Intelligent adware blocker symantec
View more presentations from Pednekar Prajakta
Sunday, June 26, 2011
Thursday, June 23, 2011
22/6/2011
Pune University's B.E Project demo and viva
Yesterday ( 22/06/2011 Wednesday at 5 pm), we had our final B.E project demo and viva.
I am feeling very happy, as demo and viva both were too good.
Actually the examiner liked the Project idea ( Project problem statement ) given by our external guide Vikram Saurabh very much.
He said that " I liked the concept and technologies which you have used like Squid, Snort. and also said that " You people have done a great job "
So finally our efforts come to fruition.
I would like to thank Vikram Saurabh Sir and Harshad Sir for their help and guidance, without which we would not have completed this project successfully.
Important events
26/5/2011 : Project Demo to external guide in college
31/5/2011 : Collection of project completion certificates from Symantec
4/6/2011 to 11/6/2011 : Pune university's B.E last Semester - 8 exams
13/6/2011 to 20/6/2011 : Validations of all forms and GUI consistency, decoration
31/5/2011 : Collection of project completion certificates from Symantec
4/6/2011 to 11/6/2011 : Pune university's B.E last Semester - 8 exams
13/6/2011 to 20/6/2011 : Validations of all forms and GUI consistency, decoration
Friday, May 20, 2011
20/5/2011 Meeting
15 th Meeting
Meeting with external guide along with Professor Harshad Wadkar
Tasks
1) Three modes of Intelligent Adware Blocker (IDS,IPS,Bypass mode)
2) In GUI report provide link to view only pop up URLs
3) Switching facility for admin from IDS to IPS mode without logout
4)Write Javascript to close white window of pop up
5) IP based policy using squid to block entire host
6) Snort_inline IPS domain based rules using regular expression and case insensitive option
Meeting with external guide along with Professor Harshad Wadkar
Tasks
1) Three modes of Intelligent Adware Blocker (IDS,IPS,Bypass mode)
2) In GUI report provide link to view only pop up URLs
3) Switching facility for admin from IDS to IPS mode without logout
4)Write Javascript to close white window of pop up
5) IP based policy using squid to block entire host
6) Snort_inline IPS domain based rules using regular expression and case insensitive option
7/5/2011 To 19/5/2011
1) Modification in GUI (Creation of view to show report)
2) Shell script to enter domain based rules squid
3) Shell script to start and stop squid service
4) Shell script to start and stop snort & snort_inline
5) Study of javascript for validation
6) Creation of report
2) Shell script to enter domain based rules squid
3) Shell script to start and stop squid service
4) Shell script to start and stop snort & snort_inline
5) Study of javascript for validation
6) Creation of report
21/4/2011 To 6/5/2011
1) Study of techniques to block white popup window using snort preprocessors like stream4, portscan2, frag2, stream4_reassembly, HTTPInspect, rpc_decode
2) Relation between session id of pop up and parent page
3) Implementation of URLsnarf to log URL
Wednesday, April 27, 2011
Pune University Exam timetable
Date | Subject |
7 May 2011 | Software Architecture oral |
14 May 2011 | Computer Lab Oral – II |
4 June 2011 | System Operation and Maintenance |
7 June 2011 | Distributed System |
9 June 2011 | Information Retrieval |
11 June 2011 | Software Architecture |
Wednesday, April 20, 2011
20/4/2011 Meeting
20/4/2011: 14 th Meeting
1) Database with category and keyword table to block URL
2) Snortsnarf / dsniffer to log URL in Snort
3) Shell script for iptables rules
4) GUI
Admin should add keywords to the database according to category
To reconfigure normal user should send request to admin through email facility
5) Make different db for snort and intelligent adware blocker
6) Make reverse mapping from pop up to main page. Search for techniques such that we can identify main page from pop up.
1) Database with category and keyword table to block URL
2) Snortsnarf / dsniffer to log URL in Snort
3) Shell script for iptables rules
4) GUI
Admin should add keywords to the database according to category
To reconfigure normal user should send request to admin through email facility
5) Make different db for snort and intelligent adware blocker
6) Make reverse mapping from pop up to main page. Search for techniques such that we can identify main page from pop up.
Tuesday, April 19, 2011
IETE's Project Competition 2011
I am very Happy today as we got First prize in Project Competition which was arranged by
THE INSTITUTION OF ELECTRONICS AND TELECOMMUNICATION ENGINEERS (IETE).
