Pages

Monday, April 14, 2014

Below, you'll find a list of the most common IP commands for Windows and DOS.

These include ipconfig, trace route, netstat, arp, route, hostname, control netconnections, and other popular DOS and Windows IP commands.
Display Connection Configuration: Displays the full TCP/IP configuration for all adapters. Without this parameter, ipconfig displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections.
ipconfig /all
C:\Documents and Settings\user>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : host Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : user.local Description . . . . . . . . . . . : AMD PCNET Family PCI Ethernet Adapter Physical Address. . . . . . . . . : 08-00-27-0F-79-00 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.2.15 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.0.2.2 DHCP Server . . . . . . . . . . . : 10.0.2.2 DNS Servers . . . . . . . . . . . : 192.168.1.1 Lease Obtained. . . . . . . . . . : Lease Expires . . . . . . . . . . :
Display DNS Cache Info: Displays the contents of the DNS client resolver cache, which includes both entries preloaded from the local Hosts file and any recently obtained resource records for name queries resolved by the computer. The DNS Client service uses this information to resolve frequently queried names quickly, before querying its configured DNS servers.
ipconfig /displaydns
C:\Documents and Settings\user>ipconfig /displaydns Windows IP Configuration 1.0.0.127.in-addr.arpa ---------------------------------------- Record Name . . . . . : 1.0.0.127.in-addr.arpa. Record Type . . . . . : 12 Time To Live . . . . : 525995 Data Length . . . . . : 4 Section . . . . . . . : Answer PTR Record . . . . . : localhost www.msn.com ---------------------------------------- Record Name . . . . . : www.msn.com Record Type . . . . . : 5 Time To Live . . . . : 296 Data Length . . . . . : 4 Section . . . . . . . : Answer CNAME Record . . . . : us.co1.cb3.glbdns.microsoft.com
Clear DNS Cache: Flushes and resets the contents of the DNS client resolver cache. During DNS troubleshooting, you can use this procedure to discard negative cache entries from the cache, as well as any other entries that have been added dynamically.
ipconfig /flushdns
C:\Documents and Settings\user>ipconfig /flushdns Windows IP Configuration Successfully flushed the DNS Resolver Cache.
Release All IP Address Connections: Sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter disables TCP/IP for adapters configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
ipconfig /release
Renew All IP Address Connections: Renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the Adapter parameter is included. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. To specify an adapter name, type the adapter name that appears when you use ipconfig without parameters.
ipconfig /renew
Re-Register the DNS connections: Initiates manual dynamic registration for the DNS names and IP addresses that are configured at a computer. You can use this parameter to troubleshoot a failed DNS name registration or resolve a dynamic update problem between a client and the DNS server without rebooting the client computer. The DNS settings in the advanced properties of the TCP/IP protocol determine which names are registered in DNS.
ipconfig /registerdns
C:\Documents and Settings\user>ipconfig /registerdns Windows IP Configuration Registration of the DNS resource records for all adapters of this computer has b een initiated. Any errors will be reported in the Event Viewer in 15 minutes..
Change/Modify DHCP Class ID: Configures the DHCP class ID for a specified adapter. To set the DHCP class ID for all adapters, use the asterisk (*) wildcard character in place of Adapter. This parameter is available only on computers with adapters that are configured to obtain an IP address automatically. If a DHCP class ID is not specified, the current class ID is removed.
ipconfig /setclassid
Network Connections: Opens the control panel.
control netconnections
Network Setup Wizard:
netsetup.cpl
Test Connectivity: Verifies IP-level connectivity to another TCP/IP computer by sending Internet Control Message Protocol (ICMP) Echo Request messages. The receipt of corresponding Echo Reply messages are displayed, along with round-trip times. Ping is the primary TCP/IP command used to troubleshoot connectivity, reachability, and name resolution.
ping google.com
C:\Documents and Settings\user>ping google.com Pinging google.com [74.125.224.64] with 32 bytes of data: Reply from 74.125.224.64: bytes=32 time=16ms TTL=127 Reply from 74.125.224.64: bytes=32 time=20ms TTL=127 Reply from 74.125.224.64: bytes=32 time=18ms TTL=127 Reply from 74.125.224.64: bytes=32 time=16ms TTL=127 Ping statistics for 74.125.224.64: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 16ms, Maximum = 20ms, Average = 17ms
Trace Route:
tracert
Determines the path taken to a destination by sending Internet Control Message Protocol (ICMP) Echo Request or ICMPv6 messages to the destination with incrementally increasing Time to Live (TTL) field values. The path displayed is the list of near/side router interfaces of the routers in the path between a source host and a destination. The near/side interface is the interface of the router that is closest to the sending host in the path.
C:\Documents and Settings\user>tracert -d google.com Tracing route to google.com [74.125.224.64] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 10.0.2.2 2 1 ms 1 ms 1 ms 192.168.1.1 3 38 ms 31 ms 29 ms 1.2.3.4 4 11 ms 9 ms 11 ms 1.2.3.5 5 25 ms 23 ms 37 ms 1.2.3.6 6 16 ms 23 ms 24 ms 1.2.3.7 7 18 ms 39 ms 16 ms 1.2.3.8 8 14 ms 17 ms 16 ms 1.2.3.9 9 14 ms 16 ms 17 ms 1.2.3.10 10 20 ms 18 ms 18 ms 1.2.3.11 11 20 ms 17 ms 16 ms 1.2.3.12 12 16 ms 19 ms 16 ms 74.125.224.64 Trace complete.
Display the TCP/IP protocol sessions: Displays active TCP connections, ports on which the computer is listening, Ethernet statistics, the IP routing table, IPv4 statistics (for the IP, ICMP, TCP, and UDP protocols), and IPv6 statistics (for the IPv6, ICMPv6, TCP over IPv6, and UDP over IPv6 protocols).
netstat
Display Local Route: Displays and modifies the entries in the local IP routing table.
route
Display Resolved MAC Addresses: Displays and modifies entries in the Address Resolution Protocol (ARP) cache, which contains one or more tables that are used to store IP addresses and their resolved Ethernet or Token Ring physical addresses. There is a separate table for each Ethernet or Token Ring network adapter installed on your computer.
arp
C:\Documents and Settings\user>arp -a Interface: 10.0.2.15 --- 0x10004 Internet Address Physical Address Type 10.0.2.2 52-54-00-12-35-00 dynamic
Display Name of Computer Currently on: Displays the host name portion of the full computer name of the computer.
hostname
NameServer Lookup: Displays information that you can use to diagnose Domain Name System (DNS) infrastructure. Before using this tool, you should be familiar with how DNS works. The Nslookup command-line tool is available only if you have installed the TCP/IP protocol.
nslookup
C:\Documents and Settings\user>nslookup google.com *** Default servers are not available Server: UnKnown Address: 192.168.1.1 Non-authoritative answer: Name: google.com Addresses: 74.125.224.103, 74.125.224.98, 74.125.224.105, 74.125.224.104 74.125.224.97, 74.125.224.101, 74.125.224.102, 74.125.224.96, 74.125.2 24.110 74.125.224.99, 74.125.224.100
Posted by at No comments:

