Category Archives: Security

Fortigate

Out of the box setup Network Port 1 / Internal interface – 192.168.1.99/24 DHCP often enabled in port 1 / internal interface Change admin password Default username: admin / <blank> config system admin edit admin set password PASSWORD Switch modes Two available modes – need to be setup as a first step Interface – Each internal interface acts as… Read More »

Check Point Commands

Basic setup set expert-password set management interface eth1 set interface eth1 ipv4-address IP mask-lenght MASK set interface eth1 state on save-config Operating Reboot / shutdown expert> shutdown -h now reboot CPConfig – Reset SIC. Admin users. Enable functions. Cluster membership cpconfig Start and stop CP services cpstop cpstart Initial setup reconfiguration tool cpconfig FTP ftp IP… Read More »

Check Point Architecture

Technology Architecture Components SMART – Check Point Security Management Architecture Core systems: SmartConsole – Windows based GUI Security Management Server (SMS) (aka Smart Center Server) – Configuration and log storage Security Gateway – Security Device (SGW) Deployment modes Stand alone – Security Management Server + Security Gateway in the same device Distributed – Security Management… Read More »

Google Hacking

Basic concepts “search a phrase” search anythin but -not -include -these -terms wildcard symbol * OR Operator |   Google URLs lr – search for specific language – lang_ca, lang_es &lr=lang_ca hl – changes the language of the google interface – ca, en, es &hl=en restrict – restrict search for country (domain or server location)… Read More »

Cryptography

  Hash Algorithm Message Digest – MD2, MD4, MD5 Secure Hash Algorithm – SHA-1, SHA-256. SHA-384, SHA-512 When hashing the passwords for storage or transfer, avoid the use of the rainbow tables using a salt. Diffie-Hellman Key management protocol   Asymmetric Confidentiality – Use the public key of the target. The target will use the… Read More »

Buffer Overflow

Buffer Overflow Put more data than defined in a buffer to access other part of the memory that will be run later. Attacker can add commands for his benefit. Stack – Got access to the OS Heap – Got access to the memory of the application Susceptible C functions: strcat, strcpy, sprintf, vspintf, bcopy, gets,… Read More »

Wireshark

Promiscuous mode – when the network card captures the traffic that receives, although the device is not the destination. Not all the wireless adapters allow promiscuous mode. Monitor mode is not promiscuous mode. WinPcap – Open source library for packet capture Wireshark – Application for sniffint and represent packets Passive sniffing – using hub, tap, span Active sniffing… Read More »

Social Engineering

Social Engineering Use influence and persuasion to deceive people to obtain information or perform some action. Techniques: Build trust relationship Get information piece by piece, and obtain it from different sources, so individually they are not aware of the information they are providing Use qualities on human nature: desire to be helpful, tendency to trust… Read More »

Malware

General terms: Bot / Zombie – Machine under the control of the attacker Backdoor – A way to access into the system without the owner knows Malware components: Insertion – getting on the computer Avoidance – hide Eradication – cover tracks Propagation – replication Trigger – initiation of payload Payload – what is delivered, malicious actions Types… Read More »

Reconnaissance – Footprinting & Network Scan

Footprinting Data Gathering Locations Contacts – Name, email, phone, address Hosting locations Public servers – Types, IPs, Domains DNS information – Authoritative DNS – A, CERT, HINFO, MX, NS Path to the destination, with router names Active machines, open ports, operating systems, services Map the network, access points Sources: Whois domains and IPs, reverse whois Nslookup… Read More »