Two-factor authentication (TFA) requires two types of authentication from a user seeking admission to a network. For example, a user might have to know something (for example, a password) and have something (such as a specific fingerprint, which can be checked with a biometric authentication device).
Monthly Archives: February 2016
Using tcpdump and wireshark to view network scanning
Try to get comfortable with some basic options in tcpdump or in Wireshark. Can you answer the following questions ? How do you write the output to a file? How do you read from a file ? tcpdump -w tcpdump -r How do you enable or disable name and port number resolution ? tcpdump -n […]
The TCP/IP Layered Model
A checklist for understanding each layer: Layer 1: The Physical Layer: _____1. Function of Layer 1 _____2. Transmission Type: Simplex/Half Duplex/Full Duplex _____3. T1, DS1 Super Frame, DS1 Extended Super Frame _____4. Wireless Physical Layer _____5. Wired Ethernet Physical Layer _____6. Wireless PHY Analysis _____7. Wireless Wi-Fi Layers _____8. 802.11 Fundamentals, BSS, ESS, Standards _____9. […]
What is a TCP port scan?
A common Transmission Control Protocol (TCP) port scan sends a TCP SYN (synchronize) packet to a specific port of a server as part of the TCP three-way handshake. If the server responds with a SYN/ACK (synchronize/acknowledge) packet, the scanner knows the port is open. However, instead of completing the three-way handshake, the scanner can send […]
What is a SYN Flood attack?
A SYN flood attack disrupts the TCP initiation process by withholding the third packet of the TCP three-way handshake. Flood guards protect against SYN flood attacks.
What is Transmission Control Protocol (TCP)?
The Transmission Control Protocol (TCP) is a core protocol of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. Transmission Control Protocol (TCP) provides connection-oriented traffic with a guaranteed delivery. TCP uses a three-way handshake. […]
Where are log files stored in Linux?
Answer: /var/log The following are the 20 different log files that are located under /var/log/ directory. Some of these log files are distribution specific. For example, you’ll see dpkg.log on Debian based systems (for example, on Ubuntu). /var/log/messages – Contains global system messages, including the messages that are logged during system startup. There are several […]
System Logs in Linux
The syslogd utility logs various kinds of system activity, such as debugging output from sendmail and warnings printed by the kernel. syslogd runs as a daemon and is usually started in one of the rc files at boot time. The file /etc/syslog.conf is used to control where syslogd records information. Records in syslog.conf has the […]
What is Syslog?
Syslog is a way for network devices to send event messages to a logging server – usually known as a Syslog server. The Syslog protocol is supported by a wide range of devices and can be used to log different types of events. For example, a router might send messages about users logging on to […]
What is Log Management?
Log management is the collective processes and policies used to administer and facilitate the generation, transmission, analysis, storage, archiving and ultimate disposal of the large volumes of log data created within an information system. A log, in a computing context, is the automatically produced and time-stamped documentation of events relevant to a particular system. Virtually […]