ONLINE

Posted by at No comments:

NETWORKING QUIZ

1. 
How long is an IPv6 address?
A.32 bits
B.128 bytes
C.64 bits
D.128 bits
2. 
What flavor of Network Address Translation can be used to have one IP address allow many users to connect to the global Internet?
A.NATB.Static
C.DynamicD.PAT
3. 
What are the two main types of access control lists (ACLs)?
  1. Standard
  2. IEEE
  3. Extended
  4. Specialized
A.1 and 3
B.2 and 4
C.3 and 4
D.1 and 2
4. 
What command is used to create a backup configuration?
A.copy running backup
B.copy running-config startup-config
C.config mem
D.wr mem
5. 
You have 10 users plugged into a hub running 10Mbps half-duplex. There is a server connected to the switch running 10Mbps half-duplex as well. How much bandwidth does each host have to the server?
A.100 kbps
B.1 Mbps
C.2 Mbps
D.10 Mbps

Posted by at No comments:

Friday, April 11, 2014

Two Approaches to Managing Virtual Machines

Two Approaches to Managing Virtual Machines
VMware Infrastructure Client (VI Client) is a flexible, configurable solution for
managing your virtual machines. There are two primary methods for managing your
virtual machines:
 Directly through an ESX Server host (a single or standalone host) that can manage
only those virtual machines, and their resources, installed on it.
 Through a VirtualCenter Server that manages multiple virtual machines and their
resources distributed over many ESX Server hosts.
The figure below illustrates the components in an ESX Server Virtual Infrastructure.
 VMware Infrastructure Components with an ESX Server Host
The figure below illustrates the components in a VirtualCenter Server Virtual
Infrastructure.

