The phases of an attack
Information gathering, physical and social engineering, locate network range
2. Scanning - Enumerating
Live hosts, access points, accounts and policies, vulnerability assessment
3. Gaining Access
Breech systems, plant malicious code, backdoors
4. Maintaining Access
Rootkits, unpatched systems
5. Clearing Tracks
IDS evasion, log manipulation, decoy traffic
1. Unearth initial information
What/ Who is the target?
2. Locate the network range
What is the attack surface?
3. Ascertain active machines
What hosts are alive?
4. Open ports / access points
How can they be accessed?
5. Detect operating systems
What platform are they?
6. Uncover services on ports
What software can be attacked?
7. Map the network
Tie it all together, document, and form a strategy.
Know the OSI model
| Service protocols
| Data formats
| Authentication, Cryptographic agreements
| Ports, logical service to service connections
| Network to network delivery
| Host to host links, contention
Computer fraud and abuse act
Addresses hacking activities
18 U.S.C. 1029 Possession of Access Devices
18 U.S.C. 1030 Fraud and Related Activity in Conncetion with Computers
Defines legal eMail marketing
Protects vendors monitoring for licence enforcement
DMCA - Digital Milenium Copyright Act
Protects intellectual property
SOX - Sarbanes Oxley
Controls for corporate financial processes GLBA - Gramm-Leech Bliley Act
Controls use of personal financial data HIPPA - Health Imformation Portability and Protection Act Privacy for medical records
FERPA - Family Educational Rights and Privacy Act
Protection for education records
FISMA - Federal Information Security Management Act
Government networks must have security standards
Formula (256^3 * 192) + (256^2 * 168) + (256^1 * 100) + (256^0 * 125) Simplified (16777216 * 192) + (65536 * 168) + (256 * 100) + 125 Simplified again 3221225472 + 11010048 + 25600 + 125 = Answer 3232261245
1st Octet: 3564308997 / (256^3) = 212 remainder 7539205
3564308997/16777216 = 212 (212*16777216 = (3556769792 – 3564308997) = 7539205 2nd Octet: 7539205 / (256^2) = 115 remainder 2565
3rd Octet: 2565 / (256^1) = 10 remainder 5
4th Octet: 5 / (256^0) = 5 remainder 0
Run it the other way to check: (256^3 * 212) + (256^2 * 115) + (256^1 * 10) + (256^0 * 5) = 3564308997
Cryptography is assumed pre-requisite for this class. Its still a good idea to review some core terminology before the exam.
Terms and Definitions
The data set before encryption
The result of encryption
Attempting to "break" and encryption algorithm Cryptography
Obscuring the meaning of a message Steganography
Hiding a message within another
Ensures different keys are created each time
Change the characteristics of the key each time it is reused
Types of Cryptography
Single key both encrypts and decrypts
A pair of keys, public and private are mathematically associated One encrypts and the other decrypts, private key is always a secret
Cannot be reversed, only brute forced
Used to represent data,
sometimes called "Digital Fingerprint" or "Message Digest".
Symmetric Algorithms Cant verify identity of sender
| 56 bit key used in LM Hash password storage
| 128 bit key used in NTLMUsed in WEP 64bit block, 448 bit key Used in WPA2
| Asymmetric Algorithms
| Used in SSL/TLSUsed in TLS for portable devices
| One-Way Hashes
| One Way HashOne Way Hash
| 128b hash value, used for...
Please join StudyMode to read the full document