4.1 Tool to assess organizational security Flashcards
Reconnaissance tools: what is traceroute ?
Network diagnostic tool that helps determine the path packets take from a source to a destination. It is primarily used for troubleshooting network connectivity issues, identifying network bottlenecks, and understanding the path taken by packets.
Use Traceroute when you want to trace the path packets take from a source to a destination, identify network hops, measure round-trip times, and troubleshoot network connectivity issues.
Reconnaissance tools: what are the commands in Linux & Windows to traceroute a packet ?
- Windows: tracert
- Linux: traceroute
Reconnaissance tools: what is the mechanics of traceroute (how does it work)?
Takes advantage of ICMP Time to Live (TTL) exceeded error message.
Ex: TTL=1 is the first router, TTL=2 is the second router etc
Reconnaissance tools: what nslookup command for ?
Command-line tool available on many operating systems for querying DNS servers and performing basic DNS lookups. It allows users to manually query DNS servers and retrieve information about domain names, IP addresses, name servers, and other DNS records. Nslookup is commonly used for simple DNS troubleshooting, verifying DNS resolution, and checking DNS configurations. However, its feature set is relatively limited compared to Dig. In recent years, the functionality of nslookup has been largely superseded by more advanced tools like Dig.
Reconnaissance tools: what ipconfig and ifconfig command for ?
Determine IP and network information
- ipconfig: windows
- ifconfig: linux
Reconnaissance tools: what ping command for ?
Test reachability of an IP
Reconnaissance tools: what pathping command for ?
Combines the functionalities of ping and traceroute. It is a Windows-specific command-line utility that measures packet loss, round-trip times, and other network performance metrics. Use PathPing when you need a combination of Ping and Traceroute functionalities. It provides information about latency and packet loss at each hop along the network path, making it useful for diagnosing intermittent connectivity issues and identifying network segments with performance problems.
Reconnaissance tools: what netstat command for ?
It stands for network statistics and show network status and protocol statistics:
- netstat -a: show all active connection
- netstat -b: show binaries (windows)
- netstat -n: do not resolve names
Reconnaissance tools: what is ARP ?
Address Resolution Protocol determine a MAC address based on an IP address (you need the hardware address to communicate)
Reconnaissance tools: is there a command to see MAC address ?
Using the arp command:
- arp -a: view local ARP table
Reconnaissance tools: what curl command for ?
It stands for Client URL and allow to grab the raw data (html) from a websites and display it
Reconnaissance tools: why using curl command ?
To be able to see the source code of a website and search through it
Reconnaissance tools: what is hping ?
Command-line network tool known for packet crafting, network scanning, and testing. It allows you to craft and send customized packets with specific characteristics, such as source and destination IP addresses, ports, protocols, flags, and payloads.
Use Hping when you require advanced network scanning, port scanning, or packet manipulation capabilities for network testing, security assessments, or troubleshooting purposes.
Reconnaissance tools: what is nmap ?
It stands for network mapper. It can port scan, discover OS, service scan, can use script
Reconnaissance tools: what is OSINT ?
OSINT skills are the abilities and knowledge necessary to collect, analyze, and use information from open sources for various purposes.
Ex of OSINT tool: theHarvester