Sie sind auf Seite 1von 34

Networking and Security Projects for Students

100 + Project and Presentation ideas with titles and abstracts on Networking
and Security

www.projectsinnetworking.com

Copyright 2012 @ projectsinnetworking.com

The EBook contains 100 + project and presentation ideas with titles and abstracts
on networking and security for students. The abstract contains details on the
project title. The project titles are developed based on areas in networking like
network security, network testing, network design and configuration, networking
tool development, protocol analysis and CCNA concepts.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Copyright 2012 @ projectsinnetworking.com

Title: Study on Rip v1 and Rip v2 protocol


Abstract:
The project does a study on Rip v1 and Rip v2 protocol. The configuration methods of
the protocols on Cisco routers are analyzed. The insecurity of Rip v1 and how it is
improved by Rip v2 is documented. The configuration required on Cisco routers to block
RIP updates on specific interfaces is documented.
Title: Study on access control lists
Abstract:
The project does a study on different types of access control lists like standard and
extended access control lists and understands the configuration required on Cisco routers.
The differences and similarities in the configuration and design is understood. The
project also performs a detailed analysis of the differences in inbound and outbound
access control lists and how packets are handled when they are configured.
Title: Layer 2 loop prevention with Spanning Tree protocol
Abstract:
The project understands the anatomy of a layer 2 loops and why ethernet frame design is
vulnerable to looping. The internal design of the spanning tree protocol is researched and
how it is used for preventing layer 2 loops is understood.
Title: Access restriction between vlans
Abstract:
The project understands how access control lists can be used to restrict access between
computers connected to different vlans. Intervlan communication is setup on a router
using router on a stick configuration. The computers are configured with IP addresses
belonging to different network addresses and mapped with the corresponding vlans.

Copyright 2012 @ projectsinnetworking.com

Title: VLAN design for organization


Abstract:
The project understands how vlans can be used to create different departments. Every
department is mapped with a unique vlan. The computers belonging to the vlans
(departments) are configured with IP addresses belong to different network addresses.
Intervlan routing configuration is identified for access between departments.
Title: Protecting Web servers from spoofed static source IP.
Abstract:
An organization has setup a Web server behind a Cisco router. It is been observed that
the web server is being attacked from a private ip address of 192.168.2.3 from the
internet. The appropriate configuration on the router with ACL which would block access
from the specific IP address to the web server is identified.
Title: Access restriction to FTP server
Abstract:
In an organization, there are two networks, 192.168.1.0/24 and 192.168.2.0/24.
Appropriate configuration on the router is setup for communication between the
networks. A FTP server is setup on the 192.168.1.0/24 network. It is required that
computers on the 192.168.2.0/24 network should be able to access only the FTP service
on the FTP server and all other traffic should be blocked. The project aims to identify the
necessary ACL configuration required to be setup on the router is identified.
Title: Internet access restriction for a network
Abstract:
A perimeter router of an organization has three interfaces. One of the interfaces is
connected to the internet. The other two interfaces are connected to the networks
192.168.1.0/24 and 192.168.2.0/24. It is required that computers on the 192.168.1.0/24
network should not have access to the internet, but have access to the 192.168.2.0/24
network. The project understands the necessary ACL configuration which needs to be
configured on the router for achieving the solution.

Copyright 2012 @ projectsinnetworking.com

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Controlling broadcasts with VLAN
Abstract:
The project aims to understands how broadcasting causes traffic congestion in a switched
network. The fundamental concepts of VLAN are understood and how VLANS can be
used on a switch to create different broadcast domains to control broadcast traffic is
understood.
Title: RFC 1918 compliance for perimeter routers
Abstract:
RFC 1918 states the IP addresses which are allowed for use on private networks. These
IP addresses are not allowed to be used on the internet. Perimeter routers should not
allow incoming packets from the internet with the IP addresses mentioned in the RFC.
The project understands the appropriate ACL rules which need to be configured for
achieving the solution. (http://www.rfc-editor.org/rfc/rfc1918.txt )
Title: STP Vulnerabilities, attacks and mitigation
Abstract:
The projects understand the internal architecture of STP packets and the fields inside it.
The mechanism which attackers use to exploit the vulnerabilities in the STP packets is
understood. The project understand the different features available on Cisco switches like
BPDU-Root guard, Root guard , Loop guard along with appropriate configurations.
Title: Internet sharing for LAN computers
Abstract:
An organization is using a Cisco router as the internet router. The WAN interface of the
router is connected to the internet and the LAN interface is connected to a switch to
which the LAN computers are connected. There are 30 computers on the LAN which
Copyright 2012 @ projectsinnetworking.com

