Pratical data security testing on virtual learning environment
Sapkota, Arun (2015)
Turun ammattikorkeakoulu
2015
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-2015061613473
https://urn.fi/URN:NBN:fi:amk-2015061613473
Tiivistelmä
Data breaches in networks are a common issue in Internet Technology. Virtual environments are hidden most of the time, but academic working spaces need more security and encrypted space. This thesis focuses on issues arising at a virtual space created for a teacher for educational purposes.
The purpose of the thesis was to explore the vulnerabilities in virtual space in order to implement security patches in the future. Various hacking tools and penetration testing tools were used to discover the weak points left in the virtual space during the software development, which could be exploited by intruders. In order to find the security weak points, a security analyzer tool named Zed Attack Proxy was connected to the database server. It was given privilege rights and the database was evaluated with this tool. Subsequently, lists of possible weak points were generated and the thesis discusses these weak points and proposes possible solutions.
The purpose of the thesis was to explore the vulnerabilities in virtual space in order to implement security patches in the future. Various hacking tools and penetration testing tools were used to discover the weak points left in the virtual space during the software development, which could be exploited by intruders. In order to find the security weak points, a security analyzer tool named Zed Attack Proxy was connected to the database server. It was given privilege rights and the database was evaluated with this tool. Subsequently, lists of possible weak points were generated and the thesis discusses these weak points and proposes possible solutions.