Session Network Security

1. N e t w o r k S e c u r i t y
2.  
3. Network security is the protection a network and deals with maintaining the integrity of network, Hacking/network Pentesting/Cybersecurity boils down to CIA triad i.e maintaining the Confidentiality, Integrity, Availability , Similarly we have to create and maintain a secure network.
4.  
5. Network Scanning
6. __________________
7. The first step of hacking is information gathering so whether you are hacking into a network or Pentesting a network or performing security audit on a network there are some basic thing that you need to know
8. ->allocate ips
9. -> mac address
10. -> Host name
11.  
12. 1. Normal Information Gathering
13. 2. Advance / Intelligent Information Gathering
14.  
15. 1.Normal Information Gathering
16. _____________________________________
17. In normal information gathering we only get very limited data.
18.  
19. IP address
20. Mac Address
21. Vendor address
22. Host name
23.  
24. _______________
25. Tools
26.  
27. net discover
28. arp-scan --local
29. _________________
30.  
31. 2. Advance / Intelligent Information Gathering
32. ______________________________________________
33.  
34. In this type of information gathering we try find very granular information about network and host on the network
35.  
36. Ip address
37. Port number
38. services
39. service version
40. os
41. Os version
42.  
43. For this we have a tool called NMAP -> NETWORK MAPPER
44. nmap -h
45. nmap -O 10.211.55.0/24
46. nmap -sC -sS -sV 10.211.55.0/24
47.  
48. sC scripts
49. sS TCP/Sync services
50. sV version
51.  
52. _______________________________________________________________
53. Network Attacks
54. ---------------
55. MiTM --> Man In The Middle Attack
56. An intruder is listening and seeing (sniffing and spoofing) the data transmitted over by the user. In other words, The attacker is standing between the two nodes of the communication, all the data is going through the attacker's device.
57.  
58. Free WiFi
59. --> CCD
60. --> Railway Station
61. --> Star Bucks
62. --> Costa Cafe
63. --> Barista
64. --> Subway
65. Suppose, there is an intruder in the free wifi, and he is seeing all the data you are transmitting over the network.
66. Username
67. Passwords
68. _________________________________________________________________
69. ARP -> Address Resolution Protocol
70. Protocol used to map ip address and mac
71.  
72. ARP Poisoning -> Hacker tries to poison the cache of the victim machine with forged http request and reply packets
73.  
74.  
75. Ettercap ---> It is a tool which is used for performing MiTM and ARP Poisioning attack in the network. It is pre-installed in Kali Linux.
76.  
77. Attack
78. ======
79.  
80. 1. Information Gathering
81. #arp-scan --local
82.  
83. 2. Start Ettercap
84. #ettercap -G
85. G ---> Graphical Version
86. Start MiTM Attack
87. 1. Goto "Sniff"
88. 2. Click on "Unified Sniffing"
89. 3. Select the interface ---> eth0
90. 4. Goto on "Hosts"
91. 5. Click on "Scan For Hosts"
92. 6. Goto on "Hosts"
93. 7. Click on "Hosts List"
94. 192.168.228.137 ---> Target
95. Router --> Default Gateway
96. #route -n
97. 192.168.228.2
98. 8. Select default gateway --> 192.168.228.2 ---> Click on "Add To Target 1"
99. 9. Select the Target IP Address --> 192.168.228.137 Click on "Add To Target 2"
100. 10. Goto "MiTM"
101. 11. Click on "ARP Poisioning"
102. 12. Check on "Sniff Remote Connections" and click on "OK"
103. 13. Goto "Start"
104. 14. Click on "Start Sniffing"