Reading Time: 3 minutes Although I don’t currently run LibreNMS in my own network, it is one of those tools that I keep in my toolbox. LibreNMS is a fork of the Observium project. The tool is written in PHP and can be run on any Linux with either Apache or NGINX. Setup One of the reasons I like […]
Reading Time: 2 minutes I’m often asked what my favorite tools are for networking. Today I’m going to feature one of them. Switchmap has been in my toolbox for many years. It was created as an Open Source project by Peter Siemsen. The tool is a set of Perl scripts that are run periodically, usually by a cron job. […]
Reading Time: 1 minute Compare and contrast remote exploit and a local exploit Understanding Cisco Cybersecurity Fundamentals (210-250) As noted in the CVSS metrics, there are two types of exploits, those that can be done remotely and those that require local access to complete. Remote exploits can be accomplished over the network and do not require physical access. Some […]
Reading Time: 1 minute Describe privilege escalation Understanding Cisco Cybersecurity Fundamentals (210-250) Privilege escalation is the manner in which an attacker gains privileges in an application that they shouldn’t have. By accomplishing this attack, an attacker gains more rights that can then allow further exploitation of the host and other network connected hosts. For example, if an attacker is […]
Reading Time: 1 minute Describe these evasion methods Implementing Cisco Cybersecurity Operations (210-255) Encryption and Tunneling: Attackers use encryption and tunneling to obfuscate their attacks. VPN technologies like IPSec can be used to keep IPS/IDS from seeing the command and control traffic or even the attack traffic. Resource Exhaustion: A denial of service attack against security appliances like IPS […]
Reading Time: 1 minute Describe these endpoint-based attacks Implementing Cisco Cybersecurity Operations (210-255) Buffer Overflows Buffer overflow attacks occur when an attacker sends more data that the application expects. If the input is unchecked, an attacker can force a program to execute code in memory sections it shouldn’t have access to. Command and Control (C2) Command and control traffic […]
Reading Time: 1 minute Describe these attacks: Social Engineering, Phishing, Evasion Methods Implementing Cisco Cybersecurity Operations (210-255) Social Engineering Social engineering is a style of attack where the attacker goes after the human element. One example would be tricking a user into giving the attacker more information about the systems or data that they are trying to acquire. Phishing […]
Reading Time: 1 minute Describe these web application attacks: SQL Injection, Command injections, Cross-site scripting Implementing Cisco Cybersecurity Operations (210-255) SQL Injection SQL Injection attacks use vulnerabilities in applications, generally web based, to inject SQL commands. These commands could reveal data that the application would not normally show an unprivileged users. They can also be used to create additional […]
Reading Time: 1 minute Describe these network attacks: Denial of Service, Distributed Denial of Service, Man-in-the-Middle Implementing Cisco Cybersecurity Operations (210-255) Denial of Service A Denial of Service (DoS) attack has the goal of preventing normal operations of an asset. This can be accomplished by either rendering an asset unavailable due to a crash or reboot, or by overwhelming […]
Reading Time: 1 minute Compare and contrast an attack surface and vulnerability. Implementing Cisco Cybersecurity Operations (210-255) The attack surface of a piece of hardware or software is the total of all potential attack vectors. An attack vector can be a service or other entry point. To be used in an attack there must be a vulnerability present that […]
© Ben Story 2019.
© Pack IT Forwarding 2019. Powered by WordPress
