Training Videos
Friday, 30 September 2011
Find Specific Types of Systems
Netcraft Uptime Survey
uptime.netcraft.com/
Web tool retrieves hosting software information from any domain name.
Web tool retrieves hosting software information from any domain name.
Query Whois Databases
WHOIS is a query protocol aimed to query WHOIS databases of assignee or registrant of Internet resources, such as domain names and IP addresses.
More
https://konto.registrera-doman.com/support/index.php?/RegistreraDoman/Knowledgebase/Article/View/283/5/allmn-information-om-whois-engelska
More
https://konto.registrera-doman.com/support/index.php?/RegistreraDoman/Knowledgebase/Article/View/283/5/allmn-information-om-whois-engelska
Network Reconnaissance & DNS Search
An attacker engages in network reconnaissance operations to gather information about a target network or its hosts. Network Reconnaissance techniques can.....................
seehttp://capec.mitre.org/data/definitions/286.html
Links
Network Reconnaissance Techniques
http://en.wikipedia.org/wiki/Vulnerability_scanner#Network_reconnaissance
seehttp://capec.mitre.org/data/definitions/286.html
Links
Network Reconnaissance Techniques
http://en.wikipedia.org/wiki/Vulnerability_scanner#Network_reconnaissance
TerraServer is a commercial website[1] specializing in aerial and satellite imagery which was originally launched in 1997. It is owned and operated by TerraServer.com, Inc. in Raleigh, North Carolina. The company was previously named Aerial Images until May 2002 when the assets of Aerial Images were sold and the company renamed itself TerraServer.com, Inc.
http://en.wikipedia.org/wiki/Terraserver.com
in a SQL database available via the Internet since June 1998. It is a popular ...
research.microsoft.com/apps/pubs/default.aspx?id=64151 -
http://en.wikipedia.org/wiki/Terraserver.com
TerraServer Bricks — A High Availability Cluster Alternative ...
Microsoft TerraServer stores aerial, satellite, and topographic images of the earthin a SQL database available via the Internet since June 1998. It is a popular ...
research.microsoft.com/apps/pubs/default.aspx?id=64151 -
Find Information by the Target (Edgar)
EDGAR, the Electronic Data-Gathering, Analysis, and Retrieval system, performs automated collection, validation, indexing, acceptance, and forwarding of submissions by companies and others who are required by law to file forms with the U.S. Securities and Exchange Commission (the "SEC"). The database is freely available to the public via the Internet (Web or FTP).
http://en.wikipedia.org/wiki/EDGAR
http://en.wikipedia.org/wiki/EDGAR
Typical Vulnerability Life Cycle
http://www.iss.net/documents/whitepapers/ISS_Vulnerability_Lifecycle_Whitepaper.pdf
This life-cycle has the following stages:
http://singe.za.net/blog/archives/928-Vulnerability-Life-Cycle.html
This life-cycle has the following stages:
- The creation of the vulnerability. This is when the vulnerability is created during the implementation of the vulnerable product.
- The discovery of a vulnerability. The vulnerability in the product is found. Several people could discover the vulnerability at different times. Little is ever publicly known about this step.
http://singe.za.net/blog/archives/928-Vulnerability-Life-Cycle.html
Wednesday, 28 September 2011
Ec-Council Certified Security Analyst and Licensed Penetration Tester
Ec Council Certified Security Analyst and Licensed Penetration Tester
6 DVDs | iso | English | 14.17 GB
Genre: eLearning
The ECSA/LPT training program is a highly interactive security course designed to teach Security Professionals the advanced uses of the available methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the LPT methodology and ground breaking techniques for security and penetration testing, this course will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the course providing complete coverage of analysis and network security testing topics. This course will prepare you to pass exam 412 79 to achieve EC Council Certified Security Analyst (ECSA) certification
http://www.telecharger-tout.com/e-books/190250-ec-council-certified-security-analyst-and-licensed-penetration-tester.html
Career Academy Hacking, Penetration Testing and Countermeasures
Course Detail:
Module 1
Ethical Hacking and Penetration Testing
Security 101
Hacking Hall of Fame
What are Today's hackers Like?
Today's Hackers
Risk Management
Evolution of Threats
Typical Vulnerability Life Cycle
What is Ethical Hacking?
Rise of the Ethical Hacker
Types of Security Test
Penetration Test (Pen-test)
Red Teams
Testing Methodology
VMWare Workstation
Windows and Linux Running VMWare
Linux Is a Must
Linux Survival Skills
Useful vi Editor Commands
Module 1 Review
Module 2
Footprinting and Reconnaissance
1)Desired Information
2)Find Information by the Target (Edgar)
3)terraserver.microsoft.com
4)Network Reconnaissance & DNS Search
5)Query Whois Databases
6)Command-Line Whois Searches
7)ARIN whois: Search IP Address Blocks
8)SamSpade Tool and Website
9)Internet Presence
10)Look Through Source Code
Mirror Website
Find Specific Types of Systems
Big Brother
AltaVista
Specific Data Being Available?
Anonymizers
Countermeasures to Information Leakage
Social Engineering
DNS Zone Transfer
Nslookup command-line utility
Zone Transfer from Linux
Automated Zone Transfers
Zone Transfer Countermeasures
www.CheckDNS.net
Tracing Out a Network Path
tracert Output
Free Tools
Paratrace
War Dialing for Hanging Modems
Manual and Automated War Dialing
Case Study
www.guidedogs.com
Footprinting Countermeasures
Demo - Footprinting & Info Gathering
Module 2 Review
Module 3
TCP/IP Basics and Scanning
The OSI Model
TCP/IP Protocol Suite Layers
Encapsulation
Data-Link Protocols
IP - Internet Protocol, Datagram (Packet)
ICMP Packets
UDP ΓΓé¼ΓÇ£ User Datagram Protocol
UDP Datagram
TCP ΓΓé¼ΓÇ£ Transmission Control Protocol
TCP Segment
TCP/IP 3-Way Handshake and Flags
TCP and UDP Ports
Ping Sweeps
Good Old Ping, Nmap, TCP Ping Sweep
TCP Sweep Traffic Captured
Unix Pinging Utilities
Default TTLs
Pinging Countermeasures
Port Scanning
Nmap
Advanced Probing Techniques
Scanrand
Port Probing Countermeasures
Watch Your Own Ports
Demo - Scanning Tools
Module 3 Review
Module 4
Enumeration and Verification
Operating System Identification
Differences Between OS TCP/IP Stack
Nmap -O
Active vs Passive Fingerprinting
Xprobe/Xprobe2
Countermeasures
SNMP Overview
SNMP Enumeration
SMTP, Finger, and E-mail Aliases
Gleaning Information from SMTP
SMTP E-mail Alias Enumeration
SMTP Enumeration Countermeasures
CIFS/SMB
Attack Methodology
Find Domains and Computers
NetBIOS Data
NBTscan
NULL Session
Local and Domain Users
Find Shares with net view
enum: the All-in-one
Winfo and NTInfoScan (ntis.exe)
Digging in the Registry
NetBIOS Attack Summary
NetBIOS Countermeasures
WhatΓΓé¼Γäós this SID Thing Anyway?
Common SIDs and RIDs
whoami
RestrictAnonymous
USER2SID/SID2USER
psgetsid.exe and UserDump Tool
LDAP and Active Directory
GUI Tools to Perform the Same Actions
Demo - Enumeration
Module 4 Review
Module 5
Hacking & Defending Wireless/Modems
Phone Numbers & Modem Background
Phone Reconnaissance
Modem Attacks
Wireless Reconnaissance
Wireless Background
Wireless Reconnaissance Continued
Wireless Sniffing
Cracking WEP Keys
Defending Wireless
Module 5 Review
Module 6
Hacking & Defending Web Servers
Web Servers in General: HTTP
Uniform Resource Locator: URL
Apache Web Server Functionality
Apache: Attacking Mis-configurations
Apache: Attacking Known Vulnerabilities
Defending Apache Web Server
Microsoft Internet Information Server (IIS)
IIS: Security Features
IIS: Attacking General Problems
IIS: IUSER or IWAM Level Access
IIS: Administrator or Sys Level Access
IIS: Clearing IIS Logs
IIS: Defending and Countermeasures
Web Server Vulnerability Scanners
Demo - Hacking Web Servers
Module 6 Review
Module 7
Hacking & Defending Web Applications
Background on Web Threat & Design
Basic Infrastructure Information
Information Leaks on Web Pages
Hacking over SSL
Use the Source, LukeΓΓ鼪
Functional/Logic Testing
Attacking Authentication
Attacking Authorization
Debug Proxies: @stake webproxy
Input Validation Attacks
Attacking Session State
Attacking Web Clients
Cross-Site Scripting (XSS) Threats
Defending Web Applications
Module 7 Review
Module 8
Sniffers and Session Hijacking
Sniffers
Why Are Sniffers so Dangerous?
