Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5211.001 Week 7 Site:

Published byClementine Wilcox Modified over 9 years ago

Similar presentations

Presentation on theme: "MIS 5211.001 Week 7 Site:"— Presentation transcript:

1 MIS 5211.001 Week 7 Site: http://community.mis.temple.edu/mis5211sec001f14/ http://community.mis.temple.edu/mis5211sec001f14/

2  Mid-Term  In the news  NetCat 2MIS 5211.001

3  Submitted  http://www.cnet.com/news/at-t-warns-1600- customers-of-data-breach/ http://www.cnet.com/news/at-t-warns-1600- customers-of-data-breach/ 3MIS 5211.001

4  What I noted  http://www.securityweek.com/hackers-compromised- yahoo-servers-using-shellshock-bug http://www.securityweek.com/hackers-compromised- yahoo-servers-using-shellshock-bug  http://www.datacenterdynamics.com/focus/archive/20 14/10/stromasys-emulates-legacy-hardware-cloud http://www.datacenterdynamics.com/focus/archive/20 14/10/stromasys-emulates-legacy-hardware-cloud  http://the-digital-reader.com/2014/10/06/adobe- spying-users-collecting-data-ebook-libraries/#.VDS- f3l0yUl http://the-digital-reader.com/2014/10/06/adobe- spying-users-collecting-data-ebook-libraries/#.VDS- f3l0yUl  http://krebsonsecurity.com/2014/10/huge-data-leak-at- largest-u-s-bond-insurer/ http://krebsonsecurity.com/2014/10/huge-data-leak-at- largest-u-s-bond-insurer/  http://www.dailydot.com/politics/gmail-tor-lockout- problem/ http://www.dailydot.com/politics/gmail-tor-lockout- problem/ MIS 5211.0014

5  Netcat is a utility used by Penetration Tester and Hackers to establish network connections over UDP or TCP.  Takes “Standard In”, and sends it across the network as data  Receives network data and puts it on “Standard Out”  Messages from netcat itself go on “Standard Error” MIS 5211.0015

6  These are terms from programming that refer to expected streams in software  As an example  stdin would be the keyboard  Stdout would be the screen  Stderror may be dropped or sent to logging MIS 5211.0016 From: http://en.wikipedia.org/wiki/Standard_str eams#Standard_error_.28stderr.29 http://en.wikipedia.org/wiki/Standard_str eams#Standard_error_.28stderr.29

7  In Linux netcat is typically installed and can be activate simply by typing “nc” at the command line  In Windows, the file is not installed  A version can be downloaded from:  http://nmap.org/ncat/ http://nmap.org/ncat/  Once downloaded and extracted type “ncat” at the command line to get started  Note – AV will likely automatically remove it MIS 5211.0017

8 8

9  Basic format is  Send  $nc [Target IP] [Remote Port]  Receive  $nc [flag(s)] [Local Port]  Assumes TCP unless –u flag is set forcing to UDP  Link to SANS Cheat Sheet  URL: http://www.sans.org/security- resources/sec560/netcat_cheat_sheet_v1.pdfhttp://www.sans.org/security- resources/sec560/netcat_cheat_sheet_v1.pdf MIS 5211.0019

10  So, netcat can send what I type to another machine. So what!  The pipe commands “|”, “>”, and “<“ let you do more interesting things  For example, transfer a file between systems  $nc –l –p [Local Port] > [Out File]  Listen on local port and store result in file  $nc –w3 [TargetIP] [Port] < [In File]  Push file to target IP on port  See SANS Cheat Sheet on previous page for more examples MIS 5211.00110

11  You can even use netcat as a simple port scanner  Example  $nc –v –n –z –w1 [Target IP] [Starting Port] – [Ending Port]  Systematically attempts to connect on each port within the defined range  Note:  -v – Verbose  -n – Do not resolve names  -z – Do not send data  -w1 – Wait no more then one second to connect MIS 5211.00111

12  2 nd formal assignment  From Syllabus  (student presentations) (student presentations) Scanning exercise targeted against only systems you personally own, develop a profile of the targeted machine or machines. You may work in teams, or separately  One to two page Executive Summary  Short (no more then three slides, no welcome slide) presentation  See “Exercise Analysis” tab for more details MIS 5211.00112

13  Readings and Articles as usual  We will be covering  Social Engineering  Encoding  Encryption MIS 5211.00113

14 ? MIS 5211.00114

Download ppt "MIS 5211.001 Week 7 Site:"

Similar presentations

Secure File Transfer Protocol (SFTP) With Secure Copy (SC) What is a Secure File Transfer Protocol with Secure Copy???

Secure File Transfer Protocol (SFTP) With Secure Copy (SC) What is a Secure File Transfer Protocol with Secure Copy???
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
USC’s Internet-based Time and Attendance Management System.

USC’s Internet-based Time and Attendance Management System.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
A common error that appears on the copier’s screen is seen here when a scan to Sharpdesk is not sent to the computer successfully. This guide intends to.

A common error that appears on the copier’s screen is seen here when a scan to Sharpdesk is not sent to the computer successfully. This guide intends to.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 

1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING
Penetration Testing Training Day Capture the Flag Training.

Penetration Testing Training Day Capture the Flag Training.
Agenda  Terminal Handling in Unix File Descriptors Opening/Assigning & Closing Sockets Types of Sockets – Internal(Local) vs. Network(Internet) Programming.

Agenda  Terminal Handling in Unix File Descriptors Opening/Assigning & Closing Sockets Types of Sockets – Internal(Local) vs. Network(Internet) Programming.
1 Web Server Administration Chapter 9 Extending the Web Environment.

1 Web Server Administration Chapter 9 Extending the Web Environment.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.

1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
MIS 5212.001 Week 5 Site:

MIS Week 5 Site:
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.
XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.

XHTML Introductory1 Linking and Publishing Basic Web Pages Chapter 3.

Similar presentations

Ads by Google