belong to the network address of 192.168.1.0/24. The project is to design the strategy and
configuration which is required on the router to share the internet with the 30 users
Features like default route, port address translation is explored for the purpose.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: DDOS TCP Syn flood defense for Web server
Abstract:
An organization hosts a web server behind a Cisco IOS firewall router. It is been
observed that the Web server is being targeted for a DDOS based TCP Syn flood attack.
The project aims to understand the anatomy of the attack along with feature TCP
intercept on the Cisco IOS firewall and the necessary configuration which needs to
be setup on the Cisco IOS firewall for defending the web server against the attack
Title: Resolving Active FTP issues with Cisco CBAC
Abstract:
The users in an organization access internet through a normal firewall. Since a firewall is
setup, the users are unable to access Active FTP servers on the internet. The project aims
to setup a Cisco IOS firewall to resolve the issue. The generic issues with firewalls and
Active FTP servers and how the CBAC feature on the Cisco IOS firewall resolves
the issue.
Title: Mac-address authentication vulnerability on 802.11 wirelesses LAN
Abstract:
Mac-address authentication is a feature available on Cisco access points for
authenticating wireless clients based on their mac-addresses.The projects aims to
understand the vulnerabilities in this feature by exploring mac-spoofing attacks and how
it can be used to defeat mac-address authentication.
Title: Defeating route table poisoning with OSPF
Abstract:

Copyright 2012 @ projectsinnetworking.com

RIP v1 is an insecure protocol. It does not have an authentication support inbuilt. An


attacker can craft invalid RIP packets and send it out on a RIP network. The RIP router
would accept the same and update its routing table. This poisons the route table as
invalid route entries are injected in the table. The project aims to understand how OSPF
which has authentication inbuilt can be used as protection against the attack.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Title: Defeating cam flooding attacks with port-security


Abstract:
Cam flooding attack works by generating a large number of frames on a switch port and
making the cam table of the switch to overflow, eventually making the switch to
broadcast out received frames on all ports. The projects understands how portsecurity feature can be used to limit the number of allowed mac-address on a switch port
to prevent cam flooding attack along with the actual configuration.
Title: Remote management with SSH
Abstract:
An organization is currently using telnet to remotely manage a Cisco router on the
internet. Due to the security vulnerability of telnet that it sends data in clear text, the
organization has decided to setup SSH as a replacement protocol for remote management.
The project aims to understand the different components required to setup the SSH
infrastructure like SSH client and SSH server configuration on the Cisco router, which
is tested and verified.
Title: OSPF Design on non-broadcast networks.
Abstract:
The project understands the generic design of OSPF and the details as to why it does not
work normally on a non-broadcast network like frame relay. The necessary configuration
required to make OSPF function on a Frame relay link is understood.
Title: A study on VLAN protocols.
Copyright 2012 @ projectsinnetworking.com

Abstract:
The project aims to understand vlan tags and how it is used in conjunction with a generic
ethernet frame. The different types of vlan protocols like 802.1q and ISL with
documentation on the similarities and differences in the protocol structure and usage. The
actual configuration to setup 802.1q and ISL tagging is understood.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Router backup infrastructure design
Abstract:
An organization has a Cisco router which is used for routing between different networks.
The configuration on the router is to be backed up using the TFTP protocol. For this an
appropriate infrastructure is designed. The project aims to understand the TFTP client
configuration on the router and how the configuration can be backed up on a free TFTP
server like Solar Windows TFTP Server.
Title: Web server public hosting
Abstract:
An organization is planning to setup a web server which can be accessed from the
internet. The web server is setup behind a Cisco IOS firewall router. For public hosting,
the organization purchases a public IP address from the ISP. The project understands the
configuration required on the Cisco IOS firewall to perform one to one mapping with
static NAT feature for users on the internet to access the web server. The necessary ACL
configuration required to be setup on the Cisco IOS firewall for users to access only port
80 for web access and block all other ports is understood.
Title: VLAN access between remote offices
Abstract:
An organization has linked up its main and branch office with leased lines. The WAN
encapsulation protocols used on the leased lines is PPP. Cisco routers are used for the
purpose. There are four vlans in the organization namely, vlan 2, vlan 3, vlan 4 and
vlan5. vlan 2 and vlan 3 are setup in the remote office and vlan 4 and vlan 5 are setup in
the branch office. The vlans are mapped with the network addresses 192.168.1.0/24,
192.168.2.0/24, 192.168.3.0/24 and 192.168.4.0/24. The project understands the
Copyright 2012 @ projectsinnetworking.com

necessary design strategy and configuration required for computers belonging to the
different vlans to be able to access each other through the WAN link.
Title: Study on NAT flavors on Cisco routers
Abstract:
The aim of the project is to understand the different flavors of NAT on Cisco routers like
Static NAT, Dynamic NAT and PAT. The use of these features in a real time
environment and the configuration required to setup the features on the routers is
understood.

