InfoSec Questions Asked on Recent Phone Interview

1. What would it mean if I saw a lot of activity on port 53? First of all you need to find what is the source of traffic. Try something like: netstat -a -n -p|grep :53 or this: lsof -p PID 2. What is the diff between http and html? One is a protocol and […]

Read More

Basic Linux Privilege Escalation

Hat tip to g0tmi1k for authoring one of the best basic Linux privilege escalation compilations ever. Operating System What’s the distribution type? What version? 1 2 3 4 cat /etc/issue cat /etc/*-release cat /etc/lsb-release     # Debian based cat /etc/redhat-release   # Redhat based What’s the kernel version? Is it 64-bit? 1 2 3 4 5 6 […]

Read More

What are some examples of common security vulnerabilities?

#1:Missing patches All it takes for an attacker, or a rogue insider, is a missing patch on a server that permits an unauthenticated command prompt or other backdoor path into the web environment. Sure, we have to be careful when applying patches to servers but to not apply patches at all (I often seen missing […]

Read More