and SHA-384 (224-bit, 256-bit 284-bit truncations of SHA-512). SHA-2 has a much higher level of security than its predecessor SHA-1. SHA-2 family Hashing Algorithms will replace SHA-1 in near future.” (para.5) 

Explain how a hash value can be made secure to provide message authentication. 

In all my reading, the biggest way to make a hash value more secure is to use an SHA-2. This is because it offers different bit sizes, which generate the hash value. This is a great asset because the SHA-2 has different block sizes which include six different algorithms. 

Provide an example as it applies to your current job or life. 

At work, I don’t/can’t store any of my passwords on the server. But I have an android phone and Google account. Whenever I log into an app for the first time, my device will ask me if I want to store the password. When I select yes, Google stores the information for that app and password under my profile. But they can’t store it in plaintext for everyone to see, so when the password is saved it is running through a hash function. This creates the hash digest that is then stored on Google’s server under my profile. 

What are the benefits of implementing hash values? 

Some benefits of hash values are whenever a file is tampered with; the users/receivers are notified that the message/content of the file has been changed from the original sent message/content. If any part of the input message (file, email, software, app, etc.) has changed from the original sent form, the file can’t be opened. Once a hash value has been added to a file it can’t be reversed. Even if a hacker knows the algorithm used, still not an easy process to try to figure out. This explains why hash functions have been in use for so long. The biggest benefit of a hash value is without the algorithm and private key, the value just looks like a digital time stamp or code. No form of reference to input plaintext. 

References 

Stallings, W. (2021, July 24). Cryptography and Network Security. Retrieved from AIU Vital Source: https://aiu.vitalsource.com/#/books/9780134444635/… 

What are Hash values? Important Hash value Algorithms MD5, SHA-1 and SHA-2. (2021, July 29). Retrieved from OmniSecu.com: https://www.omnisecu.com/tcpip/what-are-hash-value…

This is the post made by Dante Smith
What is a hash value, and why do you think it is important?

In cryptography, hash value helps with the authentication fingerprint of the sender’s private key. The hash value is a string of values, generated from the hashtag algorithm. By altering the content, the value of the hash will change also. This identifies if the file has been altered or not because the numerical value will change if altered. The website, OmniSecu.com (2021) describes the three common hash values are as follows:

MD5 (Message Digest) – “MD5 Hashing Algorithm was invented by RSA Labs (Ronald Rivest) in 1991. MD5 was invented to replace its previous version, MD4. When Data is fed to the MD5 Hashing Algorithm, it generates a 128-bit Hash Value String as a 32-digit hexadecimal number. Hash Value Collisions are reported for MD5 Hashing Algorithm.” (para. 3)

SHA1 (Secure Hash Algorithm 1)– “SHA-1 Hashing Algorithm was invented by United States National Security Agency in 1995. When data is fed to SHA-1 Hashing Algorithm, it generates a 160-bit Hash Value String as a 40 digit hexadecimal number.” (para. 4)

SHA-2 (Secure Hash Algorithm 2)- “SHA-2 Hashing Algorithm was designed through The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in 2001. SHA-2 is a family of two Hash Algorithms with different block sizes. One of it is called as SHA-256 and other is called as SHA-512. Main difference between SHA-256 and SHA-512 is that SHA-256 uses 32-bit words where SHA-512 uses 64-bit words. There are six types of SHA-2 Hashing Algorithms. They are SHA-256, SHA-512, SHA-224 (224-bit truncation of SHA-256), SHA-512/224, SHA-512/256 and SHA-384 (224-bit, 256-bit 284-bit truncations of SHA-512). SHA-2 has a much higher level of security than its predecessor SHA-1. SHA-2 family Hashing Algorithms will replace SHA-1 in near future.” (para.5)

Explain how a hash value can be made secure to provide message authentication.

In all my reading, the biggest way to make a hash value more secure is to use an SHA-2. This is because it offers different bit sizes, which generate the hash value. This is a great asset because the SHA-2 has different block sizes which include six different algorithms.

Provide an example as it applies to your current job or life.

At work, I don’t/can’t store any of my passwords on the server. But I have an android phone and Google account. Whenever I log into an app for the first time, my device will ask me if I want to store the password. When I select yes, Google stores the information for that app and password under my profile. But they can’t store it in plaintext for everyone to see, so when the password is saved it is running through a hash function. This creates the hash digest that is then stored on Google’s server under my profile.

What are the benefits of implementing hash values?

Some benefits of hash values are whenever a file is tampered with; the users/receivers are notified that the message/content of the file has been changed from the original sent message/content. If any part of the input message (file, email, software, app, etc.) has changed from the original sent form, the file can’t be opened. Once a hash value has been added to a file it can’t be reversed. Even if a hacker knows the algorithm used, still not an easy process to try to figure out. This explains why hash functions have been in use for so long. The biggest benefit of a hash value is without the algorithm and private key, the value just looks like a digital time stamp or code. No form of reference to input plaintext.

References

Stallings, W. (2021, July 24). Cryptography and Network Security. Retrieved from AIU Vital Source: https://www.omnisecu.com/tcpip/what-are-hash-value…

Order this or a similar paper and get 20 % discount. Use coupon: GET20

 

Posted in Uncategorized