Competition was held on 16 th April 2011 at AISSMS college of engineering.
It was very nice experience to attend it.......
and finally my sincere thanks to Vikram Saurabh Sir, Prof. Harshad Wadkar and Shripad Tawade Sir for their assistance in project work.
THE INSTITUTION OF ELECTRONICS AND TELECOMMUNICATION ENGINEERS (IETE).
Competition was held on 16 th April 2011 at AISSMS college of engineering.
It was very nice experience to attend it.......
and finally my sincere thanks to Vikram Saurabh Sir, Prof. Harshad Wadkar and Shripad Tawade Sir for their assistance in project work.
Thursday, April 14, 2011
14/4/2011 Meeting
14/4/2011: 13 th Meeting
1) Technique to hide white, blank pop up window (Get session id and Use TCP reset, Use of TCP flags to reset session in Snort rule)
2) Find technique to get URL (API/ Relation with main web page and pop up URL checking time of arrival / Process single URL two times first time act as IDS, insert signature in db and second time act as IPS)
3) Learn Apache with cgi-bin facility (server.conf and httpd.conf) to run shell script on Ubuntu
4)Modification of GUI
5) Find timestamp difference in Squid and Snort logging
6) Check can we catch URL of pop up in Squid as window opens with white background when content dropped by snort.
7) Mechanism to identify from which site / domain this pop up has comed
8) Creation of Report
1) Technique to hide white, blank pop up window (Get session id and Use TCP reset, Use of TCP flags to reset session in Snort rule)
2) Find technique to get URL (API/ Relation with main web page and pop up URL checking time of arrival / Process single URL two times first time act as IDS, insert signature in db and second time act as IPS)
3) Learn Apache with cgi-bin facility (server.conf and httpd.conf) to run shell script on Ubuntu
4)Modification of GUI
5) Find timestamp difference in Squid and Snort logging
6) Check can we catch URL of pop up in Squid as window opens with white background when content dropped by snort.
7) Mechanism to identify from which site / domain this pop up has comed
8) Creation of Report
7/4/2011 To 12/4/2011
1) Configuration of Bridge and Snort_inline
2)Snort rules to drop ICMP and tcp packets
3)Creation of view to show report in GUI
4) Modification of squid2mysql perl script to take only new entries from access.log by checking timestamp
5) Write shell script to start squid2mysql service in background (Use Daemon process code / cron and cron tab facility)
6) Creation of PPT for presentation
7) Squid GUI (using jsp/servlet and sed facility)
2)Snort rules to drop ICMP and tcp packets
3)Creation of view to show report in GUI
4) Modification of squid2mysql perl script to take only new entries from access.log by checking timestamp
5) Write shell script to start squid2mysql service in background (Use Daemon process code / cron and cron tab facility)
6) Creation of PPT for presentation
7) Squid GUI (using jsp/servlet and sed facility)
Wednesday, April 6, 2011
6/4/2011 Meeting
6/4/2011: 12 th Meeting
1) Configure bridge with default gateway to connect to internet
2) Identify difference between popup and normal site with the help of
html source code or MIME type
3) Find if there is any way to write SNORT's rule using MIME type (text/html/js) etc
inorder to block pop up
4) Find mechanism to get URL of popup if popup packet is droped by SNORT rule
(Check SNORT's different log modes like fast , full)
1) Configure bridge with default gateway to connect to internet
2) Identify difference between popup and normal site with the help of
html source code or MIME type
3) Find if there is any way to write SNORT's rule using MIME type (text/html/js) etc
inorder to block pop up
4) Find mechanism to get URL of popup if popup packet is droped by SNORT rule
(Check SNORT's different log modes like fast , full)
Tuesday, March 29, 2011
29/3/2011 Meeting
29/3/2011: Eleventh Meeting
1) Configure m/c to act as bridge during installation of O.S
2) Install SNORT_inline on m/c which has two NIC so that m/c will act as bridge.
3) SNORT_inline installation and configuration (drop rule).
4) To retrieve URL of popups and popunder
(SNORT does not log URL so take it from SQUID's access.log)
5) Write PHP/perl script to save access.log fields to db & to restart SQUID's service
1) Configure m/c to act as bridge during installation of O.S
2) Install SNORT_inline on m/c which has two NIC so that m/c will act as bridge.
3) SNORT_inline installation and configuration (drop rule).
