College
Buchtel College of Arts and Sciences
Date of Last Revision
2023-05-05 23:23:45
Major
Computer Information Systems
Honors Course
2440-491
Number of Credits
3
Degree Name
Bachelor of Science in Computer Science
Date of Expected Graduation
Spring 2022
Abstract
Penetration testing on a business network consisting of three routers, one switch, and one computer. Access Control Lists (ACLs) on the routers act as the firewall(s) for the network. 10 of the twelve ACLs do not deny any form of traffic to reflect the lax security standards common in small networks. Router 1 acts as the primary router of the Attacker/Pen Tester. Router 2 represents the edge router for the business and Router 3 is the inner router closest to end-user devices. Switch 1 is connected to Router 3 with one computer connected to the switch acting as an end-user. Switch 1 is configured with two VLANs: VLAN 10 for the users and VLAN 20 representing planned expansion. Each router and switch are accessible via SSH for remote management.
The penetration test begins with Zenmap reconnaissance followed by remote password cracking with THC Hydra to gain remote access to all three routers and the switch. Upon completing the remote access penetration test, the Pen Tester moves inside the network to the new VLAN 20 to test internal security utilizing Yersinia.
Research Sponsor
Dr. John B. Nicholas
First Reader
Sarah M. Hoge
Second Reader
Stanley H. Smith
Honors Faculty Advisor
Sarah Hoge
Proprietary and/or Confidential Information
No
Recommended Citation
Kandle, Lee, "Penetration Testing in a Small Business Network" (2022). Williams Honors College, Honors Research Projects. 1612.
https://ideaexchange.uakron.edu/honors_research_projects/1612
Included in
Computer and Systems Architecture Commons, Digital Communications and Networking Commons, Other Computer Engineering Commons