Title: Cisco IOS Firewall IDS signatures.


Abstract:
Cisco IOS firewall has inbuilt intrusion detection signatures. The aim of the project is to
understand the different types of inbuilt IDS signatures and the types of attacks and
packets which would trigger the signatures. The different tools which attackers use and
the methodology to conduct the attacks or crafting malformed packets is explored.
Title: Wireless VLAN design in Campus
Abstract:
A wireless network has to be setup in a campus which has 3 blocks. There are three
departments in the campus namely Management, faculty and students. There are
approximately 30 users each in each department. Each department is separated as
different vlans, vlan 2, vlan 3 and vlan 4. Each of the vlans are configured are mapped
with the network address 192.168.1.0/24, 192.168.2.0/24 and 192.168.3.0/24. Wireless
access is required at the different blocks for which access points are installed. A DSL
internet connection is available which is to be shared by all the users on the network. The
campus plans to use a Cisco and Microsoft infrastructure. The design strategy and
methods by which multiple vlans can be hosted on an access point , which would provide
dhcp addresses from a windows dhcp server needs, switches and routers with appropriate
configurations to be identified. The users should also be able to access internet after
successful connection.

Copyright 2012 @ projectsinnetworking.com

Title: LAN network design with file sharing and dynamic ip addresses management
Abstract:
A LAN network has to be setup for an organization. There are 130 users in the organization. The
users should receive dynamic ip addresses on connectivity to the network. The users should also
be able to upload and download files on a central location using a file server. Windows
2003/2008 based network infrastructure needs to be identified with applications like FTP server
for file sharing, DHCP for ip address management with the appropriate configurations and IP
network schema. The number of switches required and methods to setup the same is also
identified.

Copyright 2012 @ projectsinnetworking.com

Title: Web Server design and setup for organization


Abstract:
An organization has an e-commerce application, which is to be setup on a Window based Web
server. The application would need to be accessed by users residing on the internet. The Web
server is setup on the LAN, behind a perimeter firewall router which is Cisco IOS router. To
allow the users on the internet to access the Web server, a static public IP address has been
purchased. The necessary configurations required to setup and secure the Web server like static
nat configuration on the perimeter router for the public ip address, DNS server setup, Access
control lists on the router for allowing only web traffic to the web server needs to be identified.

Copyright 2012 @ projectsinnetworking.com

Title: VLAN deployment on site to site networks.


Abstract:
An organization has interconnected its main and branch office using a leased line network. Cisco
IOS routers are used for the leased line connectivity. There are 4 departments in the organization,
namely finance, management, IT and research. All the departments are mapped with different
vlans, vlan 2, 3, 4 and 5 respectively. The IP networks assigned for different vlans are
192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24 and 192.168.4.0/24. vlan 2 and vlan 3 is
configured on the main office and vlan 4 and vlan 5 is on the branch office. A solution has to be
identified where the users belonging to different vlans should receive dynamic ip addresses from
windows 2003 dhcp servers residing at respective locations and the necessary configuration
required on the routers and the computers for allowing the users on different vlans to
communicate between vlans residing at different locations.

Title: Site to Site IPSEC VPN Design in an internet sharing environment


Abstract:
An organization needs to setup a site to site IPSEC VPN between main and branch office. In the
branch office, there is an internet connection for which a static public ip address is used. Cisco
IOS routers are used at both the sites for VPN deployment. The internet in the branch office,
which is setup on a Cisco IOS router, is shared by users at the location. The VPN network should
be designed such that the VPN router in the branch office should use the available internet
Copyright 2012 @ projectsinnetworking.com

connection for VPN site to site deployment. Configurations required on the internet router, VPN
routers, and network address design for users at the different locations needs to be identified for
the solution to work.

Title: Hotspot design for Coffee shop


Abstract:
A coffee shop needs to setup a hotspot, where users can access internet. Users should be able to
access internet through one time passwords, which can be purchased from the coffee shop. The
employees should be able to access the internet without passwords. A hotspot management
system, internet sharing mechanism, access point integration, IP address management and
seamless access to internet for employees needs to be identified. .

Copyright 2012 @ projectsinnetworking.com

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Multi Site MPLS network design
Abstract:
An organization has 4 locations, 1 main location with 3 branch location. The user in the branch
location needs to access an ERP server in the main location through the MPLS network. Mobile
users should be able to access the ERP server through the terminal server using the ADSL
internet connection setup the main location. Cisco MPLS routers are proposed for the
connectivity. The network should be designed with appropriate network addresses for different
locations, the configuration required on the terminal server, ADSL router for remote access.

