As part of learning about Telnet in TryHackMe we practiced some methods in which FTP can be exploited. I have detailed one of the methods taken to do so here and how it was done. Scanning Phase To start with we ran a Nmap scan to see what open ports we had. –min-rate is used…
Author: joeraine11@gmail.com
The uses and weaknesses of FTP
File Transfer Protocol, also known as FTP is a protocol primarily used to facilitate the transfer of files over a network. There are a large number of applications which utilise FTP (my favourite being Filezilla) the protocol is now vulnerable and has been for a long time. What’s the issues with FTP? FTP is one…
May 2023 – CYSA+ and Firewall installations
Hi all, a quick update as I know I haven’t posted in a little while. Currently revising for my CYSA+, unfortunately life has gotten in the way and haven’t been able to do as much as I would like but I’m making steady progress on this one. One particular topic I have been finding interesting…
Practical Experience for progression
11 April 2023 Moving briskly on from my pass yesterday I’ve purchased some content material for the CYSA+ exam, purchased two Rasberry PI zero w machines. Looking up the CYSA+ exam it recommends 4 years of experience and it seems some practical experience would be very handy to cement my learning. Therefore I’ve revisited and…
Security+ Passed and what comes next
So it’s been a couple of months since I’ve last posted. I promise I haven’t given in but as my previous posts may have indicated I’ve been taking my Comptia Security+ course. Well today I took that exam and passed with flying colours with a score of 819/900. This officially makes me Sec+ qualified. Expect…
1.4 Given a Scenario Analyse potential indicators associated with network attacks
Definitions Evil Twin Access point which looks like a legitimate access point but is actually maliciousOften copies SSID Rogue Access Point Unauthorized access point on a network Bluesnarfing Unauthorized access to data on a device via bluetooth Bluejacking Sending unsolicited messages to another device via Bluetooth Disassociation Attacks Denial of service attack which prevents WAP…
Module 1.2 – Given a scenario, analyse potential indicators to determine the type of attack.
Malware A blanker term for software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system. Virus Software that can reproduce itself Programme Virus Virus which is bundled with an application Boot Sector Virus Virus that installs in the boot sector so it executes with the OS Script Virus Script based…
Module 1.1 – Compare and contrast different types of social engineering techniques.
Social Engineering Techniques Phishing Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. Typo-Squatting Using domains with very similar names as legitimate ones to capitalise on spelling mistakes Pretexting A phishing attempt with a fabricated ‘pretext’ for why you should do what they say(e.g. we’re calling from Visa,…
Security+ SYO-601 Content
Hi all, this is a dictionary page! SYO-601 covers a lot of content in a fairly shallow manner. Rather than spam the site I’m putting a page here with a number of private root posts covering each section.
Understand the Cyber Kill Chain
Welcome to Day 2. today we’re covering the Cyber Kill Chain. The Cyber Kill Chain is an attack framework is a framework created by Lockheed Martin in 2011. It is an adaptation of an existing military concept. While far from perfect as the security world has developed significantly in the past 10 years it’s an…