Lecture 5: 1st October 2019 Flashcards Preview

CS4203 Computer Security > Lecture 5: 1st October 2019 > Flashcards

Flashcards in Lecture 5: 1st October 2019 Deck (14)
Loading flashcards...

What are the first 3 phases of pentesting?

footprinting, scanning, and enumeration.


What is footprinting aka?

Information gathering


What are some tools you can use for footprinting?

web archive, search engines, NSLookup, whois, social engineering, census/electoral records, etc


What does nmap do?

scans target systems to find their architecture


How can you detect sniffing?

analyze incoming IP connections; many from one IP address are likely to be scanning/sniffing


Why would you want to telnet or SSH into an open port?

You can take root access and manipulate the remote host to accomplish your malicious goals


What does dig do?

Looks up DNS records for a specified domain.


What does NSLookup do?

Looks up DNS records for a specified domain.


What info can be gathered when footprinting?

Contact info, file links, source code, news or press releases, physical locations and bus routes or transport services, personal info, etc


What are some resources which you can use for footprinting?

nmap, ping, host, dig, nslookup, google, Wikipedia, google maps, dsniff, shodan, census sites, web archive


What is footprinting?

Using system calls or simple tools to find out very basic information about users or systems. This is an information-gathering phase for both pentesters and hackers.


What is scanning?

Using automated programs to discover more about the architecture of the target's systems.


What is enumeration?

The process of extracting user names, machine names, network resources, shares and services from a system, using an active connection, in order to find vulnerabilities.


What is IP sniffing?

The interception and reading of IP packets on a network by a malicious third party.