Collision & Broadcast Domains
VLANs and Layer-3 Segmentation
tcpdump & WinDump
Berkley Packet Filter (BPF)
Libpcap & WinPcap
BUTTSniffing Tool and dSniff
Ethereal
Mitigation of Sniffer Attacks
Antisniff
ARP Poisoning
MAC Flooding
DNS and IP Spoofing
Session Hijacking
Sequence Numbers
Hunt
Ettercap
Source Routing
Hijack Countermeasures
Demo - Sniffers
Module 8 Review
Module 9
Hacking & Defending Windows Systems
Physical Attacks
LANMan Hashes and Weaknesses
WinNT Hash and Weaknesses
Look for Guest, Temp, Joe Accounts
Direct Password Attacks
Before You Crack: Enum Tool
Finding More Account Information
Cracking Passwords
Grabbing the SAM
Crack the Obtained SAM
LSA Secrets and Trusts
Using the Newly Guessed Password
Bruteforcing Other Services
Operating System Attacks
Hiding Tracks: Clearing Logs
Hardening Windows Systems
Strong 3-Factor Authentication
Creating Strong Passwords
Authentication
Windows Account Lockouts
Auditing Passwords
File Permissions
Demo - Attacking Windows Systems
Module 9 Review
Module 10
Hacking & Defending Unix Systems
Physical Attacks on Linux
Password Cracking
Brute Force Password Attacks
Stack Operation
Race Condition Errors
Format String Errors
File System Attacks
Hiding Tracks
Single User Countermeasure
Strong Authentication
Single Sign-On Technologies
Account Lockouts
Shadow Password Files
Buffer Overflow Countermeasures
LPRng Countermeasures
Tight File Permissions
Hiding Tracks Countermeasures
Removing Unnecessary Applications
DoS Countermeasures
Hardening Scripts
Using SSH & VPNs to Prevent Sniffing
Demo - Attacking Unix Systems
Module 10 Review
Module 11
Rootkits, Backdoors, Trojans & Tunnels
Types Of Rootkits
A Look at LRK
Examples of Trojaned Files
Windows NT Rootkits
NT Rootkit
AFX Windows Rootkit 2003
Rootkit Prevention Unix
Rootkit Prevention Windows
netcat
netcat: Useful Unix Commands
netcat: What it Looks Like
VNC-Virtual Network Computing
Backdoor Defenses
Trojans
Back Orifice 2000
NetBus
SubSeven
Defenses to Trojans
Tunneling
Loki
Other Tunnels
Q-2.4 by Mixter
Starting Up Malicious Code
Defenses Against Tunnels
Manually Deleting Logs
Tools to Modify Logs
Demo - Trojans
Module 11 Review
Module 12
Denial of Service and Botnets
Denial-of-Service Attacks
CPUHog
Ping of Death
Teardrop Attacks
Jolt2
Smurf Attacks
SYN Attacks
UDP Floods
Distributed DoS
DDoS Tool: Trin00
Other DDoS Variation
History of Botnets
Anatomy of a Botnet
Some Common Bots
Demo - Denial of Service
Module 12 Review
Module 13
Automated Pen Testing Tools
General: Definitions
General:What?
General: Why?
Core ImpactΓΓÇ₧ó Framework
Core ImpactΓΓÇ₧ó Operation
CanvasΓΓÇ₧ó Framework
CanvasΓΓÇ₧ó Operation
Metasploit Framework
Metasploit Operation
Demo - Automated Pen Testing
Module 13 Review
Module 14
Intrusion Detection Systems
Types of IDSs
Network IDSs
Distributed IDSs (DIDSs)
Anomaly Detection
Signature Detection
Common IDS Software Products
Introduction to Snort
Attacking an IDS
Eluding Techniques
Testing an IDS
Hacking Tool - NIDSbench
Hacking Tool - Fragroute
Hacking Tool - SideStep
Hacking Tool - ADMmutate
Other IDS Evasion Tools
Demo - IDS and Snort
Module 14 Review
Module 15
Firewalls
Firewall Types
Application Layer Gateways
ALGs (Proxies)
Stateful Inspection Engine
Hybrid Firewall
Host-Based Firewall
Network-Based Firewall
DMZ (Demilitarized Zone)
Back-to-Back Firewalls
Bastion Hosts
Control Traffic Flow
Multiple DMZs
Controlling Traffic Flow
Why Do I Need a Firewall?
What Should I Filter?
Egress Filtering
Network Address Translation (NAT)
Firewall Vulnerabilities
IPTables/NetFilter
Default Tables and Chains
iptables Syntax 1
iptables Syntax 2
Sample IPTables Script 1
Sample IPTables Script 2
Persistent Firewalls
Firewall Identification
Firewalk
Tunneling with Loki
Tunneling with NetCat/CryptCat
Port Redirection with Fpipe
Denial-of-Service Attacks Risk?
Demo - Firewalls and IP Tables
Module 15 Review
Module 16
Honeypots and Honeynets
What Is a Honeypot?
Advantages and Disadvantages
Types and Categories of Honeypots
Honeypot: Tarpits
Honeypot: Kfsensor
Honeypot: Honeyd
Sample Honeyd Configuration
High-Interaction Honeypot
Project HoneyNet
Types of Honeynets
The Main Difference is Data Control
GEN II Data Control: Honeywall CD
Gen II Data Capture: Sebek & Sebek II
Automated Alerting
Testing
Legal Issues
Demo - Setting up a Honeypot
Module 16 Review
Module 17
Ethics and Legal Issues
The Costs
Relation to Ethical Hacking?
The Dual Nature of Tools
Good Instead of Evil?
Recognizing Trouble When It Happens
Emulating the Attack
Security Does Not Like Complexity
Proper and Ethical Disclosure
CERTΓΓé¼Γäós Current Process
Full Disclosure Policy
Organization for Internet Safety (OIS)
What Should We Do from Here?
Legal Meets Information Systems
Addressing Individual Laws
18 USC SECTION 1029
18 USC SECTION 1030
1030: Worms and Viruses
Blaster Worm Attacks
Civil vs. Criminal
18 USC SECTIONS 2510 and 2701
Digital Millennium Copyright Act
Cyber Security Enhancement Act
Module 17 Review
Course Closure
Career Academy Hacking, Penetration Testing and Countermeasures
Course Detail:
Module 1
Ethical Hacking and Penetration Testing
Security 101
Hacking Hall of Fame
What are Today's hackers Like?
Today's Hackers
Risk Management
Evolution of Threats
Typical Vulnerability Life Cycle
What is Ethical Hacking?
Rise of the Ethical Hacker
Types of Security Test
Penetration Test (Pen-test)
Red Teams
Testing Methodology
VMWare Workstation
Windows and Linux Running VMWare
Linux Is a Must
Linux Survival Skills
Useful vi Editor Commands
Module 1 Review
Module 2
Footprinting and Reconnaissance
Desired Information
Find Information by the Target (Edgar)
terraserver.microsoft.com
Network Reconnaissance & DNS Search
Query Whois Databases
Command-Line Whois Searches
ARIN whois: Search IP Address Blocks
SamSpade Tool and Website
Internet Presence
Look Through Source Code
Mirror Website
Find Specific Types of Systems
Big Brother
AltaVista
Specific Data Being Available?
Anonymizers
Countermeasures to Information Leakage
Social Engineering
DNS Zone Transfer
Nslookup command-line utility
Zone Transfer from Linux
Automated Zone Transfers
Zone Transfer Countermeasures
www.CheckDNS.net
Tracing Out a Network Path
tracert Output
Free Tools
Paratrace
War Dialing for Hanging Modems
Manual and Automated War Dialing
Case Study
www.guidedogs.com
Footprinting Countermeasures
Demo - Footprinting & Info Gathering
Module 2 Review
Module 3
TCP/IP Basics and Scanning
The OSI Model
TCP/IP Protocol Suite Layers
Encapsulation
Data-Link Protocols
IP - Internet Protocol, Datagram (Packet)
ICMP Packets
UDP ΓΓé¼ΓÇ£ User Datagram Protocol
UDP Datagram
TCP ΓΓé¼ΓÇ£ Transmission Control Protocol
TCP Segment
TCP/IP 3-Way Handshake and Flags
TCP and UDP Ports
Ping Sweeps
Good Old Ping, Nmap, TCP Ping Sweep
TCP Sweep Traffic Captured
Unix Pinging Utilities
Default TTLs
Pinging Countermeasures
Port Scanning
Nmap
Advanced Probing Techniques
Scanrand
Port Probing Countermeasures
Watch Your Own Ports
Demo - Scanning Tools
Module 3 Review
Module 4
Enumeration and Verification
Operating System Identification
Differences Between OS TCP/IP Stack
Nmap -O
Active vs Passive Fingerprinting
Xprobe/Xprobe2
Countermeasures
SNMP Overview
SNMP Enumeration
SMTP, Finger, and E-mail Aliases
Gleaning Information from SMTP
SMTP E-mail Alias Enumeration
SMTP Enumeration Countermeasures
CIFS/SMB
Attack Methodology
Find Domains and Computers
NetBIOS Data
NBTscan
NULL Session
Local and Domain Users
Find Shares with net view
enum: the All-in-one
Winfo and NTInfoScan (ntis.exe)
Digging in the Registry
NetBIOS Attack Summary
NetBIOS Countermeasures
WhatΓΓé¼Γäós this SID Thing Anyway?