           Components of VMware Infrastructure
To run your VMware Infrastructure environment, you need the following items:
 ESX Server – A virtualization platform used to create the virtual machines as a set
of configuration and disk files that together perform all the functions of a physical
machine.
Through ESX Server, you run the virtual machines, install operating systems, run
applications, and configure the virtual machines. Configuration includes
identifying the virtual machine’s resources, such as storage devices.
The server provides bootstrapping, management, and other services that manage
your virtual machines.
Each ESX Server has a VI Client available for your management use. If your ESX
Server is a registered host with the VirtualCenter Server, a VI Client that
accommodates the VirtualCenter features is available.
 VirtualCenter – A service that acts as a central administrator for VMware ESX
Server hosts that are connected on a network. VirtualCenter directs actions on the
virtual machines and the virtual machine hosts (the ESX Server hosts).
Posted by at No comments:

Thursday, April 10, 2014

CLOUD COMPUTING


Posted by at No comments:

Friday, April 4, 2014

Network-attached storage (NAS) is file-level computer data storage connected to a computer network providing data access to aheterogeneous group of clients. NAS not only operates as a file server, but is specialized for this task either by its hardware, software, or configuration of those elements. NAS is often manufactured as a computer appliance – a specialized computer built from the ground up for storing and serving files – rather than simply a general purpose computer being used for the role.[nb 1]
As of 2010 NAS devices are gaining popularity, as a convenient method of sharing files among multiple computers.[1] Potential benefits of network-attached storage, compared to file servers, include faster data access, easier administration, and simple configuration.[2]
NAS systems are networked appliances which contain one or more hard drives, often arranged into logical, redundant storage containers or RAID. Network-attached storage removes the responsibility of file serving from other servers on the network. They typically provide access to files using network file sharing protocols such as NFSSMB/CIFS, or AFP.
Note that hard drives with "NAS" in their name are functionally the same as other drives. For example, an NAS SATA hard disk drive can be used as an internal PC hard drive, without any problems or adjustments needed. Here, NAS simply indicates a higher quality standard than consumer drives, which is why they usually quote MTBF figures (and are more expensive). Likewise, "Enterprise" drives are an even higher level of quality (and price).
Posted by at No comments:

Thursday, April 3, 2014

Posted by at No comments:

Tuesday, April 1, 2014

This tutorial will explain that how to crack wep key using Backtrack..!!

Wireless networks are everywhere; they are widely available, cheap, and easy to setup. To avoid the hassle of setting up a wired network in my own home, I chose to go wireless. After a day of enjoying this wireless freedom, I began thinking about security. How secure is my wireless network? 
I searched the Internet for many days, reading articles, gathering information, and participating on message boards and forums. I soon came to the realization that the best way for me to understand the security of my wireless network would be to test it myself. Many sources said it was easy, few said it was hard. 
How a wireless network works
A wireless local area network (WLAN) is the linking of 2 or more computers with Network Interface Cards (NICs) through a technology based on radio waves. All devices that can connect to a wireless network are known as stations. Stations can be access points (APs), or clients.
Access points are base stations for the wireless network. They receive and transmit information for the clients to communicate with. The set of all stations that communicate with each other is referred to as the Basic Service Set (BSS). Every BSS has an Identification known as a BSSID, also known as the MAC address, which is a unique identifier that is associated with  every NIC. For any client to join a WLAN, it should know the SSID of the WLAN; therefore, the access points typically broadcast their SSID to let the clients know that an AP is in range. Data streams, known as packets, are sent between the Access Point, and it’s clients. You need no physical access to the network or its wires to pick up these packets, just the right tools. It is with the transmission of these packets that pose the largest security threat to any wireless network.
Wireless Encryption
The majority of home and small business networks are encrypted using the two most popular methods:
  1. WEP & WPA
WEP – Wired Equivalent Privacy – comes in 3 different key lengths: 64, 128, and 256 bits, known as WEP 64, WEP 128, and WEP 256 respectively.  WEP provides a casual level of security but is more compatible with older devices; therefore, it is still used quite extensively. Each WEP key contains a 24 bit Initialization Vector (IV), and a user-defined or automatically generated key; for instance, WEP 128 is a combination of the 24 bit IV and a user entered 26 digit hex key. ((26*4)+24=128)
WEP also comes in WEP2 and WEP+, which are not as common and still as vulnerable as the standard WEP encryption.
WPA – WiFi Protected Access – comes in WPA and WPA2, and was created to resolve several issues found in WEP. Both provide you with good security; however, they are not compatible with older devices and therefore not used as widely. WPA was designed to distribute different keys to each client; however, it is still widely used in a  (not as secure) pre-shared key (PSK) mode, in which every client has the same passphrase.
To fully utilize WPA, a user would need an 802.1x authentication server, which small businesses and typical home users simply cannot afford. WPA utilizes a 48 bit Initialization Vector (IV), twice the size of WEP, which combined with other WEP fixes, allows substantially greater security over WEP.
Packets and IVs
It’s all in the packets. The bottom line is – while you may be able to employ several security features on your WLAN – anything you broadcast over the air can be intercepted, and could be used to compromise the security on your network. If that frightens you, start stringing wires throughout your home.
Every encrypted packet contains a 24 or 48 bit IV, depending on the type of encryption used. Since the pre-shared key is static and could be easily obtained, the purpose of the IV is to encrypt each packet with a different key. For example, to avoid a duplicate encryption key in every packet sent, the IV is constantly changing.  The IV must be known to the client that received the encrypted packet in order to decrypt it; therefore, it is sent in plaintext.
The problem with this method is that the Initialization Vectors are not always the same. In theory, if every IV was different, it would be nearly impossible to obtain the network key; this is not the case. WEP comes with a 24 bit IV; therefore, giving the encryption 16 million unique values that can be used. This may sound like a large number, but when it comes to busy network traffic, it’s not.
Every IV is not different; and this is where the issues arise. Network hackers know that all the keys used to encrypt packets are related by a known IV (since the user entered WEP part of the key is rarely changed); therefore, the only change in the key is 24 bits. Since the IV is randomly chosen, there is a 50% probability that the same IV will repeat after just 5,000 packets; this is known as a collision.
If a hacker knows the content of one packet, he can use the collision to view the contents of the other packet. If enough packets are collected with IV matches, your network’s security can be compromised.

