What is the purpose, and why is `sh’ shown twice?
Study the following exploit code taken from a Linux machine and answer the questions below:
echo "ingreslock stream tcp nowait root /bin/sh sh I" > /tmp/x;
/usr/sbin/inetd s /tmp/x;
sleep 10;
/bin/ rm f /tmp/x AAAA…AAA
In the above exploit code, the command "/bin/sh sh I" is given.
What is the purpose, and why is `sh’ shown twice?
What is this technique called?
This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor- intensive tasks for an IDS to reassemble all fragments itself and on a busy system the packet will slip through the IDS onto the network.
What is this technique called?
Why will this not be possible?
Bob has set up three web servers on Windows Server 2003 IIS 6.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run numerous e-commerce websites that are projected to bring in thousands of dollars a day. Bob is still concerned about the security of this server because of the potential for financial loss. Bob has asked his company’s firewall administrator to set the firewall to inspect all incoming traffic on ports 80 and 443 to ensure that no malicious data is getting into the network.
Why will this not be possible?
What ca Angela’s IT department do to get access to the education website?
Angela is trying to access an education website that requires a username and password to login. When Angela clicks on the link to access the login page, she gets an error message stating that the page can’t be reached. She contacts the website’s support team and they report that no one else is having any issues with the site. After handing the issue over to her company’s IT department, it is found that the education website requires any computer accessing the site must be able to respond to a ping from the education’s server. Since Angela’s computer is behind a corporate firewall, her computer can’t ping the education website back.
What ca Angela’s IT department do to get access to the education website?
Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the tr
SSL has been as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to Point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between Point A to Point B?
Which of the following strategies can the employee use to evade detection by the network based IDS application
An Employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by the network based IDS application?
What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detect
What is the advantage in encrypting the communication between the agent and the monitor in an Intrusion Detection System?
What is the purpose of firewalking?
What is the purpose of firewalking?
What tool might he use to bypass the IDS?
An Evil Cracker is attempting to penetrate your private network security. To do this, he must not be seen by your IDS, as it may take action to stop him. What tool might he use to bypass the IDS?
Select the best answer.
Which of these describes a low interaction honeypot?
There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot?
Select the best answers.