Common SIDs and RIDs
whoami
RestrictAnonymous
USER2SID/SID2USER
psgetsid.exe and UserDump Tool
LDAP and Active Directory
GUI Tools to Perform the Same Actions
Demo - Enumeration
Module 4 Review
Module 5
Hacking & Defending Wireless/Modems
Phone Numbers & Modem Background
Phone Reconnaissance
Modem Attacks
Wireless Reconnaissance
Wireless Background
Wireless Reconnaissance Continued
Wireless Sniffing
Cracking WEP Keys
Defending Wireless
Module 5 Review
Module 6
Hacking & Defending Web Servers
Web Servers in General: HTTP
Uniform Resource Locator: URL
Apache Web Server Functionality
Apache: Attacking Mis-configurations
Apache: Attacking Known Vulnerabilities
Defending Apache Web Server
Microsoft Internet Information Server (IIS)
IIS: Security Features
IIS: Attacking General Problems
IIS: IUSER or IWAM Level Access
IIS: Administrator or Sys Level Access
IIS: Clearing IIS Logs
IIS: Defending and Countermeasures
Web Server Vulnerability Scanners
Demo - Hacking Web Servers
Module 6 Review
Module 7
Hacking & Defending Web Applications
Background on Web Threat & Design
Basic Infrastructure Information
Information Leaks on Web Pages
Hacking over SSL
Use the Source, LukeΓΓ鼪
Functional/Logic Testing
Attacking Authentication
Attacking Authorization
Debug Proxies: @stake webproxy
Input Validation Attacks
Attacking Session State
Attacking Web Clients
Cross-Site Scripting (XSS) Threats
Defending Web Applications
Module 7 Review
Module 8
Sniffers and Session Hijacking
Sniffers
Why Are Sniffers so Dangerous?
Collision & Broadcast Domains
VLANs and Layer-3 Segmentation
tcpdump & WinDump
Berkley Packet Filter (BPF)
Libpcap & WinPcap
BUTTSniffing Tool and dSniff
Ethereal
Mitigation of Sniffer Attacks
Antisniff
ARP Poisoning
MAC Flooding
DNS and IP Spoofing
Session Hijacking
Sequence Numbers
Hunt
Ettercap
Source Routing
Hijack Countermeasures
Demo - Sniffers
Module 8 Review
Module 9
Hacking & Defending Windows Systems
Physical Attacks
LANMan Hashes and Weaknesses
WinNT Hash and Weaknesses
Look for Guest, Temp, Joe Accounts
Direct Password Attacks
Before You Crack: Enum Tool
Finding More Account Information
Cracking Passwords
Grabbing the SAM
Crack the Obtained SAM
LSA Secrets and Trusts
Using the Newly Guessed Password
Bruteforcing Other Services
Operating System Attacks
Hiding Tracks: Clearing Logs
Hardening Windows Systems
Strong 3-Factor Authentication
Creating Strong Passwords
Authentication
Windows Account Lockouts
Auditing Passwords
File Permissions
Demo - Attacking Windows Systems
Module 9 Review
Module 10
Hacking & Defending Unix Systems
Physical Attacks on Linux
Password Cracking
Brute Force Password Attacks
Stack Operation
Race Condition Errors
Format String Errors
File System Attacks
Hiding Tracks
Single User Countermeasure
Strong Authentication
Single Sign-On Technologies
Account Lockouts
Shadow Password Files
Buffer Overflow Countermeasures
LPRng Countermeasures
Tight File Permissions
Hiding Tracks Countermeasures
Removing Unnecessary Applications
DoS Countermeasures
Hardening Scripts
Using SSH & VPNs to Prevent Sniffing
Demo - Attacking Unix Systems
Module 10 Review
Module 11
Rootkits, Backdoors, Trojans & Tunnels
Types Of Rootkits
A Look at LRK
Examples of Trojaned Files
Windows NT Rootkits
NT Rootkit
AFX Windows Rootkit 2003
Rootkit Prevention Unix
Rootkit Prevention Windows
netcat
netcat: Useful Unix Commands
netcat: What it Looks Like
VNC-Virtual Network Computing
Backdoor Defenses
Trojans
Back Orifice 2000
NetBus
SubSeven
Defenses to Trojans
Tunneling
Loki
Other Tunnels
Q-2.4 by Mixter
Starting Up Malicious Code
Defenses Against Tunnels
Manually Deleting Logs
Tools to Modify Logs
Demo - Trojans
Module 11 Review
Module 12
Denial of Service and Botnets
Denial-of-Service Attacks
CPUHog
Ping of Death
Teardrop Attacks
Jolt2
Smurf Attacks
SYN Attacks
UDP Floods
Distributed DoS
DDoS Tool: Trin00
Other DDoS Variation
History of Botnets
Anatomy of a Botnet
Some Common Bots
Demo - Denial of Service
Module 12 Review
Module 13
Automated Pen Testing Tools
General: Definitions
General:What?
General: Why?
Core ImpactΓΓÇ₧ó Framework
Core ImpactΓΓÇ₧ó Operation
CanvasΓΓÇ₧ó Framework
CanvasΓΓÇ₧ó Operation
Metasploit Framework
Metasploit Operation
Demo - Automated Pen Testing
Module 13 Review
Module 14
Intrusion Detection Systems
Types of IDSs
Network IDSs
Distributed IDSs (DIDSs)
Anomaly Detection
Signature Detection
Common IDS Software Products
Introduction to Snort
Attacking an IDS
Eluding Techniques
Testing an IDS
Hacking Tool - NIDSbench
Hacking Tool - Fragroute
Hacking Tool - SideStep
Hacking Tool - ADMmutate
Other IDS Evasion Tools
Demo - IDS and Snort
Module 14 Review
Module 15
Firewalls
Firewall Types
Application Layer Gateways
ALGs (Proxies)
Stateful Inspection Engine
Hybrid Firewall
Host-Based Firewall
Network-Based Firewall
DMZ (Demilitarized Zone)
Back-to-Back Firewalls
Bastion Hosts
Control Traffic Flow
Multiple DMZs
Controlling Traffic Flow
Why Do I Need a Firewall?
What Should I Filter?
Egress Filtering
Network Address Translation (NAT)
Firewall Vulnerabilities
IPTables/NetFilter
Default Tables and Chains
iptables Syntax 1
iptables Syntax 2
Sample IPTables Script 1
Sample IPTables Script 2
Persistent Firewalls
Firewall Identification
Firewalk
Tunneling with Loki
Tunneling with NetCat/CryptCat
Port Redirection with Fpipe
Denial-of-Service Attacks Risk?
Demo - Firewalls and IP Tables
Module 15 Review
Module 16
Honeypots and Honeynets
What Is a Honeypot?
Advantages and Disadvantages
Types and Categories of Honeypots
Honeypot: Tarpits
Honeypot: Kfsensor
Honeypot: Honeyd
Sample Honeyd Configuration
High-Interaction Honeypot
Project HoneyNet
Types of Honeynets
The Main Difference is Data Control
GEN II Data Control: Honeywall CD
Gen II Data Capture: Sebek & Sebek II
Automated Alerting
Testing
Legal Issues
Demo - Setting up a Honeypot
Module 16 Review
Module 17
Ethics and Legal Issues
The Costs
Relation to Ethical Hacking?
The Dual Nature of Tools
Good Instead of Evil?
Recognizing Trouble When It Happens
Emulating the Attack
Security Does Not Like Complexity
Proper and Ethical Disclosure
CERTΓΓé¼Γäós Current Process
Full Disclosure Policy
Organization for Internet Safety (OIS)
What Should We Do from Here?
Legal Meets Information Systems
Addressing Individual Laws
18 USC SECTION 1029
18 USC SECTION 1030
1030: Worms and Viruses
Blaster Worm Attacks
Civil vs. Criminal
18 USC SECTIONS 2510 and 2701
Digital Millennium Copyright Act
Cyber Security Enhancement Act
Module 17 Review
Course Closure
Module 1
Ethical Hacking and Penetration Testing
Security 101
Hacking Hall of Fame
What are Today's hackers Like?
Today's Hackers
Risk Management
Evolution of Threats
Typical Vulnerability Life Cycle
What is Ethical Hacking?
