DSpace
 

KNUSTSpace >
Theses / Dissertations >
College of Science >

Please use this identifier to cite or link to this item: http://hdl.handle.net/123456789/7584

Title: Network and Systems Security Assessment using penetration testing in a university environment: The case of Central University College.
Authors: Appiah, Joel Kwesi
Issue Date: 21-Jul-2014
Abstract: In an organization, irrespective of its size and volume, one of many roles played by the Network and System Administrators is to improve the security of computer infrastructure. However, with increasing complexity of information systems and the rapid development of new vulnerabilities and exploits, sometimes even a fully patched system or network may have security flaws. There are different security measures which administrators can deploy to secure the network or system, however, the best way truly to prove that the network or system is secure, is to perform penetration testing. Penetration testing can provide Network and System Administrators with a realistic assessment of security posture by identifying the vulnerabilities and exploits which exist within the computer network infrastructure. Penetration testing uses the same principles as hackers to penetrate computer network infrastructure and thereby verify the presence of flaws and vulnerabilities and help to confirm the security measures. The aim of this thesis is to explore the use of penetration testing in the assessment of network infrastructure of Central University College, and to demonstrate attacks and intrusion into the network infrastructure. Vulnerability assessment is presented as a part of the penetration test also types, classifications and phases of a penetration test are described. Some free and open source tools (Nmap, Nessus, OpenVAS and Metasploit), techniques to simulate possible attacks that Network and System Administrators can use against their network or systems are presented. After the theoretical part these tools are used to exploit discovered vulnerabilities in the University‘s Network Infrastructure by using appropriate publicly known exploits. This work shows that if penetration testing is conducted in a methodological manner it could assist Systems and Network administrators improve the security of their network infrastructure.
Description: Thesis submitted in partial fulfilment of the requirements for the degree Master of Philosophy in Information Technology, 2014
URI: http://hdl.handle.net/123456789/7584
Appears in Collections:College of Science

Files in This Item:

File Description SizeFormat
Joel Kwesi Appiah.pdf2.72 MBAdobe PDFView/Open

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

 

Valid XHTML 1.0! DSpace Software Copyright © 2002-2010  Duraspace - Feedback