https://liaoningmovie.net/member?mid=93660856 ja FC2, Inc. Thu, 28 Jan 2010 23:45:06 +0900 https://liaoningmovie.net/content/20100128vE0rsvYG/
In this lab you will connect to a wireless access point that is running Wi-Fi protected access WPA which uses Temporal Key Integrity Protocol and Message Integrity Check Lets firs look at the type of the computer we are working on ..]]> ゲーム CG Thu, 28 Jan 2010 23:45:06 +0900 https://liaoningmovie.net/content/20091224yw0C3046/
In this video, we will demonstrate some common tools used for footprinting in the information gathering phase. The first online tool we will use for footprinting is “Samspade.org”. This tool returns the “Whois” information about the target domain which]]> ゲーム CG Thu, 24 Dec 2009 00:41:30 +0900 https://liaoningmovie.net/content/20091222AxLhGke7/
Enumeration is defined as the process of extracting user names, machine name, network resources, network shares and services from a system. In this video we will demonstrate some common Windows enumeration tools. GetAcct allows you to reverse-lookup Windows account RID values to get user account name. UserDump enumerates all users on a specified Windows machine and dumps information such as userid, last logon, password expiry, etc.]]> ゲーム CG Tue, 22 Dec 2009 04:05:01 +0900 https://liaoningmovie.net/content/20091124ppRBvFw4/
In this video we’ll explore how a Land Attack is carried out. A Land Attack is a type of remote Denial of Service (DoS) attack carried out by sending spoofed packets to a target host with the source IP and port set the same as the target IP and port.]]> ゲーム CG Tue, 24 Nov 2009 00:29:57 +0900 https://liaoningmovie.net/content/200911215M35Cerv/
Metasploit Framework is a tool for developing and executing exploit code against a remote target machine. In this video, we’ll demonstrate the basic usage of this program. We’ll use the “ifconfig” command to check our current IP address. Now lets]]> ゲーム CG Sat, 21 Nov 2009 00:10:13 +0900 https://liaoningmovie.net/content/200911204h6DSypD/
Here we will go through the Phenomena of radio frequency signals with the different type of modulation Frequency Modulation or fn Modulation Phase shifting or phase shifting and interference Attenuation]]> ゲーム CG Fri, 20 Nov 2009 05:55:59 +0900 https://liaoningmovie.net/content/20091120CLC75WWe/
In this video we’ll demonstrate offline password cracking using John The Ripper tool. Let’s first change to the directory where John is located. Here you can see some important binaries used by John.]]> ゲーム CG Fri, 20 Nov 2009 04:09:25 +0900 https://liaoningmovie.net/content/20091120r0tHz14F/
In this video we’ll focus on two types of OS fingerprinting techniques, active and passive fingerprinting and the tools used for them. For passive fingerprinting we’ll look at p0f and Ettercap. For active fingerprinting, we’ll look at two fingerprinting]]> ゲーム CG Fri, 20 Nov 2009 00:45:49 +0900 https://liaoningmovie.net/content/20091119BpTmBr0b/
In this video well explore Hping. Hping is a command-line oriented TCP/IP packet assembler/analyzer which is generally used for activities like firewall testing and advanced port scanning.]]> ゲーム CG Thu, 19 Nov 2009 06:32:27 +0900 https://liaoningmovie.net/content/20091119f3vXR3Mu/
In this video we’ll demonstrate a DNS spoofing attack by creating a rouge DNS server that will redirect legitimate incoming DNS requests from our network to rouge IP addresses using the Ettercap dns_spoof plugin.]]> ゲーム CG Thu, 19 Nov 2009 03:42:29 +0900 https://liaoningmovie.net/content/20091119WNe7a1kG/
In this video we’ll demonstrate the Netcat tool. This tool is a feature packed networking utility which can read and write data across a network, using TCP/IP. We will go through the various features o Netcat, such as file transferring, banner grabbing, scanning and using Netcat as a backdoor.]]> ゲーム CG Thu, 19 Nov 2009 02:39:17 +0900 https://liaoningmovie.net/content/20091116krfnYYDa/
