The Power. Chema. of FOCA 3

Size: px
Start display at page:

Download "The Power. Chema. of FOCA 3"

Transcription

1 The Power of FOCA 3

2 What s a FOCA? 5/25/12 2

3 Al principio fue el Metadato 5/25/12 3

4 Metadata, hidden info Mala ges.ón Mala conversión Opciones inseguras & lost data Buscadores Arañas Bases de datos Mala ges.ón Formatos embebidos Conversión errónea Opciones Inseguras Ficheros embebidos Nuevas aplicaciones o nuevas versiones Ficheros embebidos 5/25/12 4

5 Printers 5/25/12 5

6 Malware Dirigido 5/25/12 6

7 Targeting Malware 5/25/12 7

8 Electing the entry point 5/25/12 8

9 Social Engineering Attack 5/25/12 9

10 Anonym0us case 5/25/12 10

11 Lost Data 5/25/12 11

12 Metadata Risks Relaciones Ocultas Historia de Acciones Entre empresas Entre personas Piratería de Software Información táctica Ataques 5/25/12 12

13 Drug Dealer 5/25/12 13

14 Forensic FOCA hjp://www.elladodelmal.com/ 2012/02/forensic- foca- beta- 5/25/12 14

15 Show Me Your Metadata 5/25/12 15

16 Internal Fingerprinting with FOCA 5/25/12 16

17 Phase 1: Metadata

18 FOCA 2 5/25/12 18

19 FOCA 2.5: Exalead 5/25/12 19

20 Network Discovery 5/25/12 20

21 Búsqueda de URLS en buscadores 5/25/12 21

22 Bing IP 5/25/12 22

23 Shodan 5/25/12 23

24 Network Discovery: Well Known Records Zone Transfer DNS SOA, MX, SPF, DKIM, LDAP, VoIP, Active Directory. AXFR Diccionary Search Server1, Intranet, Private, DNS, etc. 5/25/12 24

25 PTR Scannig 5/25/12 25

26 Huge domains case 5/25/12 26

27 Network Discovery Algorithm 1) http -> Web server 2) GET Banner HTTP 3) domain.com is a domain 4) Search NS, MX, SPF records for domain.com 5) sub.domain.com is a subdomain 6) Search NS, MX, SPF records for sub.domain.com 7) Try all the non verified servers on all new domains 1) server01.domain.com 2) server01.sub.domain.com 8) Apple1.sub.domain.com is a hostname 9) Try DNS Prediction (apple1) on all domains 10) Try Google Sets(apple1) on all domains 5/25/12 27

28 Network Discovery Algorithm 11) Resolve IP Address 12) Get Certificate in https://ip 13) Search for domain names in it 14) Get HTTP Banner of 15) Use Bing Ip:IP to find all domains sharing it 16) Repeat for every new domain 17) Connect to the internal NS (1 or all) 18) Perform a PTR Scan searching for internal servers 19) For every new IP discovered try Bing IP recursively 20) ~chema -> chema is probably a user 5/25/12 28

29 Network Discovery Algorithm 21) /, /~chema/ and /~chema/dir/ are paths 22) Try directory listing in all the paths 23) Search for PUT, DELETE, TRACE methods in every path 24) Fingerprint software from 404 error messages 25) Fingerprint software from application error messages 26) Try common names on all domains (dictionary) 27) Try Zone Transfer on all NS 28) Search for any URL indexed by web engines related to the hostname 29) Download the file 30) Extract the metadata, hidden info and lost data 31) Sort all this information and present it nicely 32) For every new IP/URL start over again 5/25/12 29

30 Click & Go 5/25/12 30

31 Phase 2: Network

32 How Foca found a data 5/25/12 32

33 Role Oriented View 5/25/12 33

34 Fingerprinting 404 Not Found Options messages Domain names and software Aspx Error Messages HTTP Banner Hostname IP Addres SMTP Banner Digital Certificates Shodan 5/25/12 34