Rise of the Ethical Hacker
Types of Security Test
Penetration Test (Pen-test)
Red Teams
Testing Methodology
VMWare Workstation
Windows and Linux Running VMWare
Linux Is a Must
Linux Survival Skills
Useful vi Editor Commands
Module 1 Review
Module 2
Footprinting and Reconnaissance
1)Desired Information
2)Find Information by the Target (Edgar)
3)terraserver.microsoft.com
4)Network Reconnaissance & DNS Search
5)Query Whois Databases
6)Command-Line Whois Searches
7)ARIN whois: Search IP Address Blocks
8)SamSpade Tool and Website
9)Internet Presence
10)Look Through Source Code
Mirror Website
Find Specific Types of Systems
Big Brother
AltaVista
Specific Data Being Available?
Anonymizers
Countermeasures to Information Leakage
Social Engineering
DNS Zone Transfer
Nslookup command-line utility
Zone Transfer from Linux
Automated Zone Transfers
Zone Transfer Countermeasures
www.CheckDNS.net
Tracing Out a Network Path
tracert Output
Free Tools
Paratrace
War Dialing for Hanging Modems
Manual and Automated War Dialing
Case Study
www.guidedogs.com
Footprinting Countermeasures
Demo - Footprinting & Info Gathering
Module 2 Review
Module 3
TCP/IP Basics and Scanning
The OSI Model
TCP/IP Protocol Suite Layers
Encapsulation
Data-Link Protocols
IP - Internet Protocol, Datagram (Packet)
ICMP Packets
UDP ΓΓé¼ΓÇ£ User Datagram Protocol
UDP Datagram
TCP ΓΓé¼ΓÇ£ Transmission Control Protocol
TCP Segment
TCP/IP 3-Way Handshake and Flags
TCP and UDP Ports
Ping Sweeps
Good Old Ping, Nmap, TCP Ping Sweep
TCP Sweep Traffic Captured
Unix Pinging Utilities
Default TTLs
Pinging Countermeasures
Port Scanning
Nmap
Advanced Probing Techniques
Scanrand
Port Probing Countermeasures
Watch Your Own Ports
Demo - Scanning Tools
Module 3 Review
Module 4
Enumeration and Verification
Operating System Identification
Differences Between OS TCP/IP Stack
Nmap -O
Active vs Passive Fingerprinting
Xprobe/Xprobe2
Countermeasures
SNMP Overview
SNMP Enumeration
SMTP, Finger, and E-mail Aliases
Gleaning Information from SMTP
SMTP E-mail Alias Enumeration
SMTP Enumeration Countermeasures
CIFS/SMB
Attack Methodology
Find Domains and Computers
NetBIOS Data
NBTscan
NULL Session
Local and Domain Users
Find Shares with net view
enum: the All-in-one
Winfo and NTInfoScan (ntis.exe)
Digging in the Registry
NetBIOS Attack Summary
NetBIOS Countermeasures
WhatΓΓé¼Γäós this SID Thing Anyway?
Common SIDs and RIDs
whoami
RestrictAnonymous
USER2SID/SID2USER
psgetsid.exe and UserDump Tool
LDAP and Active Directory
GUI Tools to Perform the Same Actions
Demo - Enumeration
Module 4 Review
Module 5
Hacking & Defending Wireless/Modems
Phone Numbers & Modem Background
Phone Reconnaissance
Modem Attacks
Wireless Reconnaissance
Wireless Background
Wireless Reconnaissance Continued
Wireless Sniffing
Cracking WEP Keys
Defending Wireless
Module 5 Review
Module 6
Hacking & Defending Web Servers
Web Servers in General: HTTP
Uniform Resource Locator: URL
Apache Web Server Functionality
Apache: Attacking Mis-configurations
Apache: Attacking Known Vulnerabilities
Defending Apache Web Server
Microsoft Internet Information Server (IIS)
IIS: Security Features
IIS: Attacking General Problems
IIS: IUSER or IWAM Level Access
IIS: Administrator or Sys Level Access
IIS: Clearing IIS Logs
IIS: Defending and Countermeasures
Web Server Vulnerability Scanners
Demo - Hacking Web Servers
Module 6 Review
Module 7
Hacking & Defending Web Applications
Background on Web Threat & Design
Basic Infrastructure Information
Information Leaks on Web Pages
Hacking over SSL
Use the Source, LukeΓΓ鼪
Functional/Logic Testing
Attacking Authentication
Attacking Authorization
Debug Proxies: @stake webproxy
Input Validation Attacks
Attacking Session State
Attacking Web Clients
Cross-Site Scripting (XSS) Threats
Defending Web Applications
Module 7 Review
Module 8
Sniffers and Session Hijacking
Sniffers
Why Are Sniffers so Dangerous?
Collision & Broadcast Domains
VLANs and Layer-3 Segmentation
tcpdump & WinDump
Berkley Packet Filter (BPF)
Libpcap & WinPcap
BUTTSniffing Tool and dSniff
Ethereal
Mitigation of Sniffer Attacks
Antisniff
ARP Poisoning
MAC Flooding
DNS and IP Spoofing
Session Hijacking
Sequence Numbers
Hunt
Ettercap
Source Routing
Hijack Countermeasures
Demo - Sniffers
Module 8 Review
Module 9
Hacking & Defending Windows Systems
Physical Attacks
LANMan Hashes and Weaknesses
WinNT Hash and Weaknesses
Look for Guest, Temp, Joe Accounts
Direct Password Attacks
Before You Crack: Enum Tool
Finding More Account Information
Cracking Passwords
Grabbing the SAM
Crack the Obtained SAM
LSA Secrets and Trusts
Using the Newly Guessed Password
Bruteforcing Other Services
Operating System Attacks
Hiding Tracks: Clearing Logs
Hardening Windows Systems
Strong 3-Factor Authentication
Creating Strong Passwords
Authentication
Windows Account Lockouts
Auditing Passwords
File Permissions
Demo - Attacking Windows Systems
Module 9 Review
Module 10
Hacking & Defending Unix Systems
Physical Attacks on Linux
Password Cracking
Brute Force Password Attacks
Stack Operation
Race Condition Errors
Format String Errors
File System Attacks
Hiding Tracks
Single User Countermeasure
Strong Authentication
Single Sign-On Technologies
Account Lockouts
Shadow Password Files
Buffer Overflow Countermeasures
LPRng Countermeasures
Tight File Permissions
Hiding Tracks Countermeasures
Removing Unnecessary Applications
DoS Countermeasures
Hardening Scripts
Using SSH & VPNs to Prevent Sniffing
Demo - Attacking Unix Systems
Module 10 Review
Module 11
Rootkits, Backdoors, Trojans & Tunnels
Types Of Rootkits
A Look at LRK
Examples of Trojaned Files
Windows NT Rootkits
NT Rootkit
AFX Windows Rootkit 2003
Rootkit Prevention Unix
Rootkit Prevention Windows
netcat
netcat: Useful Unix Commands
netcat: What it Looks Like
VNC-Virtual Network Computing
Backdoor Defenses
Trojans
Back Orifice 2000
NetBus
SubSeven
Defenses to Trojans
Tunneling
Loki
Other Tunnels
Q-2.4 by Mixter
Starting Up Malicious Code
Defenses Against Tunnels
Manually Deleting Logs
Tools to Modify Logs
Demo - Trojans
Module 11 Review
Module 12
Denial of Service and Botnets
Denial-of-Service Attacks
CPUHog
Ping of Death
Teardrop Attacks
Jolt2
Smurf Attacks
SYN Attacks
UDP Floods
Distributed DoS
DDoS Tool: Trin00
Other DDoS Variation
History of Botnets
Anatomy of a Botnet
Some Common Bots
Demo - Denial of Service
Module 12 Review
Module 13
Automated Pen Testing Tools
General: Definitions
General:What?
General: Why?
Core ImpactΓΓÇ₧ó Framework
Core ImpactΓΓÇ₧ó Operation
CanvasΓΓÇ₧ó Framework
CanvasΓΓÇ₧ó Operation
Metasploit Framework
Metasploit Operation
Demo - Automated Pen Testing
Module 13 Review
Module 14
Intrusion Detection Systems
Types of IDSs
Network IDSs
Distributed IDSs (DIDSs)
Anomaly Detection
Signature Detection
Common IDS Software Products
Introduction to Snort
Attacking an IDS
Eluding Techniques
Testing an IDS
Hacking Tool - NIDSbench
Hacking Tool - Fragroute
Hacking Tool - SideStep
Hacking Tool - ADMmutate
Other IDS Evasion Tools
Demo - IDS and Snort
Module 14 Review
Module 15
Firewalls
Firewall Types
Application Layer Gateways
ALGs (Proxies)
Stateful Inspection Engine
Hybrid Firewall
Host-Based Firewall
Network-Based Firewall
DMZ (Demilitarized Zone)
Back-to-Back Firewalls
Bastion Hosts
Control Traffic Flow
Multiple DMZs
Controlling Traffic Flow
Why Do I Need a Firewall?
What Should I Filter?
