Browsing by Author "Quinde Saltos, Brian Daniel"

Filter results by typing the first few letters
Now showing 1 - 1 of 1
  • Thumbnail Image
    Item
    Diseño e implementación de un framework para la evaluación periódica de la seguridad usando pruebas de penetración en la red interna de la Universidad de Cuenca
    (Universidad de Cuenca, 2021-10-26) Quinde Saltos, Brian Daniel; Campoverde Andrade, Cinthya Lisseth; Astudillo Salinas, Darwin Fabián
    Cybersecurity in Higher Education Institutions (HEIs) is viewed as a trascendental factor because of the data took care of by these entities, so it is important knowing constantly the state of computer security. In this graduation project, a framework has been implemented for the periodic analysis of the network security of the University of Cuenca through penetration tests. The implemented framework comprises of three stages: acquiring data, exploitation and report. These stages depend on certain cycles related with a Red team. The tools used in the framework are: The harvester, nuclei and Network Mapper (NMAP). These tools were chosen since they permit the automatization of the system and do not need communication with the user. The analysis should be executed periodically, for which the Cron tool is utilized. The framework was assessed in a controlled environment utilizing a vulnerable virtual machine. Then, the security of University of Cuenca was assesed. The tests were run from two scenarios. The first analysis was produced using CEDIA’s network, and the second from university premises. The analysis of the report created by the tool exhibits that there are vulnerability issues in the university network that should be solved, to which a suggestion was given for each vulnerability. Therefore, the utilization of the framework for regular analysis of vulnerabilities assists with knowing of the computer security status at University of Cuenca