Lecture 5: 1st October 2019 Flashcards Preview

CS4203 Computer Security > Lecture 5: 1st October 2019 > Flashcards

Flashcards in Lecture 5: 1st October 2019 Deck (14)
Loading flashcards...
1
Q

What are the first 3 phases of pentesting?

A

footprinting, scanning, and enumeration.

2
Q

What is footprinting aka?

A

Information gathering

3
Q

What are some tools you can use for footprinting?

A

web archive, search engines, NSLookup, whois, social engineering, census/electoral records, etc

4
Q

What does nmap do?

A

scans target systems to find their architecture

5
Q

How can you detect sniffing?

A

analyze incoming IP connections; many from one IP address are likely to be scanning/sniffing

6
Q

Why would you want to telnet or SSH into an open port?

A

You can take root access and manipulate the remote host to accomplish your malicious goals

7
Q

What does dig do?

A

Looks up DNS records for a specified domain.

8
Q

What does NSLookup do?

A

Looks up DNS records for a specified domain.

9
Q

What info can be gathered when footprinting?

A

Contact info, file links, source code, news or press releases, physical locations and bus routes or transport services, personal info, etc

10
Q

What are some resources which you can use for footprinting?

A

nmap, ping, host, dig, nslookup, google, Wikipedia, google maps, dsniff, shodan, census sites, web archive

11
Q

What is footprinting?

A

Using system calls or simple tools to find out very basic information about users or systems. This is an information-gathering phase for both pentesters and hackers.

12
Q

What is scanning?

A

Using automated programs to discover more about the architecture of the target’s systems.

13
Q

What is enumeration?

A

The process of extracting user names, machine names, network resources, shares and services from a system, using an active connection, in order to find vulnerabilities.

14
Q

What is IP sniffing?

A

The interception and reading of IP packets on a network by a malicious third party.