CEHv8 BOOTCAMP: MODULE 03-SCANNING NETWORKS_SET-4 Flashcards

1
Q

Describe Super Network Tunnel.

A

A 2-way http tunnel software connecting 2 computers that works like VPN tunneling but uses HTTP protocol to establish a connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe HTTP-Tunnel.

A

Acts as a socks server, allowing you to use your Internet applications safely despite restrictive firewalls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is SOCKet Secure (SOCKS)?

A

An internet protocol that routes network packets between a client and server through a proxy server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What do attackers use OpenSSH for?

A

To encrypt and tunnel all traffic from a local machine to a remote machine to avoid detection by perimeter security controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does Bitvise provide?

A

Secure remote login capabilities to windows workstations and servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe an Anonymizers.

A
  • Removes all identifying information from the user’s computer while the user surfs the internet.
  • Make activity on the Internet untraceable.
  • Tools that allow you to bypass Internet censored websites.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are 4 reasons to use anonymizers?

A
  • Privacy and anonymity.
  • Protects from online attacks.
  • Access restricted content.
  • Bypass IDS and Firewall rules.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are 2 tools for Censorship Circumvention?

A
  • Your-Freedom

* Psiphon

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Psiphon?

A

A censorship circumvention system that allows users to bypass firewalls and access blocked sites in countries where the internet is censored.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does IP spoofing refer to?

A

The procedure of an attacker changing his or her IP address so that he or she appears to be someone else.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What happens when a victim responds to a spoofed IP?

A

It goes back to the spoofed address and not the attacker’s real address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are 3 IP Spoofing detection techniques?

A
  • Direct TTL Probes
  • IP Identification Number
  • TCP Flow Control Method
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe Direct TTL Probes.

A
  • Send packet to host of suspect spoofed packet that triggers reply and compare TTL with suspect packet; if the TTL in the reply is not the same as the packet being checked, it is a spoofed packet.
  • This technique is successful when attacker is in different subnet from victim.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Describe IP Identification Number.

A
  • Send probe to host of suspect spoofed traffic that triggers reply and compare IP ID with suspect traffic.
  • If IP IDs are not in the near value of packet being checked, suspect traffic is spoofed.
  • This technique is successful even if the attacker is in the same subnet.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe the TCP Flow Control Method.

A
  • Attackers sending spoofed TCP packets, will not receive the target’s SYN-ACK packets.
  • Attackers cannot therefore be responsive to change in the congestion window size.
  • When received traffic continues after a window size is exhausted, most probably the packets are spoofed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are some IP Spoofing Countermeasures?

A
  • Limit access to configuration information on a machine
  • Do not rely on IP-based authentication
  • Use random initial sequence numbers
  • Strictly filter use of ICMP
  • Ingress Filtering – Use router filters to prevent packets from entering your network
  • Reduce TTLs in TCP/IP requests
  • Egress Filtering – Use filters to prevent packets from leaving your network
  • Block private or unauthorized IP addresses using access control lists
  • Encrypt all network traffic
  • Use multiple firewalls providing multi-layered depth of protection
17
Q

What is Scanning Pen Testing?

A

A method to determine the network’s security posture by identifying live systems, discovering open ports, associating services and grabbing system banners to simulate a network hacking attempt

18
Q

What are 5 things that penetration testing reports will help a system administrator to do?

A
  • Close unused ports
  • Disable unnecessary services
  • Hide or customize banners
  • Troubleshoot service configuration errors
  • Calibrate firewall rules
19
Q

What is the first step in Scanning Pen Testing?

A

Perform host discovery

20
Q

What is the last step in Scanning Pen Testing?

A

Document all findings