ctc228 nov 16 2015. today... catching up with group projects urls and dns nmap review for test
TRANSCRIPT
![Page 1: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/1.jpg)
CTC228
Nov 16 2015
![Page 2: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/2.jpg)
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
![Page 3: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/3.jpg)
Chap 8 Group project
Research ESXi and explain how it is different from Vmware Workstation.
![Page 4: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/4.jpg)
Nov 2 Group project
Answer the following questions: 1. Explain the difference between SSH and Telnet. What are they
used for? Which one is preferable? Why? 2. Imagine you are the administrator of a network for a major movie
studio. Your network is designed to be used only for FTP. Lately, the file transfers have been running slowly. You examine the logs and see lots of connections to outside IP addresses on port 80 and 443. What is happening? Why is the network running slowly?
3. What type of hypervisor is Vmware Workstation? What type of hypervisor is Virtualbox? Why?
BONUS QUESTION: SSH uses TCP port 22. Would it be a good idea if SSH used UDP instead? Why or why not?
![Page 5: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/5.jpg)
Group project Nov 4
1. You are in charge of building a network for your company. There are 500 employees that need to share many large files internally but very rarely need to connect to the Internet. What can you do to avoid having to pay for 500 separate Internet connections? How/Why does your solution work? 2. Your company network is slowing down because all the employees
are using Facebook and YouTube at work. What device can you install on the network to block this? Describe how you will configure this device.
BONUS QUESTION: If you are on a Linux system and have only READ access to a file that contains executable code you want to run, is there any way you can run the code in the file? If yes, how? If no, why not?
![Page 6: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/6.jpg)
Nov 9 Group projects
1. There is a school policy that says all students must do their own homework and cannot share work. Alice completes her homework and stores it on a class computer in her private directory. Bob uses the class computer and notices he is able to read Alice's files. Bob copies Alice's homework into his own directory. Since Bob was able to copy the file, was there a breach of the policy? Why or why not?
Bonus question: Would ARP spoofing work across the Internet? Could a remote attacker create a MITM situation between your home computer and your home router? Why or why not?
![Page 7: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/7.jpg)
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
![Page 8: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/8.jpg)
Important Distinction
What is the difference between the Internet and the world wide web (a.k.a. “the web”)?
The world wide web (delivered over HTTP) is just one possible service that can be run over the Internet
![Page 9: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/9.jpg)
Chap 8: HTTP Client
![Page 10: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/10.jpg)
Structure of a URL (a.k.a. “web address”)
Protocol://host/path
Example http://www.cheese.com/feta/
http://www.insecure.org/index.html
By default, a file called “index.html” is usually loaded
But the Internet uses IP addresses, so how is a URL converted to an IP address?
![Page 11: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/11.jpg)
Answer: the Domain Name System
![Page 12: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/12.jpg)
Today...
Catching up with group projects
URLs and DNS
Nmap
Review for Test
![Page 13: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/13.jpg)
Nmap, my favorite network tool
Stands for “Network Mapper”
Scans TCP/UDP ports on computers
Can determine OS, versions, vulnerabilities, etc.
By default nmap scans 1000 most common TCP ports
![Page 14: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/14.jpg)
...but you can still get in trouble.
![Page 15: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/15.jpg)
How nmap scans
![Page 16: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/16.jpg)
![Page 17: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/17.jpg)
Basic nmap
![Page 18: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/18.jpg)
Nmap with options
![Page 19: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/19.jpg)
Nmap's GUI is called
Zenmap
![Page 20: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/20.jpg)
What can we tell about this guy?
![Page 21: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/21.jpg)
Nmap can do UDP too
![Page 22: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/22.jpg)
UDP not listening on a port
![Page 23: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/23.jpg)
UDP open|filtered on a port
![Page 24: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/24.jpg)
Today...
Catching up with group projects
URLs and DNS
Nmap
Break, then
Review for Test
![Page 25: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/25.jpg)
Virtual machine hypervisors
![Page 26: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/26.jpg)
TCP and UDP port assignments
0 – 1023: Well-known ports
Reserved for specific uses
1024 – 49151 : Registered ports
Registered for specific purposes
49152 – 65535: Ephemeral ports
Dynamically allocated
![Page 27: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/27.jpg)
Common TCP and UDP Ports
22 (TCP)– SSH
23 (TCP)– Telnet
53 (UDP) – DNS
80 (TCP) – HTTP
443 (TCP) – HTTPS
![Page 28: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/28.jpg)
Firewalls
Limit inbound/outbound traffic based on rules Rules usually based on IP addresses and ports
Can be host-based or network-based Originally just “packet filters” Later came “stateful” firewalls Modern ones can be “application” level ...
![Page 29: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/29.jpg)
Chapter 10: Security Policies *
A policy is a human-language document that describes who can access what. In order to write it, you need to know:
WHAT you are trying to protect WHO you are trying to protect it from
Notice we don't mention specifically HOW STUFF WILL BE PROTECTED in the policy
A mechanism is something that enforces a policy
![Page 30: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/30.jpg)
Symmetric Key
![Page 31: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/31.jpg)
Asymmetric Key (a.k.a. public key cryptography)
![Page 32: CTC228 Nov 16 2015. Today... Catching up with group projects URLs and DNS Nmap Review for Test](https://reader033.vdocuments.us/reader033/viewer/2022051418/5697c00c1a28abf838cc8f35/html5/thumbnails/32.jpg)
MITM: A better diagram