35 DNS Version.bind 5/25/12 35

36 Primary Master 5/25/12 36

37 Vulnerabilites View 5/25/12 37

38 Phase 3: Vulnerabilities

39 Customizable Search 5/25/12 39

40 FOCA + Spidering 5/25/12 40

41 FOCA + Spidering 5/25/12 41

42 Digital Certificates 5/25/12 42

43 FOCA 2.5 URL Analysis 5/25/12 43

44 .listing 5/25/12 44

45 Unsecure Http Methods 5/25/12 45

46 Search & Upload 5/25/12 46

47 Proxy 5/25/12 47

48 Fuzzing options 5/25/12 48

49 DNS Cache Snooping 5/25/12 49

50 DNS Cache Snooping 5/25/12 50

51 DNS Cache Snooping Internal Software Windows Update Gtalk Evilgrade Detecting vulnerable software to Evilgrade attacks AV evassion Detecting internal AV systems Malware driven by URL Hacking a web site ussually visited by internal users 5/25/12 51

52 DNS Cache detection 5/25/12 52

53 Log filter 5/25/12 53

54 FOCA Reporting Module 5/25/12 54

55 FOCA Reporting Module 5/25/12 55

56 Fear The FOCA 5/25/12 56

57 FOCA Online 5/25/12 57

58 Cleaning documents OOMetaExtractor hjp://www.codeplex.org/oometaextractor 5/25/12 58

59 IIS MetaShield Protector hjp://www.metashieldprotector.com 5/25/12 59

60 FOCA on Linux? 5/25/12 60

61 Buy a FOCA T-Shirt 5/25/12 And be «Sexy» }:)) 61

62 Questions? 5/25/12 62

Onderwerp: Modern Information Gathering

Onderwerp: Modern Information Gathering Modern information gathering Onderwerp: Modern Information Gathering Datum: 26-JUN-2012 Aanwezigen: OWASP Classificatie: Public Who Am I Dave van Stein 38 years Tester > 11 years (Application) Security

More information

How to Add Domains and DNS Records

How to Add Domains and DNS Records How to Add Domains and DNS Records Configure the Barracuda NextGen X-Series Firewall to be the authoritative DNS server for your domains or subdomains to take advantage of Split DNS or dead link detection.

More information

gathering Dave van Stein 9 april 2009

gathering Dave van Stein 9 april 2009 Modern information gathering Dave van Stein 9 april 2009 Who Am I Dave van Stein 34 years Functional tester > 7 years Specializing in (Application) Security Testing Certified Ethical Hacker Agenda Goal

More information

How-to: DNS Enumeration

How-to: DNS Enumeration 25-04-2010 Author: Mohd Izhar Ali Email: johncrackernet@yahoo.com Website: http://johncrackernet.blogspot.com Table of Contents How-to: DNS Enumeration 1: Introduction... 3 2: DNS Enumeration... 4 3: How-to-DNS

More information

How To Guide Edge Network Appliance How To Guide:

How To Guide Edge Network Appliance How To Guide: How To Guide Edge Network Appliance How To Guide: ActiveDNS v 4.01 Edge Network Appliance How To Guide: ActiveDNS 2007 XRoads Networks 17165 Von Karman, Suite 112 888-9-XROADS v 4.01 updated 09/11/07 Table

More information

A fresh new look into Information Gathering. Christian Martorella IV OWASP MEETING SPAIN

A fresh new look into Information Gathering. Christian Martorella IV OWASP MEETING SPAIN A fresh new look into Information Gathering Christian Martorella IV OWASP MEETING SPAIN Who am i? Christian Martorella Manager Auditoria S21sec CISSP, CISA, CISM, OPST, OPSA OWASP WebSlayer Project Leader

More information

How to Configure the Windows DNS Server

How to Configure the Windows DNS Server Windows 2003 How to Configure the Windows DNS Server How to Configure the Windows DNS Server Objective This document demonstrates how to configure domains and record on the Windows 2003 DNS Server. Windows

More information

Hacking Techniques & Intrusion Detection

Hacking Techniques & Intrusion Detection Hacking Techniques & Intrusion Detection Winter Semester 2012/2013 Dr. Ali Al-Shemery aka: B!n@ry Footprinting Walking the trails to a target Outline External Footprinting Identify External Ranges Passive,