Copyright 2012 @ projectsinnetworking.com

Title: DMZ Design for SQL Database server


Abstract:
A DMZ zone needs to be setup for an organization for hosting a SQL server. The organization
has a perimeter router, which is a Cisco IOS router, to which a Cisco ASA is connected. There
are 30 users in the LAN network for which IP addresses needs to be allocated dynamically. The
network design strategy needs to identified, for setting up the DMZ network on the Cisco ASA
firewall, network address schema for the DMZ and LAN network, DHCP design with
appropriate servers, routing required on the Cisco ASA and Cisco perimeter router for users on
the internet to access the SQL server in the DMZ zone.

Copyright 2012 @ projectsinnetworking.com

Title: Wireless Multi Site campus network design


Abstract:
In a university campus, there are three blocks, main block, block 1 and block 2. The distance
between Main block and block 1 is 200 mtrs and between main block and block 2 is 300 mtrs.
There is a clear line of sight between the blocks. There are 30 computers in the main block with
an application server. There are 20 and 10 users in block 1 and block 2 respectively. It is required
to link up the sites with Cisco wireless access points and appropriate antenna. The network
design strategy, with network addresses, dhcp identification and configuration for users to
receive dynamic ip addresses and for users on block 1 and block 2 to access the application
server at the main block needs to be identified.

Copyright 2012 @ projectsinnetworking.com

Title: Network design for a 3 storey building


Abstract:
A network has to be designed for a 3 storey building. There are approx 20 users in each floor. An
internet connection is available in the building. All users in the building, should be able to access
the and share the internet connection. The network design strategy, IP network address
identification, dynamic ip address management, manageability of wireless access points from a
central location, hardware like access points, switches and routers needs to be identified.

Copyright 2012 @ projectsinnetworking.com

Title: IPSEC issues with NAT firewalls and IP Fragments with mitigation.
Abstract:
The project does a detailed study on IPSEC and its different modes like transport and tunnel
mode. IPSEC issues with NAT firewalls and IP fragmented packets and the different mitigation
techniques which are available are understood.
Title: Eavesdropping vulnerable protocols and associated mitigation
Abstract:
The project does a study on eavesdropping and the techniques used by the attacker like sniffing
to perform the attack and the common protocols like telnet, http etc which are susceptible to the

Copyright 2012 @ projectsinnetworking.com

attack. How improved protocols like SSH, HTTPS can be used to prevent the attacks are
understood.
Title: Attacks on a switching infrastructure and mitigation
Abstract:
The project does a study on different types of attacks which are targeted on a switch
infrastructure like cam flooding, ARP cache poisoning, STP and VLAN based attacks are
understood. The anatomy of the attacks and different security features which are available on the
switch which can be configured to mitigation the attacks are analyzed.
Title: DDOS based attacks on TCP and ICMP
Abstract:
The project does a study on the anatomy of a DDOS attack and how it differs from a DOS attack.
DDOS attacks which are based on TCP and ICMP, how they work and the different tools which
can be used to simulate the attacks are studied. The mitigation plan for a network to prevent a
DDOS attack is identified.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Security in VLAN
Abstract:
The project does a study on VLAN technology and how it is used to improve the performance of
a network. The different attacks which are targeted on VLAN infrastructure like private vlan
attacks, mac-flooding , multicast brute force attack is understood.
Title: Comparative study of IPSEC and SSL VPN
Abstract:
The project does a comparative study of IPSEC and SSL VPN, the deployment scenarios where
they are used and the challenges faced in networking environments like NAT, Firewalls etc. The
methods by which IPSEC and SSL VPN derive dynamic session keys and the different protocols
which are involved during a negotiation is analyzed
Title: Spoofing attacks and defense

