07 Flashcards
_____ is a print sharing protocol used by legacy systems. What three services does it provide?
NetBios
Name Service
Datagram Service
Session Service
________ allows a program running on one computer to seamlessly execute code on a remote system .
This is a ________ layer protocol
port _________
What are its 4 main vulnerabilities?
RPC
session
TCP 135
endpoint mapper promiscuity
DoS
Service specific attacks
Escalation of privileges
NetBIOS ___________ is used for name resolution and registration, identify resources on a network and are used by applications to start and stop sessions.
port ________
Name Service
UDP 137
Within NetBIOS Namer service, what do the first 15 bits represent?
the 16th byte? What are the three things of this?
underneath Type what does UNIQUE/GROUP mean?
Computername
Server Service
<00> workstation service (windows machine can act as a workstation)
<20> Server service (Windows machine can act as a server)
<30>message service, (if theirs two of these the one with the username is the currently logged on user)
Unique tells me this is the registered to one host
Group tells me this is registered to multiple hosts
NetBios __________ is used for browser and messenger services
port _________
What server service is this identified under?
Datagram service
UDP 138
<03>
NetBios ___________ is primarily used for local network file and print sharing, this makes a session between two machines
port _______
I want this open
Session Service
TCP 139
If I see one of them active on a machine that means that ______ are active
all of them
________ command is a diagnostic tool for NETBIOS over TCP/IP
-options/syntax
________ -__ <__________> Used to show NETBIOS using remote machines computer name
________ -__ <__________> Used to show NETBIOS using ip address on a remote machine
________ -__ <__________> lists local NetBios names
nbstat
nbstat -a
nbstat -A
nbstat -n
________ is an ________ layer protocol used for file and print sharing
port?
what ius the public version of this called?
What is the Linuix version of this called?
SMB Application
TCP 445
Samba
_______ provides file and print sharing services to SMB/CIFS clients and allows for seamless interoperability between *NIX servers and windows clients.
Samba
_________ listens on port ______ and enables connections to a remote system on port ________
unlike telnet this provides a ______ instead of a cli to work from
This is typically only enabled on servers T/F?
RDP 3389 TCP/UDP TCP 3389
GUI
T
___________ is a service that implements the WS-management protocol for remote management using ports ______________
A public standard for remotely exchanging management data with any device that implements the protocol
____ and ____ are dependent on this
Provides a pipe between two machines so that other things can use that road
WinRM
TCP 5985/5986
PS WEF
What are the benefits of PS remoting?
low overhead compared to rdp
scalable
_______________ as a network setting beginning with Windows version 6.0, __________________ enables a computer to locate any device with an ip address
Network Discovery
The _____ command provides information and statistics about protocols in use and current TCP/IP network connections
What are the options you use with it to get the best information?
netstat -an
How do you get help about all the Net commands?
How do you get help with a specific command? Syntax
net help
net help share
The ___________ command shows shared resources on the local machine and also enables a user to create shared resources
_____________ displays local shares, including administrative and hidden
_____________ shares C:\tools directory, naming the share utils
_____________ deletes the share named utils
net share
net share
net share Tools=C:\tools
net share Tools /delete
What are the special shared resources set up for administrative and system use?
________ volumes on a windows system are shared via hidden administrative shares. Requires a privileged account for access
_________ The system Root on Windows systems is shared via administrative shares. Requires a privileged account for access
_________ shares named pipes required for communication between computers and programs
_________ used on active directory domain controllers for sharing domain policies and domain public profiles
DriveLetter$
ADMIN$
IPC$
SYSVOL$
_________ command displays a list of resources being shared on a computer. Lists computers on the domain/network
__________ lists computers in current domain/network
_________/________: <__________> lists computers in another domain/network
________\ <________________> lists public shares on a remote system
how we can see a remote computer’s shares and see computers in the network
net view
net view
net view/domain: <domain></domain>
net view \ <computer></computer>
The _________ command lists sessions, in the form of mapped drives, made from the workstation
___________ displays workstation connections and mapped drives
______________ maps a logical T: drive to UNC which is \ <computer name or IP\share name Including /persistent makes it so we connect at next login
______________ deletes the logical T: drive
net use
net use
net use T: \ Win7\Tools
net use T: /delete
The __________ command lists recorded sessions made to the machine via the local server service
___________ displays connections to the local server service
__________ displays the details of a specific session
net session
net session
net session \Ip address or computer name
The _______ command displays configuration information of the workstation or service
net config
What command lets you see/edit account policies such as pwnlength?
net accounts