More information

Lesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division

Lesson 13: DNS Security. Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Lesson 13: DNS Security Javier Osuna josuna@gmv.com GMV Head of Security and Process Consulting Division Introduction to DNS The DNS enables people to use and surf the Internet, allowing the translation

More information

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide

HTG XROADS NETWORKS. Network Appliance How To Guide: EdgeDNS. How To Guide HTG X XROADS NETWORKS Network Appliance How To Guide: EdgeDNS How To Guide V 3. 2 E D G E N E T W O R K A P P L I A N C E How To Guide EdgeDNS XRoads Networks 17165 Von Karman Suite 112 888-9-XROADS V

More information

Copyright 2012 http://itfreetraining.com

Copyright 2012 http://itfreetraining.com In order to find resources on the network, computers need a system to look up the location of resources. This video looks at the DNS records that contain information about resources and services on the

More information

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests

More information

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015

SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015 SPAM, VIRUSES AND PHISHING, OH MY! Michael Starks, CISSP, CISA ISSA Fellow 10/08/2015 The Usual Players Indebtedness for driving on toll road Transaction receipts Notice to appear Major and Emerging Trends

More information

Chris Gates http://carnal0wnage.blogspot.com http://www.learnsecurityonline.com

Chris Gates http://carnal0wnage.blogspot.com http://www.learnsecurityonline.com New School Information Gathering Chris Gates http://carnal0wnage.blogspot.com http://www.learnsecurityonline.com Who Am I? Penetration Tester LearnSecurityOnline.com Security Blogger EthicalHacker.net

More information

1 You will need the following items to get started:

1 You will need the following items to get started: QUICKSTART GUIDE 1 Getting Started You will need the following items to get started: A desktop or laptop computer Two ethernet cables (one ethernet cable is shipped with the _ Blocker, and you must provide

More information

Migration Quick Reference Guide for Administrators

Migration Quick Reference Guide for Administrators Migration Quick Reference Guide for Administrators 10 Easy Steps for Migration Maximize Performance with Easy Settings Changes Communicating with Your Users Reporting Spam Resources Page 1 10 Easy Steps

More information

PineApp Surf-SeCure Quick

PineApp Surf-SeCure Quick PineApp Surf-SeCure Quick Installation Guide September 2010 WEB BASED INSTALLATION SURF-SECURE AS PROXY 1. Once logged in, set the appliance s clock: a. Click on the Edit link under Time-Zone section.

More information

Hosted Exchange 2010

Hosted Exchange 2010 Hosted Exchange 2010 Introduction The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender provides enterprise grade Exchange 2010

More information

V Series Rapid Deployment Version 7.5

V Series Rapid Deployment Version 7.5 V Series Rapid Deployment Version 7.5 Table of Contents Module 1: First Boot Module 2: Configure P1 and N interfaces Module 3: Websense Software installation (Reporting Server) Module 4: Post installation

More information

Si no quieres que sepa tu nombre, por que llevas el DNI en la frente? Christian Martorella CISSP, CISA

Si no quieres que sepa tu nombre, por que llevas el DNI en la frente? Christian Martorella CISSP, CISA Si no quieres que sepa tu nombre, por que llevas el DNI en la frente? Christian Martorella CISSP, CISA 1 Penetration testing Information Gathering Discovery / Fingerprinting Vulnerability analysis Exploitation

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

Configuration Guide BES12. Version 12.2

Configuration Guide BES12. Version 12.2 Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining

More information

Talk-101 User Guide. DNSGate

Talk-101 User Guide. DNSGate Talk-101 User Guide DNSGate What is DNSGate? DNSGate is a management interface to allow you to make DNS changes to your domain. The interface supports A, CNAME, MX and TXT records. What is DNS? DNS stands

More information

How to Configure Split DNS

How to Configure Split DNS How to Configure Split DNS Split DNS is a concept that allows a hostname to resolve to one IP address on the internal network, and another on the external network. An example is the G/On Server if it is

More information

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis? Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis? This paper presents a scenario in which an attacker attempts to hack into the internal network

More information

Configuring Security for SMTP Traffic

Configuring Security for SMTP Traffic 4 Configuring Security for SMTP Traffic Securing SMTP traffic Creating a security profile for SMTP traffic Configuring a local traffic SMTP profile Assigning an SMTP security profile to a local traffic

More information

How to set up the Integrated DNS Server for Inbound Load Balancing

How to set up the Integrated DNS Server for Inbound Load Balancing How to set up the Integrated DNS Server for Introduction Getting Started Peplink Balance has a built-in DNS server for inbound link load balancing. You can delegate a domain s NS/SOA records, e.g. www.mycompany.com,

More information

Important Information

Important Information June 2015 Important Information The following information applies to Proofpoint Essentials US1 data center only. User Interface Access https://usproofpointessentials.com MX Records mx1-usppe-hosted.com

More information

What is a Mail Gateway?... 1 Mail Gateway Setup... 2. Peering... 3 Domain Forwarding... 4 External Address Verification... 4

What is a Mail Gateway?... 1 Mail Gateway Setup... 2. Peering... 3 Domain Forwarding... 4 External Address Verification... 4 Contents CHAPTER 1 IMail Secure Server as a Mail Gateway What is a Mail Gateway?... 1 Mail Gateway Setup... 2 CHAPTER 2 Possible Mail Gateway Configurations Peering... 3 Domain Forwarding... 4 External

More information

DNS and BIND. David White

DNS and BIND. David White DNS and BIND David White DNS: Backbone of the Internet Translates Domains into unique IP Addresses i.e. developcents.com = 66.228.59.103 Distributed Database of Host Information Works seamlessly behind

More information

Trend Micro Worry- Free Business Security 8.0. 1 st time setup Tips & Tricks

Trend Micro Worry- Free Business Security 8.0. 1 st time setup Tips & Tricks Trend Micro Worry- Free Business Security 8.0 WFBS installation best practise, preparations and how to Preparation for 2008 Server IIS: Configuring the required Internet Information Services (IIS) roles

More information

IceWarp to IceWarp Server Migration

IceWarp to IceWarp Server Migration IceWarp to IceWarp Server Migration Registered Trademarks iphone, ipad, Mac, OS X are trademarks of Apple Inc., registered in the U.S. and other countries. Microsoft, Windows, Outlook and Windows Phone

More information

Pwning Intranets with HTML5

Pwning Intranets with HTML5 Javier Marcos de Prado Juan Galiana Lara Pwning Intranets with HTML5 2009 IBM Corporation Agenda How our attack works? How we discover what is in your network? What does your infrastructure tell us for

More information

Use Domain Name System and IP Version 6

Use Domain Name System and IP Version 6 Use Domain Name System and IP Version 6 What You Will Learn The introduction of IP Version 6 (IPv6) into an enterprise environment requires some changes both in the provisioned Domain Name System (DNS)

More information

SMTP Email Settings. Magento Extension User Guide. Official extension page: SMTP Email Settings. User Guide: SMTP Email Settings

SMTP Email Settings. Magento Extension User Guide. Official extension page: SMTP Email Settings. User Guide: SMTP Email Settings SMTP Email Settings Magento Extension User Guide Official extension page: SMTP Email Settings Page 1 Table of contents: 1. General Settings. 3 2. SMTP Configuration.. 5 3. Log Clearing Settings. 6 4. Sent

More information

Presto User s Manual. Collobos Software Version 1.1. 2013 Collobos Software, Inc! http://www.collobos.com

Presto User s Manual. Collobos Software Version 1.1. 2013 Collobos Software, Inc! http://www.collobos.com Presto User s Manual Collobos Software Version 1.1 2013 Collobos Software, Inc! http://www.collobos.com Welcome To Presto! 3 AirPrint! 3 Google Cloud Print! 3 System Requirements! 3 How It Works! 5 PrintKit

More information

Configuration Guide BES12. Version 12.1

Configuration Guide BES12. Version 12.1 Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...

