DOI:
https://doi.org/10.38017/2390058X.117Keywords:
Hacking, informatics, networks, simulator, training, internet.Abstract
This article shows the results of a technological research project, which describes the design and development of a simulator in which an intrusion test is executed, whose purpose is for people to gain, strengthen and expand their knowledge in information security in a fast way without the complications and limitations that some IT professionals have (from students to IT managers), where due to lack of experience could affect their systems in charge. The data network infrastructure of the simulator is described and technological requirements are set so the simulator runs smoothly. The hardware and software used in the simulator are described. In order to analyze the results and evaluate the simulator’s performance, three procedures are performed. These procedures are used in various methodologies to perform a penetration test such as: enumeration, vulnerability analysis and exploitation. With the development of these procedures, the simulator’s stability is analyzed and the knowledge acquired by people performing practices on the simulator is verified. It is concluded that the simulator’s goals are accomplished and the simulator can be adapted to various information security activities like forensics analysis, defense systems implementation and malware development with academic and investigation purposes.Downloads
References
[1] B. A. Forouzan, Transmisión de datos y redes de comunicaciones, 2nd ed. España: McGraw-Hill, 2002, pp. 41-55.
[2] J. A. Restrepo, Introducción al Pentesting– Metodología DragonJar, 2015. [Online]. Available: http://www.dragonjar.education/file/112725
[3] L. Gordon, Nmap (“Network Mapper”) Security Scanner, 2015. [Online]. Available: https://nmap.org/book/man.html
[4] Tenable Network Security, Nessus Vulnerability Assessment Solution, 2015. [Online]. Available: http://static.tenable.com/documentation/nessus_6.4_user_guide.pdf
[5] A. Matthews, T. Giakouminakis, and C. Loder, RAPID7Community, Metasploitable 2 Exploitability Guide, 2013. [Online]. Available: https://community.rapid7.com/docs/DOC-1875
[6] A. Matthews, T. Giakouminakis, and C. Loder, RAPID7 Community, Metasploit Community User Guide, Release 4.9, 2014. [Online]. Available: https://community.rapid7.com/servlet/JiveServlet/downloadBody/1563-102-14-6126/community-user-guide.pdf
[7] E. Borja, Sistemas de Información, 2014. [Online]. Available: http://edwinborjalopez.blogspot.com.co/2014/06/blog-post.html
[8] D. Dawes, and L. Glenn, Xorg – X11R6 X server, 2015. [Online]. Available: ftp://www.x.org/pub/X11R6.8.2/doc/Xorg.1.html
[9] Free Software Fundation, Inc, Screen, the virtual terminal manager, 2003. [Online]. Available: https://www.gnu.org/software/screen/manual/screen.pdf
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2015 Ciencia, Innovación y Tecnología
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
