Академический Документы
Профессиональный Документы
Культура Документы
100 + Project and Presentation ideas with titles and abstracts on Networking
and Security
www.projectsinnetworking.com
The EBook contains 100 + project and presentation ideas with titles and abstracts
on networking and security for students. The abstract contains details on the
project title. The project titles are developed based on areas in networking like
network security, network testing, network design and configuration, networking
tool development, protocol analysis and CCNA concepts.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Controlling broadcasts with VLAN
Abstract:
The project aims to understands how broadcasting causes traffic congestion in a switched
network. The fundamental concepts of VLAN are understood and how VLANS can be
used on a switch to create different broadcast domains to control broadcast traffic is
understood.
Title: RFC 1918 compliance for perimeter routers
Abstract:
RFC 1918 states the IP addresses which are allowed for use on private networks. These
IP addresses are not allowed to be used on the internet. Perimeter routers should not
allow incoming packets from the internet with the IP addresses mentioned in the RFC.
The project understands the appropriate ACL rules which need to be configured for
achieving the solution. (http://www.rfc-editor.org/rfc/rfc1918.txt )
Title: STP Vulnerabilities, attacks and mitigation
Abstract:
The projects understand the internal architecture of STP packets and the fields inside it.
The mechanism which attackers use to exploit the vulnerabilities in the STP packets is
understood. The project understand the different features available on Cisco switches like
BPDU-Root guard, Root guard , Loop guard along with appropriate configurations.
Title: Internet sharing for LAN computers
Abstract:
An organization is using a Cisco router as the internet router. The WAN interface of the
router is connected to the internet and the LAN interface is connected to a switch to
which the LAN computers are connected. There are 30 computers on the LAN which
Copyright 2012 @ projectsinnetworking.com
belong to the network address of 192.168.1.0/24. The project is to design the strategy and
configuration which is required on the router to share the internet with the 30 users
Features like default route, port address translation is explored for the purpose.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: DDOS TCP Syn flood defense for Web server
Abstract:
An organization hosts a web server behind a Cisco IOS firewall router. It is been
observed that the Web server is being targeted for a DDOS based TCP Syn flood attack.
The project aims to understand the anatomy of the attack along with feature TCP
intercept on the Cisco IOS firewall and the necessary configuration which needs to
be setup on the Cisco IOS firewall for defending the web server against the attack
Title: Resolving Active FTP issues with Cisco CBAC
Abstract:
The users in an organization access internet through a normal firewall. Since a firewall is
setup, the users are unable to access Active FTP servers on the internet. The project aims
to setup a Cisco IOS firewall to resolve the issue. The generic issues with firewalls and
Active FTP servers and how the CBAC feature on the Cisco IOS firewall resolves
the issue.
Title: Mac-address authentication vulnerability on 802.11 wirelesses LAN
Abstract:
Mac-address authentication is a feature available on Cisco access points for
authenticating wireless clients based on their mac-addresses.The projects aims to
understand the vulnerabilities in this feature by exploring mac-spoofing attacks and how
it can be used to defeat mac-address authentication.
Title: Defeating route table poisoning with OSPF
Abstract:
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Abstract:
The project aims to understand vlan tags and how it is used in conjunction with a generic
ethernet frame. The different types of vlan protocols like 802.1q and ISL with
documentation on the similarities and differences in the protocol structure and usage. The
actual configuration to setup 802.1q and ISL tagging is understood.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Router backup infrastructure design
Abstract:
An organization has a Cisco router which is used for routing between different networks.
The configuration on the router is to be backed up using the TFTP protocol. For this an
appropriate infrastructure is designed. The project aims to understand the TFTP client
configuration on the router and how the configuration can be backed up on a free TFTP
server like Solar Windows TFTP Server.
Title: Web server public hosting
Abstract:
An organization is planning to setup a web server which can be accessed from the
internet. The web server is setup behind a Cisco IOS firewall router. For public hosting,
the organization purchases a public IP address from the ISP. The project understands the
configuration required on the Cisco IOS firewall to perform one to one mapping with
static NAT feature for users on the internet to access the web server. The necessary ACL
configuration required to be setup on the Cisco IOS firewall for users to access only port
80 for web access and block all other ports is understood.