Copyright 2012 @ projectsinnetworking.com

Abstract:
The projects understands the different types of spoofing attacks like IP spoofing , mac-spoofing
,the anatomy and the different tools which are used to conduct the attacks. The different defense
mechanisms by which the attacks can be defeated like access control lists, port security, macaddress authentication is analyzed.
Title: Comparative study of layer 2 and layer 3 VPN
Abstract:
The project does a comparative study of layer 2 VPN like PPTP, L2TP with layer 3 VPN like
IPSEC. The different transport layer protocols used by the VPNs. the algorithms and protocols,
the infrastructure requirements and deployment strategies are understood.
Title: Securing a DHCP infrastructure
Abstract:
The project understands the different types of attacks which are targeted on a DHCP based
infrastructure like DHCP starvation attacks, Rogue DHCP servers and their anatomy. The
different mitigation techniques like port-security, DHCP snooping are identified.
Title: Secure remote access protocols
Abstract:
The project understands the different types of remote access protocols like telnet, FTP and
understands the vulnerabilities in them like lack of encryption. Replacement protocols like SSH ,
Secure FTP and how security is improved by their use is analyzed.
Title: 802.1x infrastructure design
Abstract:
The project understands the security issues on a layer 2 switch infrastructure with no
authentication and how it can improved by migrating to a 802.1x infrastructure. The different
dependencies which are required to setup a 802.1x infrastructure like supplicant, radius server
and the methods to integrate the same is understood.
Title: Brute force attack testing on Web server
Abstract:
The project understands the mechanism of brute force attack, the tools which are used for the
purpose and how to test if a web server is vulnerable to brute force attack. The different
Copyright 2012 @ projectsinnetworking.com

mechanisms which can be used for protection against brute force attack like account lock out
feature, complex passwords are analyzed.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Site to Site IPSEC VPN design in a firewall environment
Abstract:
The project understands how to setup a site to site VPN design between two offices. The VPN
appliances are kept behind network layer firewalls. The project understands the different
configuration on the firewall like Public IP address mapping to internal VPN, open ports
required for VPN access like UDP port 500 for setting up the site to site VPN tunnel between the
offices.
Title: DNS infrastructure security issues and mitigation
Abstract:
The project understands the different security issues and attacks on a DNS based infrastructure
like DNS spoofing, attacks on DNS server update zones, attacking through name registry etc.
The different mitigation techniques which are used as a defense for the attacks are understood.
Title: Secure network design with DMZ (Demilitarized Zone)
Abstract:
The project understands the concept of Demilitarized zone in a network environment and the
mechanism and network design strategy by which a server which is exposed to the internet can
be setup in DMZ zone for access by users on the internet and the LAN.
Title: Comparative study of Network and application layer firewalls
Abstract:
The project does a comparative study on network and application layers firewalls, deployment
strategies, the limitations and improvements, and the typical attacks which are blocked using the
firewalls.
Title: Database attacks and defense
Abstract:
Copyright 2012 @ projectsinnetworking.com

The project understands the different types of attacks which are targeted on a database
infrastructure, like network sniffing, weak passwords, sql injection, brute force attacks etc. The
anatomy of the attacks and the defense mechanism for each of the attacks is identified.

Title: MITM vulnerable protocols and mitigation


Abstract:
The project understands the anatomy of a Man in the middle attack and the anatomy. The
different protocols which are vulnerable to the attack like, TCP, ARP etc and real time
environments where the attacks are used are analyzed.
Comparative study of Firewalls, IDS and IPS
Abstract:
The project does a comparative study on firewalls, IDS and IPS. The deployment scenarios,
attacks which are defended by the devices, limitations and improvements are understood. The
different vendors and modes of the devices are researched and documented.
Title: Wireless migration from WEP to WPA
Abstract:
The project understands the limitation and security issues with the WEP protocol and the
improvements with WPA protocol. The different components which are required to setup WPA
based wireless infrastructure like supplicants, WPA supported access points are understood.
Title: TCP session testing tool for web servers
Abstract:
The project develops a tool which would simulate TCP connections from different TCP source
ports numbers to destination port number 80. The tool takes the required number of connection
requests as user input. The tool is developed with Scapy and Python.
Title: Rogue DHCP server detection tool
Abstract:

Copyright 2012 @ projectsinnetworking.com

The project develops a tool for identifying rogue DHCP servers on the network. The tool returns
the list of DHCP servers on the network, from which the rogue DHCP server can be identified.
The tool is developed with Scapy and Python.
Title: TCP port scanner
Abstract:
The project develops a tool which is used for identifying TCP based applications running on a
server. The tool returns the port numbers which are open on the server along with the
corresponding application name. The tool is developed with Python and Scapy.
Title: Access control list testing tool
Abstract:
Access control list is a security feature which is available on routers, switches and firewalls
which permits or denies packets based on IP and TCP/UDP port numbers. The projects aims to
develop a tool which can simulate custom IP and TCP/UDP packets based on user input for
testing. The tool is developed with Python and Scapy.
Title: VLAN max limit testing tool for Cisco switch.
Abstract:
The project develops a tool which would test the maximum number of vlans on a Cisco switch.
For this purpose, the max number of vlans supported on the switch platform is understood from
the technical specification. Once the max number is identified, the tool is executed from a remote
PC, connects automatically to the switch using telnet and creates the specified number of vlans
on the switch. The tool is developed with TCL/TK.
Title: IP Scanner tool for a network.
Abstract:
In a DHCP network, it is difficult to identify unused IP addresses on the network. The project
develops a tool which is used for listing unused IP addresses on the network. The tool is
executed from a computer on the network. Scapy and Python is used to develop the tool.
Title: Spanning tree election testing tool for switches.
Abstract:
The spanning tree protocol is used on a switch topology to prevent loops. Spanning tree protocol
uses an election process, where the switch which has a lower priority value in the BPDU is

