Sws101_unit.1

Topic : Recap on what I learned in UNIT 1-Network Penetration Testing

• What I thought Network was before ? I thought network was something that conects devices and that has to do with data.

1.1: Introduction to CyberSecurity

1. Offensive Security(Red Team)

Offensive security involves actively identifying and addressing vulnerabilities. They break into computer system, exploit software bugs, finds loopholes in applications to gain unauthorized access.

• Web application security focuses on securing programs accessed through web browsers.
• Network security focuses on protecting the security of interconnected computers and their communication links.
• Operating system security secures the layer between hardware and applications. Each area has specific risks and measures to ensure the overall security of computer systems.

2. Defensive Security(Blue Team)

Defensive security involves proactive measures to prevent and respond to cyber threats. They investigates infected computers or devices, tracks down cybercriminals,and monitors infrastructure for malicious activity. Defensive security is concerned with two main tasks i.e preventing Intrusions and detecting and Responding to Intrusions.

Areas of Defensive Security

• Security Operations Centers monitor and gather intelligence.
• Digital Forensics & Incident Response focus on analyzing and responding to incidents, including the detailed analysis of malware.

3. Career Paths

Job roles

• Security analysts- investigate and advise.
• Security engineers- build solutions.
• Incident responders- handle emergencies.
• Digital forensics analysts investigate crimes.
• Malware analysts focus on malicious software.
• Penetration testers find vulnerabilities.
• Security consultants offer advice.
• Security architects design secure systems. Each role plays a crucial part in maintaining a strong cybersecurity defense.

Networking

Network allows computers to communicate with each other and network security protects the security of those computers anad links connecting them.

• Network Types WAN(wide area network)-The WAN is the address accessed by the Internet. LAN(local area network) and WLAN(wireless local area network)- will typically assign IP Addresses designated for local use. VPN(Virtual private network)- makes the user feel as if they were plugged into a different network. There are 3 types but does the same work.

Network topologies define how devices connect physically or logically. forward proxy

reverse proxy

Proxies act as mediators in connections, networking models describe data transmission, and IP/TCP, along with MAC addresses, play crucial roles in addressing and routing within networks. CIDR notation and subnetting enhance the efficiency of data transfer.IPv6 is the successor of IPv4 which is 128 bit long and doesnt require NAT. key exchange mechanisms like Diffie-Hellman, RSA, ECDH, and ECDSA play vital roles in establishing secure communication. IKE, with its main and aggressive modes, is crucial for VPNs, utilizing mechanisms like PSK for authentication and shared secret establishment.

Linux endpoint

Linux Origins:

Birthed from Unix by Ken Thompson & Dennis Ritchie in 1970. BSD (1977) faced limitations due to AT&T lawsuit. Richard Stallman’s GNU project (1983) aimed for a free Unix-like OS. Linux kernel created in 1991 by Linus Torvalds. Evolved into a robust, open-source OS with 600+ distributions. Linux Traits:

Security: Generally more secure than other OS. Stability: Offers high performance and frequent updates. Versatility: Runs on diverse platforms, including servers, desktops, and embedded systems. Android OS foundation: Powers smartphones and tablets. Linux Philosophy:

Everything is a file. Small, single-purpose programs. Ability to chain programs for complex tasks. Avoid captive user interfaces. Configuration stored in text files. Linux Components:

Bootloader: Guides OS startup (e.g., GRUB). OS Kernel: Manages hardware resources. Daemons: Background services for key functions. OS Shell: Interface for user-OS interaction. Graphics Server: Enables graphical program execution. Window Manager: GUI management. Utilities: Perform specific functions. Linux Architecture:

Hardware: System components. Kernel: Controls hardware resources. Shell: Command-line interface. System Utility: Provides OS functionality.

• common commands
• $ pwd # print working directory
• $ ls # list directory contents
• $ cp # copy files and directories
• $ mv # move files and directories
• $ cd # change directory
• $ touch # create a file
• $ mkdir # create a directory
• $ rm # remove files or directories
• $ cat # concatenate and display files
• $ less # view file contents
• $ tree # list contents of directories in a tree-like format
• $ find # search for files in a directory hierarchy
• $ grep # search for a pattern in a file
• $ nano # text editor
• $ which # locate a command
• $ locate # find files by name
• $ sort # sort lines of text files
• $ chmod # change file permissions

Windows Endpoint

Introduced in 1985 as a graphical shell for MS-DOS. Evolution through versions like Windows 95, XP, Vista, 8, and the current Windows 11. Windows Server started in 1993 with Windows NT 3.1, followed by versions like 2000, 2003, 2008, 2012, 2016, and 2019. Active Directory introduced in Windows 2000, with subsequent versions adding features like Hyper-V and Kubernetes support. End of support for older versions (e.g., Windows Server 2008 and 2012) requires understanding legacy systems in assessments.

File Systems in Windows: FAT32: Pros: Device compatibility, cross-OS support. Cons: Max file size of 4GB, lacks built-in security features.

NTFS: Pros: Reliability, granular permissions, large partitions. Cons: Limited native support on some devices.

exFAT: Pros: Supports large files, cross-platform compatibility. Cons: Less support than FAT32, no built-in journaling.