4) To retrieve URL of popups and popunder
(SNORT does not log URL so take it from SQUID's access.log)
5) Write PHP/perl script to save access.log fields to db & to restart SQUID's service
Monday, March 21, 2011
15/3/2011 Meeting
15/3/2011: Tenth Meeting
1) GUI to SNORT database connectivity for storing rule fields
2) XML file generation from database table
3) SNORT rule file generation from XML file
4) Modification of Synopsis and SRS
5) Write program which uses DTD for XML file
6) GUI for Squid
7) Customized error message for Squid
8) Store passwords using Hashing technique in database
9) Security for GUI (Dont allow copy operation of URL from admin's account)
10) Provide lock for SNORT's rule file i.e confidentiality, integrity should be maintained.
1) GUI to SNORT database connectivity for storing rule fields
2) XML file generation from database table
3) SNORT rule file generation from XML file
4) Modification of Synopsis and SRS
5) Write program which uses DTD for XML file
6) GUI for Squid
7) Customized error message for Squid
8) Store passwords using Hashing technique in database
9) Security for GUI (Dont allow copy operation of URL from admin's account)
10) Provide lock for SNORT's rule file i.e confidentiality, integrity should be maintained.
4/3/2011 To 15/3/2011
1) Find Output mode of Snort
2) Modification of GUI according to SNORT
3) Xerces Parser installation and write program to parse XML file
4) Create XML file taking input from GUI (HTML page)
5) Show XML file on HTML page in table format
6) Installation and configuration of SNORT with MySQL as database
7) SNORT with Flexible response / Inline patch / SNORTSAM to act as IPS
2) Modification of GUI according to SNORT
3) Xerces Parser installation and write program to parse XML file
4) Create XML file taking input from GUI (HTML page)
5) Show XML file on HTML page in table format
6) Installation and configuration of SNORT with MySQL as database
7) SNORT with Flexible response / Inline patch / SNORTSAM to act as IPS
Monday, March 7, 2011
3/3/2011 Meeting
3/3/2011: Ninth Meeting
1) Write Snort rules to block popups from various sites
2) Creation of database with Permissive and Restrictive flags
3) Three tasks to be implemented from following diagram
1) Write Snort rules to block popups from various sites
2) Creation of database with Permissive and Restrictive flags
3) Three tasks to be implemented from following diagram
14/2/2011 To 19/2/2011
| Prajakta | Creation of XML file from HTML pages using servlet technology | Yes |
| Aditi | DOM and Xerses parser | No |
| Chaitali | Modification of GUI | No |
| Team members | Installation and configuration of SNORT using MySQL database. | No |
Tuesday, February 15, 2011
14/2/2011 Meeting
14/2/2011: Eighth Meeting
Configuration of SNORT using MySQL database with own rules to block popups
Configuration of SNORT using MySQL database with own rules to block popups
 |
| Adware Blocker using SNORT |
Wednesday, February 9, 2011
21/1/2011 Meeting
21/1/2011: Seventh Meeting
| Team members | 1) TCP Client Server program using fork system call and Multithreading |
| 2) Dummy model with database and server program to test regular expression program for URL | |
| 3) How squid will redirect (Forward) all incoming traffic from webserver to specific port number | |
| Chaitali | 3) Modification of GUI |
| Prajakta | 4) Daemon process (To check child process status) |
12/1/2011 Meeting
12/1/2011 : Sixth Meeting
| 1) Installation of JDK, JRE and Apache tomcat on RHEL |
| 2) Installation of Mysql on RHEL and creation of database |
| 3) Study of URL pattern using Wireshark |
| 4) Find out ways to know squid's dynamic port |
| 5) Implementation of changes in GUI |
| 6) Study of Putty application |
| 7) IPtable for SSH new, established connection |
| 8) Modification of Client Server program (many clients and one server) |
| 9) Timestamp format in squid.access.log file |
Tuesday, February 8, 2011
22/12/2010 To 11/1/2011 Work
| 1) Study of Packet flow in Squid Proxy |
| 2) Client Server socket programming |
| 3) NETSTAT command |
| 4) IPTABLES and TCP reset |
| 5) Database Design |
| 6) GUI Design |
| 7) Regular Expression for pop-up and pop-under URL |
| 8) Preparation of Flowchart |
Monday, January 10, 2011
Task list (23/11/2010)
Packet flow in Squid Proxy | |
Client Server socket programming | |
NETSTAT command | |
IPTABLES and TCP reset | |
Database Design | |
GUI Design | |
Regular Expression for pop-up and pop-under URL |
Subscribe to:
Posts (Atom)