More information

Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway

Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Websense Support Webinar January 2010 web security data security email security

More information

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration Linux Server Support by Applied Technology Research Center Proxy Server Configuration We configure squid for your LAN. Including transparent for HTTP and proxy for HTTPS. We also provide basic training

More information

Configuring an External Domain

Configuring an External Domain Configuring an External Domain SUPPORT GUIDE DOMAINS ABOUT THIS GUIDE This guide will instruct you on how to: Use an existing domain name Set Up Your Domain to Use Tagadab Name Servers Use Your VPS/Dedicated

More information

Configuring a Domain to work with your Server

Configuring a Domain to work with your Server Configuring a Domain to work with your Server If you have a domain name registered with a third party and would like to use that domain with your Tagadab server (Virtual or Dedicated) then you have several

More information

Working With Virtual Hosts on Pramati Server

Working With Virtual Hosts on Pramati Server Working With Virtual Hosts on Pramati Server 13 Overview Virtual hosting allows a single machine to be addressed by different names. There are two ways for configuring Virtual Hosts. They are: Domain Name

More information

Email Migration Project Plan for Cisco Cloud Email Security

Email Migration Project Plan for Cisco Cloud Email Security Sales Tool Email Migration Project Plan for Cisco Cloud Email Security 2014 Cisco and/or its affiliates. All rights reserv ed. This document is Cisco Conf idential. For Channel Partner use only. Not f

More information

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0 Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...

More information

"Charting the Course... Enterprise Linux Networking Services Course Summary

Charting the Course... Enterprise Linux Networking Services Course Summary Course Summary Description This an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services

More information

So today we shall continue our discussion on the search engines and web crawlers. (Refer Slide Time: 01:02)

So today we shall continue our discussion on the search engines and web crawlers. (Refer Slide Time: 01:02) Internet Technology Prof. Indranil Sengupta Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No #39 Search Engines and Web Crawler :: Part 2 So today we

More information

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

Hosting more than one FortiOS instance on. VLANs. 1. Network topology Hosting more than one FortiOS instance on a single FortiGate unit using VDOMs and VLANs 1. Network topology Use Virtual domains (VDOMs) to divide the FortiGate unit into two or more virtual instances of

More information

WEBTITAN CLOUD. User Identification Guide BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES

WEBTITAN CLOUD. User Identification Guide BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES WEBTITAN CLOUD User Identification Guide This guide explains how to install and configure the WebTitan Cloud Active Directory components required

More information

Pass Through Proxy. How-to. Overview:..1 Why PTP?...1

Pass Through Proxy. How-to. Overview:..1 Why PTP?...1 Pass Through Proxy How-to Overview:..1 Why PTP?...1 Via an SA port...1 Via external DNS resolution...1 Examples of Using Passthrough Proxy...2 Example configuration using virtual host name:...3 Example

More information

Windows 2008 Server. Domain Name System Administración SSII

Windows 2008 Server. Domain Name System Administración SSII Windows 2008 Server Domain Name System Administración SSII Contenidos Introducción Configuración DNS Transferencia de zona Herramientas DNS Introducción Domain Name System is a hierarchical distributed

More information

Understand Names Resolution

Understand Names Resolution Understand Names Resolution Lesson Overview In this lesson, you will learn about: Domain name resolution Name resolution process steps DNS WINS Anticipatory Set 1. List the host name of 4 of your favorite

More information

BorderWare Firewall Server 7.1. Release Notes

BorderWare Firewall Server 7.1. Release Notes BorderWare Firewall Server 7.1 Release Notes BorderWare Technologies is pleased to announce the release of version 7.1 of the BorderWare Firewall Server. This release includes following new features and

More information

provides several new features and enhancements, and resolves several issues reported by WatchGuard customers.

provides several new features and enhancements, and resolves several issues reported by WatchGuard customers. WatchGuard XCS v10.0 Update 1 Release Notes WatchGuard XCS Build 140312 Revision Date 11 November, 2014 Introduction WatchGuard is pleased to announce the release of WatchGuard XCS v10.0 Update 1. This

More information

Internet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at

Internet Security [1] VU 184.216. Engin Kirda engin@infosys.tuwien.ac.at Internet Security [1] VU 184.216 Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Administration Challenge 2 deadline is tomorrow 177 correct solutions Challenge 4 will

