[SOLVED] Cs6238: secure computer systems project2

Whatsapp Us

Scan or Click here to open the chat!%s
, , , , ,

[SOLVED] Cs6238: secure computer systems project2

$25

File Name: Cs6238__secure_computer_systems_project2.zip
File Size: 376.8 KB

Categories: , , , , , Tags: , , , , ,
5/5 - (1 vote)

This project aims to enhance password security by incorporating a second authentication factor (2FA). We’ll explore this concept by modifying the Linux login implementation. While the specific implementation may be simplified for educational purposes, the underlying principles are similar to password hardening techniques discussed in class. Here’s what you’ll learn:

Focus:

This project concentrates on improving login security for local desktops/laptops. However, the concepts can be extended to secure remote logins as well.

 

We’ll be using a pre-configured Ubuntu virtual machine (VM) compatible with Oracle VM VirtualBox 7.0. You can directly import this VM into VirtualBox for your work.

The VM has a pre-created user account named “cs6238” with standard user privileges. To access files requiring root access, open a terminal and type:

Enter the password for “cs6238” (note: the password itself is not shown here for security reasons). Once you have root access, locate the desired file.

Default Credentials:

Project Files:

The cloned repository contains:

 

Figure 1. Desktop folder Content

 

 

Important Note:

Understanding Linux Login System (Pre-requisite):

Before proceeding, familiarize yourself with the following aspects of the Linux login system:

There are plenty of online resources for these topics. The “GETTING STARTED ON LINUX LOGIN/PASSWORDS” section in the Appendix can serve as a starting point.

We’ve provided two Python code files to help you understand how the system works for creating and logging in users:

Once you understand these scripts, you’re ready for the main project task.

 

This task focuses on implementing a 2FA system using a provided token_generator (TG) executable. While typical 2FA systems use a unique device per user (like a phone), this project uses a single TG for all user accounts. Each user will have two accounts: one in the 2FA system and one with the TG (registered with a PIN).

You are provided with the compiled token_generator executable. You do not need to implement it; you only need to understand its interface and use it as a black box.

The TG offers three options:

Important TG Behavior:

After each TG operation, the TG will prompt for confirmation. If the corresponding 2FA operation is successful, enter ‘y’ or ‘Y’. Otherwise, entering any other character will cause the TG to revert to its previous state.

The 2FA method involves four main operations: creating a user, logging in, updating, and deleting a user.

/etc/shadow.

Important: Adhere to the specified prompt order. Regrade requests based on incorrect prompt order will not be accepted.

You must create a standalone Python program (2FA.py) based on the provided Python code. Your program must implement the following:

o      Prompt the user to select an action:

▪      Select an action:

(IT).

/etc/shadow and /etc/passwd files and creating a home directory. o           On success, print “SUCCESS: <user-id of the user> created”. o         The salt remains the same unless the user updates the password or deletes and recreates the account.

o    Request Username, Password, New Password, Confirm New Password, New Salt, Current Token (CT), and Next Token (NT).

o       Request username, password, and current token.

Important Considerations:

Perform a security analysis of the implemented 2FA method, addressing the following points:

 

This file should contain your Python code implementing the 2FA functionality based on the provided description. It should handle user prompts, and perform the necessary security checks during user creation, login, update, and deletion operations.

This PDF report, named according to your GT ID (e.g., jrodriguez_2FA.pdf), should detail the security analysis of the implemented 2FA system. It should address:

o         Server-Client Implementation and Secure Token Transfer:

By covering these points in your report, you’ll demonstrate a comprehensive understanding of the 2FA system’s security implications and potential improvements.

Important Notes:

 

             

o    If you’re unfamiliar with importing VMs, refer to the provided Oracle VM VirtualBox documentation:

https://docs.oracle.com/cd/E26217_01/E26796/html/qsimportvm.html

 

 

Figure 1: Creating an Account

 

Figure 2: Logging into an Account

 

Linux User Creation and Password Storage:

When creating a new user, the Linux system prompts for a password. Depending on the Linux distribution and its configuration, one of several hashing algorithms is used for password encryption. The system generates a random salt, which is then used to create a one-way hash of the password. This hash, along with other user details, is stored in the /etc/shadow file.

Example User Entry in /etc/shadow:

cs6238:$6$Cl7HxrVPp7LvCHDb$km3WARvkSdd7toH5lS/OoU5mlSk4.F9ImoQ8H 5Cy5ii10klGO5TCTy9tOZCZFRko6EGM1uIEtwn2f6MN8MLA8/:19589:0:99999:

7:::

Structure of a User Entry:

Each user entry in /etc/shadow consists of nine fields separated by colons (:).

User Account Information in /etc/passwd:

After storing the password hash in /etc/shadow, the system creates a home directory for the new user and adds an entry to the /etc/passwd file. This file stores essential user account information needed during login. Each line in /etc/passwd represents a user account.

Example User Entry in /etc/passwd:

cs6238:x:1000:1000:cs6238:/home/cs6238:/bin/bash

Structure of a User Entry:

Each entry in /etc/passwd consists of seven fields separated by colons (:):

Project Relevance:

For this project, it is sufficient to understand the basic structure and purpose of the /etc/passwd file, especially the username and home directory fields. Further exploration of the details of the /etc/passwd file is encouraged but not strictly required for completing the project.

User Creation Completion:

After updating the entry in the /etc/passwd file and creating the user’s home directory, the user creation process is complete.

 

Table of Contents

Project II: Strengthening Login Security with Two-Factor Authentication (2FA)……………………………………. 1

Learning Objectives:…………………………………………………………………………………………………………… 1

Project Setup:…………………………………………………………………………………………………………………… 2

Task 1: Implementing 2FA (80% of grade)………………………………………………………………………………… 4

Token Generator (TG):……………………………………………………………………………………………………… 4

The 2FA Method:……………………………………………………………………………………………………………. 4

Implementation of the 2FA method:…………………………………………………………………………………… 5

Task 2: Security Analysis of 2FA (20% of grade)…………………………………………………………………………. 8

Project deliverables for your 2FA implementation:…………………………………………………………………….. 9

Appendix…………………………………………………………………………………………………………………………… 10

 

 

 

Related products

Shopping Cart

No products in the cart.

No products in the cart.

Continue Shopping
[SOLVED] Cs6238: secure computer systems project2[SOLVED] Cs6238: secure computer systems project2
$25