Copyright 2012 @ projectsinnetworking.com

elected as the root bridge. The project develops a tool which would develop custom STP packets
to generate STP packets with the required priority value.
Title: ICMP Message testing tool
Abstract:
ICMP messages are used for specific purpose. Based on ICMP message type and code sent from
the initiator, the destination would respond correspondingly. To test the functionality of ICMP, a
tool is created which can craft custom ICMP packets. The tool can take ICMP code and type as a
user input and is developed with Python and Scapy.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: IP spoofing attack tool
Abstract:
In IP spoofing attack, the attacker uses custom IP address values in the source address field of
the IP packet. The project develops a tool which would create custom IP packets with user input
as source address and the number of times the packet has to be sent on the network. The tool is
created with Python and Scapy.
Title: URL Filtering testing tool
Abstract:
URL filtering is a feature which is available on routers and firewalls. The feature blocks access
to a website based on the URL information. The project develops a tool which can be used to
create custom URL information, which is taken as a user input. The tool is developed with
Python.
Title: Web server finger printing tool
Abstract:
Web server finger printing is method by which the operating system and version of the Web
server is identified. The project develops a tool which would finger print the web server and
return the information to the user. The tool is developed with Python and Scapy.
Title: LAN speed tester tool

Copyright 2012 @ projectsinnetworking.com

Abstract:
The project develops a tool to identify the time it takes for a packet to flow between two
computers on a LAN network. ICMP protocol is used for the purpose. The tool is developed with
Python and Scapy.
Title: DDOS based TCP Syn flood attack tool
Abstract:
TCP Syn flooding is an attack which is based on TCP based servers. When the attack is
generated from different random source IP addresses, it is termed as DDOS attack. The project
aims to develop a tool by using the Hping frame work to simulate the attack.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: URL to IP mapper tool
Abstract:
The project develops a tool which would return the IP address of a URL. The tool takes the URL
as a user input and provides the IP address which is mapped with the URL. The tool is developed
with Python and Scapy.
Title: IP Packet TTL manipulator tool
Abstract:
The project develops a tool which can be used for crafting custom IP packets with the required
TTL value. The TTL value is taken as a user input. The tool is developed with Python and
Scapy.
Title: Back door scanner tool
Abstract:
Back door is a mechanism by which an attacker can gain access to a remote computer. Back
doors are possible when computers have applications like VNC, Remote desktop running on the
target without password authentication. The project develops a tool which would scan a
computer for back door applications and return the list of available applications. The project is
developed with Python and Scapy.

Copyright 2012 @ projectsinnetworking.com

Title: Remote access scanner tool


Abstract:
Remote access is the mechanism by which devices can be accessed remotely using applications
like Telnet, SSH, FTP, HTTP etc. The project understands the different types of remote access
protocols and develops a tool which would scan a remote device for the list of available
protocols. The tool is developed with Python and Scapy.
Title: Mac-spoofer tool
Abstract:
Mac-spoofing is the mechanism by which an attacker uses a different mac-address. The project
develops a tool which would take the value of the source mac-address as input from the user. The
tool can be used to generate custom ethernet frames with the required source mac-address. The
tool is developed with Python and Scapy.

Title: VLAN packet crafter


Abstract:
The project develops a tool which would generate custom 802.1Q vlan packets. The tool takes
the required vlan id as input and transmits on the network. The tool is developed with the Python
and Scapy.
Title: Router banner grabbing tool
Abstract:
Banner grabbing is the process by which the operating system and version running on a system is
identified. The project develops a tool which would perform banner grabbing operation on a
Cisco router. The tool is developed with Python and Scapy.
Title: IP/MAC Enumerator tool
Abstract:
The project develops a tool which enumerates the list of IP and Mac-addresses on the network.
The tool is executed from a computer on the network. The tool is developed using the Nmap
framework.
Title: ARP cache poison tool
Abstract:
Copyright 2012 @ projectsinnetworking.com

