Exam1 Flashcards
Network classification starting numbers
A 1.0.0.0
B 128.0.0.0
C 192.0.0.0
D 224.0.0.0
HTTP Response Status Code
200 Okay 301 Moved permanently 400 Bad Request 404 Not Found 505 HTTP version not supported
Application Layer Protocols and data names
SMTP - simple mail transport pro.
HTTP - hyper text transfer pro.
DNS - domain name server
SNTP - simple network transport pro.
carries message/packets
Transport layer
TCP
UDP
Carries segments
Network Layer
IP
Other routing protocols
Carries datagrams
Link Layer
PPP
Ethernet
Carries frames
Physical Layer
Carries bits “on the wire”
TCP and supporting protocols
Transmission Control Protocol
Supports carrying SMTP and HTTP application protocols
Includes a “handshake” step which verifies sender/receiver
Connection oriented
UDP and supporting protols
User Datagram Protocol
Supports carrying DNS application protocol
No handshake (TCP includes the handshake) Connection-less oriented
List the protocol layers from top to bottom
Application Transport Network Link Physical
CIDR
Classless Inter-Domain Routing
Can define custom length of network section of IP
Ex. xxx.xxx.xxx.xxx/z
Where z = number of bits (from the right) that represents network section
How long is an IP address in bits? How long is each octet?
32, each octet = 8 bits
What is the range of Numbers for each octet in an IP address?
(octets are each set of numbers btwn the periods)
Ex. xxx.xxx.xxx.xxx - each xxx is a octet
0-255 per octet
Ex. Highest IP address possible
255.255.255.255 (2^32 possible addresses)
This is because 255 is represented in binary by 11111111 (8 digits). 256 would require 9 digits, or 9 bits, to represent. IP protocol requires all IP address to be represented by 4 sets of 8-bits (Or 4 octets).
To convert a number system to decimal, what operating do you do?
Multiply
What is the relationship between the network section and the host section of an IP address class?
The network section is represented by the left-most 8 bits of an IP address. In other words, it’s the octet (first xxx) on the left side which is then followed by 3 more sets of octets. Ex. IP addresses that start with 129.xxx.xxx.xxx are apart of a class B network.
Host devices on the class B network can range from 128.0.0.0 to 191.255.255.255 (255 is the largest 3-digit number that can be represented by 8-bits)
Because IP addresses are a fixed length of 32-bits (8-bits per octet) everytime the network address requires another bit to represent it, it lowers the number of host addresses available to it. A network is limited by the number of unique IP addresses it can assign. Ex. The upper range of a class A network is 127.255.255.255 because in binary it is this:
127 255 255 255
01111111 11111111 11111111 11111111
The next IP address that could be assigned would add 1 to every digit to its right, making that zero in front turn into a 1. To assign more addresses, all IP addresses start with the binary digit 1 instead of 0. 127 in binary is 1111111 (7 digits). 128 in binary is 10000000 (8-digits). Therefore, when 7-digits were used for the network portion, it made 25 digits available to assign to host devices. When the network address increased from 127 to 128, one additional digit was required for the network, this less digits are available to the host section
To convert from decimal to another number system, what operation do you do?
Divide
2 types of HTTP messages
Requests and responses
What are devices called that run applications?
Hosts, also called end-systems
What are protocols?
format and order and actions
Protocols define format, order of msgs sent and received among network entities, and actions taken on msg transmission and receipt
Why are protocols layered?
Each layer implements a service relies on the layer below it to function
Converting from something to decimal, what powers do you raise 2 to for each place?
… 2^3 2^2 2^1 2^0
Then add together…
Using binary to change permissions
Each number corresponds to the different permission groups (user/group/other)
Ex. 455 - 4 goes to user; 5 goes to group; 5 goes to other
4 in binary = 100, therefore, user permission is r–
5 in binary = 101, therefore, group and other permission is r-x
All together, setting permissions with 455 results in:
- r– r-x r-x
- Given that Class B IP address starts with the bit sequence of 10, which of the following is a Class B IP address?
a. 1007.66.255.188
b. 100.88.88.188
c. 10.88.266.188
d. 122.66.255.188
e. 122.66.266.188
f. 122.166.255.188
g. 166.226.226.188
h. 166.66.266.188
i. 199.26.255.188
j. none of the above
g. 166.226.226.188
Reason: (1) Class B IP addresses must have it’s first octet btwn 128 and 191. Thus, only choices g, and h are viable.
(2) Each octet must be no larger than 255. Therefore, choice g is the only correct answer.
