Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- N e t w o r k S e c u r i t y
- Network security is the protection a network and deals with maintaining the integrity of network, Hacking/network Pentesting/Cybersecurity boils down to CIA triad i.e maintaining the Confidentiality, Integrity, Availability , Similarly we have to create and maintain a secure network.
- Network Scanning
- __________________
- The first step of hacking is information gathering so whether you are hacking into a network or Pentesting a network or performing security audit on a network there are some basic thing that you need to know
- ->allocate ips
- -> mac address
- -> Host name
- 1. Normal Information Gathering
- 2. Advance / Intelligent Information Gathering
- 1.Normal Information Gathering
- _____________________________________
- In normal information gathering we only get very limited data.
- IP address
- Mac Address
- Vendor address
- Host name
- _______________
- Tools
- net discover
- arp-scan --local
- _________________
- 2. Advance / Intelligent Information Gathering
- ______________________________________________
- In this type of information gathering we try find very granular information about network and host on the network
- Ip address
- Port number
- services
- service version
- os
- Os version
- For this we have a tool called NMAP -> NETWORK MAPPER
- nmap -h
- nmap -O 10.211.55.0/24
- nmap -sC -sS -sV 10.211.55.0/24
- sC scripts
- sS TCP/Sync services
- sV version
- _______________________________________________________________
- Network Attacks
- ---------------
- MiTM --> Man In The Middle Attack
- An intruder is listening and seeing (sniffing and spoofing) the data transmitted over by the user. In other words, The attacker is standing between the two nodes of the communication, all the data is going through the attacker's device.
- Free WiFi
- --> CCD
- --> Railway Station
- --> Star Bucks
- --> Costa Cafe
- --> Barista
- --> Subway
- Suppose, there is an intruder in the free wifi, and he is seeing all the data you are transmitting over the network.
- Username
- Passwords
- _________________________________________________________________
- ARP -> Address Resolution Protocol
- Protocol used to map ip address and mac
- ARP Poisoning -> Hacker tries to poison the cache of the victim machine with forged http request and reply packets
- Ettercap ---> It is a tool which is used for performing MiTM and ARP Poisioning attack in the network. It is pre-installed in Kali Linux.
- Attack
- ======
- 1. Information Gathering
- #arp-scan --local
- 2. Start Ettercap
- #ettercap -G
- G ---> Graphical Version
- Start MiTM Attack
- 1. Goto "Sniff"
- 2. Click on "Unified Sniffing"
- 3. Select the interface ---> eth0
- 4. Goto on "Hosts"
- 5. Click on "Scan For Hosts"
- 6. Goto on "Hosts"
- 7. Click on "Hosts List"
- 192.168.228.137 ---> Target
- Router --> Default Gateway
- #route -n
- 192.168.228.2
- 8. Select default gateway --> 192.168.228.2 ---> Click on "Add To Target 1"
- 9. Select the Target IP Address --> 192.168.228.137 Click on "Add To Target 2"
- 10. Goto "MiTM"
- 11. Click on "ARP Poisioning"
- 12. Check on "Sniff Remote Connections" and click on "OK"
- 13. Goto "Start"
- 14. Click on "Start Sniffing"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement