CIA Triad

   

1- Confidentiality

Encryption

Secrecy

Mandatory Access Control

High Secure Environment

Symmetric Encryption Algorithms: DES, 3DES, AES, IDEA, CAST, Blowfish

Tunneling (ICMP, HTTP Tunneling)

Privacy

Concealment

Disclosure

Security Labels, Data Labels, Device Labels

Clearance / Classification, Top Secret, Secret, Confidential

Need to Know

Theft

2-Integrity

MDx (1-5), SHA,

Hashing

Message Digest

Change, Modify, Alter, Delete, Differences between External and Internal Consistency

Improper or unauthorized changes

Reliability

Accuracy

Completeness

Tamper

Trust / Assurance

3- Availability

Denial of Service (DoS)

Distributed DoS

Fault Tolerance, RAID, Redundancy, Clustering

Active / Passive.

Denied Access

Primary / Secondary

Hot, Warm, Cold, Reciprocal Agreement

High Availability

Clustering

Redundancy

Failover

Disrupt

Lailatu sansaidah, khoda hafiz   ;)

CEH: OSI model

Hacking and the OSI Model (TCP/IP) 

Layer 7

• URL Obfuscation
• Buffer Overflows
• MITM
• Brute Force
• DNS Poisoning
• DHCP Starvation (application)
• Service Flood Request
• Back Orifice, NetCat, Tini, NetBus, FU, Brutus
• Application Hijacking
• XSS

Commonly Targeted protocols

• HTTP
• POP3
• SMTP
• IMAP
• DNS

Layer 6

• File Type Conversions
• HEX editing

Commonly Targeted Filetypes

• .html
• .doc
• .php
• .xml
• .txt
• .mp3
• .wav

Layer 5

• SMB
• RPC
• NFS
• SQL Injection

Commonly Targeted Protocols

• SQL
• NFS
• RPC

Layer 4

• TCP
  • SRAF UP (Flags)
    • To learn how this works, record a conversation in Wireshark and then play the stream back and watch the flags change from source to destination
  • Syn Flooding with spoofed IP source address
  • Session Hijacking
  • Netstat
• UDP
  • Fraggle
• Tools
  • Hping

Commonly Targeted Protocols

• TCP
• UPD

Layer 3

• IP
• IPSec
  • AH
  • ESP
  • Oakley, ISAKMP, IKE
• Routing Protocols
  • RIP, OSPF, IGRP, BGP, EGP, HRSP
• MITM
• IP Spoofing
• ICMP Flood
• ICMP
  • Smurf Attack – Broadcast address, spoofed source address, large packet
  • Ping Of Death – Large Fragmented packet (>65000)
• Routers
• Some Tools
  • Nmap
  • NetCat
  • Hping

Layer 2

• MAC Flooding
• MAC Spoofing
• MAC Duplicating
• ARP Poisoning
• ARP Spoofing
• Man-In-The-Middle
• Switches / Hubs
• Wan Encapsulations
  • X.25, Frame Relay, HDLC, SDLC, ISDN BRI, ISDN PRI,
• VPN
  • L2f, L2TP, PPTP
• NDIS

Layer 1

• Fiber Optics
• TX/RX
• Cat 5
• WiFi
• Twisted Pair, Coax,