Questions and answers, you see what you want sometimes

Almost through the questions I missed the first go round, again. I think I’m in the 70-80 precent range but its possible its worse. Hoping not but I’m going to keep going through this lot of 250 till I’m in the mid 90’s before going through everything again and then hope I’m in the mid 90s there but that’s probably not going to happen. Anyway, getting much better at explaining answers and understanding what’s going on rather than being like uhaaa I think its that one but I cant really tell you why. So that’s good. Anyway, got some more questions tonight.

 photo 6_zpshflbffie.png

I’ll be real, I mean, I’m not the best with things like port numbers and in practice. Never mind, any way what I was saying was that that everyone knows SSL uses 443 and that was the wrong answer but I don’t know what port number some of these use and you know, I wont remember them most likely but whatever, A for effort!

  • Stelnet – this is actual STelnet which is supposed to be secure telnet and uses port 423
  • SCP – 22
  • SNMP – SNMP uses UDP as its transport protocol. The well known UDP ports for SNMP traffic are 161 (SNMP) and 162 (SNMPTRAP)
  • FTPS – FTP/S commonly runs on port 990 and sometimes on port 21, the primary difference being that port 990 is an Implicit FTP/S, and port 21 is an Explicit FTP/S. If a client connects to an FTP/S server on port 990, the assumption is that the client intends to perform SS
  • SSL – By default, HTTPS connections utilize the ‘TCP port 443’ whereas the HTTP connections (not secure ones) utilize ‘port 80
  • SFTP -SFTP (SSH File Transfer Protocol), not to be confused with FTPS (Secure FTP), runs on top of the SSH (Secure Shell) protocol and by default uses port 22 for communications

Welp, that’s that one. SFTP and SCP which seem like they should be the same thing but are not some how.

 photo 2_zpsv8rcrael.png

Jeez oh pete how the fuck, thats a long list of things. I took at stab at certificate pinning as I wasnt sure if mutal authentication was common but really, im not sure what that even is. So this is like, work.

lets start by defining stuff

  • key rotation – generally speaking, this is generation of new encryption keys that is a manual process unless you use a third party vendor, from what I understand.
  • mutual authentication – basically anything thats ssl/tls provides mutual authentication which PEAP “The difference is: PEAP is a SSL wrapper around EAP carrying EAP. TTLS is a SSL wrapper around diameter TLVs (Type Length Values) carrying RADIUS authentication attributes” so it fits the bill here and you basically can look up if something is ssl/tls to find out if it works under these conditions.
  • secure hashing – sha has nothing to do with this
  • certificate pinning – there are lots of sites for this and it seems like its for mobile apps to associate with an x.509 host so its not applicable in this case
 photo 5_zpsldlztgpp.png

Screwed this up again so lets go through it, one more time!

  • Rule-based access control – Under Rules Based Access Control, access is allowed or denied to resource objects based on a set of rules defined by a system administrator. As with Discretionary Access Control, access properties are stored in Access Control Lists (ACL) associated with each resource object. When a particular account or group attempts to access a resource, the operating system checks the rules contained in the ACL for that object
  • Role-based access control – Essentially, RBAC assigns permissions to particular roles in an organization. Users are then assigned to that particular role. For example, an accountant in a company will be assigned to the Accountant role, gaining access to all the resources permitted for all accountants on the system. Similarly, a software engineer might be assigned to the developer role.
  • Mandatory access control – MAC takes a hierarchical approach to controlling access to resources. Under a MAC enforced environment access to all resource objects (such as data files) is controlled by settings defined by the system administrator. As such, all access to resource objects is strictly controlled by the operating system based on system administrator configured settings. It is not possible under MAC enforcement for users to change the access control of a resource.
  • Discretionary access control- under DAC a user can only set access permissions for resources which they already own. A hypothetical User A cannot, therefore, change the access control for a file that is owned by User B. User A can, however, set access permissions on a file that she owns. Under some operating systems it is also possible for the system or network administrator to dictate which permissions users are allowed to set in the ACLs of their resources.

Maybe I understand it now.

 photo 3_zps4189ove0.png

Is it just me or does it seem that Kerberos is more likely to use a PKI? Its just me? ok then. But like is SFTP not left over from dial up? Oh you said that the specific internal function that kerberos provides has nothing to do with encryption and is a dumb answer? shit. Ok, welll then. SFTP was first started in 1997? Humm, well then I guess it varies by version SFTP Public Key Authentication. SAML is off the table and SIP is like basic voip shit. IPSec doesn’t really have anything to do with this either. So, ok.

 photo 4_zpskissve4j.png

It seems like firewall logs would have more info than a system that attaches to a firewall to monitor traffic but maybe that’s just me. There’s also not a website to point to prove this but ok.

 photo 1_zpsmmxvwgf4.png

What even the fuck. any of this! Do they mean SQL injection? Doesn’t seem super likely but ok. anyway: How SQL injection is done through FTP?

Welp, I think that’s all for now.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Website Powered by

Up ↑

%d bloggers like this: