Friday 29 March 2024
Tuesday 23 October 2018
Wednesday 13 June 2018
Network Forensics.....
Steps:
1.Ubuntu command to install dsniff
sudo apt install dsniff
2.sudo arpspoof -i wlan0 -t 192.168.8.100 192.168.8.1
192.168.8.100 - Target device my Mobile.
192.168.8.1 - Router/Gateway connecting to.
> command executed on Ubuntu laptop 192.168.8.101
> Normally 192.168.8.100 passes data through 192.168.8.1
After command execution 192.168.8.100 connects to gateway
192.168.8.1 through 192.168.8.101.
3. Run Ettercap.
scan for hosts
set targets
view connections/profiles etc
1.Ubuntu command to install dsniff
sudo apt install dsniff
2.sudo arpspoof -i wlan0 -t 192.168.8.100 192.168.8.1
192.168.8.100 - Target device my Mobile.
192.168.8.1 - Router/Gateway connecting to.
> command executed on Ubuntu laptop 192.168.8.101
> Normally 192.168.8.100 passes data through 192.168.8.1
After command execution 192.168.8.100 connects to gateway
192.168.8.1 through 192.168.8.101.
3. Run Ettercap.
scan for hosts
set targets
view connections/profiles etc
Wednesday 20 September 2017
Extended Ping / Route
For a Ping /connectivity to work :
1.Route should be in Routing Table.
2.Route should be in both source and destination table.
Example Ping expects a reply.ICMP ECHO REPLY.
debug command shows activity.
3.For directly connected Routers default route or static route
on the Reply end is enough.
Example:Extended Ping.
1.Route should be in Routing Table.
2.Route should be in both source and destination table.
Example Ping expects a reply.ICMP ECHO REPLY.
debug command shows activity.
3.For directly connected Routers default route or static route
on the Reply end is enough.
Example:Extended Ping.
PING From Source.
Router#ping
Protocol [ip]: ip
Target IP address: 192.168.1.2
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: gigabitethernet0/1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
.....
Success rate is 0 percent (0/5)
Destination debug output.
Destination is receiving the Ping Echo Request.
Extended Ping from source
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: s=192.168.1.2 (local), d=192.168.2.1 len 128, unroutable
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: s=192.168.1.2 (local), d=192.168.2.1 len 128, unroutable
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: s=192.168.1.2 (local), d=192.168.2.1 len 128, unroutable
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: s=192.168.1.2 (local), d=192.168.2.1 len 128, unroutable
Adding a default route on reply end
Router(config)#ip route 0.0.0.0 0.0.0.0 g0/0
Router(config)#ip route 0.0.0.0 0.0.0.0 g0/0
Results in change below.If Routers are not connected
that a Routing protocol or multiple static/default routes required.
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: tableid=0, s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, sending
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, encapsulation failed
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: tableid=0, s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, sending
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: tableid=0, s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, sending
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: tableid=0, s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, sending
IP: tableid=0, s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.2.1 (GigabitEthernet0/0), d=192.168.1.2 (GigabitEthernet0/0), len 128, rcvd 3
IP: tableid=0, s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), routed via RIB
IP: s=192.168.1.2 (local), d=192.168.2.1 (GigabitEthernet0/0), len 128, sending
Monday 18 September 2017
Show Line
Switch#show Line
Tty Line Typ Tx/Rx A Roty AccO AccI Uses Noise Overruns Int
* 0 0 CTY - - - - 0 0 0/0 -
1 1 AUX 9600/9600 - - - - 0 0 0/0 -
132 132 VTY - - - - 0 0 0/0 -
133 133 VTY - - - - 0 0 0/0 -
134 134 VTY - - - - 0 0 0/0 -
135 135 VTY - - - - 0 0 0/0 -
136 136 VTY - - - - 0 0 0/0 -
Line(s) not in async mode -or- with no hardware support:
2-131
Tuesday 6 December 2016
Electrical Safety Devices
1.RCCB/RCD -Residual current circuit breaker or RCD -Residual current device.
Trips when earth is at fault
Shock protection
better for humans
best to detect earthing problems
ELCB is older name and voltage based
RCCB is newer current based
2.MCB- Miniature circuit breaker
3.MCCB - Moulded case circuit breaker
[MCB are glorified fuse's , a fuse box that trips and
can be reset rather than change a burnt wire,an electromechanical
device ]
2 and 3 are better for overload protection and devices
4.RCBO is combination of MCB and RCD
Trips when earth is at fault
Shock protection
better for humans
best to detect earthing problems
ELCB is older name and voltage based
RCCB is newer current based
2.MCB- Miniature circuit breaker
3.MCCB - Moulded case circuit breaker
[MCB are glorified fuse's , a fuse box that trips and
can be reset rather than change a burnt wire,an electromechanical
device ]
2 and 3 are better for overload protection and devices
4.RCBO is combination of MCB and RCD
Subscribe to:
Posts (Atom)