This document discusses footprinting and information gathering techniques for network security. It defines footprinting as gathering information about potential target systems and networks. Both attacker and defender perspectives are considered. Basic Linux and Windows tools are covered, such as hostname, ifconfig, who, ping, traceroute, dig, nslookup, whois, arp and netstat for gathering system, network topology and user information. Packet sniffers like Wireshark are also introduced for analyzing network traffic. The document emphasizes that even basic tools can provide a lot of useful information to attackers, so defenders should aim to minimize what they reveal.
Introduction to metasploit framework
01.History of metasploit
02.Metasploit Design and architecture
03.Metasploit Editions
04.Metasploit Interface
05.Basic commands and foot-printing modules
This gives an overall idea about wireshark design and how to capture packets using wireshark, tcpdump and tshark. It also covers basics behind measuring network performance and tools to use such as bmon and iperf.
Introduction to metasploit framework
01.History of metasploit
02.Metasploit Design and architecture
03.Metasploit Editions
04.Metasploit Interface
05.Basic commands and foot-printing modules
This gives an overall idea about wireshark design and how to capture packets using wireshark, tcpdump and tshark. It also covers basics behind measuring network performance and tools to use such as bmon and iperf.
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
Tony Fortunato is a Senior Network Specialist with experience in design, implementation, and troubleshooting of LAN/WAN/Wireless networks, desktops and servers since 1989. His background in financial networks includes design and implementation of trading floor networks. Tony has taught at local high schools, Colleges/Universities, Networld/Interop and many onsite private classroom settings to thousands of analysts.
Become Wireshark Certified - https://www.udemy.com/wireshark-tutorial/?couponCode=CEWS Understand Wireshark and how this network analyzer tool can help you succeed in your Wireshark job!
Presented @ ISA Safety & Security Symposium 2012
Aneheim, CA, April 2012
Wireshark is the de facto network packet analysis tool used in the industry today. It is an easily extensible open–source tool that provides a large number of capabilities for users. It’s not just for IT–based protocols either. Many industrial protocols have created packet decoders for Wireshark. This tutorial will provide the user with:
* An introduction to protocol layering
* A basic overview of packet capture and analysis
* A demonstration of how Wireshark can be used for packet capture and analysis
* Examples of some industrial protocol in Wireshark
* An explanation of some more advanced features available in Wireshark
This presentation describes the term firewall and it's concepts and provides basic information about it's unix-based software implementations: ebtables, arptables and iptables. This document is a part of a powerpoint presentation which I also uploaded. Made as a project for university course
Telnet and SSH configuration on ubuntu and windows. this presentation show how we can configure telnet and ssh on windows and linux and what additional software we will have to required.
This presentation will give you a basic understanding of what ping is, how it works, DoS attack, traceroute, bandwidth speed, upload and download speed, how to use ping in cmd etc.
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
Tony Fortunato is a Senior Network Specialist with experience in design, implementation, and troubleshooting of LAN/WAN/Wireless networks, desktops and servers since 1989. His background in financial networks includes design and implementation of trading floor networks. Tony has taught at local high schools, Colleges/Universities, Networld/Interop and many onsite private classroom settings to thousands of analysts.
Become Wireshark Certified - https://www.udemy.com/wireshark-tutorial/?couponCode=CEWS Understand Wireshark and how this network analyzer tool can help you succeed in your Wireshark job!
Presented @ ISA Safety & Security Symposium 2012
Aneheim, CA, April 2012
Wireshark is the de facto network packet analysis tool used in the industry today. It is an easily extensible open–source tool that provides a large number of capabilities for users. It’s not just for IT–based protocols either. Many industrial protocols have created packet decoders for Wireshark. This tutorial will provide the user with:
* An introduction to protocol layering
* A basic overview of packet capture and analysis
* A demonstration of how Wireshark can be used for packet capture and analysis
* Examples of some industrial protocol in Wireshark
* An explanation of some more advanced features available in Wireshark
This presentation describes the term firewall and it's concepts and provides basic information about it's unix-based software implementations: ebtables, arptables and iptables. This document is a part of a powerpoint presentation which I also uploaded. Made as a project for university course
Telnet and SSH configuration on ubuntu and windows. this presentation show how we can configure telnet and ssh on windows and linux and what additional software we will have to required.
This presentation will give you a basic understanding of what ping is, how it works, DoS attack, traceroute, bandwidth speed, upload and download speed, how to use ping in cmd etc.