More information

How to use ArGoSoft Mail Server.NET Freeware

How to use ArGoSoft Mail Server.NET Freeware How to use ArGoSoft Mail Server.NET Freeware So, you have registered your own domain name (we will use myargosoft.net as an example), and are willing to host your own mail in the house. ArGoSoft Mail Server.NET

More information

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification

Secure Web Development Teaching Modules 1. Security Testing. 1.1 Security Practices for Software Verification Secure Web Development Teaching Modules 1 Security Testing Contents 1 Concepts... 1 1.1 Security Practices for Software Verification... 1 1.2 Software Security Testing... 2 2 Labs Objectives... 2 3 Lab

More information

Smart Card Authentication. Administrator's Guide

Smart Card Authentication. Administrator's Guide Smart Card Authentication Administrator's Guide October 2012 www.lexmark.com Contents 2 Contents Overview...4 Configuring the applications...5 Configuring printer settings for use with the applications...5

More information

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them. This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and

More information

Chapter 9: Name Services. 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary

Chapter 9: Name Services. 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary Chapter 9: Name Services 9.1 Introduction 9.2 Name services and the DNS 9.3 Directory services 9.6 Summary Learning objectives To understand the need for naming systems in distributed systems To be familiar

More information

ENTERPRISE LINUX NETWORKING SERVICES

ENTERPRISE LINUX NETWORKING SERVICES ENTERPRISE LINUX NETWORKING SERVICES The is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement

More information

HW9 WordPress & Google Analytics

HW9 WordPress & Google Analytics HW9 WordPress & Google Analytics MSCI:3400 Data Communications Due Monday, December 14, 2015 @ 8:00am Late submissions will not be accepted. In this individual assignment you will purchase and configure

More information

Adding New Clients to Your Account. Adding Orgs With a Unique Mail Server pg 2 Adding Orgs That Share Similar Mail Servers pg 6

Adding New Clients to Your Account. Adding Orgs With a Unique Mail Server pg 2 Adding Orgs That Share Similar Mail Servers pg 6 Adding New Clients to Your Account Adding Orgs With a Unique Mail Server pg 2 Adding Orgs That Share Similar Mail Servers pg 6 Google Message Security, Powered by Postini Adding N ew Clients to Your Account

More information

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications

Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered

More information

How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1.

How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1. How to scan/exploit a ssl based webserver. by xxradar. http://www.radarhack.com mailto:xxradar@radarhack.com. Version 1.0 21-09-2003 1. Introduction Sometimes late at night, playing with openssl and connecting

More information

ZENworks 11 Support Pack 4 Management Zone Settings Reference. May 2016

ZENworks 11 Support Pack 4 Management Zone Settings Reference. May 2016 ZENworks 11 Support Pack 4 Management Zone Settings Reference May 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government

More information

DYNAMIC DNS: DATA EXFILTRATION

DYNAMIC DNS: DATA EXFILTRATION DYNAMIC DNS: DATA EXFILTRATION RSA Visibility Reconnaissance Weaponization Delivery Exploitation Installation C2 Action WHAT IS DATA EXFILTRATION? One of the most common goals of malicious actors is to

More information

DNS: How it works. DNS: How it works (more or less ) DNS: How it Works. Technical Seminars Spring 2010 1. Paul Semple psemple@rm.

DNS: How it works. DNS: How it works (more or less ) DNS: How it Works. Technical Seminars Spring 2010 1. Paul Semple psemple@rm. DNS: How it works Paul Semple psemple@rm.com DNS: How it works (more or less ) Paul Semple psemple@rm.com 1 Objectives What DNS is and why we need it DNS on Windows Server networks / Community Connect

More information

GL275 - ENTERPRISE LINUX NETWORKING SERVICES

GL275 - ENTERPRISE LINUX NETWORKING SERVICES Length: 5 days The GL275 is an expansive course that covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely,

More information

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration

More information

Managing Qualys Scanners

Managing Qualys Scanners Q1 Labs Help Build 7.0 Maintenance Release 3 documentation@q1labs.com Managing Qualys Scanners Managing Qualys Scanners A QualysGuard vulnerability scanner runs on a remote web server. QRadar must access

