As a security tester, how would you discover what telephone numbers to dial-in to the router?
Wardialing is one of the oldest methods of gaining unauthorized access to the targeted systems, it is one of the dangers most commonly forgotten by network engineers and system administrators. A hacker can sneak past all the expensive firewalls and IDS and connect easily into the network. Through wardialing, an attacker searches for the devices located in the target network infrastructure that are also accessible through the telephone line.
‘Dial backup’ in routers is most frequently found in networks where redundancy is required. Dial-on-demand routing (DDR) is commonly used to establish connectivity as a backup.
As a security tester, how would you discover what telephone numbers to dial-in to the router?
What is the technique that Eve used in the case above?
Eve decides to get her hands dirty and tries out a Denial of Service attack that is relatively new to her. This time she envisages using a different kind of method to attack Brownies Inc. Eve tries to forge the packets and uses the broadcast address. She launches an attack similar to that of “fraggle”. What is the technique that Eve used in the case above?
When referring to the Domain Name Service, what is a 'zone'?
When referring to the Domain Name Service, what is a ‘zone’?
What should James use?
James is the lone IT technician for a small advertising agency in the Midwest. He oversees three servers and fifteen workstations all running Windows operating systems. James just got back from a Hacker Halted conference and is now very concerned about the security of his network. Previously he thought that no one would be interested in his small company’s data, but now he
thinks otherwise. His budget is very limited and he cannot afford any kind of commercial IDS or IPS system.
James is looking for a freeware or easy-to-use open source program that will help him to detect port scans on his workstations and servers.
What should James use?
What is the most common vehicle for social engineering attacks?
What is the most common vehicle for social engineering attacks?
Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the tr
SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?
If an attacker’s computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning,
If an attacker’s computer sends an IPID of 31400 to a zombie computer on an open port in IDLE scanning, what will be the response?
What filter will you apply?
You have captured some packets in Ethereal. You want to view only packets sent from 10.0.0.22.
What filter will you apply?
What add-on provided for Netscape Navigator could Ryan install that would allevia te this issue of not properl
Ryan is the network administrator for Hammerstein Incorporated, a sign manufacturing company in Chicago. Ryan holds certificates for certified ethical hacker and certified hacking forensics investigator. Ryan prefers to use Linux-based operating systems, but has to work on Windows computers for much of his work-related duties. Ryan also prefers to use Netscape Navigator on his Windows computers because he believes it is more secure than Internet Explorer. While reading a security-related article online one day, he reads that Netscape Navigator has an issue with improperly validating SSL sessions which worries him greatly. What add-on provided for Netscape Navigator could Ryan install that would allevia te this issue of not properly validating SSL sessions?
What kind of proxy server doesUrsula want to implement?
Ursula is the systems administrator for GateTime Enterprises, a clock manufacturing company in Atlanta. Ursula is in charge of all network equipment as well as network security. Ursula has recently created a set of IT security policies which include an acceptable use policy that all employees must sign. Ursula wants to install software on a proxy server that will monitor all user Internet traffic, enable her to administer Internet policy settings in one place, and prev ent avoidance of the new acceptable use policy. What kind of proxy server doesUrsula want to implement?