The crack
Two of the most popular programs used for actually cracking the WEP key are Airsnort and Aircrack. Airsnort can be used with the .dump files that Kismet provides; and Aircrack can be used with the .cap files that Airodump provides.
Airsnort can be used on it’s own without any other software capturing packets; although, it has been reported to be extremely unstable in this state, and you should probably not chance loosing all your captured data. A better method would be to let Airsnort recover the encryption key from your Kismet .dump file. Kismet and Airsnort can run simultaneously.
For this demonstration, we’ll be using Aircrack. You can use Airodump to capture the packets, and Aircrack to crack the encryption key at the same time.
With Airodump running, open a new command window and type:
aircrack -f 3 -n 64 -q 3 george.cap
The -f switch followed by a number is the fudgefactor; which is a variable that the program uses to define how thoroughly it scans the .cap file. A larger number will give you a better chance of finding the key, but will usually take longer. The default is 2.
The -n switch followed by 64 represents that you are trying to crack a WEP 64 key. I knew because it was a setup; In the real world there is no way to determine what WEP key length a target access point is using. You may have to try both 64 and 128.
The -q 3 switch was used to display the progress of the software. It can be left out altogether to provide a faster crack; although, if you’ve obtained enough unique IVs, you should not be waiting more than a couple minutes.
-m switch can be used, followed by a MAC address, to filter a specific AP’s usable packets; this would come in handy if you were collecting packets from multiple APs in Airodump.
Aircrack recovered my WEP 64 key within 1 minute using 76,000 unique IVs; the whole process took around 34 minutes.
The same experiment was repeated with WEP 128 and it took about 43 minutes. The reason it was not substantially longer is because I simply let Airplay replay more packets. Sometimes you can get lucky and capture an ARP Request packet within a few minutes; otherwise, it could take a couple hours.
                                                                 WI-FI HACKING TOOLS

I am going to share with you some of my favorite wireless tools that can be used to hack Wi-Fi password using Ubuntu or any other Linux distribution:

Netcut:
Disconnect any wifi devices from network. Support windows OS . The driver and Install package has been upgrade. tested working under windows 7 both 32 bit and 64 bit OS. Its change MAC address on any adapter, including wireless. Details at How to change MAC. Also support Clone MAC address from any PC that NetCut monitored.
Whereas Wifikill use for Android applications to disable internet connections for a device on same network. Disconnect wifi connection and get full network on your device.

Download: Netcut or Wifikill

Aircrack-ng
Aircrack-ng (a fork of aircrack) is my main tool for cracking Wi-Fi passwords. It has a wireless network detector, a packet sniffer, WEP and WPA/WPA2-PSK cracker, and an analysis tool for 802.11 wireless LANs. Aircrack-ng works with any wireless card whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic.

Download: Aircrack-ng

Kismet 
Kismet is a really good network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. It will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. Kismet works in passive mode, which means it is capable of detecting the presence of both wireless access points and wireless clients without sending any log-gable packets.
ismet – does a little more than just detecting networks. Aside from providing every detail about a network except the encryption key, Kismet is a packet sniffer and intrusion detection system.

Download: Kismet

NetStumbler
Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys.

Download: NetStumbler

SWScanner
SWScanner is specifically designed to make the whole wardriving process a lot easier. It is also intended to manage many tasks related to wireless networking. SWScanner is compatible with NetStumbler files and can be integrated with GPS devices.
These are only three of the many wireless tools that can get you going in no time, so feel free to explore.

Download: SWScanner
Posted by at No comments:
Subscribe to: Comments (Atom)