Egress Filtering
Network Address Translation (NAT)
Firewall Vulnerabilities
IPTables/NetFilter
Default Tables and Chains
iptables Syntax 1
iptables Syntax 2
Sample IPTables Script 1
Sample IPTables Script 2
Persistent Firewalls
Firewall Identification
Firewalk
Tunneling with Loki
Tunneling with NetCat/CryptCat
Port Redirection with Fpipe
Denial-of-Service Attacks Risk?
Demo - Firewalls and IP Tables
Module 15 Review
Module 16
Honeypots and Honeynets
What Is a Honeypot?
Advantages and Disadvantages
Types and Categories of Honeypots
Honeypot: Tarpits
Honeypot: Kfsensor
Honeypot: Honeyd
Sample Honeyd Configuration
High-Interaction Honeypot
Project HoneyNet
Types of Honeynets
The Main Difference is Data Control
GEN II Data Control: Honeywall CD
Gen II Data Capture: Sebek & Sebek II
Automated Alerting
Testing
Legal Issues
Demo - Setting up a Honeypot
Module 16 Review
Module 17
Ethics and Legal Issues
The Costs
Relation to Ethical Hacking?
The Dual Nature of Tools
Good Instead of Evil?
Recognizing Trouble When It Happens
Emulating the Attack
Security Does Not Like Complexity
Proper and Ethical Disclosure
CERTΓΓé¼Γäós Current Process
Full Disclosure Policy
Organization for Internet Safety (OIS)
What Should We Do from Here?
Legal Meets Information Systems
Addressing Individual Laws
18 USC SECTION 1029
18 USC SECTION 1030
1030: Worms and Viruses
Blaster Worm Attacks
Civil vs. Criminal
18 USC SECTIONS 2510 and 2701
Digital Millennium Copyright Act
Cyber Security Enhancement Act
Module 17 Review
Course Closure
Career Academy Hacking, Penetration Testing and Countermeasures
Course Detail:
Module 1
Ethical Hacking and Penetration Testing
Security 101
Hacking Hall of Fame
What are Today's hackers Like?
Today's Hackers
Risk Management
Evolution of Threats
Typical Vulnerability Life Cycle
What is Ethical Hacking?
Rise of the Ethical Hacker
Types of Security Test
Penetration Test (Pen-test)
Red Teams
Testing Methodology
VMWare Workstation
Windows and Linux Running VMWare
Linux Is a Must
Linux Survival Skills
Useful vi Editor Commands
Module 1 Review
Module 2
Footprinting and Reconnaissance
Desired Information
Find Information by the Target (Edgar)
terraserver.microsoft.com
Network Reconnaissance & DNS Search
Query Whois Databases
Command-Line Whois Searches
ARIN whois: Search IP Address Blocks
SamSpade Tool and Website
Internet Presence
Look Through Source Code
Mirror Website
Find Specific Types of Systems
Big Brother
AltaVista
Specific Data Being Available?
Anonymizers
Countermeasures to Information Leakage
Social Engineering
DNS Zone Transfer
Nslookup command-line utility
Zone Transfer from Linux
Automated Zone Transfers
Zone Transfer Countermeasures
www.CheckDNS.net
Tracing Out a Network Path
tracert Output
Free Tools
Paratrace
War Dialing for Hanging Modems
Manual and Automated War Dialing
Case Study
www.guidedogs.com
Footprinting Countermeasures
Demo - Footprinting & Info Gathering
Module 2 Review
Module 3
TCP/IP Basics and Scanning
The OSI Model
TCP/IP Protocol Suite Layers
Encapsulation
Data-Link Protocols
IP - Internet Protocol, Datagram (Packet)
ICMP Packets
UDP ΓΓé¼ΓÇ£ User Datagram Protocol
UDP Datagram
TCP ΓΓé¼ΓÇ£ Transmission Control Protocol
TCP Segment
TCP/IP 3-Way Handshake and Flags
TCP and UDP Ports
Ping Sweeps
Good Old Ping, Nmap, TCP Ping Sweep
TCP Sweep Traffic Captured
Unix Pinging Utilities
Default TTLs
Pinging Countermeasures
Port Scanning
Nmap
Advanced Probing Techniques
Scanrand
Port Probing Countermeasures
Watch Your Own Ports
Demo - Scanning Tools
Module 3 Review
Module 4
Enumeration and Verification
Operating System Identification
Differences Between OS TCP/IP Stack
Nmap -O
Active vs Passive Fingerprinting
Xprobe/Xprobe2
Countermeasures
SNMP Overview
SNMP Enumeration
SMTP, Finger, and E-mail Aliases
Gleaning Information from SMTP
SMTP E-mail Alias Enumeration
SMTP Enumeration Countermeasures
CIFS/SMB
Attack Methodology
Find Domains and Computers
NetBIOS Data
NBTscan
NULL Session
Local and Domain Users
Find Shares with net view
enum: the All-in-one
Winfo and NTInfoScan (ntis.exe)
Digging in the Registry
NetBIOS Attack Summary
NetBIOS Countermeasures
WhatΓΓé¼Γäós this SID Thing Anyway?
Common SIDs and RIDs
whoami
RestrictAnonymous
USER2SID/SID2USER
psgetsid.exe and UserDump Tool
LDAP and Active Directory
GUI Tools to Perform the Same Actions
Demo - Enumeration
Module 4 Review
Module 5
Hacking & Defending Wireless/Modems
Phone Numbers & Modem Background
Phone Reconnaissance
Modem Attacks
Wireless Reconnaissance
Wireless Background
Wireless Reconnaissance Continued
Wireless Sniffing
Cracking WEP Keys
Defending Wireless
Module 5 Review
Module 6
Hacking & Defending Web Servers
Web Servers in General: HTTP
Uniform Resource Locator: URL
Apache Web Server Functionality
Apache: Attacking Mis-configurations
Apache: Attacking Known Vulnerabilities
Defending Apache Web Server
Microsoft Internet Information Server (IIS)
IIS: Security Features
IIS: Attacking General Problems
IIS: IUSER or IWAM Level Access
IIS: Administrator or Sys Level Access
IIS: Clearing IIS Logs
IIS: Defending and Countermeasures
Web Server Vulnerability Scanners
Demo - Hacking Web Servers
Module 6 Review
Module 7
Hacking & Defending Web Applications
Background on Web Threat & Design
Basic Infrastructure Information
Information Leaks on Web Pages
Hacking over SSL
Use the Source, LukeΓΓ鼪
Functional/Logic Testing
Attacking Authentication
Attacking Authorization
Debug Proxies: @stake webproxy
Input Validation Attacks
Attacking Session State
Attacking Web Clients
Cross-Site Scripting (XSS) Threats
Defending Web Applications
Module 7 Review
Module 8
Sniffers and Session Hijacking
Sniffers
Why Are Sniffers so Dangerous?
Collision & Broadcast Domains
VLANs and Layer-3 Segmentation
tcpdump & WinDump
Berkley Packet Filter (BPF)
Libpcap & WinPcap
BUTTSniffing Tool and dSniff
Ethereal
Mitigation of Sniffer Attacks
Antisniff
ARP Poisoning
MAC Flooding
DNS and IP Spoofing
Session Hijacking
Sequence Numbers
Hunt
Ettercap
Source Routing
Hijack Countermeasures
Demo - Sniffers
Module 8 Review
Module 9
Hacking & Defending Windows Systems
Physical Attacks
LANMan Hashes and Weaknesses
WinNT Hash and Weaknesses
Look for Guest, Temp, Joe Accounts
Direct Password Attacks
Before You Crack: Enum Tool
Finding More Account Information
Cracking Passwords
Grabbing the SAM
Crack the Obtained SAM
LSA Secrets and Trusts
Using the Newly Guessed Password
Bruteforcing Other Services
Operating System Attacks
Hiding Tracks: Clearing Logs
Hardening Windows Systems
Strong 3-Factor Authentication
Creating Strong Passwords
Authentication
Windows Account Lockouts
Auditing Passwords
File Permissions
Demo - Attacking Windows Systems
Module 9 Review
Module 10
Hacking & Defending Unix Systems
Physical Attacks on Linux
Password Cracking
Brute Force Password Attacks
Stack Operation
Race Condition Errors
Format String Errors
File System Attacks
Hiding Tracks
Single User Countermeasure
Strong Authentication
Single Sign-On Technologies
Account Lockouts
Shadow Password Files
Buffer Overflow Countermeasures
LPRng Countermeasures
Tight File Permissions
Hiding Tracks Countermeasures
Removing Unnecessary Applications
DoS Countermeasures
Hardening Scripts
Using SSH & VPNs to Prevent Sniffing
Demo - Attacking Unix Systems
Module 10 Review
Module 11
Rootkits, Backdoors, Trojans & Tunnels
Types Of Rootkits
A Look at LRK
Examples of Trojaned Files
Windows NT Rootkits
NT Rootkit
AFX Windows Rootkit 2003
Rootkit Prevention Unix
Rootkit Prevention Windows
netcat
netcat: Useful Unix Commands
netcat: What it Looks Like
VNC-Virtual Network Computing
Backdoor Defenses
Trojans
Back Orifice 2000
NetBus
SubSeven
Defenses to Trojans
Tunneling
Loki
Other Tunnels
Q-2.4 by Mixter
Starting Up Malicious Code
Defenses Against Tunnels
Manually Deleting Logs
Tools to Modify Logs
Demo - Trojans
Module 11 Review
Module 12
Denial of Service and Botnets
Denial-of-Service Attacks
CPUHog
Ping of Death
Teardrop Attacks
Jolt2
Smurf Attacks
SYN Attacks
UDP Floods
Distributed DoS
DDoS Tool: Trin00
Other DDoS Variation
History of Botnets
Anatomy of a Botnet
Some Common Bots
Demo - Denial of Service
Module 12 Review
Module 13
Automated Pen Testing Tools
General: Definitions
General:What?
