Network Security Related terminology you must know

Here in this article i am including the important terminology we need to know if we are working as a system engineer ,network engineer,system administrator whether Linux or Windows admin didn't matter.Here i will provide you the complete list of terms we need to know in networking or system admin field.Here in this tutorial i have discussed about various topics like pap,chap,asynchronous,,Tokens,throughput,RADIUS SERVER,TACACS,AAA,Data owner,subject,object,baseline,policies,procedures,standard,guideline,ARO,SLE etc




Risk = Threat * Vulnerability


If we consider the topi regarding IT sector then Risk consists of these two important thing Threat and Vulnerability.where there is no Threat there is no risk.If there is Vulnerability in your system or Network and there is also threat of attack then risk is multiple effect of vulnerability.


ALE = Annualized Loss Expectancy


This is an important terminology and every IT company have almost a separate department to handle ALE.

AV = Asset Value


If you have a little knowledge off commerce field you can easily understand what asset value is.In short you understand it is a type of business valuation.


EF 

EF means Exposure Factor - % of value lost


SLE 

SLE stand for Single Loss Expectancy, the cost of a single loss.


ARO 

ARO stands for  Annual Rate of Occurrence (number of losses)


TCO 

 Total Cost of Ownership combining upfront costs and annual costs of maintenance

POLICIES:


Policies are high-level management directives that don't go into specifics.

PROCEDURES:


Procedures are step-by-step guides for accomplishing a task

Standard: 

describes specific use of technology

Guideline: 

recommendations (discretionary)

Baseline:

 uniform ways of implementing a safeguard

Data Owner 

management employee responsible for ensuring protection of specific data

AAA 

Authentication, Authorization, and Accountability


Least privilege

 says minimum amount required to do.
 privileges are defined in every level whether it os operating system based or networking based.
operating system have several users created on privilege based. Administrator user have   highest privilege than other and Guest user have least privileges than others.In Linux root have highest privilege.
In network deices like Routers and switches also have different privilege levels.

Need to know is more granular

Subject 

 active entity on a data system

Object 

As we are here talking about computer and network system.In IT Sector or in computer field or networking department by saying OBJECT we mean passive data within the system.


Discretionary 

Discretionary mean full control of objects they have access to


Mandatory 

mandatory means system-enforced based on labels


RBAC 

role based, non-discretionary

Task-based = another non-discretionary method


RADIUS 

 Uses UDP 1812 and 1813. AAA system.
RADIUS request and response data is carried in
8-bit AVPs (Attritbute Value Pairs)

Diameter 

RADIUS' successor with more accountability and a 32-bit AVP field.


TACACS 

Tacacs is used for authentication and autheriation.
It is a centralized access control system that uses UDP port 49 and may use TCP

PAP and CHAP 

PAP stands for password authentication protocol and CHAP stands for challenged handshake authentication protocol.both used PPP connection.

You can READ:PAP Configuration Tutorial on cisco Router.

You can READ: CHAP Configuration on Cisco router.


PAP is plaintext so not so secure, while CHAP uses three way handshake. so chap is  better than pap.


Objects have labels, and you have to have clearance to see them.

Synchronous Dynamic Tokens 

While talking about Synchronous Dynamic Tokens one must know that it't refresh every 60 seconds. Use time or counters to synchronize a code with the AS.

Asynchronous Tokens 

 It is little different from Synchronous Dynamic Tokens and is not synchronized with central server. Challenge-response.


Throughput 

 As we all know it is the most important point for any company institute or organiation and that is throughput. It is actually the biometric system response time.

make windows7/8/10 usb bootable using windows command promt

Suppose you dont't have DVD writter in your Laptop or PC and you want to install Windows operating system in your laptop or PC or you just want to format your laptop just to increase the performance of your laptop or PC.Then you need to know how to use a usb device to format your pc or laptop and how to install windows7 windows8 or window10 using USB Device. Once you learn how to install windows7/8/10 inside your laptop or PC from usb device you dont need DVD writter.

In this tutorial we will learn how to make a usb device windows7 or windows8/10 usb bootable using windows command promt.We don't need any third party software to make usb bootable.
If you want to learn all the steps just follow the video and watch it till end and you will learn it in very simple way. If by chance you face any problem even after watching video or you not able to boot your usb device you can ask me here or on my YouTube channel through comment section.I will love to answer your question and if you have any suggestion feel free to share with me.

arp spoofing and cache poison attack demonstartion project for computer science students(B.Tech/BCA/MCA/M.tech)

ARP Spoofing and cache poison attack demonstration Project and Future Scope.This is subject of ethical hacking and cyber security.So anyone including computer science students interested in ethical hacking field or cyber security then this tutorial is for you.In this article i will guide you to create an ethical hacking project whose name is "ARP SPOOFING and CACHE POISON ATTACK".

Before i start explaining this project I love to inform you that you must have basic idea of networking and Linux before working on this project.



What actually ARP SPOOFING is?


ARP spoofing is a type of security attack in which the attacker spoofs the ARP reply packet sent to a destination address with its own mac-address.


AIM OF THIS PROJECT:


 The project aims to demonstrate the concept of ARP spoofing, where the ARP cache of Windows XP is poisoned with the attacker mac-address for a specific system on the network.