Title: VLAN access between remote offices
Abstract:
An organization has linked up its main and branch office with leased lines. The WAN
encapsulation protocols used on the leased lines is PPP. Cisco routers are used for the
purpose. There are four vlans in the organization namely, vlan 2, vlan 3, vlan 4 and
vlan5. vlan 2 and vlan 3 are setup in the remote office and vlan 4 and vlan 5 are setup in
the branch office. The vlans are mapped with the network addresses 192.168.1.0/24,
192.168.2.0/24, 192.168.3.0/24 and 192.168.4.0/24. The project understands the
Copyright 2012 @ projectsinnetworking.com
necessary design strategy and configuration required for computers belonging to the
different vlans to be able to access each other through the WAN link.
Title: Study on NAT flavors on Cisco routers
Abstract:
The aim of the project is to understand the different flavors of NAT on Cisco routers like
Static NAT, Dynamic NAT and PAT. The use of these features in a real time
environment and the configuration required to setup the features on the routers is
understood.
Title: LAN network design with file sharing and dynamic ip addresses management
Abstract:
A LAN network has to be setup for an organization. There are 130 users in the organization. The
users should receive dynamic ip addresses on connectivity to the network. The users should also
be able to upload and download files on a central location using a file server. Windows
2003/2008 based network infrastructure needs to be identified with applications like FTP server
for file sharing, DHCP for ip address management with the appropriate configurations and IP
network schema. The number of switches required and methods to setup the same is also
identified.
connection for VPN site to site deployment. Configurations required on the internet router, VPN
routers, and network address design for users at the different locations needs to be identified for
the solution to work.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Multi Site MPLS network design
Abstract:
An organization has 4 locations, 1 main location with 3 branch location. The user in the branch
location needs to access an ERP server in the main location through the MPLS network. Mobile
users should be able to access the ERP server through the terminal server using the ADSL
internet connection setup the main location. Cisco MPLS routers are proposed for the
connectivity. The network should be designed with appropriate network addresses for different
locations, the configuration required on the terminal server, ADSL router for remote access.
Title: IPSEC issues with NAT firewalls and IP Fragments with mitigation.
Abstract:
The project does a detailed study on IPSEC and its different modes like transport and tunnel
mode. IPSEC issues with NAT firewalls and IP fragmented packets and the different mitigation
techniques which are available are understood.
Title: Eavesdropping vulnerable protocols and associated mitigation
Abstract:
The project does a study on eavesdropping and the techniques used by the attacker like sniffing
to perform the attack and the common protocols like telnet, http etc which are susceptible to the
attack. How improved protocols like SSH, HTTPS can be used to prevent the attacks are
understood.
Title: Attacks on a switching infrastructure and mitigation
Abstract:
The project does a study on different types of attacks which are targeted on a switch
infrastructure like cam flooding, ARP cache poisoning, STP and VLAN based attacks are
understood. The anatomy of the attacks and different security features which are available on the
switch which can be configured to mitigation the attacks are analyzed.
Title: DDOS based attacks on TCP and ICMP
Abstract:
The project does a study on the anatomy of a DDOS attack and how it differs from a DOS attack.
DDOS attacks which are based on TCP and ICMP, how they work and the different tools which
can be used to simulate the attacks are studied. The mitigation plan for a network to prevent a
DDOS attack is identified.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Security in VLAN
Abstract:
The project does a study on VLAN technology and how it is used to improve the performance of
a network. The different attacks which are targeted on VLAN infrastructure like private vlan
attacks, mac-flooding , multicast brute force attack is understood.
Title: Comparative study of IPSEC and SSL VPN
Abstract:
The project does a comparative study of IPSEC and SSL VPN, the deployment scenarios where
they are used and the challenges faced in networking environments like NAT, Firewalls etc. The
methods by which IPSEC and SSL VPN derive dynamic session keys and the different protocols
which are involved during a negotiation is analyzed
Title: Spoofing attacks and defense
Abstract:
The projects understands the different types of spoofing attacks like IP spoofing , mac-spoofing
,the anatomy and the different tools which are used to conduct the attacks. The different defense
mechanisms by which the attacks can be defeated like access control lists, port security, macaddress authentication is analyzed.