Presentation from reactconf 2014 in San Francisco.
Covers Event Stream Processing, some of the theory behind it and some implementation details in the context of local and distributed. Also covers some Big Data technologies
Comparative Analysis of Personal FirewallsAndrej Šimko
This thesis describes the analysis of 18 personal firewalls. It discovers the differences in their behaviour while they are under various techniques of port scanning and Denial of Service (DoS) attacks. With port scanning, the detection ability, time consumption, leaked port states and obfuscation techniques are analysed. With using different DoS attacks, performance measurements of CPU and network adapter are taken. The potential of firewall fingerprinting based on the different behaviour across multiple products is also addressed.
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia, at City College San Francisco.
Website: https://samsclass.info/152/152_F18.shtml
Network Scanning Phases and Supporting ToolsJoseph Bugeja
This presentation focuses on the network penetration scanning phase. It introduces tools and techniques that professional pen-testers and ethical hackers need to master to find target machines, openings on those targets and vulnerabilities.
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia, at City College San Francisco.
Website: https://samsclass.info/152/152_F18.shtml
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia.
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/121/121_F16.shtml
Cotopaxi - IoT testing toolkit (3rd release - Black Hat Europe 2019 Arsenal)Jakub Botwicz
Presentation about 3rd release of Cotopaxi toolkit from Black Hat Europe 2019 Arsenal session. Author: Jakub Botwicz
https://www.blackhat.com/eu-19/arsenal/schedule/index.html#cotopaxi-iot-protocols-security-testing-toolkit-18201
Andrew Brandt, Symantec
Back in 2014 and 2015, the Dyre (sometimes called Dyreza) Trojan was a distinctive crimeware tool for the simple reason that it appeared to employ, and experiment with, a whole range of sophisticated tactics, techniques and procedures: It was the first Trojan which exclusively employed HTTPS for its C2 traffic; It operated on a modular basis with a small cadre of other malware families, such as the Upatre downloader, which seemed to support it exclusively, as well as email address scraping tools and spam mail relayers; and it was at least as interested in profiling the environment it had infected as it was in exfiltrating any data it could find on the victim's machine. Then it disappeared suddenly, but re-emerged this year in the form of a Trojan now called Trickbot (aka Trickybot), completely rewritten but with many of the same features. In the lab, we permit Trickbot samples to persist on infected machines for days to weeks in order to perform man-in-the-middle SSL decryption on their C2 traffic. In this session, attendees will get a detailed forensic analysis of the content of some of this C2 traffic and the endpoint behavior of various machines (virtual and bare-metal) when left infected for an extended period of time. Finally, we will share what we know about the botnet's C2 infrastructure and its historical reputation. By understanding how Trickbot functions, and to where it communicates, we hope we can help identify infections more rapidly and, maybe, interpret the motives of whoever is operating this shadowy botnet to predict its next course of action.
The Slides deck contains Network penetration testing requirements & Tools used in real world pentesting. For Demo purposes, I had used a vulnhub machine called Metasploitable 2 for testing purposes. Looking into various Ports and Services Vulnerabilities using Kali open source tools.
Packet Analysis - Course Technology Computing Conference
Presenter: Lisa Bock - Pennsylvania College of Technology
Most network administrators are well-versed in hardware, applications, operating systems, and network analysis tools. However, many are not trained in analyzing network traffic. Network administrators should be able to identify normal network traffic in order to determine unusual or suspicious activity. Network packet analysis is important in order to troubleshoot congestion issues, create firewall and intrusion detection system rules, and perform incident and threat detection. This hands-on presentation will review fundamental concepts necessary to analyze network traffic, beginning with an overview of network analysis, then a review the TCP/IP protocol suite and LAN operations. Participants will examine packet captures and understand the field values of the protocols and as to what is considered normal behavior, and then examine captures that show exploits, network reconnaissance, and signatures of common network attacks. The program will use Wireshark, a network protocol analyzer for Unix and Windows, to study network packets, look at basic features such as display and capture filters, and examine common protocols such as TCP, HTTP, DNS, and FTP. Time permitting, the presentation will provide suggestions on how to troubleshoot performance problems, conduct a network baseline, and how to follow a TCP or UDP stream and see HTTP artifacts. Participants should have a basic knowledge of computer networking and an interest in the subject.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
2. Footprinting
• Definition: the gathering of information
about a potential system or network
• a.k.a. fingerprinting
• Attacker’s point of view
• Identify potential target systems
• Identify which types of attacks may be useful on
target systems
• Defender’s point of view
• Know available tools
• May be able to tell if system is being footprinted,
be more prepared for possible attack
• Vulnerability analysis: know what information
you’re giving away, what weaknesses you have
3. Information to Gather
• System (Local or Remote)
• IP Address, Name and Domain
• Operating System
• Type (Windows, Linux, Solaris, Mac)
• Version (98/NT/2000/2003/XP/Vista/7,
Redhat, Fedora, SuSe, Ubuntu, OS X)
• Usernames (and their passwords)
• File structure
• Open Ports (what services/programs are
running on the system)
4. Information to Gather (2)
• Networks / Enterprises
• System information for all hosts
• Network topology
• Gateways
• Firewalls
• Overall topology
• Network traffic information
• Specialized servers
• Web, Database, FTP, Email, etc.