ARP cache poisoning is an attack by which the attacker poisons the ARP cache of a remote
system. The project develops a tool which would generate custom ARP packets for the purpose
of ARP cache poisoning. The tool is developed using Python and Scapy.
Title: DNS server scanner tool
Abstract:
The project develops a tool which would scan the list of available DNS servers on a LAN
network along with the IP address of the DNS servers. The tool is developed with Python and
Scapy.
Title: HTTP Packet crafter tool
Abstract:
The project develops a HTTP packet crafter tool which would simulate custom HTTP packets on
the network. The tool is developed with Python.
Title: Reverse DNS tool
Abstract:
Reverse DNS is the process by which the domain name corresponding to an IP address is
retrieved. The project develops a tool which would take the IP address as the user input and
display the domain name. The project is developed with Python and Scapy.
Title: Analysis of FTP protocol
Abstract:
The project does a study on FTP protocol and the components which are required to set it up like
FTP server and FTP client and the different platforms on which FTP can be implemented. The
TCP communication in FTP protocol along with the different TCP channels like data and control
channel is understood with wireshark protocol analyzer. The different flavors of FTP protocol
like Active and Passive FTP and how they differ in communication is understood. How the lack
of encryption in FTP can be used for eaves dropping attack is understood.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Copyright 2012 @ projectsinnetworking.com

Title: Analysis of DHCP protocol.


Abstract:
The project does a study on DHCP protocol and the components which are required to set it up
on a network infrastructure are analyzed. The different packets which are exchanged in a DHCP
communication like DHCP Discover, DHCP offer etc is understood by the use of wire shark
protocol analyzer. The process by which a DHCP client retrieves a dynamic IP address from the
DHCP server is understood. The security vulnerabilities in DHCP protocol like lack of
authentication is understood along with defense mechanisms.
Title: Comparative study of SSL and TLS.
Abstract:
The project does a comparative study of SSL and TLS protocols. SSL and TLS are protocols
which provide encryption, authentication and integrity to application layer protocols. The
different algorithms which are used by both the protocols along with similarities in packet
structure are understood.
Title: Security and broadcasting issues of Rip v1 protocol
Abstract:
The project does a study on the packet structure of Rip v1 protocol. The broadcasting nature of
Rip v1 protocol and how it can create a traffic storm is understood. The lack of security measures
in Rip v1 and how route poisoning attacks is possible on a Rip v1 infrastructure is understood.
Title: Analysis of IPSEC protocol
Abstract:
The project does a study on IPSEC protocol and its different modes like transport and tunnel
mode. The common deployment scenarios of IPSEC like Site to Site Tunneling, Remote user
connectivity is understood. The common issues with IPSEC protocol with NAT and application
layer protocols like FTP is understood along with mitigation techniques. The different algorithms
which the IPSEC protocol uses for encryption, authentication and integrity are understood.
Title: Security issues with spanning tree protocol
Abstract:
The project does a study on the functionality of the spanning tree protocol and areas of
deployment. The generic vulnerabilities that exist in the spanning tree protocol and the different
types of attacks which are targeted on a STP based infrastructure are understood. The security
features which are available for mitigating spanning tree attacks are understood.
Copyright 2012 @ projectsinnetworking.com

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: A study of VLAN protocols
Abstract:
The project does a study on different vlan protocols like 802.1q and ISL. The differences and
similarities in the protocols along with a detailed analysis of packet headers are performed. Inter
vlan communication using the protocols is understood.
Title: A study on TKIP and WEP
Abstract:
The project does a study on the 802.11 encryption protocols TKIP and WEP. The packet
structures used in both the protocols is analyzed. The different algorithms used by the protocols
for providing encryption service are understood. The encryption key derivation process in the
protocols along with a study on how security issues in WEP is improved by TKIP is analyzed.
Title: Security improvements of EAP-TLS with PEAP.
Abstract:
The project understands the deployment scenarios where EAP-TLS protocol is used like LAN
and Wireless LAN. The components required to setup EAP-TLS authentication infrastructure in
an organization like 802.1x, radius, and supplicants is understood. The security issues with EAPTLS and how it is mitigated with PEAP is analyzed.

Title: Study on Layer 2 tunneling protocols.