Hardware and Software Requirement for this Project:



1.Three PC (Ubuntu and Windows XP, Windows7/8)


Either you need three different Computers one having windows xp installed ,second pc have Windows7 or Windows 8 Installed and third PC have Ubuntu Linux installed.
I suggest you to use a virtualization software like Oracle VirtualBox or Vmware Workstation.
And then install all these three operating system inside them and configure virtual box networking between them so that they can communicate with each other.


2.Scapy and Python (Free download )


Install Scapy and Python tool.remember these are free tools and are easily available on internet.


3.Switch 


If you are using three different PC then you need a SWITCH.If you are using Virtualization software it will be better to user your home wi-fi network.

4.Network cables
If you are using wi-fi network you don't need any network cables.But if you are using switch then you need three straight cable to connect computers with switch so that all pc can communicate with each other.


Project Report Contents:


1. Project Scope



2. Hardware and Software.



3. Lab topology with IP network design



4. Software installation



5. Steps to execute with code and script.



6. Verification with Screenshots.

Active and Passive FTP Design and Security analysis Project For Computer Science Student

If you are a computer science student or studying B.E/B.tech/MCA this could be summer internship seminar topic or your Minor or Major Projects. Our Project Topic is  "Active and Passive FTP Design and Security analysis".Here i will only give the Abstract i mean basic idea of project and not the complete Project Code.


This is a Security Analysis Project and this project does a detailed analysis of the two different types of the FTP protocol, Active and Passive.I hope you better know about active and passive FTP Protocol and if not keep visiting my blog i will soon post on ftp active and passive ftp protocol.



 The design of the protocols:


The design of this project  include the TCP connection establishment on the respective ports,
are verified using live practical analysis with wireshark protocol analyzer tool.You can easily finnd wireshark tool for any linux operating system or even windows operating systems.

 The different types of security vulnerabilities and attacks:

This projcet is targeted security loopholes and attacks on FTP based application are understood.

Lab setup For This Project:


I have mentioned in detail the complete lab setup you need to perform this project.
A lab setup topology with appropriate instructions is provided for practical experiment.

What your Project Report Contents?


1. Basic FTP Server and FTP Client Design with Detail Diagram.

In this section you have to Design a flowchart diagram showing FTP Server and FTP Clients.
Your FTP Server will be a Linux Machine.You can configure vsftpd Server on your Ubuntu Linux or You can Configure ProFTPD Server on Ubuntu Linux. You can also configure ftp server on your RHEL machine.


2. FTP Types (Active and Passive)

Here you have to mention the difference between ACTIVE AND PASSIVE FTP with few examples.

3.Brief Wireshark analysis of Active FTP with detail explanation on capture file

Use Wireshark Tool and using wireshark tool capture the Active FTP Files and write a detail analysis on file captured.


4. Brief Wireshark analysis of Passive FTP with  detail explanation on capture file.

While capturing Passive FTP data don't forget to write its analysis report.


5. Show FTP loopholes and Mitigation

Mention the loopholes you find in detail.

6.Show different methods of  FTP attacks

Here in this section you have to show the different attacks methods you have used in this Project.


7. Software and Hardware Requirement

you just need a laptop or a pc with good configuration.
You need a virtualization software like Oracle Virtualox or Vmware Workstation.
You need Linux operating system like ubuntu,redhat Enterprise Linux or Kali Linux

8. Lab Setup for Live capture with wireshark

You have three Operating System installed in your Virtualbox.
One os will be your Linux Server configured with FTP.
Another OS will be your windows or Linux Client Machine.
3rd os will be your ubuntu linux Machine or Redhat Linux Machine with wireshark tool installed.
Dont forget o configure internal networking between these all three os.And also configure or enable bridge option in network setting in virtualbox.

command line password protection of a file in Linux using vi and vim editor


This tutorial is all about how to assign password to a file in Linux without using any software,just by using vi editor or vim editor. We will learn how to provide password protection to a file in Linux machine using vi editor or vim editor.We will learn all the methods of password protection using vim and vi editor using command line , not only that but we will also learn how to change password of a file in Linux using vim editor and we will also see how to remove password from a file.






Method 1: #vim -x filename


This method is very easy to implement. i have shown this method in video,so watch video carefully.

Method 2: Vim filename


:X

In this method we will use capital X before saving file to assign password.watch it carefully in video.


Method 3: # vim fiename

:set key=password123

I have also included this method in video.You can learn all above method easily by just watching this video.
If you still have any doubts you can ask me through comment section either on my YouTube channel or here.

Different methods to find your public ip address using cli in linux

Whether you are network engineer or a Linux System Administrator doesn't matter you always need to know the public ip address of your network , Private ip address of any Linux machine can be easily seen using ifconfig command line tool or show ip address command but when it comes to find the public ip address it sometimes become very difficult situation if you are using a Linux operating system and you are using cli mode of linux.
THIS TUTORIAL IS ALL ABOUT HOW TO FIND PUBLIC IP ADDRESS IN LINUX MACHINE.I HAVE INCLUDED APPROX ALL THE DIFFERENT COMMAND LINE TOOL OR METHODS TO SEE THE PUBLIC IP ADDRESS USING CLI IN LINUX.
Subscribe to: Posts (Atom)

100 Web Vulnerabilities you should know as a Web application Penetration Tester

100 Web Vulnerabilities you should know as a Web application Penetration Tester If you are working as web application penetration testing en...