workshop security basics - tuebix.github.io
TRANSCRIPT
![Page 1: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/1.jpg)
Workshop Security BasicsSniffing und Scanning
![Page 2: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/2.jpg)
Felix Bauer
▪ IT Security Consultant und Engineer
▪ bei
▪ Science + Computing AG an Atos Company
![Page 3: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/3.jpg)
Ablauf
▪ 5 USB-Sticks
▪ Virtuelle Maschine
▪ Kali Linux mit allen Tools die wir verwenden
▪ SHA256
826CA0196B85BE249E00B22202E7D95B63CC71B007C2
657A2E96457383C9D192
▪ Folien
▪ VirtualBox
![Page 4: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/4.jpg)
Sniffing
![Page 5: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/5.jpg)
Sniffing
▪ Mitlesen von Datenübertragung
▪ Computernetzwerke
▪ USB
▪ Bus-Systeme
▪ Drahtlosnetzwerke
▪ WLAN
▪ GSM
▪ …
![Page 6: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/6.jpg)
tcpdump
tcpdump –Anvvi eth0 [Filter]
![Page 7: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/7.jpg)
wireshark
![Page 8: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/8.jpg)
bro
▪ bro –i eth0
▪ conn.log dhcp.log dns.log files.log http.log
packet_filter.log reporter.log ssl.log weird.log
x509.log
▪ …
![Page 9: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/9.jpg)
bro
bro -i lo fileextraction.bro
![Page 10: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/10.jpg)
driftnet
driftnet –i eth0
![Page 11: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/11.jpg)
sslstrip
▪ sslstrip
▪ http proxy 127.0.0.1:10000
▪ s/https/http/g
![Page 12: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/12.jpg)
scapy
▪ Python
▪ Pakete zusammenbauen und
auseinandernehmen
▪ Empfangen und verschicken
▪ send(IP(dst="192.168.1.12")
/TCP(dport=80))
▪ ls(IPv6)
▪ packet.summary()
packet.show()
▪ sniff(count=100)
![Page 13: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/13.jpg)
NetworkingBasics
![Page 14: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/14.jpg)
OSI-Modell
Quelle: Wikipedia
![Page 15: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/15.jpg)
Routing
▪ ip a
▪ ip a a 192.168.0.5/24 dev eth0
▪ ip r
▪ ip r add 0.0.0.0/1 via 192.168.0.2
▪ ip r add 128.0.0.0/1 via 192.168.0.2
▪ ip r delete default via 192.168.0.1
![Page 16: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/16.jpg)
PING
ping 8.8.8.8 ping 8.8.8.8
![Page 17: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/17.jpg)
Scanning
![Page 18: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/18.jpg)
Scanning
▪ Host discovery
▪ Service discovery
▪ Fingerprinting
▪ Vulnerability Scanning
![Page 19: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/19.jpg)
nmap
▪ -sP
▪ -sS
▪ -sV
▪ -A
▪ -T4
▪ -p 22,80-140
▪ -sC
![Page 20: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/20.jpg)
arp-scanarp-scan -I enp0s3 -l
![Page 21: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/21.jpg)
masscan
▪ masscan -p22,80,445 192.168.1.0/24
▪ masscan 192.168.1.0/24 -p22 --banners --source-ip
192.168.1.200
▪ masscan 0.0.0.0/0 -p0-65535
▪ https://github.com/robertdavidgraham/masscan
![Page 22: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/22.jpg)
▪ docker run –d –p 443:443
mikesplain/openvas
![Page 23: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/23.jpg)
https://shodan.io
![Page 24: Workshop Security Basics - tuebix.github.io](https://reader030.vdocuments.site/reader030/viewer/2022012804/61bd298361276e740b10000c/html5/thumbnails/24.jpg)
ENDE