Abstract:
The project understands the different layer 2 tunneling protocols, PPTP and L2TP. The packet
structures of both the protocols are understood, along with components which are required to
setup the infrastructure like PPTP , L2TP clients and servers. The algorithms and protocols
which are used for providing encryption and authentication for the protocols are understood.
Title: Security issues of telnet
Abstract:
Copyright 2012 @ projectsinnetworking.com

The project performs a live analysis of communication between a telnet client and a telnet server.
The authentication of the telnet client with the telnet server with username and password is
analyzed with wireshark. The transmission of the username and password in clear text is
identified and how telnet can be used for eaves dropping attack is understood.
Title: Insecure protocol tunneling with SSH
Abstract:
The project understands how a SSH tunnel can be used for tunneling telnet traffic. Telnet is an
insecure protocol. The different components for setting up a SSH tunnel like SSH clients and
servers and how telnet can tunneled through the SSH tunnel is understood.
Title: Insecurity of ARP protocol
Abstract:
The project understands the packet structure of the ARP protocol and the different messages
associated with it. The practical deployment scenarios where ARP is used is understood. The
security issues associated with ARP design and attacks based on ARP protocol and defense
mechanism is analyzed.
Title: Study on TCP and UDP protocol
Abstract:
The project understands the packet structure of TCP and UDP and applications which use them.
The different features associated with the protocols like reliability, retransmission, and
acknowledgements are understood. The security issues with the protocols and attacks are
analyzed.

Title: Study on remote desktop protocols


Abstract:
The project understands the different remote types of remote desktop protocols which are
supported on Windows and Linux platforms. Different protocols like the generic remote desktop
connection on Windows, VNC on Linux is understood. The transport layer protocols used by the
protocols with the details on port numbers are understood. The method to use the protocol to
connect from Windows to Linux and vice versa is understood.
Title: Study of MD5 flavors.
Abstract:
Copyright 2012 @ projectsinnetworking.com

The project understands the two different flavors of MD5, which are MD5 and HMAC-MD5.
The differences in the functionality of both the algorithms and how the insecurity of MD5 is
improved by HMAC-MD5 are understood. Different protocols which use the protocols like
IPSEC, SSL, TLS is identified and the practical usage is understood.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Title: Remote access protocols


Abstract:
The project understands the different remote access protocols like FTP, Telnet, SSH, Secure
FTP. The components required to setup the above protocols and real world scenarios where the
deployment is found is analyzed. A comparative study chart is prepared with a focus on the
security of the protocols and the transport layer protocol which each of them uses along with
relevant port numbers.
Title: Resolving security issues of Rip v1 with OSPF
Abstract:
The project does a study on Rip v1 protocol and OSPF. The security issues with Rip v1 and how
the issues are resolved by using OSPF protocol is understood. A study on the packet structures of
Ripv1 and OSPF is performed and how the security issues with Rip v1 is resolved in OSPF by
having additional fields in the packet like authentication mechanism is understood.
Title: Implementing Radius and TACACS authentication
Abstract:
Radius and TACACS are protocols which are implemented by authentication servers for user
authentication. The project does a study on the comparison and differences of the protocols and
associated fields in the packet structure. The different servers which implement the protocols like
IAS, Freeradius etc are understood along with real world deployment scenarios.
Title: EAP protocol analysis
Abstract:
Copyright 2012 @ projectsinnetworking.com

EAP is a low level protocol which is used for transmitting user information at a lower level. The
project understands the different messages which are exchanged in an EAP protocol
communication like EAP-Request, EAP-Response, EAP-Logoff etc their use and the protocols
which use EAP for communication like EAP-MD5, EAP-TLS, PEAP-MSCHAP v2 etc.
Title: HTTP v/s HTTPS
Abstract:
The project does a study on HTTP and HTTPS with a detailed analysis on how the security
vulnerabilities of HTTP are improved by using HTTPS. The transport layer protocols used by
both the protocols are understood, along with practical deployment scenarios in a real world
environment. The different protocols which are used by HTTPS to provide data security is
understood.
Title: WPA TKIP protocol analysis
Abstract:
The project does a study on Wifi protected authentication protocol and how keys are derived in a
WPA authentication process. The mechanism by which wireless clients and access points derive
encryption keys for TKIP is understood. The differences and similarities in the key derivation
process in WPA and TKIP is understood.
Title: IPSEC Key derivation in a shared key and certificate based authentication
Abstract:
IPSEC clients and servers can authenticate using shared keys or certificates. The project does a
study on the differences in authentication mechanism in both methods and the key derivation
processes which are used for encrypting data.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Copyright 2012 @ projectsinnetworking.com

Title: Security analysis of BGP protocol


Abstract:
The border gateway protocol, BGP, is used by routers belonging to different autonomous
systems. BGP protocol uses TCP for communication. The project understands the security
vulnerability exposed by BGP protocol to TCP based reset attacks and defense mechanism by
having TCP-MD5 authentication.
Title: WAN encapsulation protocols
Abstract:
The project does a study on different WAN encapsulation protocols like PPP, HDLC and frame
relay. The packet structures of the protocols, the differences and similarities are understood.
Different real world deployment scenarios where the protocols are used are understood.

Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392

Copyright 2012 @ projectsinnetworking.com

Copyright 2012 @ projectsinnetworking.com