General: Why?
Core ImpactΓΓÇ₧ó Framework
Core ImpactΓΓÇ₧ó Operation
CanvasΓΓÇ₧ó Framework
CanvasΓΓÇ₧ó Operation
Metasploit Framework
Metasploit Operation
Demo - Automated Pen Testing
Module 13 Review
Module 14
Intrusion Detection Systems
Types of IDSs
Network IDSs
Distributed IDSs (DIDSs)
Anomaly Detection
Signature Detection
Common IDS Software Products
Introduction to Snort
Attacking an IDS
Eluding Techniques
Testing an IDS
Hacking Tool - NIDSbench
Hacking Tool - Fragroute
Hacking Tool - SideStep
Hacking Tool - ADMmutate
Other IDS Evasion Tools
Demo - IDS and Snort
Module 14 Review
Module 15
Firewalls
Firewall Types
Application Layer Gateways
ALGs (Proxies)
Stateful Inspection Engine
Hybrid Firewall
Host-Based Firewall
Network-Based Firewall
DMZ (Demilitarized Zone)
Back-to-Back Firewalls
Bastion Hosts
Control Traffic Flow
Multiple DMZs
Controlling Traffic Flow
Why Do I Need a Firewall?
What Should I Filter?
Egress Filtering
Network Address Translation (NAT)
Firewall Vulnerabilities
IPTables/NetFilter
Default Tables and Chains
iptables Syntax 1
iptables Syntax 2
Sample IPTables Script 1
Sample IPTables Script 2
Persistent Firewalls
Firewall Identification
Firewalk
Tunneling with Loki
Tunneling with NetCat/CryptCat
Port Redirection with Fpipe
Denial-of-Service Attacks Risk?
Demo - Firewalls and IP Tables
Module 15 Review
Module 16
Honeypots and Honeynets
What Is a Honeypot?
Advantages and Disadvantages
Types and Categories of Honeypots
Honeypot: Tarpits
Honeypot: Kfsensor
Honeypot: Honeyd
Sample Honeyd Configuration
High-Interaction Honeypot
Project HoneyNet
Types of Honeynets
The Main Difference is Data Control
GEN II Data Control: Honeywall CD
Gen II Data Capture: Sebek & Sebek II
Automated Alerting
Testing
Legal Issues
Demo - Setting up a Honeypot
Module 16 Review
Module 17
Ethics and Legal Issues
The Costs
Relation to Ethical Hacking?
The Dual Nature of Tools
Good Instead of Evil?
Recognizing Trouble When It Happens
Emulating the Attack
Security Does Not Like Complexity
Proper and Ethical Disclosure
CERTΓΓé¼Γäós Current Process
Full Disclosure Policy
Organization for Internet Safety (OIS)
What Should We Do from Here?
Legal Meets Information Systems
Addressing Individual Laws
18 USC SECTION 1029
18 USC SECTION 1030
1030: Worms and Viruses
Blaster Worm Attacks
Civil vs. Criminal
18 USC SECTIONS 2510 and 2701
Digital Millennium Copyright Act
Cyber Security Enhancement Act
Module 17 Review
Course Closure
Footprinting/Reconnaissance
Tools/Services used for Footprinting / Recon:-
The most common service used for footprinting and recon are:
The most common service used for footprinting and recon are:
1. Search engines (google,dmoz,etc)
2. Whois Information
3. Domain name registration information
4. DNS records
5. Sitedigger
6. Archive.org
7. Nslookup
8. Ping
9. Traceroute,
10. Netcraft
11. Website copiers
12. Service Banners(FTP, Mailserver)
14. Maltego
15. Social Networking: Employee and people search in Facebook, LinkedIn, Orkut, twitter and Background checks.http://compsec.org/security/index.php/scanning/24-basics-of-footprinting-and-recon.html
Tuesday, 27 September 2011
skill set
Candidate must have hands-on experience in Penetration and Vulnerability assessment of Internet and Intranet Scanning, Discovery, Exploiting, Detailed analysis, Review and Reporting.
Candidate must have good knowledge in Ethical Hacking tools and techniques.
Candidate must have relevant experience into Information security / Data security / forensic.
Candidate should be aware of the governing cyber laws of India.
Candidate should be expertise in Installation and Configuration of Security products, Security patches, Assist in log analysis.
Candidate must have strong knowledge in Firewalls, IDS (Intrusion Detection System), IPS (Intrusion Prevention System).
Should have In depth knowledge on Networking protocols: TCP/IP, SMTP, DNS, DHCP, POP3/IMAP, OSI, VPN (Basics), Secure Sockets Layer (SSL), PGP, IPSec.
Candidate must have 1 to 3 years experience in information security / Cyber Forensics / BCP / Incident Handling.
TRAINING / CERTIFICATIONS (ANY):
Information security/computer forensics/Cyber Law.
Certified Ethical Hacker (CEH)
Certified Security Expert
Cyberoam Certified Network & Security Professional (CCNSP)
Candidate must have good knowledge in Ethical Hacking tools and techniques.
Candidate must have relevant experience into Information security / Data security / forensic.
Candidate should be aware of the governing cyber laws of India.
Candidate should be expertise in Installation and Configuration of Security products, Security patches, Assist in log analysis.
Candidate must have strong knowledge in Firewalls, IDS (Intrusion Detection System), IPS (Intrusion Prevention System).
Should have In depth knowledge on Networking protocols: TCP/IP, SMTP, DNS, DHCP, POP3/IMAP, OSI, VPN (Basics), Secure Sockets Layer (SSL), PGP, IPSec.
Candidate must have 1 to 3 years experience in information security / Cyber Forensics / BCP / Incident Handling.
TRAINING / CERTIFICATIONS (ANY):
Information security/computer forensics/Cyber Law.
Certified Ethical Hacker (CEH)
Certified Security Expert
Cyberoam Certified Network & Security Professional (CCNSP)
Data Link Layer of the OSI Model
---
When obtaining data from the Physical layer, the Data Link layer checks for physical transmission errors and packages bits into frames
---
The Data Link layer also manages physical addressing schemes such as MAC addresses for Ethernet networks, controlling access of any various network devices to the physical medium
---
it is often divided into two parts, the Media Access Control sublayer and the Logical Link Control sublayer.
Physical Layer of the OSI Model
It operates with data in the form of bits that are sent from the Physical layer of the sending (source) device and received at the Physical layer of the destination device.
-------------
Ethernet cabling, Token Ring network technology and SCSI all function at the Physical layer of the OSI model
layers of osi
The OSI (Open System Interconnection) model is developed by ISO in 1984 to provide a reference model for the complex aspects related to network communication. --------------------
--------------
The Application, Presentation and Session layer are known as the Upper Layer and are implemented in software
--------------
The Application, Presentation and Session layer are known as the Upper Layer and are implemented in software
Monday, 26 September 2011
Reading terms
- port numbers are decided by a body called IANA or Internet Assigned Numbers Association
- Check RFC 1777 for a complete list of Port numbers
- SYN-Flooding is a Denial of Service technique that exploits a flaw in the implementation of TCP/IP on most UNIX machines
- The Point-to-Point Protocol (PPP), documented in RFC 1661, is currently (early 1996) the best solution for dial-up Internet connections, including ISDN.
- Ethernet there is only one cable that passes through the NIC's (Network Interface Cards) of all the computers on the LAN. There is no master and no slave, no server and no client (at the data link layer). All the machines have equal priority. Each card on each and every computer has it's own 48 bit Ethernet address which, like an IP address, is unique. To send a TCP/IP packet over an Ethernet LAN is simplicity itself
TCP Header format
(16 bits) | (16 bits) |
(32 bits) |
(32 bits) |
| Len (4 bits) | Unused (6 bits) | Flags (6 bits) | Window Size (16 bits) |
| Checksum (16 bits) | Urgent Pointer (16 bits) |
| Type (8 bits) | Length (8 bits) | Data (16 bits) |
http://www.vijaymukhi.com/vmis/tcp.htm
Sunday, 25 September 2011
google terms
Looking for the ultimate tips for Google searching? You've just found the only guide to Google you need. Let's get started:
1. The best way to begin searching harder with Google is by clicking the Advanced Search link.
2. This lets you search for exact phrases, "all these words", or one of the specified keywords by entering search terms into the appropriate box.