In this video, we’ll discuss some basic DNS enumeration tools like “dig”, “nslookup” and “host”. We’ll use the “dig” (Domain Internet Groper) tool to query the DNS server to resolve “www.logicalsecurity.com”. We’ll now use the “ns” switch to query the DNS server to return the same server of “www.logicalsecurity.com”. The “mx” (mail exchanger) switch returns the mail servers of “logicalsecurity.com”. The “axfr” switch is used for zone transfer. Although in our case, it has failed as most secure DNS servers do not allow zone transfers. The “nslookup” tool is used for the same purpose as “dig”, but is seldom used in the linux environment. Once we enter “nslookup”, and interactive prompt appears where we can enter “set type=ns” or “et type=mx” for name and mail servers respectively. Another commonly used tool for DNS lookups is “host”. The “-t” specifies the query types, in our case they are “ns”, “mx” and “cname” for the name server, mail server and canonical name respectively. The “-l” switch lists ...]]> ゲーム CG Mon, 16 Nov 2009 00:32:08 +0900 https://liaoningmovie.net/content/20090614ydYPDyZn/
This video demonstrates the working of HYDRA, an online password cracking tool, Here Before we start ‘HYDRA’ we’ll lookup our current IP address using ‘ifconfiz’ command. We’ll also scan one of our target hosts using ‘Nmap’ In the target tab we will specify the address, port and protocol for our target (obtained by Nmap scan earlier). We will now specify the target’s username and a wordlist containing possible password Let’s view the contents of the wordlist file The program also allows you to fine tune your attack parameters Program has now discovered the password for our specified username. Now let’s look at another example, this time lets break into a FTP Server Now user suppose that we did not know user name of our target we will then specify a target list similar to password list provided in our earlier attack Let’s decrease the number of simultaneous connection to minimize network congestion. You can see that program has discover both user name and password Let’s access our target using the ...]]> ゲーム CG Sun, 14 Jun 2009 23:33:09 +0900 https://liaoningmovie.net/content/20090613zTfVaEvF/
In this video we’ll demonstrate offline password cracking using John The Ripper tool. Lets first change to the directory where John is located. Here you can see some important binaries used by John. First we’ll execute the ‘unshadow’ script which will merge the ‘/etc/pass’ and ‘/etc/shadow’ files into a single file, called ‘crack.db’. This file will be used by John for password brute force attack. Let’s see the content of the crack.db file You can see there are various option that can be used for cracking password using John. You can see that the brute force attack we previously initiated is still under progress. John has now discovered the password ‘toor’ for the user ‘root’. Now lets uses the ‘—show’ switch to display the password in plaintext. John stores the obtained passwords in the ‘john. Pot’ file. You can see that the dictionary attack (in console 2) has now been completed and john has revealed 4 passwords. You’ll notice that the dictionary attack was much faster than the brute force attack ...]]> ゲーム CG Sat, 13 Jun 2009 07:28:55 +0900 https://liaoningmovie.net/content/20090528f0Yf0nrH/
First line of Logical Protection: Access control is the first line of protection of a company’s assets & several technologies are used… Access Control Technology: Subject is an active entity attempting to access an object, Object is a]]> ゲーム CG Thu, 28 May 2009 23:22:30 +0900 https://liaoningmovie.net/content/20090527nwvu4HbC/
Logical security]]> ゲーム CG Wed, 27 May 2009 22:55:55 +0900 https://liaoningmovie.net/content/200904294tTPnAtU/
Security has changed drastically over the last 5-10 years… 10-15 years ago only a few people interacted with mainframes & dumb terminals Computing power has brought down to individual desktops. More people interacted with technology Users were then able to cause much more damage, either through mistake or maliciously In today’s complex environment we work in distributed networks; intranet, extranets, Internet, wireless, etc]]> ゲーム CG Wed, 29 Apr 2009 00:10:46 +0900 https://liaoningmovie.net/content/20090428UYqA726a/