Title: Comparative study of layer 2 and layer 3 VPN
Abstract:
The project does a comparative study of layer 2 VPN like PPTP, L2TP with layer 3 VPN like
IPSEC. The different transport layer protocols used by the VPNs. the algorithms and protocols,
the infrastructure requirements and deployment strategies are understood.
Title: Securing a DHCP infrastructure
Abstract:
The project understands the different types of attacks which are targeted on a DHCP based
infrastructure like DHCP starvation attacks, Rogue DHCP servers and their anatomy. The
different mitigation techniques like port-security, DHCP snooping are identified.
Title: Secure remote access protocols
Abstract:
The project understands the different types of remote access protocols like telnet, FTP and
understands the vulnerabilities in them like lack of encryption. Replacement protocols like SSH ,
Secure FTP and how security is improved by their use is analyzed.
Title: 802.1x infrastructure design
Abstract:
The project understands the security issues on a layer 2 switch infrastructure with no
authentication and how it can improved by migrating to a 802.1x infrastructure. The different
dependencies which are required to setup a 802.1x infrastructure like supplicant, radius server
and the methods to integrate the same is understood.
Title: Brute force attack testing on Web server
Abstract:
The project understands the mechanism of brute force attack, the tools which are used for the
purpose and how to test if a web server is vulnerable to brute force attack. The different
Copyright 2012 @ projectsinnetworking.com
mechanisms which can be used for protection against brute force attack like account lock out
feature, complex passwords are analyzed.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: Site to Site IPSEC VPN design in a firewall environment
Abstract:
The project understands how to setup a site to site VPN design between two offices. The VPN
appliances are kept behind network layer firewalls. The project understands the different
configuration on the firewall like Public IP address mapping to internal VPN, open ports
required for VPN access like UDP port 500 for setting up the site to site VPN tunnel between the
offices.
Title: DNS infrastructure security issues and mitigation
Abstract:
The project understands the different security issues and attacks on a DNS based infrastructure
like DNS spoofing, attacks on DNS server update zones, attacking through name registry etc.
The different mitigation techniques which are used as a defense for the attacks are understood.
Title: Secure network design with DMZ (Demilitarized Zone)
Abstract:
The project understands the concept of Demilitarized zone in a network environment and the
mechanism and network design strategy by which a server which is exposed to the internet can
be setup in DMZ zone for access by users on the internet and the LAN.
Title: Comparative study of Network and application layer firewalls
Abstract:
The project does a comparative study on network and application layers firewalls, deployment
strategies, the limitations and improvements, and the typical attacks which are blocked using the
firewalls.
Title: Database attacks and defense
Abstract:
Copyright 2012 @ projectsinnetworking.com
The project understands the different types of attacks which are targeted on a database
infrastructure, like network sniffing, weak passwords, sql injection, brute force attacks etc. The
anatomy of the attacks and the defense mechanism for each of the attacks is identified.
The project develops a tool for identifying rogue DHCP servers on the network. The tool returns
the list of DHCP servers on the network, from which the rogue DHCP server can be identified.
The tool is developed with Scapy and Python.
Title: TCP port scanner
Abstract:
The project develops a tool which is used for identifying TCP based applications running on a
server. The tool returns the port numbers which are open on the server along with the
corresponding application name. The tool is developed with Python and Scapy.
Title: Access control list testing tool
Abstract:
Access control list is a security feature which is available on routers, switches and firewalls
which permits or denies packets based on IP and TCP/UDP port numbers. The projects aims to
develop a tool which can simulate custom IP and TCP/UDP packets based on user input for
testing. The tool is developed with Python and Scapy.
Title: VLAN max limit testing tool for Cisco switch.
Abstract:
The project develops a tool which would test the maximum number of vlans on a Cisco switch.
