Difference between revisions of "User:Scott/27"

From FreekiWiki
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
       '''Wireless Security'''
+
       '''Keith'''
 
  --------------------------------
 
  --------------------------------
 
  Home Page    [[user:scott]]
 
  Home Page    [[user:scott]]
  Home-22      [[user:scott/22]]
+
  Home02      [[user:scott/22]]
 
  Printers    [[user:scott/23]]
 
  Printers    [[user:scott/23]]
 
  Network      [[user:scott/24]]
 
  Network      [[user:scott/24]]
  Troubleshoot [[user:scott/25]]
+
  Account Mng  [[user:scott/25]]
 
  Virus Scan  [[user:scott/26]]
 
  Virus Scan  [[user:scott/26]]
  WiFi Secure  [[user:scott/26]]
+
  Keith Admn  [[user:scott/27]]
 
  Active Dir  [[user:scott/29]]
 
  Active Dir  [[user:scott/29]]
  
Line 13: Line 13:
 
__TOC__
 
__TOC__
  
=Cracker Objectives=
+
==Semantic Backup Exec==
  Enumerate hosts, services, application versions
+
  Some accounts use Windows Backup
Elevate privileges and disguise presence
 
create a back door - a covert channel
 
  
=Defense Objectives=
+
#Locate Excel Backup Report (check p.w.)
IDS Intrusion detection system
+
#Locate file with RDP account links.
Log Files - automated reporting system
+
#Once inside RDP look for Bacup.exe shortcut on Desktop - open Backup.exec
Minimized access==
+
#Look for Job Monitor Tab
Update patches and firmware
+
#Check for recent backup = previous backup in size
 +
#Look for "Restore" link at top of the frame
 +
#Drill Down
 +
#Warning LOG-OFF never ShutDown
  
=Hacker/Cracker tools=
+
==Windows Backup==
  
==NetStumbler & Kismet Windows==
+
#Windows SBS Console
scans 2.4 & 5 GHz frequency fro 802.11a, b & g ieee
+
#Select Backup from list
 +
#On Rt select "Restore Server Data from Backup"
 +
#On Rt Select "Recover
 +
#Next -> Next -> Next -> Next
 +
#Wait for C:\ to populate and Check
  
==NetStumbler reports==
+
  Full Backup
*MAC address
+
  Exchange Mail Boxes
*SSID
+
  C:/ Drive -> Doc & Settings _> Users -> Programs -> Shares -> Win32
*Access Point Name
 
*broadcast channel
 
*vendor name
 
*signal strength
 
*gps coordinates
 
 
 
==Passive Scanning==
 
===Beacon Frames===
 
  SSID
 
  Access Point Time
 
  Capabilities
 
Supported Rates
 
 
 
===Client Passive listening===
 
*connects to strongest channel with SSID it wants to connect too
 
 
 
===Client Active Listening===
 
Sends a probe request frame with a null SSID field
 
works when SSID broadcasting is disabled.
 
 
==Kismet - packet analyzer for 802.11==
 

Latest revision as of 21:05, 14 December 2011

      Keith
--------------------------------
Home Page    user:scott
Home02       user:scott/22
Printers     user:scott/23
Network      user:scott/24
Account Mng  user:scott/25
Virus Scan   user:scott/26
Keith Admn   user:scott/27
Active Dir   user:scott/29

Template:TOC limit

Semantic Backup Exec

Some accounts use Windows Backup
  1. Locate Excel Backup Report (check p.w.)
  2. Locate file with RDP account links.
  3. Once inside RDP look for Bacup.exe shortcut on Desktop - open Backup.exec
  4. Look for Job Monitor Tab
  5. Check for recent backup = previous backup in size
  6. Look for "Restore" link at top of the frame
  7. Drill Down
  8. Warning LOG-OFF never ShutDown

Windows Backup

  1. Windows SBS Console
  2. Select Backup from list
  3. On Rt select "Restore Server Data from Backup"
  4. On Rt Select "Recover
  5. Next -> Next -> Next -> Next
  6. Wait for C:\ to populate and Check
Full Backup 
Exchange Mail Boxes
C:/ Drive -> Doc & Settings _> Users -> Programs -> Shares -> Win32
Retrieved from "http://wiki.freegeek.org/index.php?title=User:Scott/27&oldid=60096"