5. Defender Perspective
• Identify information you’re giving away
• Identify weaknesses in systems/network
• Know when systems/network is being
probed
• Identify source of probe
• Develop awareness of threat
• Construct audit trail of activity
6. Tools - Linux
• Some basic Linux tools - lower level
utilities
• Local System
• hostname
• ifconfig
• who, last
• Remote Systems
• ping
• traceroute
• nslookup, dig
• whois
• arp, netstat (also local system)
7. Tools – Linux (2)
• Other utilities
• wireshark (packet sniffing)
• nmap (port scanning) - more later
• Ubuntu Linux
• Go to System / Administration / Network Tools –
get interface to collection of tools: ping, netstat,
traceroute, port scan, nslookup, finger, whois
8. Tools - Windows
• Windows
• Sam Spade (collected network tools)
• Wireshark (packet sniffer)
• Command line tools
• ipconfig
• Many others…
9. hostname
• Determine host name of current system
• Usage: hostname
• E.g. hostname
localhost.localdomain // default
• E.g. hostname
mobile.cs.uwec.edu
10. ifconfig
• Configure network interface
• Tells current IP numbers for host system
• Usage: ifconfig
• E.g. ifconfig // command alone: display status
eth0 Link encap: Ethernet
HWaddr 00:0C:29:CD:F6:D3
inet addr: 192.168.172.128. . .
lo Link encap: Local
Loopback
inet addr: 127.0.0.1 . . .
11. who
• Basic tool to show users on current system
• Useful for identifying unusual activity (e.g.
activity by newly created accounts or
inactive accounts)
• Usage: who
• E.g. who
root tty1 Jan 9 12:46
paul tty2 Jan 9 12:52
12. last
• Show last N users on system
• Default: since last cycling of file
• -N: last N lines
• Useful for identifying unusual activity in recent past
• Usage: last [-n]
• E.g. last -3
wagnerpj pts/1 137.28.253.254 Sat Feb 5 15:40 still logged in
flinstf pts/0 137.28.191.74 Sat Feb 5 15:38 still logged in
rubbleb pts/0 c48.someu.edu Sat Feb 5 14:38 - 15:25 (00:46)
13. ping
• Potential Uses
• Is system online?
• Through response
• Gather name information
• Through DNS
• Tentatively Identify operating system
• Based on TTL (packet Time To Live) on each packet line
• TTL = number of hops allowed to get to system
• 64 is Linux default, 128 is Windows default (but can be
changed!)
• Notes
• Uses ICMP packets
• Often blocked on many hosts; more useful within network
• Usage: ping system
• E.g. ping ftp.redhat.com
• E.g. ping localhost
14. traceroute
• Potential Uses
• Determine physical location of machine
• Gather network information (gateway, other
internal systems)
• Find system that’s dropping your packets –
evidence of a firewall
• Notes
• Can use UDP or ICMP packets
• Results often limited by firewalls
• Several GUI-based traceroute utilities available
• Usage: traceroute system
• E.g. traceroute cs.umn.edu
15. traceroute example - Success
C:UsersTemp>tracert telkomuniversity.ac.id
Tracing route to telkomuniversity.ac.id [10.14.203.238]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms 192.168.60.1
2 6 ms 6 ms 4 ms 10.11.221.1
3 7 ms 3 ms 2 ms 10.0.0.254
4 3 ms 1 ms 1 ms 10.14.203.238
Trace complete.
