2nd week Day 1
Information
: Data + Organization
Security
: Unauthorized leakage of data
Network
& Aplication Footprinting
-Identify the known service assigned to particular
system (ex.router, windows, OS)
-Detect what kind of particular system installed in
an organization.
Router usually connected to port 23
Commad prompt :
Type >telnet(type ip address)23
telnet is security feature that is installed by
Microsoft so in order to disable telnet
go to control panel –programe and feature-turn
windows features on off-click telnet client-Ok.
To empty the screen
Use command : telnet 220.156.184.1
telnet
220.156.188.175 80
telnet
220.156.188.175 445
To protect, type GET / HTTP /1.1
Gatway = Proxy
When u search something in browser and found this
below numbers, means:
404 à Not Found
200 à Ok
301 à Termporary redirection
302 à Permanent redirection
500 à Bad request
To find info about IP Web à
Go to NETWROK-TOOLS.COM and type
your ip web to find details information.
Another way is à Command using
CDAC/tracert ip web-enter
DNS (Domain Name Server)
Google DNS is 8.8.8.8
Network identification ;
1.Ns look up
Domain name (yahoo.com)
set type = mx
93.12.1.4 (dr yahoo.com)
2. Tracert-yahoo.com (its how to access server)
3.Ping yahoo.com
4. Port scaner/telnet yahoo.com 80
GET / HTTP /1.1 (or 1.0)
/ telnet (# for router rip )23
Kinds of ports :
23 : Cisco router
80 : termal access 88 HTTP
22 : Linux
21 : FTP
8880 : HTTP- Tomcat
443 : HTTPS
53 : DNS Query
Virus definition : self replicated code of proggrame which copies it's code or append it's file of add bits to the existing file to make it unusable.
Anti Virus ; to prevent virus gaining into your system/server anti virus is use. In big company, ussually they use United Tread Management (UTM).
Antivirus operation :
1.signature based operation
2. Heuristic operation (Zero day operation)
heuristical operation is a method by which antivirus engine will try to detect known algorithm in to identify malicious bits in the file and define a new signature in data file automatically without any update or reporting from EOM
Spoofing = Hack activism
why spoofing is easy?:
1.problem with the routers
2. router look at info from the other routers destination ip address
3. Auntentification based source ip address.
IP spoofing :
Non blind (attack on the same subnet)
Blind spoofing (attacker send squence of sample packet server in order to know the squence used by)
MIM (Man in the Midle)
Social engineering ; it is a method of extracting information by impersonation of source/genuine resource.
No comments:
Post a Comment