Risk Management Set an acceptable level of risk. Risk management ensures that this level is not exceeded Risk management is responsible for identifying vulnerabilities & threats & calculating risks involved. Identifying Team Members Asset Identification for more information go to www.logicalsecurity.com]]> ゲーム CG Tue, 28 Apr 2009 05:58:12 +0900 https://liaoningmovie.net/content/20090428sU9ea0dW/
Potential versus Delayed Risk: Risk Types: Potential risk: Experienced at the time of exposure. Delayed risk: Experienced later Delayed loss is harder to identify, compared to potential loss An effective risk analysis will identify several different types of potential losses & delayed losses Qualitative versus Quantitative Risk Analysis Approaches A quantitative risk analysis uses percentages & monetary numeric values. A qualitative risk analysis is based on opinions & experience. It uses a rating system. A qualitative approach relies on information coming from company experts, who are closest to the assets. For more knowledge go to www.logicalsecurity.com]]> ゲーム CG Tue, 28 Apr 2009 04:25:36 +0900 https://liaoningmovie.net/content/20090428V3nHqqeh/
Description A cost\benefit analysis compares countermeasure costs with money saved by having it in place… After an analysis is completed on the assets, their threats, risks, & countermeasures are identified A cost \ benefit analysis compares countermeasure costs with money saved by having it in place Cost of countermeasure = cost of purchase, maintenance, affects on productivity, updating, interoperability Only by understanding the cost & benefit of a countermeasure can a good business decision be made ALE Before Implementing Countermeasure ALE after Implementing Countermeasure For more information goto www.logicalsecurity.com]]> ゲーム CG Tue, 28 Apr 2009 01:41:16 +0900 https://liaoningmovie.net/content/20090428MWR7v0xQ/
Of the different ways of dealing with risk, senior management will decide which is best for their company...]]> ゲーム CG Tue, 28 Apr 2009 00:35:40 +0900 https://liaoningmovie.net/content/20090427tk3VG6Eu/
IT & management should learn to speak each other's language & understand why they do what they do...]]> ゲーム CG Mon, 27 Apr 2009 23:34:43 +0900 https://liaoningmovie.net/content/200904279V9wWetG/
"To many companies today, data is one of their most important assets & needs to be protected.." A classification scheme is developed to protect data's confidentiality, integrity, & availability If data is not declassified correctly, company resources can be wasted]]> ゲーム CG Mon, 27 Apr 2009 02:56:03 +0900 https://liaoningmovie.net/content/20090426r5p3LaxB/
"Administrative controls are soft in nature but technical & physical controls ar not..." Management Must ensure that physical, technical & administrative controls are rolled out & maintained Management Must designate fan acceptable level of risk for the risk management team to maintain The AIC traid: availability, integrity, confidentiality Risk analysis is a tool used by the risk management team to help define a security budget If you do not know these concepts, reread the necessary section in the book & review this domain]]> ゲーム CG Sun, 26 Apr 2009 22:31:35 +0900 https://liaoningmovie.net/content/20090424f5dupAKV/
This video is the part3 of the domain1 for logical security course. The main focus of this video is Security Management Practice, Threats to a Company and its Assets]]> ゲーム CG Fri, 24 Apr 2009 23:06:16 +0900 https://liaoningmovie.net/content/20090424JHmEwtEx/
The main focus of this video is about the Administrative Responsibilities , Legal Aspects of Security, Traditional Security Services for more information about logical security and network security go to www.logicalsecurity.com]]> ゲーム CG Fri, 24 Apr 2009 07:27:57 +0900 https://liaoningmovie.net/content/20090424u2kKgmmt/
This video is related to the cours ( Lovical Security "Logical Security, CISSP Solution Set, CISSP Instructor Lead Course, Intrusion Prevention System")]]> ゲーム CG Fri, 24 Apr 2009 04:40:05 +0900