C:UsersTemp>
16. traceroute example - blocked
C:UsersTemp>tracert detik.com
Tracing route to detik.com [203.190.242.69]
over a maximum of 30 hops:
1 1 ms 1 ms 2 ms 192.168.60.1
2 5 ms 2 ms 2 ms 10.11.221.1
3 4 ms 9 ms 3 ms 10.0.0.254
4 * * * Request timed out.
5 * * * Request timed out.
Trace complete.
C:UsersTemp>
18. whois
• Potential Uses
• Queries nicname/whois servers for Internet
registration information
• Can gather contacts, names, geographic
information, servers, … - useful for social
engineering attacks
• Notes
• Usage: whois domain
• e.g. whois telkomuniversity.ac.id
19. whois example - wildcards
• whois uw%.edu
Your search has matched multiple domains.
Below are the domains you matched (up to 100). For specific
information on one of these domains, please search on that domain.
UW.EDU
UWA.EDU
UWB.EDU
UWC.EDU
UWEC.EDU
UWEST.EDU
UWEX.EDU
….
20. nslookup
• Potential Uses
• Query internet name servers
• Find name for IP address, and vice versa
• Notes
• Now deprecated – generally use dig
• Sometimes useful when dig fails
• Usage
• nslookup xxxxxxx // name or IP addr.
• E.g. nslookup academic.telkomuniversity.ac.id
• E.g. dig academic.telkomuniversity.ac.id
21. dig
• Potential Uses
• Domain Name Service (DNS) lookup utility
• Associate name with IP address and vice versa
• Notes
• Many command options
• General usage: dig <somehost>
• E.g. dig academic.telkomuniversity.ac.id
• E.g. dig 10.14.203.238
22. arp
• Tracks addresses, interfaces accessed by
system
• Possible uses
• Find systems that your system has recently talked
to
• Notes
• arp // display names
• arp –n // display numeric addresses
23. netstat
• Shows connections, routing information,
statistics
• Possible uses
• find systems that your system has recently
talked to, find recently used ports
• Notes
• Many flags
• netstat // open sockets, etc.
• netstat –s // summary statistics
• netstat – r // routing tables
• netstat – p // programs
• netstat – l // listening sockets
24. Windows Tools
• Sam Spade
• “swiss army knife” of footprinting
• Has most of the Linux tools
• Plus other functionality
• Usage
• Start application
• Fill in name or IP address
• Choose option desired in menus
25. Packet Sniffers
• Definition: Hardware or software that can
display network traffic packet information
• Usage
• Network traffic analysis
• Example packet sniffers
• tcpdump (command line, Linux)
• wireshark (GUI interface, Linux, Windows – open
source)
• others…
26. Limitations – Packet Sniffing
• Packet sniffers only catch what they can see
• Users attached to hub – can see everything
• Users attached to switch – only see own traffic
• Wireless – wireless access point is like hub
• Need to be able to put your network interface
card (NIC) in “promiscuous” mode to be able to
process all traffic, not just traffic for/from itself
• NIC must support
• Need privilege (e.g. root in Linux)
28. wireshark
• Created as tool to examine network problems in
1997
• Various contributors added pieces; released 1998
• Name change (2007): ethereal -> wireshark
• Works with other packet filter formats
• Information
• http://www.wireshark.org
• Demonstration
29. Using wireshark
• Ubuntu – Applications / Internet / Wireshark (as root)
• Enter your administrative account pw: user
• Capture/Interfaces/eth0:, Start
• Capture window shows accumulated totals for different
types of packets
• Stop – packets now displayed
• Top window – packet summary
• Can sort by column – source, destination, protocol are useful
• Middle window – packet breakdown
• Click on + icons for detail at each packet level
• Bottom window – packet content
30. Wireshark capture analysis
• Can save a session to a capture file
• Can reopen file later for further analysis
• Open capture file
• Ubuntu: /home/user/Support/MOBILEcapture.cap
• W2K3: C:SupportMOBILEcapture.cap
• Identify and follow different TCP streams
• Select TCP packet, Analyze/Follow TCP Stream
• MOBILEcapture.cap has http, https, ftp, ssh streams
• Any interesting information out there?
• HINT: follow stream on an ftp packet
31. Related Tool
• Hunt
• TCP sniffer
• Watch and reset connections
• Hijack sessions
• Spoof MAC address
• Spoof DNS name
33. Summary
• Basic tools can generate much information
• Remember principle of accumulating
information
• Attacker will build on smaller pieces to get bigger
pieces
• Message to defenders: don’t give away any
information if you can avoid it