6. Draw Network Diagrams
The mapping of networks into diagrams helps you to identify the topology or the architecture of the target network. The network diagram also helps you to trace out the path to the target host in the network. It also allows you to understand the position of firewalls, routers, and other access control devices.Based on
the network diagram, the attacker can analyze the target
network's topology and security mechanisms.It helps an attacker to see the firewalls, IDSs, and other security mechanisms of the target network.
Tools:
LANsurveyor
OpManager
7.Prepare Proxies
A proxy is a network computer that can serve as an intermediary for connecting with other computers. When you use a proxy to request a particular web page on an actual server, it first sends your request to the proxy server. The proxy server then sends your request to the actual server on behalf of your request, i.e., it mediates between you and the actual server to send and respond to the request.
In this process, the proxy receives the communication between the client and the destination application. In order to take advantage of a proxy server, client programs must be configured
so they can send their requests to the proxy server instead of the final destination.
Why Attackers Use Proxy Servers
For an attacker, it is easy to attack or hack a particular system than to conceal the attack source. So the main challenge for an attacker is to hide his identity so that no one can trace him or her. To conceal the identity, the attacker uses the proxy server. The main cause behind using a proxy is to avoid detection of attack evidence. With help of the proxy server, an attacker can mask his or her IP address so that he or she can hack the computer system witho ut any fear of legal repercussion. When the attacker uses a proxy to connect to the destination, the proxy's source address will be recorded in the server logs instead of the actual source address of the attacker.
Use of Proxies for Attack
Proxy chaining helps you to become more anonymous on the Internet. Your anonymity on the Internet depends on the number of proxies used for fetching the target application. If you use a larger number of proxy servers, then you will become more
anonymous on the Internet and vice versa.
Proxy Chaining :
Proxy WorkBench
Proxifier
Proxy Switcher
Socks Chain
Burp Suite
Http Tunneling :
HTTP Tunneling technology allows users to despite the restrictions imposed by firewalls.
Encapsulates datainside ( port 80)
HTTP Tunneling is another technique that allows you to use the Internet despite restrictions imposed by the firewalls. The HTTP protocol acts as wrapper for communication channels.
An attacker uses HTTP tunnel software to perform HTTP tunneling.
It is a client-server-based application used to communicate through the HTTP protocol. This software creates an HTTP
tunnel between two machines, using a web proxy option. The technique involves sending POST requests to an "HTTP server" and receiving replies.
The attacker uses the client application of HTTP tunnel software installed on his or her system to communicate with other machines. All requests sent through the HTTP tunnel client
application go through the HTTP protocol.
The HTTP tunneling technique is used in network activities such as:
Streaming video and audio
Remote procedure calls for network management
For intrusion detection alerts
Firewalls
Why do I Need HTTP Tunneling
Organizations firewall all ports except 80 and 443, and you may want to use FTP.
HTTP tunneling will enable use of FTP via HTTP protocol
Tools:-
Super Network tunnel
HTTP-Tunnel
HTTP Tunnel acts as a SOCKS server, allowing you to access the Internet by bypassing firewall restrictions. It is very secure software. Using this software does not allow others to monitor
your Internet activities. It hides your IP address; therefore, it does not allow tracing of your system. It allows you the unlimited transfer of data. It runs in your system tray acting as a SOCKS server, managing all data transmissions between the computer and the network.
your Internet activities. It hides your IP address; therefore, it does not allow tracing of your system. It allows you the unlimited transfer of data. It runs in your system tray acting as a SOCKS server, managing all data transmissions between the computer and the network.
SSH Tunneling:
SSH tunneling is another technique that an attacker can use to bypass firewall restrictions. It also helps you hide your IP address on the Internet; therefore, no one can trace
or monitor you.
or monitor you.
The prerequisite of SSH tunneling is raised from the problems caused by the public IP address,the means for accessing computers from anywhere in the world. The computers networked with the public IP address are universally accessible, so they could be attacked by anyone on the global Internet easily and can be victimized by attackers. The development of SSH tunneling solves the problems faced by the public IP address.
An SSH tunnel is a link that proceeds traffic from an indiscriminate port on one machine to a remote machine through
an intermediate machine. An SSH tunnel comprises an encrypted
tunnel, so all your data is encrypted as it uses a secure shell to create the tunnel.
Creating a tunnel for a privately addressed machine needs to implement three basic steps and also requires three machines.
The three requisite machines are:
* Local machine
* An intermediate machine with a public IP address
* Target machine with a private address to which the
connection must be established
You can create a tunnel as follows:
* Start an SSH connection from local machine to the
intermediate machine with public IP address.
* Start an SSH connection from local machine to the
intermediate machine with public IP address.
* Instruct the SSH connection to wait and observe traffic on
the local port, and use intermediate machine to send the
traffic to an explicit port on the target machine with
a private address. This is called port acceleration or port
forwarding.
* On the local machine, select the application that you want
to use for connection with the remote machine and configure
it to use port forwarding on the local machine. Now,when
you connect to the local port, it will redirect the
traffic to the remote machine.
Attackers use OpenSSH to encrypt and tunnel all the traffic
from a local machine to a remote machine to avoid detection by
perimeter security controls.
Tunneling Another TCP Session Through SSH
Toosl: OpenSSH
Bitvise
No comments:
Post a Comment