For this purpose, the max number of vlans supported on the switch platform is understood from
the technical specification. Once the max number is identified, the tool is executed from a remote
PC, connects automatically to the switch using telnet and creates the specified number of vlans
on the switch. The tool is developed with TCL/TK.
Title: IP Scanner tool for a network.
Abstract:
In a DHCP network, it is difficult to identify unused IP addresses on the network. The project
develops a tool which is used for listing unused IP addresses on the network. The tool is
executed from a computer on the network. Scapy and Python is used to develop the tool.
Title: Spanning tree election testing tool for switches.
Abstract:
The spanning tree protocol is used on a switch topology to prevent loops. Spanning tree protocol
uses an election process, where the switch which has a lower priority value in the BPDU is
elected as the root bridge. The project develops a tool which would develop custom STP packets
to generate STP packets with the required priority value.
Title: ICMP Message testing tool
Abstract:
ICMP messages are used for specific purpose. Based on ICMP message type and code sent from
the initiator, the destination would respond correspondingly. To test the functionality of ICMP, a
tool is created which can craft custom ICMP packets. The tool can take ICMP code and type as a
user input and is developed with Python and Scapy.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: IP spoofing attack tool
Abstract:
In IP spoofing attack, the attacker uses custom IP address values in the source address field of
the IP packet. The project develops a tool which would create custom IP packets with user input
as source address and the number of times the packet has to be sent on the network. The tool is
created with Python and Scapy.
Title: URL Filtering testing tool
Abstract:
URL filtering is a feature which is available on routers and firewalls. The feature blocks access
to a website based on the URL information. The project develops a tool which can be used to
create custom URL information, which is taken as a user input. The tool is developed with
Python.
Title: Web server finger printing tool
Abstract:
Web server finger printing is method by which the operating system and version of the Web
server is identified. The project develops a tool which would finger print the web server and
return the information to the user. The tool is developed with Python and Scapy.
Title: LAN speed tester tool
Abstract:
The project develops a tool to identify the time it takes for a packet to flow between two
computers on a LAN network. ICMP protocol is used for the purpose. The tool is developed with
Python and Scapy.
Title: DDOS based TCP Syn flood attack tool
Abstract:
TCP Syn flooding is an attack which is based on TCP based servers. When the attack is
generated from different random source IP addresses, it is termed as DDOS attack. The project
aims to develop a tool by using the Hping frame work to simulate the attack.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: URL to IP mapper tool
Abstract:
The project develops a tool which would return the IP address of a URL. The tool takes the URL
as a user input and provides the IP address which is mapped with the URL. The tool is developed
with Python and Scapy.
Title: IP Packet TTL manipulator tool
Abstract:
The project develops a tool which can be used for crafting custom IP packets with the required
TTL value. The TTL value is taken as a user input. The tool is developed with Python and
Scapy.
Title: Back door scanner tool
Abstract:
Back door is a mechanism by which an attacker can gain access to a remote computer. Back
doors are possible when computers have applications like VNC, Remote desktop running on the
target without password authentication. The project develops a tool which would scan a
computer for back door applications and return the list of available applications. The project is
developed with Python and Scapy.
ARP cache poisoning is an attack by which the attacker poisons the ARP cache of a remote
system. The project develops a tool which would generate custom ARP packets for the purpose
of ARP cache poisoning. The tool is developed using Python and Scapy.
Title: DNS server scanner tool
Abstract:
The project develops a tool which would scan the list of available DNS servers on a LAN
network along with the IP address of the DNS servers. The tool is developed with Python and
Scapy.
Title: HTTP Packet crafter tool
Abstract:
The project develops a HTTP packet crafter tool which would simulate custom HTTP packets on
the network. The tool is developed with Python.
Title: Reverse DNS tool
Abstract:
Reverse DNS is the process by which the domain name corresponding to an IP address is
retrieved. The project develops a tool which would take the IP address as the user input and
display the domain name. The project is developed with Python and Scapy.
