Petr Zak

Finance and IT enthusiast, problem solver

Category: IT Security

Must-Know Ports

 

 

 20, 21 FTP
 22 SSH
 23 Telnet
 25 SMTP
 42 WINS
 53 DNS
 80, 8080 HTTP
 88 Kerberos
 110 POP3
 111 Portmapper Linux
123 NTP
135 RPC-DCOM
139 SMB
143 IMAP
161, 162 SNMP
389 LDAP
445 CIFS
514 Syslog
636 Secure LDAP

 

Network topologies

  • Bus – simple but vulnerable
  • Ring – simple, vulnerability can be handled by concentric design
  • Star – most common, resistance to outages, node failure does not cause the whole network to go down
  • Mesh – for mission critical services, high level of redundancy; Internet
  • Hybrid – mix of the above

Hacker’s workflow

Everyone has its own, but it usually consists of:

  • Footprinting (passive)
  • Scanning (active)
  • Enumeration – is there a value behind the door?
  • Hacking – attack execution
  • Covering – hiding the activity from previous steps
  • Backdoors – wanna come back?

CIA

We do not refer to the Central Intelligence Agency but key concepts in ethical hacking:

  • Confidentiality – keep the information away from non-authorized people/systems; using encryption, access rights
  • Integrity – keep the information unaltered by non-authorized
  • Availability – keep the information available to those who need it

Opposite would be:

  • Disclosure
  • Alteration
  • Disruption

 

Hacker’s needs…

Hacker’s needs to commit a crime are the same like in case of a regular crime:

  • Means
  • Motive
  • Opportunity

 

Ethical Hacker’s needs:

  • Good contract
  • Do only what you have permission to do
  • Confidentiality and privacy in mind

Boot Kali linux to console

Get the current session type, text-mode or graphical:

systemctl get-default

Set the current session type to text-mode by disabling gdm autostart:


systemctl set-default multi-user.target

Enable lightdm autostart:

systemctl set-default graphical.target

© 2018 Petr Zak

Theme by Anders NorenUp ↑