3. You can also define how many results you want on the page, what language and what file type you're looking for, all with menus.
4. Advanced Search lets you type in a Top Level Domain (like .co.uk) in the "Search within site of domain" box to restrict results.
5. And you can click the "Date, usage rights, numeric range and more" link to access more advanced features.
6. Save time – most of these advanced features are also available in Google's front page search box, as command line parameters.
7. Google's main search invisibly combines search terms with the Boolean construct "AND". When you enter smoke fire – it looks for smoke AND fire.
8. To make Google search for smoke or fire, just type smoke OR fire
9. Instead of OR you can type the | symbol, like this: smoke | fire
10. Boolean connectors like AND and OR are case sensitive. They must be upper case.
11. Search for a specific term, then one keyword OR another by grouping them with parentheses, like this: water (smoke OR fire)
12. To look for phrases, put them in quotes: "there's no smoke without fire"
13. Synonym search looks for words that mean similar things. Use the tilde symbol before your keyword, like this: ~eggplant
14. Exclude specific key words with the minus operator. new pram -ebay excludes all results from eBay.
15. Common words, like I, and, then and if are ignored by Google. These are called "stop words".
16. The plus operator makes sure stop words are included. Like: fish +and chips
17. If a stop word is included in a phrase between quote marks as a phrase, the word is searched for.
18. You can also ask Google to fill in a blank. Try: Christopher Columbus discovered *
19. Search for a numerical range using the numrange operator. For example, search for Sony TV between £300 and £500 with the string Sony TV £300..£500
20. Google recognises 13 main file types through advanced search, including all Microsoft Office Document types, Lotus, PostScript, Shockwave Flash and plain text files.
21. Search for any filetype directly using the modifier filetype:[filetype extension]. For example: soccer filetype:pdf
22. Exclude entire file types, using the same Boolean syntax we used to exclude key words earlier: rugby -filetype:doc
23, In fact, you can combine any Boolean search operators, as long as your syntax is correct. An example: "sausage and mash" -onions filetype:doc
24. Google has some very powerful, hidden search parameters, too. For example "intitle" only searches page titles. Try intitle:herbs
25. If you're looking for files rather than pages – give index of as the intitle: parameter. It helps you find web and FTP directories.
26. The modifier inurl only searches the web address of a page: give inurl:spices a go.
27. Find live webcams by searching for: inurl:view/view.shtml
28. The modifier inanchor is very specific, only finding results in text used in page links.
29. Want to know how many links there are to a site? Try link:sitename – for example link:www.mozilla.org
30. Similarly, you can find pages that Google thinks are related in content, using the related: modifier. Use it like this: related:www.microsoft.com
31. The modifier info:site_name returns information about the specified page.
32. Alternatively, do a normal search then click the "Similar Pages" link next to a result.
33. Specify a site to search with the site: modifier – like this: search tips site:www.techradar.com
34. The above tip works with directory sites like www.dmoz.org and dynamically generated sites.
35. Access Google Directory – a database of handpicked and rated sites – at directory.google.com
36. The Boolean operators intitle and inurl work in Google directory, as does OR.
37. Use the site: modifier when searching Google Images, at images.google.com. For example: dvd recorder site:www.amazon.co.uk
38. Similar, using "site:.com" will only return results from .com domains.
39. Google News (news.google.com) has its own Boolean parameters. For example "intext" pulls terms from the body of a story.
40. If you use the operator "source:" in Google News, you can pick specific archives. For example: heather mills source:daily_mail
41. Using the "location:" filter enables you to return news from a chosen country. location:uk for example.
42. Similarly, Google Blogsearch (blogsearch.google.com) has its own syntax. You can search for a blog title, for example, using inblogtitle:<keyword>
1. The best way to begin searching harder with Google is by clicking the Advanced Search link.
2. This lets you search for exact phrases, "all these words", or one of the specified keywords by entering search terms into the appropriate box.
3. You can also define how many results you want on the page, what language and what file type you're looking for, all with menus.
4. Advanced Search lets you type in a Top Level Domain (like .co.uk) in the "Search within site of domain" box to restrict results.
5. And you can click the "Date, usage rights, numeric range and more" link to access more advanced features.
6. Save time – most of these advanced features are also available in Google's front page search box, as command line parameters.
7. Google's main search invisibly combines search terms with the Boolean construct "AND". When you enter smoke fire – it looks for smoke AND fire.
8. To make Google search for smoke or fire, just type smoke OR fire
9. Instead of OR you can type the | symbol, like this: smoke | fire
10. Boolean connectors like AND and OR are case sensitive. They must be upper case.
11. Search for a specific term, then one keyword OR another by grouping them with parentheses, like this: water (smoke OR fire)
12. To look for phrases, put them in quotes: "there's no smoke without fire"
13. Synonym search looks for words that mean similar things. Use the tilde symbol before your keyword, like this: ~eggplant
14. Exclude specific key words with the minus operator. new pram -ebay excludes all results from eBay.
15. Common words, like I, and, then and if are ignored by Google. These are called "stop words".
16. The plus operator makes sure stop words are included. Like: fish +and chips
17. If a stop word is included in a phrase between quote marks as a phrase, the word is searched for.
18. You can also ask Google to fill in a blank. Try: Christopher Columbus discovered *
19. Search for a numerical range using the numrange operator. For example, search for Sony TV between £300 and £500 with the string Sony TV £300..£500
20. Google recognises 13 main file types through advanced search, including all Microsoft Office Document types, Lotus, PostScript, Shockwave Flash and plain text files.
21. Search for any filetype directly using the modifier filetype:[filetype extension]. For example: soccer filetype:pdf
22. Exclude entire file types, using the same Boolean syntax we used to exclude key words earlier: rugby -filetype:doc
23, In fact, you can combine any Boolean search operators, as long as your syntax is correct. An example: "sausage and mash" -onions filetype:doc
24. Google has some very powerful, hidden search parameters, too. For example "intitle" only searches page titles. Try intitle:herbs
25. If you're looking for files rather than pages – give index of as the intitle: parameter. It helps you find web and FTP directories.
26. The modifier inurl only searches the web address of a page: give inurl:spices a go.
27. Find live webcams by searching for: inurl:view/view.shtml
28. The modifier inanchor is very specific, only finding results in text used in page links.
29. Want to know how many links there are to a site? Try link:sitename – for example link:www.mozilla.org
30. Similarly, you can find pages that Google thinks are related in content, using the related: modifier. Use it like this: related:www.microsoft.com
31. The modifier info:site_name returns information about the specified page.
32. Alternatively, do a normal search then click the "Similar Pages" link next to a result.
33. Specify a site to search with the site: modifier – like this: search tips site:www.techradar.com
34. The above tip works with directory sites like www.dmoz.org and dynamically generated sites.
35. Access Google Directory – a database of handpicked and rated sites – at directory.google.com
36. The Boolean operators intitle and inurl work in Google directory, as does OR.
37. Use the site: modifier when searching Google Images, at images.google.com. For example: dvd recorder site:www.amazon.co.uk
38. Similar, using "site:.com" will only return results from .com domains.
39. Google News (news.google.com) has its own Boolean parameters. For example "intext" pulls terms from the body of a story.
40. If you use the operator "source:" in Google News, you can pick specific archives. For example: heather mills source:daily_mail
41. Using the "location:" filter enables you to return news from a chosen country. location:uk for example.
42. Similarly, Google Blogsearch (blogsearch.google.com) has its own syntax. You can search for a blog title, for example, using inblogtitle:<keyword>
43. The general search engine can get very specific indeed. Try movie:<name of film> to look for movie reviews.
44. The modifier film: works just as well!
45. Enter showtimes and Google will prompt you for your postcode. Enter it and it'll tell you when and where local films are showing.
46. For a dedicated film search page, go to www.google.co.uk/movies
47. If you ticked "Remember this Location" when you searched for show times, the next time you can enter the name of a current film instead.
48. Google really likes movies. Try typing director: The Dark Knight into the main search box.
49. For cast lists, try cast: name_of_film
50. The modifier music: followed by a band, song or album returns music reviews.
51. Try searching for weather London – you'll get a full 4-day forecast.
52. There's also a built-in dictionary. Try define:<word> in the search box.
53. Google stores the content of old sites. You can search this cache direct with the syntax keyword cache:site_url
54. Alternatively, enter cache:site_url into Google's search box to be taken direct to the stored site.
55. No calculator handy? Use Google's built in features. Try typing 12*15 and hitting "Google Search".
56. Google's calculator converts measurements and understands natural language. Type in 14 stones in kilos, for example.
57. It does currency conversion too. Try 200 pounds in euros
58. If you know the currency code you can type 200 GBP in EUR instead for more reliable results.
59. And temperature! Just type: 98 f to c to convert Fahrenheit to Centigrade.
60. Want to know how clever Google really is? Type 2476 in roman numerals, then hit "Google Search"...
61. You can personalise your Google experience by creating a Google account. Go to www.google.com/account/ then click "Create Account".
