American-Canadian author William Gibson coined the term "cyberspace" in 1982 in a story in Omni magazine and in his 1984 science fiction novel Neuromancer
Some key ports to remember
Port number Description 20 TCP FTP data transfer 21 TCP FTP Control 22 TCP/UDP ssh 23 TCP telnet 25 TCP smtp 53 DNS 67 used by DHCP servers to listen for incoming DHCP client requests 68 used by the DHCP client to listen for messages from the DHCP server 80 TCP/UDP Hypertext Transfer Protocol(http) 110 TCP Post Office Protocol(POP3) 137 UDP NetBIOS name service used for name registration and resolution 138 TCP/UDP NetBIOS Datagram Service 143 TCP Internet Message Access Protocol(IMAP) 389 LDAP 443 TCP Hypertext Transfer Protocol over TLS/SSL(https) 3389 TCP/UDP Microsoft Terminal Server(RDP)
| Port number | Description | |
| 20 | TCP | FTP data transfer |
| 21 | TCP | FTP Control |
| 22 | TCP/UDP | ssh |
| 23 | TCP | telnet |
| 25 | TCP | smtp |
| 53 | DNS | |
| 67 | used by DHCP servers to listen for incoming DHCP client requests | |
| 68 | used by the DHCP client to listen for messages from the DHCP server | |
| 80 | TCP/UDP | Hypertext Transfer Protocol(http) |
| 110 | TCP | Post Office Protocol(POP3) |
| 137 | UDP | NetBIOS name service used for name registration and resolution |
| 138 | TCP/UDP | NetBIOS Datagram Service |
| 143 | TCP | Internet Message Access Protocol(IMAP) |
| 389 | LDAP | |
| 443 | TCP | Hypertext Transfer Protocol over TLS/SSL(https) |
| 3389 | TCP/UDP | Microsoft Terminal Server(RDP) |
Port numbers (specifically TCP ports):
A TCP port is an unsigned value and a total of 65,536 (0 to 65,535) ports will be available in a Server.
Port numbers are assigned in various ways, based on three ranges:
- System Ports/Well-known Ports (0-1023),
- User/Registered Ports (1024-49151), and
- Dynamic and/or Private Ports and/or Ephemeral (49152-65535);
the different uses of these ranges is described in [RFC6335].
System Ports are assigned by IETF process for standards-track protocols, as per [RFC6335].
User Ports are assigned by IANA using the "Expert Review" process, as per [RFC6335].
Dynamic Ports are not assigned.
Jargon in Cybersecurity
In Security Parlance, below 4 terms refers to a situation as explained against them
False Positive: This is when benign or non-malicious event is incorrectly flagged as a threat.
False Negative: This is when malicious traffic is mistakenly identified as benign and allowed through.
True Positive: This is when malicious traffic is correctly identified and blocked.
True Negative: This is when benign traffic is correctly identified and allowed.
Principle of Least Privilege (aka Principle of Maximum Security)
IP Addresses
IP addresses are broadly categorized into two types
- IP v4
- In IP v4, - a 32 bit IP address
- format of IP address will be like A.B.C.D and is a numeric IP address
- these are again categorized into public and private IP addresses
- Range of private IP addresses
- Class A - 10.0.0.0 to 10.255.255.255
- Class B - 172.16.0.0 to 172.31.255.255
- Class C - 192.168.0.0 to 192.168.255.255
- IP v6
- In IP v6, - a 128 bit IP address
- an alpha numeric IP address
HTTP Status Codes
HTTP status codes are separated into 5 different classes/categories.
Each category will give you info as to what the response was and response can be understood basing on the "First digit" of the status code
Below is HTTP status codes.
1xx - Informational: Server has received the request and is continuing the process
2xx - Successful: Request was successful and the browser has received the expected information
3xx - Redirection: Request been redirected and the completion of the request requires further action
4xx - Client Error: The website or the page could not be reached, either the page is unavailable or cannot be fulfilled or the request contains bad syntax
5xx - Server Error: While the request appears to be valid, the server could not complete the request
Types of Cyber Attacks
Cyber attacks use distinct methods for compromising or gaining unauthorized access to systems, data, or networks:
- Rainbow Table Attack: Involves using precomputed tables of hash values to reverse-engineer plaintext passwords from their hashed versions, making it faster than brute force attacks.
- Dictionary Attack: Utilizes a list of common words, phrases, or known passwords to guess a user's password by testing each word in the list.
- Brute Force Attack: Systematically tries all possible combinations of characters to guess the correct password.
- Keylogging Attack: Captures the keystrokes a user types, allowing the attacker to obtain passwords and other sensitive information directly.
- Birthday Attack: Exploits the probability of two different inputs producing the same hash value (a hash collision) to find weaknesses in hashing algorithms, based on the birthday paradox.
- Replay Attack: Involves capturing and reusing valid data transmissions, such as login credentials, to gain unauthorized access.
- Phishing Attack: Tricks individuals into providing sensitive information (like passwords or credit card numbers) by pretending to be a legitimate, trustworthy entity, often via email or fake websites.
- Fragment Attack: Involves sending fragmented packets of data that a system must reassemble, potentially causing issues if the system is unable to handle the reassembly properly.
- Spoofing: Involves faking the sender's address (e.g., IP address, email address) to make it appear as if the communication is coming from a trusted source, often used to gain unauthorized access.
- Man-in-the-Middle Attack: The attacker secretly intercepts and possibly alters the communication between two systems, making it seem as though they are directly communicating with each other.
- Oversized Packet Attack: Involves sending data packets that are larger than what the receiving system can process, potentially leading to crashes or system malfunctions.
- Eavesdropping: Involves secretly listening in on or intercepting private communications, often to gather sensitive information like passwords or confidential data.
No comments:
Post a Comment