Title: Analysis of FTP protocol
Abstract:
The project does a study on FTP protocol and the components which are required to set it up like
FTP server and FTP client and the different platforms on which FTP can be implemented. The
TCP communication in FTP protocol along with the different TCP channels like data and control
channel is understood with wireshark protocol analyzer. The different flavors of FTP protocol
like Active and Passive FTP and how they differ in communication is understood. How the lack
of encryption in FTP can be used for eaves dropping attack is understood.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Title: A study of VLAN protocols
Abstract:
The project does a study on different vlan protocols like 802.1q and ISL. The differences and
similarities in the protocols along with a detailed analysis of packet headers are performed. Inter
vlan communication using the protocols is understood.
Title: A study on TKIP and WEP
Abstract:
The project does a study on the 802.11 encryption protocols TKIP and WEP. The packet
structures used in both the protocols is analyzed. The different algorithms used by the protocols
for providing encryption service are understood. The encryption key derivation process in the
protocols along with a study on how security issues in WEP is improved by TKIP is analyzed.
Title: Security improvements of EAP-TLS with PEAP.
Abstract:
The project understands the deployment scenarios where EAP-TLS protocol is used like LAN
and Wireless LAN. The components required to setup EAP-TLS authentication infrastructure in
an organization like 802.1x, radius, and supplicants is understood. The security issues with EAPTLS and how it is mitigated with PEAP is analyzed.
The project performs a live analysis of communication between a telnet client and a telnet server.
The authentication of the telnet client with the telnet server with username and password is
analyzed with wireshark. The transmission of the username and password in clear text is
identified and how telnet can be used for eaves dropping attack is understood.
Title: Insecure protocol tunneling with SSH
Abstract:
The project understands how a SSH tunnel can be used for tunneling telnet traffic. Telnet is an
insecure protocol. The different components for setting up a SSH tunnel like SSH clients and
servers and how telnet can tunneled through the SSH tunnel is understood.
Title: Insecurity of ARP protocol
Abstract:
The project understands the packet structure of the ARP protocol and the different messages
associated with it. The practical deployment scenarios where ARP is used is understood. The
security issues associated with ARP design and attacks based on ARP protocol and defense
mechanism is analyzed.
Title: Study on TCP and UDP protocol
Abstract:
The project understands the packet structure of TCP and UDP and applications which use them.
The different features associated with the protocols like reliability, retransmission, and
acknowledgements are understood. The security issues with the protocols and attacks are
analyzed.
The project understands the two different flavors of MD5, which are MD5 and HMAC-MD5.
The differences in the functionality of both the algorithms and how the insecurity of MD5 is
improved by HMAC-MD5 are understood. Different protocols which use the protocols like
IPSEC, SSL, TLS is identified and the practical usage is understood.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
EAP is a low level protocol which is used for transmitting user information at a lower level. The
project understands the different messages which are exchanged in an EAP protocol
communication like EAP-Request, EAP-Response, EAP-Logoff etc their use and the protocols
which use EAP for communication like EAP-MD5, EAP-TLS, PEAP-MSCHAP v2 etc.
Title: HTTP v/s HTTPS
Abstract:
The project does a study on HTTP and HTTPS with a detailed analysis on how the security
vulnerabilities of HTTP are improved by using HTTPS. The transport layer protocols used by
both the protocols are understood, along with practical deployment scenarios in a real world
environment. The different protocols which are used by HTTPS to provide data security is
understood.
Title: WPA TKIP protocol analysis
Abstract:
The project does a study on Wifi protected authentication protocol and how keys are derived in a
WPA authentication process. The mechanism by which wireless clients and access points derive
encryption keys for TKIP is understood. The differences and similarities in the key derivation
process in WPA and TKIP is understood.
Title: IPSEC Key derivation in a shared key and certificate based authentication
Abstract:
IPSEC clients and servers can authenticate using shared keys or certificates. The project does a
study on the differences in authentication mechanism in both methods and the key derivation
processes which are used for encrypting data.
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392
Contact us for reports for titles in the EBook and online project guidance.
Email: contact@projectsinnetworking.com
Tel: 0091-484-4050392