Our offices will be closed Monday, May 28 in honor of Memorial Day
as we recognize and remember the sacrifice of those who lost their lives while serving in the United States Armed Forces.
With unending gratitude - Tendenci
|# 26 Sep, 2015 19:23|
Notes and tools for security auditing
|# 26 Sep, 2015 19:24|
Step 1 in Penetration Testing is Looking for Vulnerabilities
Let's start simple and show a listing of someone trying different keys to get into a server guessing port 23 (DPT - destination port)
On the above 3 - note the DPT is port 23 - a non-standard port and is closed and correctly blocked by UFW (Uncomplicated Firewall). They all originate from a fake IP address of 184.108.40.206 They are all sent from port 32929. There are three and only three tries because fail2ban is installed and blocks over 5 tries.
This next example is a port-scan. He is escalating through the server looking for open ports. Here is the source.
Note the climbing destination ports (DPT) of 5901, 5902, 5903
Then he stops but will return and keep mapping his way through the ports until he has a full picture of the server. Studying the server is the first step.