The following are some network security projects for students.
Title: Preventing DHCP starvation attack with port-security
In a DHCP starvation attack, the goal of the attacker is to exhaust the number of available IP addresses of the DHCP server on the network. For launching the attack, the attacker generates DHCP requests impersonating multiple clients (Different mac-addresses). The project understands how port-security feature on a switch can be used to limit the number of allowed mac-addresses on a switch port which would thwart the attacker’s attempt in launching requests from numerous mac-addresses.
Title: Security issues with HTTP and replacement with HTTPS
A web server uses HTTP for communication. The application which is hosted on a Windows IIS web server is now being upgraded to collect confidential information from customers. The projects understands the security issue with HTTP like lack of encryption, authentication and integrity and how the web server can be setup to use HTTPS which would resolve the security issues.
Title: Brute force attack prevention with account lock out
A FTP server is hosted on the internet on IIS on Windows 2008. It is observed that the server is being targeted with brute force attack using a combination of different usernames and passwords. The project understands the configuration which can be used on Windows 2008 to lock an account after a specified number of attempts.
Title: Counterfeiting FTP eaves dropping with Secure-FTP
Title: TCP reset attack on BGP routers and defense
BGP routers use TCP for communication with peers. The routers are vulnerable to TCP reset attacks which are targeted to tear down established session between the routers. The project understand the anatomy of TCP reset attacks and how MD5 authentication support on Cisco BGP routers are used to thwart the attacks.