Snort and Wireshark Laboratory Experiment, Lab Report Example

The application of encryption in a website exacts an expense with regards to speed of access and performs. In the event that the server has the characteristic of receiving significant traffic, the website   may suffer a decrease in performance as an outcome of the SSL encryption. The decrease in performance can be adjusted in a variety of ways. . The initial application is to provide a redesign of the application in order to restrict the quantity of data which is transferred by means of the SSL certificate. A particular application may only have the requisite of the SSL on several page aspects of its service (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

The application of the SSL certificate feature at the conclusion of the website may cause an increase in the speed of the websites performance. Another solution which can be applied is the application of the website by means of novel network architecture and to apply the SSL accelerating hardware in order to conduct the SSPL greeting in addition to the codification procedures.  This perspective can cause more expense to be incurred; there are redesigns and other considerations which are required in the application. As the SSL accelerating devices are more significantly applied as an application layer implementation, the aspects of the calibration of the data load which is transmitted through the SSL can also be attained (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

Purpose

In this empirical study, a tool called Wireshark which is defined as a novel version of the ethereal is applied in order to capture packet headers and traffic. The information on the traffic and the packet headers will be classified and identified.  The requisites are the application of the Wireeshark software. This is available at www. wireshark.org/ download. html.

Procedure

1. Wireshark was downloaded and installed.
2. The Wireshark program is designed to capture and identify traffic from the networking interface cards.
3. The program had been operated in the menu which states “capture’ options were selected. In the file which states display options, the selection which is stated as “update the packets in real time” and “automatic scrolling in live capture’ was selected.
4. The traffic had been captures on the start. The objective is to conduct an analysis of the Wireshark implementation in order to initiate the capture of traffic.
5. Data review
6. The information which had been captured by the Wireshark program was reviewed. There are three distinct segments which demonstrate the raw data, packet headers and the traffic summary. The distinct colors which apply to the different models being applied are demonstrated in the download.
7. The user name and the password which had been captured on the Cisco site had been demonstrated as an image which had been aggregated in appendix two.

Secure Sockets layer which is abbreviated as SSL is a conventionally applied protocol which is applied for the administration of security by means of a messaging communication which is conducted by the internet. The Secured sockets layer (SSL) had been supplanted by the TLS (transported layer security) which is founded on SSL. The SSL applies a program layer which is positioned within the http (hypertext transfer protocol and the ECP) transportation control protocol. The Socket secured layer is incorporated as a component of the Netscape and Microsoft browsers and the majority of web serving applications (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

The SSL was produced by Netscape. The SSL evolved into becoming one of the applications which is supported by Internet producers which includes Microsoft was considered as the gold standard until the development of the TLS. The term sockets are applied to detail the manner of transmitting data between the client and the serving programs which are located within a network system in the same coordinating systems. The SSL applies the private and public key coding which is derived from the RSA, which incorporates the application of a digital certificate (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

The SSL and the TLS are significant components of the majority of web browsing clients and web services. A website which applies a particular SSL can be facilitated and accessed by its requisite for web access. Any of the internet web servers can be facilitated by implementing Netscape’s library which is used for SSL referencing. This library is available for download for authorized or commercial use (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

The SSL protocols were presented in 1994. The SSL has since been applied as the gold standard to internet security and more than probably will continue to be the security feature for the internet and e- commerce for the next several years.  The SSL apply a form of coding.  The data which is transmitted by means of the internet such as the credit card numbers and other sensitive information is prevented from being unlawfully accessed by the application of the SSL. Users can be assured that they are on a page which applies coding for security when the prefix letters of the page are placed before the electronic address. The SSL is also assured by a lock symbol in the lower part of the screen (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

Coding which applies either one hundred and twenty eight bit or forty bit encryption is applied. The consumer browser cannot provide all of the security functions. It is imperative that the e-commerce professionals apply their contribution to internet security in order to provide security for the consumer information which is being delivered to their websites. The e-commerce merchants are the other aspect of the equation in the internet security model in the certificate which is applied for the SSL (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

The SSL certificate relies on a secured server which is applied in order to code the data and to provide the identification of the website. The certificate which possesses the SSL is applied in order to confirm that the site pertains to the organizations which claim the site as property. The SSL also identifies the location of the entity which applies the website (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

There are different methods of obtaining an SSL certificate. One method is to acquire the SSL certificate by purchasing from an authorized vendor. The other method of obtaining a SSL certificate is to provide an auto directed signature. This can be applied by the application of open source software. The data may have the aspect of being coded; however there is a basic challenge with the auto directed signing an SSL certificate in the initial instance. The governments issue drivers licenses in order to establish standards. The SSL certificates are similar to driving licenses. The issuing authorities for the SSL certificates ensure that the certificates are completely legitimate (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007).

Websites which facilitate consumer confidence have greater likelihood of attracting traffic and creating revenue. There are empirical studies which infer that an auto directed SSL certificate will cause the browser to indicate that the certificate had not been acknowledged. The Veri Sign organization recognizes that there are many individuals which will visits the website despite the aspect of the non-secured aspect being demonstrated. In addition, many consumers will access a website which possesses an outdated SSL certificate (Sullivan, 2007; Tipton, 2007; Tipton & Krause, 2007). In conclusion, the clients who apply the Veri Sign seal as a criteria of using a website has a characteristic of greater security with sensitive information which is transmitted by means of the internet.

References

Sullivan, D. (2007). The shortcut to extended validation certificates. Real Time Publisher.

Tipton, H.F. (2007). Official (ISC) 2 Guide to SSCP, CBK, Second edition. CRC Press.

Tipton, H. F. & Krause, M. (2004). Information security handbook. CRC Press.