4. Command Help
• man command_name
• man ps
• man hping
• command_name –help or
• command_name –h
• dig –h
• nc --help
• info command_name
• info nmap
http://disects.com/ Praveen Darshanam
5. Backtrack
• Operating System for Security Researchers, Penetration Testers etc
• Plethora of Tools
• Fuzzers, DoS Tools, Scanners, Exploits etc.
http://www.backtrack-linux.org/
http://disects.com/ Praveen Darshanam
6. nmap
• Port Scanning
• OS fingerprinting
• Version guessing
• nmap [Scan Type(s)] options target_ip/domain
• Useful options
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags <flags>: Customize TCP scan flags
-sV:Probe open ports to determine service/version info
-O: Enable OS detection
http://disects.com/ Praveen Darshanam
8. ngrep
grep patterns from pcap or live stream
• ngrep is to pcap what grep is to normal files
• Sniffer mode
ngrep –d any ‘HTTP/1.1 200 OK’ port 80
ngrep –d eth0 –i ‘user|pass’ port 21
• Pcap pattern match – regex pattern + BPF filter
ngrep -t ‘pattern’ –I pcap
ngrep –tx –X ‘0xhex pattern’ –I pcap
• Grep’ing, one packet at a time
http://disects.com/ Praveen Darshanam
14. ethtool
view and change NIC settings
• View settings
– ethtool eth0
– ethtool –i eth0
– ethtool –k eth0
– ethtool –p eth0
• Change settings
– Speed;
ethtool –s eth0 speed 100
– Duplex
ethtool –s eth0 duplex full
– TSO,GSO,checksum
ethtool -K eth0 tso off gso off tx off
http://disects.com/ Praveen Darshanam
15. ping
• Ping
• Used for trouble shooting connectivity
• Uses ICMP protocol
• Based on raw sockets
• Uses different types, codes based on error
• Ping of death, pretty famous
• Options
-f fast ping -s data size
-c number of packets to send
#ping –f –s 65000 192.168.1.102
http://disects.com/ Praveen Darshanam
16. netstat
• netstat
-p display the PID and program name of the process owning a socket
-l displays the listening sockets
-t display TCP socket
-u display UDP socket
-c continuous display
--unix unix domain socket
Linux netstat –ant |grep 22
Windows netstat -an -p tcp | find "135"
http://disects.com/ Praveen Darshanam
17. ab
• Apache HTTP server benchmarking tool
• Part of apache2-utils
• Options
-n Number of requests to perform
-c Number of multiple requests to make
-k Use HTTP KeepAlive feature
#ab –n 1000 –c 50 -k
http://disects.com/ Praveen Darshanam
18. netcat
• Open and Connect to TCP/UDP Ports
• File Transfer
• Port Scanning
• Server
nc –l 4444
• Client
nc 192.168.1.102 80
• Port Scanning
nc -z 192.168.1.102 1-1023
http://disects.com/ Praveen Darshanam
19. metasploit
• Penetration testing tool
• Exploit Framework
use use an exploit
set set a variable value
info
infomation of
PAYLOAD/Exploit
PAYLOAD Shellcode to select
RHOST target/victim host
LPORT attackers TCP/UDP port
exploit/run launch exploit
http://disects.com/ Praveen Darshanam
23. tcpdump, tcpreplay, tcpreplay-edit,
tomahawk
• Tcpdump
• Captures/Sniffs Packets on an Interface
tcpdump –i eth0 –xX –s0 –w capture.pcap
• Tomahawk
• replayed using single machine with two interfaces
• Tcpreplay
• Replays packet captures
tcpreplay -K –C –i eth1 –M 400.00 capture.pcap
• tcpreplay-edit
• Similar to ‘tcpreplay’ with an option to edit the capture
http://disects.com/ Praveen Darshanam
28. Snort IDS Testing
• stick
• IDSwakeup
• IDS Informer
• mucus
• sneeze.pl
• fpg
• NOTE: These are pretty old tools, pre PCRE.
http://disects.com/ Praveen Darshanam
29. SNMP
• SNMP is used for remote management and monitoring of network
devices
snmpwalk –v 1 –c mysnmp 192.168.1.1 hrSWRunState
• Options
-v version
-c community string or user name
http://disects.com/ Praveen Darshanam
31. Network Time Protocol
• NTP is used to synchronise clocks
• Ntpupdate collects time samples from Time Server
ntpupdate ntp_server_ip
• Ntptrace gets source of time to a particular server
ntptrace
• Ntpdc used to query NTP daemons current state
ntpdc –c sysinfo ip_address
• Ntpq monitor NTP daemons operations and performance
ntpq ip_address
http://disects.com/ Praveen Darshanam
32. DoS
• tcpjunk
• slowloris.pl
• thc-ssl-dos tool
• many fuzzers
• few Metasploit auxiliary/ modules
http://disects.com/ Praveen Darshanam