Security Tools

Question 1

Passive tools

Answer 1

Watches traffic that goes by

Question 2

Active

Answer 2

Sends traffic to a device

Question 3

What tool do you use to sanatise hard drives?

Answer 3

(remove/wipe all data) use DBAN

Files and folders use: Microsoft SDelete

Question 4

Back up tools

Answer 4

Use Rsync which is a real time file sync.

Question 5

What is Banner grabbing

Answer 5

Name, software, OS. Apps can give you this info. Banner is always there.

Question 6

What tools do you use to grab a banner?

Answer 6

Use Netcat, Nmap, Telnet to capture the banners.

Question 7

Netstat

Answer 7

shows network statistics -a shows all active connections, -b show binaries. -n, no names.

Question 8

Tracert/Traceroute

Answer 8

Tracert = windows. Traceroute = linux.

Question 9

NSlookup/DIG

Answer 9

Nslookup looks up names and IP’s address. DIG = Domain Information Grouper. More advanced choices.

Question 10

ARP

Answer 10

determine mac address based on IP address

Question 11

TCPDump

Answer 11

TCPDump = Capture packets. Linux. View in real time.

Question 12

Nmap

Answer 12

Nmap = Port scan, OS scan, Service scan, vulnerability scans

Question 13

Netcat

Answer 13

Netcat = Open a port and send/receive traffic. Transfer data, listen to ports, scan ports. Become a backdoor: run a shell from a remote device.