More information

Domain Name System Security

Domain Name System Security Abstract Domain Name System Security Ladislav Hagara hgr@vabo.cz Department of Automated Command Systems and Informatics Military Academy in Brno Brno, Czech Republic Domain Name System (DNS) is one of

More information

Protecting the Infrastructure: Symantec Web Gateway

Protecting the Infrastructure: Symantec Web Gateway Protecting the Infrastructure: Symantec Web Gateway 1 Why Symantec for Web Security? Flexibility and Choice Best in class hosted service, appliance, and virtual appliance (upcoming) deployment options

More information

Getting Started with the iscan Online Data Breach Risk Intelligence Platform

Getting Started with the iscan Online Data Breach Risk Intelligence Platform Getting Started with the iscan Online Data Breach Risk Intelligence Platform 2 Table of Contents Overview... 3 Data Breach Risk Intelligence... 3 Data Breach Prevention Lifecycle Defined... 3 Choosing

More information

Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy. 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs

Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy. 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs Classifying DNS Heavy User Traffic by using Hierarchical Aggregate Entropy 2012/3/5 Keisuke Ishibashi, Kazumichi Sato NTT Service Integration Labs Motivation Network resources are consumed by a small number

More information

Switching Your DNS WiredTree

Switching Your DNS WiredTree Switching Your DNS Switching your DNS Now that you have your new account with us it is time to start planning on moving your current hosting over to your new server. This getting started guide covers switching

More information

Core Protection Suite

Core Protection Suite Core Protection Suite Admin Guide Spam Soap, Inc. 3193 Red Hill Avenue Costa Mesa, CA 92626 United States p.866.spam.out f.949.203.6425 e. info@spamsoap.com www.spamsoap.com Contents EMAIL PROTECTION OVERVIEW...3

More information

Lab Tasks 1. Configuring a Slave Name Server 2. Configure rndc for Secure named Control

Lab Tasks 1. Configuring a Slave Name Server 2. Configure rndc for Secure named Control Khóa học bao trùm tất cả các vấn đề về dịch vụ mạng trong doanh nghiệp bao gồm: khái niệm DNS, triển khai DNS sử dụng Bind; khái niệm LDAP và sử dụng OpenLDAP; dịch vụ Web với Apache; dịch vụ FTP với vsftpd;

More information

GL-275: Red Hat Linux Network Services. Course Outline. Course Length: 5 days

GL-275: Red Hat Linux Network Services. Course Outline. Course Length: 5 days GL-275: Red Hat Linux Network Services Course Length: 5 days Course Description: The GL275 is an expansive course that covers a wide range of network services useful to every organization. Special attention

More information

WildFire Features. Palo Alto Networks. PAN-OS New Features Guide Version 6.1. Copyright 2007-2015 Palo Alto Networks

WildFire Features. Palo Alto Networks. PAN-OS New Features Guide Version 6.1. Copyright 2007-2015 Palo Alto Networks WildFire Features Palo Alto Networks PAN-OS New Features Guide Version 6.1 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 http://www.paloaltonetworks.com/contact/contact/

More information

Penetration Testing Scope Factors

Penetration Testing Scope Factors 1 NZ PAPER LINUX AND WEB APPLICATION SECURITY Penetration Testing Scope Factors April 20, 2013 Zeeshan Khan NZPAPER.BLOGSPOT.COM 2 Abstract: This paper contains the key points of penetration testing. All

More information

Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure iseries DNS iseries DNS Copyright International Business Machines Corporation 2001. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule

More information

Computer Services Documentation

Computer Services Documentation Computer Services Documentation Shibboleth Documentation {Shibboleth & Google Apps Integration} John Paul Szkudlapski June 2010 Note: These case studies, prepared by member organisations of the UK federation,

More information

Step-by-Step Configuration

Step-by-Step Configuration Step-by-Step Configuration Kerio Technologies Kerio Technologies. All Rights Reserved. Printing Date: August 15, 2007 This guide provides detailed description on configuration of the local network which

More information

Networking Domain Name System

Networking Domain Name System System i Networking Domain Name System Version 5 Release 4 System i Networking Domain Name System Version 5 Release 4 Note Before using this information and the product it supports, read the information

More information

NTT Web Hosting Service [User Manual]

NTT Web Hosting Service [User Manual] User Version 0.11 August 22, 2014 NTT Web Hosting Service [User Manual] Presented By: OAM Linux A NTT Communications (Thailand) CO., LTD. Table of Contents NTT Web Hosting Service [User Manual] 1 General...

