Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Slides:

Advertisements

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

Advertisements

METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

SYSTEM ADMINISTRATION Chapter 19

Nassau Community College

System Security Scanning and Discovery Chapter 14.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Chapter 13 Chapter 13: Managing Internet and Network Interoperability.

Common network diagnostic and configuration utilities A ‘toolkit’ for network users and managers when ‘troubleshooting’ is needed on your network.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Ch 8-3 Working with domains and Active Directory.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Electronic Commerce Last Week

Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.

Module 4 – Learning about other Devices Testing network connections.

Module 7: Configuring TCP/IP Addressing and Name Resolution.

Hands-on Networking Fundamentals

Arparp* Displays and modifies the IP-to-Physical address translation tables used by address resolution protocol (ARP) getmacgetmac Shows the mac address(es)

SCO Insight Connector Training. The SCO Insight Connector  Product Overview  Technical Specifications  Installation  Using the Components  Target.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Chapter 10 Networking and the Internet ITSC 1458.

Packets and Protocols Recognizing Attacks with the protocol analyzer.

SATAN Presented By Rick Rossano 4/10/00. OUTLINE What is SATAN? Why build it? How it works Capabilities Why use it? Dangers of SATAN Legalities Future.

Course ILT Internet/intranet support Unit objectives Use the Internet Information Services snap-in to manage IIS, Web sites, virtual directories, and WebDAV.

COMP1321 Digital Infrastructure Richard Henson February 2014.

2 Richard S. Carson and Associates Management Consulting Web-Based Products World Wide Digital Security, Inc. Backgroun d.

FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Internet Business Foundations © 2004 ProsoftTraining All rights reserved.

Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.

CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.

Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Cracking Techniques Onno W. Purbo

Introduction A security scanner is a software which will audit remotely a given network and determine whether bad guys may break into it,or misuse it.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

IT ELECTRONIC COMMERCE THEORY NOTES

Protocols COM211 Communications and Networks CDA College Olga Pelekanou

Using the Communications Program Chapter Thirteen.

IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.

ERICSON BRANDON M. BASCUG Alternate - REGIONAL NETWORK ADMINISTRATOR HOW TO TROUBLESHOOT TCP/IP CONNECTIVITY.

17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.

Hands-On Ethical Hacking and Network Defense

Linux Operations and Administration

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

FTP COMMANDS OBJECTIVES. General overview. Introduction to FTP server. Types of FTP users. FTP commands examples. FTP commands in action (example of use).

Application of the Internet 1998/12/09 KEIO University, JAPAN Mikiyo

COMP1321 Digital Infrastructure Richard Henson March 2016.

Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.

Ping and Traceroute by Aleisa A. Drivere Supervisor Graciela Perera.

Click to edit Master subtitle style

Troubleshooting a Network

CompTIA Network+ N Authorized Cert Guide

Network Tools and Utilities

Troubleshooting IP Communications

Intuit has launched QuickBooks File Doctor tool (QBFD) in QuickBooks File Doctor is a tool that has been designed to recover the damaged company.

Configuring Internet-related services

Windows Server Administration Fundamentals

Presentation transcript:

Security Tools CS-480b Dick Steflik

CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files

CACLS cacls /T /E /G administrator:F d:\users\*.* Cacls will add Full Control for the adminsitrator account all files and subfolders in the Users folder of the D:\ drive. cacls /T /E /R Everyone d:\users Cacls will remove all permissions for the 'Everyone' group in all files and subfolders in the Users folder of the D:\ drive. Be sure to use the /E switch when you are just making modifications to a specific account or group. Without the /E switch, your settings will replace the current security with only what is specified.

CACLS (examples)

CACLS Of course anything done using CACLS could also be done through the GUI.

NSLOOKUP Name Server Lookup Windows NT, W2000, Linux, UNIX used to resolve Internet names to IP addresses default (no parameter) returns default name server address (windows) ; on Linux/UNIX enters conversational mode allowing lookups until you quit

NSLOOKUP

Traceroute Tracert (windows) ; traceroute (Linux/Unix) used to display all of the routers between two communicating Internet hosts options: -d don’t resolve addresses to host names -h (m) max number of hops to search for target -j (hostlist) loose source route along the host list -w (timeout) wait (timeout) msec for each reply

tracert

xmtr LINUX version of traceroute requires superuser authority GUI application

ping Send an ICMP echo request message to a specific host plat form differences Linux - no parameters, sends repeated /continuous requests until terminated Windows - -t switch send continuous pings Unix (most) -s switch sends continuous pings

ping

WS-Ping – Security Analysis Tool COTS (common Off The Shelf) IPSwitch Verify connectivity to a particular device on your network Quantitatively test data connections between your computer and a remote system Trace the path to a network host or device Obtain information on host names and IP addresses Scan your network and list devices and network services View summary information about a network host or device including the official hostname, IP address, and contact information (from the Whois database) View Simple Network Management Protocol values as well as Windows network domains, hosts, and workstations Search information (such as user's full names and addresses) available through LDAP

WS-Ping Features tools for : Ping - Click to Enlarge Ping - Use Ping to determine if a network device is reachable. Traceroute - Use traceroute to trace the path to a network host or device. Throughput - Click to Enlarge Throughput - Use Throughput to test the data speed on a connection with a remote host. Lookup - Use Lookup to obtain information on host names and IP addresses. Info - Use the Info tool to view summary information about a network host or device. Whois - Use Whois to obtain information on names from the Network Information Center. Finger - Use finger to obtain information about a user or host (if supported on the remote host). SNMP - Use the SNMP tool to view Simple Network Management Protocol values. Scan - Use Scan to scan your network and list devices. WinNet - Use the WinNet tool to view your Windows Network domains, hosts, and workstations. LDAP- Use the LDAP tool to search for names and information available through LDAP. Time - Use the time tool to query multiple time servers or to synchronize your local system clock. Quote - Use Quote to view quotations from a Quote server. HTML - Use the HTML tool to help you efficiently debug your Web site.

SATAN Security Administrators Tool for Analyzing Networks web based Ten years old Open Source ( Rational for SATAN is explained at : There are a number of SATAN derivatives: SAINT Scan Engine – Saint Corporation SANTA

SATAN SATAN recognizes several common networking- related security problems, and reports the problems without actually exploiting them. For each type or problem found, SATAN offers a tutorial that explains the problem and what its impact could be. The tutorial also explains what can be done about the problem: correct an error in a configuration file, install a bugfix from the vendor, use other means to restrict access, or simply disable service.

Problems Found by SATAN NFS file systems exported to arbitrary hosts NFS file systems exported to unprivileged programs NFS file systems exported via the portmapper NIS password file access from arbitrary hosts Old (i.e. before ) sendmail versions REXD access from arbitrary hosts X server access control disabled arbitrary files accessible via TFTP remote shell access from arbitrary hosts writable anonymous FTP home directory

Nessus Vulnerability Scanner Nessus development Team plug-in based Finger Abuses Windows Backdoors Gain a shell remotely CGI abuses Remote file access RPC Firewalls FTP SMTP Gain root remotely NIS DOS Miscellaneous

Nessus Client Server architecture plug-ins are for the server, client is for administration and analysis creates reports in HTML, LaTeX, ASCII, and XML including graphs