- Which of the following use services provided by the transport layer protocols?
a. smtp, udp, http
b. tcp, udp, http
c. tcp, udp, ip
d. http, ip, ppp
e. dns, smtp, http
f. dns, tcp, ip
g. RIP, OSPF, BGP
h. none of the above
e. dns, smtp, http
Reason: Each layer of protocol relies on the layer below it to support its functionality. The Application Layer is the layer directly above the transport layer. Transport protocols are TCP and UDP, therefore, they are not the answer. What relies on TCP or UDP to function? The Application protocols HTTP, SMTP, and DNS.
- trump.txt’s current permission mode is r–r—-x. The command chmod o-x trump.txt has the same effect as
a. chmod 741 trump.txt
b. chmod 880 trump.txt
c. chmod 440 trump.txt
d. chmod 751 trump.txt
e. chmod 851 trump.txt
f. chmod 645 trump.txt
g. chmod 541 trump.txt
h. chmod 288 trump.txt
i. none of the above
c. chmod 440 trump.txt
chmod o-x acts to remove the execution (x) privileges from the “other” user group. The other group is the last 3 character positions (rwx). We also want to preserve the permissions as they are for the user and user group, which contain read permission only. What binary representation will accomplish this?
(1) 0 will set the other group to - - - as it’s 000 in binary. This leaves only a and c (or i) as viable choices.
(2) What will preserve the user and user group as r - - ? In binary, we want it to be 100 for both of them. The decimal representation of 100 is 4.
Thus, chmod 440 will make permissions:
r - - r - - - - -
1 0 0 1 0 0 0 0 0
[ 4 ] [ 4 ] [ 0 ]
Examples of short questions:
1. Define the server in client/server computing.
Answer: The side to respond to client requests.
Examples of short questions:
2. Give a one-line Unix command to get help on the mail command and store the help pages in the file help.txt.
man mail > help.txt
(1) “man” calls for the manual for the command that follows. In this case, we want the manual for the “mail” command.
- -> man mail
(2) We also want to store the screen “print out” of the manual text in a file. In other words, we want unix to “print” the manual to a file instead of print it on the screen. We do this with the ‘>’ character. ‘>’ expects a command on the left side and a file location on the right side.
Examples of short questions:
3. What is the password of Kali’s administrator?
toor
Examples of short questions:
4. Identify the layers of the Internet Protocol Stack that routers implement.
Routers implement the following 3 layers:
Network
Link layer
Physical
What is the internet comprised of?
[Lecture 3 - Unix PP.1]
Servers and host devices
Why is unix a popular server OS?
[Lecture 3 - Unix PP.1]
Security features
Why is learning command line important as a penetration tester?
[Lecture 3 - Unix PP.2]
GUI’s are not available for unix hacking. Only command line
What are daemons in unix and linux?
[Lecture 3 - Unix PP.3]
Daemons are system processes and perform system functions in the background. They are like the background services in Windows you see what you view the task manager.
What creates event logs in unix?
[Lecture 3 - Unix PP.3]
syslog daemons
How do syslog daemon’s record log info?
[Lecture 3 - Unix PP.3]
syslog daemons wait in the background to receive log info from system processes, user processes, and the kernal.
Windows command to launch security policy manager?
[Lecture 3 - Unix PP.4]
secpol.msc
What policies are available in Windows Security Manager? (5)
[Lecture 3 - Unix PP.4]
Password policies Account Lockout Policies Audit Policies (logs successes and failures of audit events) User right Assignments Security Options
Syslog location for successful and failed logins
[Lecture 3 - Unix PP.3]
/var/log/secure
/var/log/syslog
Syslog location for general messages from kernel and background system processes
[Lecture 3 - Unix PP.3]
/messages in 2 locations:
/var/log/messages
/var/adm/messages
Syslog location for applications logs
[Lecture 3 - Unix PP.3]
/var/log/httpd
/var/log/cron
Syslog location for a history of user login and logouts
[Lecture 3 - Unix PP.3]
/wtmp in 2 locations:
/var/log/wtmp
/var/adm/wtmp
Syslog location for last login time and the machine where login occurred
[Lecture 3 - Unix PP.3]
/usr/adm/lastlog
syslogs in /var/log location?
/secure - successful and failed logins
/syslog - successful and failed logins
/messages - general messages from kernel and bg processes
/httpd - applications log
/cron - applications log
/wtmp - last login time and the machine where login occurred
What is a packet?
Packets are made of a header and a payload and are the data being sent by a host device on a network.
What is the header of a packet used for?
Data in the header are used by networking hardware to direct the packet to its destination
What is the packet payload used for?
Payloads are extracted and used by application software