More information

WHM Administrator s Guide

WHM Administrator s Guide Fasthosts Customer Support WHM Administrator s Guide This manual covers everything you need to know in order to get started with WHM and perform day to day administrative tasks. Contents Introduction...

More information

Yandex: Webmaster Tools Overview and Guidelines

Yandex: Webmaster Tools Overview and Guidelines Yandex: Webmaster Tools Overview and Guidelines Agenda Introduction Register Features and Tools 2 Introduction What is Yandex Yandex is the leading search engine in Russia. It has nearly 60% market share

More information

Click Studios. Passwordstate. Installation Instructions

Click Studios. Passwordstate. Installation Instructions Passwordstate Installation Instructions This document and the information controlled therein is the property of Click Studios. It must not be reproduced in whole/part, or otherwise disclosed, without prior

More information

Module 2. Configuring and Troubleshooting DNS. Contents:

Module 2. Configuring and Troubleshooting DNS. Contents: Configuring and Troubleshooting DNS 2-1 Module 2 Configuring and Troubleshooting DNS Contents: Lesson 1: Installing the DNS Server Role 2-3 Lesson 2: Configuring the DNS Server Role 2-9 Lesson 3: Configuring

More information

Wikto how does it work and how do I use it?

Wikto how does it work and how do I use it? Wikto how does it work and how do I use it? Introduction This document describes how to use Wikto to quickly and easily perform web server assessments. Before we start we need to know what Wikto does and

More information

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference

Architecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise

More information

Client logo placeholder XXX REPORT. Page 1 of 37

Client logo placeholder XXX REPORT. Page 1 of 37 Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company

More information

Configuration Guide to Hosted Exchange 2010. User Documentation for Customers & Resellers

Configuration Guide to Hosted Exchange 2010. User Documentation for Customers & Resellers Configuration Guide to Hosted Exchange 2010 User Documentation for Customers & Resellers Table of Contents Configuration Guide to Hosted Exchange 2010 Detailed settings for the Hosted Exchange 2010 platform...

More information

FortiGate Multi-Threat Security Systems I

FortiGate Multi-Threat Security Systems I FortiGate Multi-Threat Security Systems I Module 9: Web Filtering 2013 Fortinet Inc. All rights reserved. The information contained herein is subject to change without notice. No part of this publication

More information

Penetration Testing Automation System

Penetration Testing Automation System Universitat Politècninca de Catalunya Final Thesis Penetration Testing Automation System Author: Oriol Caño Bellatriu Supervisor: Manuel Garcia-Cervignon Gutierrez A thesis submitted in fulfilment of the

More information

HTG XROADS NETWORKS. Network Appliance How To Guide: DNS Delegation. How To Guide

HTG XROADS NETWORKS. Network Appliance How To Guide: DNS Delegation. How To Guide HTG X XROADS NETWORKS Network Appliance How To Guide: DNS Delegation How To Guide DNS Delegation (The Simple Redundancy Solution) The key requirement when performing DNS based network redundancy and load

More information

Urchin E-Commerce. User Guide

Urchin E-Commerce. User Guide 2005 Linux Web Host. All rights reserved. The content of this manual is furnished under license and may be used or copied only in accordance with this license. No part of this publication may be reproduced,

More information

ADFS for. LogMeIn and join.me authentication

ADFS for. LogMeIn and join.me authentication ADFS for LogMeIn and join.me authentication ADFS for join.me authentication This step-by-step guide walks you through the process of configuring ADFS for join.me authentication. Set-up Overview 1) Prerequisite:

More information