CCSA# 7

Network hacking & security

Disclaimer:

Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/Instructor do not support/promote hacking. For more details, head to our t&c page.

Network footprinting

Refers to the process of collecting as much information as possible about the target network to find ways to penetrate into the system

An Ethical hacker has to spend the majority of his time profiling an organization, gathering information about the host, network and people related to the organization.

Information such as IP address, Whois records, DNS information, an operating system used, employee email id, Phone numbers etc is collected.

footprinting helps to

Know Security Posture – The data gathered will help us to get an overview of the security posture of the company such as details about the presence of a firewall, security configurations of applications etc.

Reduce Attack Area – Can identify a specific range of systems and concentrate on particular targets only. This will greatly reduce the number of systems we are focussing on.

Identify vulnerabilities – we can build an information database containing the vulnerabilities, threats, loopholes available in the system of the target organization.

Draw Network map – helps to draw a network map of the networks in the target organization covering topology, trusted routers, presence of server and other information.

objective of footprinting

Network Footprinting

This is the process of collecting information related to a target network. Information like Domain name, subdomains, network blocks, IP addresses of reachable systems, IDSes running, Rouge websites/private websites, TCP & UDP services running, VPN points, networking protocols, ACL's, etc are collected.

Collect System Information

The information related to the target system like user and group names, system banners, routing tables, SNMP information, system names etc are collected using various methods.

Collect Organization's information

The information related to employee details, organization website, Location details, security policies implemented, the background of the organization may serve as an important piece of information for compromising the security of the target using direct or social engineering attacks.

network sniffing

Network sniffing is a technique 

which allows individuals to capture data as it is transmitted over a network and is used by network professionals to diagnose network issues, and by malicious users to capture unencrypted data, like passwords and usernames.

If this information is captured in transit, a user can gain access to a system or network.

Network sniffing usage & tools

Detection of clear-text credentials

Conversion of data into human readable format

Network performance analysis

Network intrusion detection

Tools: Wireshark

Wireshark is a free and open-source packet analyzer.

It is used for network troubleshooting, analysis, software and communications protocol development, and education.

Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.

Tools for identifying hosts in network: Network scanner

Advance IP Scanner

Reliable and free network scanner to analyse LAN.

The program shows all network devices, gives you access to shared folders, provides remote control of computers (via RDP and Radmin), and can even remotely switch computers off.

Port scanning

A port scan or portscan is a process that sends client requests to a range of server port addresses on a host, with the goal of finding an active port; this is not a nefarious process in and of itself.

The majority of uses of a port scan are not attacks, but rather simple probes to determine services available on a remote machine.

A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

Tools for port scanning and vulnerability detection

Nmap

Nmap (Network Mapper) is a free and open-source network scanner created by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich).

Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection.

These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features.

Nmap can adapt to network conditions including latency and congestion during a scan.

Zenmap is GUI of Nmap.

TCP communication flags

URG

Data contained in the packet should be processed immediately.

FIN

There will be no more transmission.

ACK

Acknowledges the receipt of packet.

RST

Resets a Connection.

PSH

Sends all buffered data immediately.

TCP three-way handshake

That's all for this module!

Click below to get to the Next Module - Introduction to KALI linux


“Life is not fair, get used to it”

-BILL GATES <Microsoft founder>

Disclaimer:

Usage of these information/Data/Tools/Techniques for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. The Computer Joker/Instructor/Owner assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purpose. The Computer Joker/owner/Instructor do not support/promote hacking. For more details, head to our t&c page.

want a training?

Please contact us by filling the form on the right side for:

--> Live One to One Training

--> Course materials (pdf, tools & videos)

--> For any queries/feedback & suggestions.

Social
Contact

hi@thecomputerjoker.com

© copyrighted 2021. All Rights Reserved.