62. With a Google account there are lots more extras available. You'll get a free Gmail email account for one...
63. With your Google account, you can also personalise your front page. Click "iGoogle" to add blog and site feeds.
64. Click "Add a Tab" in iGoogle to add custom tabs. Google automatically populates them with suitable site suggestions.
65. iGoogle allows you to theme your page too. Click "Select Theme" to change the default look.
66. Some iGoogle themes change with time..."Sweet Dreams" is a theme that turns from day to night as you browse.
67. Click "More" under "Try something new" to access a full list of Google sites and new features.
68. "Custom Search" enables you to create a branded Google search for your own site.
69. An active, useful service missing from the list is "Personalised Search" – but you can access it via www.google.com/psearch when you're logged in.
70. This page lists searches you have recently made – and is divided into categories. Clicking "pause" stops Google from recording your history.
71. Click "Trends" to see the sites you visit most, the terms you enter most often and links you've clicked on!
72. Personalised Search also includes a bookmark facility – which enables you to save bookmarks online and access them from anywhere.
73. You can add bookmarks or access your bookmarks using the iGoogle Bookmarks gadget.
74. Did you know you can search within your returned results? Scroll down to the bottom of the search results page to find the link.
75. Search locally by appending your postcode to the end of query. For example Indian food BA1 2BW finds restaurants in Bath, with addresses and phone numbers!
76. Looking for a map? Just add map to the end of your query, like this: Leeds map
77. Google finds images just as easily and lists them at the top, when you add image to the end of your search.
78. Google Image Search recognises faces... add &imgtype=face to the end of the returned URL in the location bar, then hit enter to filter out pictures that aren't people.
79. Keeping an eye on stocks? Type stocks: followed by market ticker for the company and Google returns the data from Google Finance.
80. Enter the carrier and flight number in Google's main search box to return flight tracking information.
81. What time is it? Find out anywhere by typing time then the name of a place.
82. You may have noticed Google suggests alternate spellings for search terms – that's the built in spell checker!
83. You can invoke the spell checker directly by using spell: followed by your keyword.
84. Click "I'm Feeling Lucky" to be taken straight to the first page Google finds for your keyword.
85. Enter a statistics-based query like population of Britain into Google, and it will show you the answer at the top of its results.
86. If your search has none-English results, click "Translate this Page" to see it in English.
87. You can search foreign sites specifically by clicking "Language Tools", then choosing which countries sites to translate your query to.
88. Other features on the language tools page include a translator for blocks of text you can type or cut and paste.
89. There's also a box that you can enter a direct URL into, translating to the chosen language.
90. Near the language tools link, you'll see the "Search Preferences". This handy page is full of secret functionality.
91. You can specify which languages Google returns results in, ticking as many (or few) boxes as you like.
92. Google's Safe Search protects you from explicit sexual content. You can choose to filter results more stringently or switch it off completely.
93. Google's default of 10 results a page can be increased to up to 100 in Search Preferences, too.
94. You can also set Google to open your search results in a new window.
95. Want to see what others are searching for or improve your page rank? Go to www.google.com/zeitgeist
96. Another useful, experimental search can be found at www.google.com/trends – where you can find the hottest search terms.
97. To compare the performance of two or more terms, enter them into the trends search box separated by commas.
98. Fancy searching Google in Klingon? Go to www.google.com/intl/xx-klingon
99. Perhaps the Swedish chef from the muppets is your role model instead? Check www.google.com/intl/xx-bork
100. Type answer to life, the universe and everything into Google. You may be surprised by the result...
101. It will also tell you the number of horns on a unicorn
44. The modifier film: works just as well!
45. Enter showtimes and Google will prompt you for your postcode. Enter it and it'll tell you when and where local films are showing.
46. For a dedicated film search page, go to www.google.co.uk/movies
47. If you ticked "Remember this Location" when you searched for show times, the next time you can enter the name of a current film instead.
48. Google really likes movies. Try typing director: The Dark Knight into the main search box.
49. For cast lists, try cast: name_of_film
50. The modifier music: followed by a band, song or album returns music reviews.
51. Try searching for weather London – you'll get a full 4-day forecast.
52. There's also a built-in dictionary. Try define:<word> in the search box.
53. Google stores the content of old sites. You can search this cache direct with the syntax keyword cache:site_url
54. Alternatively, enter cache:site_url into Google's search box to be taken direct to the stored site.
55. No calculator handy? Use Google's built in features. Try typing 12*15 and hitting "Google Search".
56. Google's calculator converts measurements and understands natural language. Type in 14 stones in kilos, for example.
57. It does currency conversion too. Try 200 pounds in euros
58. If you know the currency code you can type 200 GBP in EUR instead for more reliable results.
59. And temperature! Just type: 98 f to c to convert Fahrenheit to Centigrade.
60. Want to know how clever Google really is? Type 2476 in roman numerals, then hit "Google Search"...
61. You can personalise your Google experience by creating a Google account. Go to www.google.com/account/ then click "Create Account".
62. With a Google account there are lots more extras available. You'll get a free Gmail email account for one...
63. With your Google account, you can also personalise your front page. Click "iGoogle" to add blog and site feeds.
64. Click "Add a Tab" in iGoogle to add custom tabs. Google automatically populates them with suitable site suggestions.
65. iGoogle allows you to theme your page too. Click "Select Theme" to change the default look.
66. Some iGoogle themes change with time..."Sweet Dreams" is a theme that turns from day to night as you browse.
67. Click "More" under "Try something new" to access a full list of Google sites and new features.
68. "Custom Search" enables you to create a branded Google search for your own site.
69. An active, useful service missing from the list is "Personalised Search" – but you can access it via www.google.com/psearch when you're logged in.
70. This page lists searches you have recently made – and is divided into categories. Clicking "pause" stops Google from recording your history.
71. Click "Trends" to see the sites you visit most, the terms you enter most often and links you've clicked on!
72. Personalised Search also includes a bookmark facility – which enables you to save bookmarks online and access them from anywhere.
73. You can add bookmarks or access your bookmarks using the iGoogle Bookmarks gadget.
74. Did you know you can search within your returned results? Scroll down to the bottom of the search results page to find the link.
75. Search locally by appending your postcode to the end of query. For example Indian food BA1 2BW finds restaurants in Bath, with addresses and phone numbers!
76. Looking for a map? Just add map to the end of your query, like this: Leeds map
77. Google finds images just as easily and lists them at the top, when you add image to the end of your search.
78. Google Image Search recognises faces... add &imgtype=face to the end of the returned URL in the location bar, then hit enter to filter out pictures that aren't people.
79. Keeping an eye on stocks? Type stocks: followed by market ticker for the company and Google returns the data from Google Finance.
80. Enter the carrier and flight number in Google's main search box to return flight tracking information.
81. What time is it? Find out anywhere by typing time then the name of a place.
82. You may have noticed Google suggests alternate spellings for search terms – that's the built in spell checker!
83. You can invoke the spell checker directly by using spell: followed by your keyword.
84. Click "I'm Feeling Lucky" to be taken straight to the first page Google finds for your keyword.
85. Enter a statistics-based query like population of Britain into Google, and it will show you the answer at the top of its results.
86. If your search has none-English results, click "Translate this Page" to see it in English.
88. Other features on the language tools page include a translator for blocks of text you can type or cut and paste.
89. There's also a box that you can enter a direct URL into, translating to the chosen language.
90. Near the language tools link, you'll see the "Search Preferences". This handy page is full of secret functionality.
91. You can specify which languages Google returns results in, ticking as many (or few) boxes as you like.
92. Google's Safe Search protects you from explicit sexual content. You can choose to filter results more stringently or switch it off completely.
93. Google's default of 10 results a page can be increased to up to 100 in Search Preferences, too.
94. You can also set Google to open your search results in a new window.
95. Want to see what others are searching for or improve your page rank? Go to www.google.com/zeitgeist
96. Another useful, experimental search can be found at www.google.com/trends – where you can find the hottest search terms.
97. To compare the performance of two or more terms, enter them into the trends search box separated by commas.
98. Fancy searching Google in Klingon? Go to www.google.com/intl/xx-klingon
99. Perhaps the Swedish chef from the muppets is your role model instead? Check www.google.com/intl/xx-bork
100. Type answer to life, the universe and everything into Google. You may be surprised by the result...
101. It will also tell you the number of horns on a unicorn
Subscribe to:
Comments (Atom)