Category Archives: Security

Security Concepts

Basic concepts Threat – An action or event that might reduce security Threat Agent – A person who takes inappropriate action Vulnerability – A weakness, design flaw or implementation error Attack – An assault on a system Exploit – A defined way to take advantage of a vulnerability Hacker – a person who enjoys learning the… Read More »

Cisco ISE

Basic Concepts Policy Administration – Policy Decission – ISE (Identity Services Engine) Policy Enforcement – Network Access Devices – Switches, Wireless, Routers Policy Information – NAC Agent, NAC Web Agent, 802.1X Supplicant (AnyConnect) Authentication Methods: 802.1x (NAC Agent, 802.1x supplicant) MAC Authentication bypass (MAB) – Database of the MAC Address of the devices that don’t… Read More »

Cisco ISE – NAC – ACS

Cisco has three different products for similar proposes but with some differences: NAC, ACS and ISE. NAC – Network Access Control Features: AAA, Evaluate and Remediate for endpoints Cisco NAC provides Network Access Control for the devices connecting to the network through 802.1x. It can put devices into Quarantine. There are two additional modules: NAC Guest Server to provide client less… Read More »

Metasploit – Attacks

Direct Attack The attack consists on locate a vulnerable service in a server and use an exploit to obtain access to the system. Port scan and scanners to identify versions Use auxiliary/scanner/portscan/tcp Use auxiliary/scanner/smb/smb_version Use auxiliary/scanner/http/http_version Use show options and set <option> to configure the exploit Search or download an exploit for the vulnerable service… Read More »

Metasploit – General concepts

General information Program folder: /usr/share/metasploit-framework/ User environment The home folder allows to load personal modules, save configuration and use of “rc” files. Home folder: $HOME/.msf4/ “rc” files can be used to store a sequence of commands. Already run commands can be saved in a .rc file with the makerc file.rc command and .rc files can be run from a session… Read More »

Tor

Tor in Kali Linux apt-get install tor service tor start configure network proxy localhost:9050 configure Iceweasel to use SOCKS proxy to localhost:9050 check your IP before configuring the proxy and after configuring it  

Wireless Attacks

WEP WEP – Wired Equivalent Privacy Uses a weak version of RC4 WEP key by Brute Force Put the card in monitoring mode airmon-ng start wlan0 Get a list of reachable wireless airodump-ng mon0 Capture packets airodump-ng –w [filename] –c [channel] –bssid [bssid] mon0 Generate additional data aireplay-ng -0 0 -a [bssid] mon0 Brute force the captured packets to… Read More »

Security tools

  Information gathering nmap and zenmap – network scanner, os fingerprinting   Tools Burp – Web spider and HTTP Proxy. Payment version includes Scanner and Exploiting services. JXplorer – LDAP Explorer   Vulnerability Scanners ZAP – Zed Attack Proxy – To find vulnerabilities on web applications Acunetix – Not free. Online scanner and web scanner   Wireless attacks… Read More »

nmap

Phases of nmap: Host discovery Port scanning OS fingerprinting Zenmap is graphic frontend for nmap Host Discovery When doing a nmap -sP network it sends a ICMP echo and a HTTP TCP-ACK (TCP Ping) packet to the port 80 Example – Basic scan of a network ICMP + HTTP nmap -sP 192.168.1.0/24 Port Scanning Example – Basic TCP scan nmap -sP 192.168.1.200… Read More »