Cybersecurity Unit 2
ACK
Hands grasped + shaken; ready to communicate
HTTP Port Number
80
SYN-ACK
Other person sees your hand + acknowledges it by extending their hand
FTP Port Number
20/21
SMTP Port Number
25
HTTPS Port Number
443
pcap file
A Wireshark data capture file that contains packet information of network traffic
Hexadecimal
A base-16 number system. The extra digits are represented by the letters a through f, so all digits in hex are 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f.
netstat
A command-line tool that shows network stats (ports and IP addresses) on your computer that can communicate w/ other hosts on the network
SMTP (Simple Mail Transfer Protocol)
A communication protocol for sending mail; has a history of weaknesses
Web Server
A computer that delivers files + web pages across a network to requesting clients
Host
A computer that is connected to a network (aka a machine or system)
SQL (Structured Query Language)
A language used to manage data in a database
Abstraction
A lot of the details of a system or process is hidden, allowing the user to focus on the details that are important to the task at hand
Router
A network device that gathers/filters data b/w networks (wired or wireless). Acts as a gateway b/w two networks
NIC (Network Interface Card)
A network interface card is a physical component on a computer or device that provides connectivity to a network
TLS (Transport Layer Security)
A security protocol that encrypts data at the packet-level
DNS (Domain Name System)
A service that converts domain names to IP addresses + the reverse
Exploits
A software or command that tasks advantage of weaknesses in a system
TCP Handshake
A three-way communication method using SYN (synchronize), SYN-ACK (synchronize=acknowledge), and ACK (acknowledge) to establish a connection between hosts.
Cross-Site Scripting (XSS)
A type of exploit in which the attacker inserts malicious client-side code into web pages to steal data, take control of a computer, run malicious code, or achieve a phishing scam.
SQL Injection
A type of exploit where attackers use SQL code to steal or modify data in a database
MAC (Media Access Control) Address
A unique numeric code that is assigned to networking hardware components thats built into computers + mobile devices
Broadcast
A way for a computer to communicate with all hosts on a network using one message
Port
A way for computers to identify specific programs + manage their activity Port appears after a colon at the end of an address in an IP address (:21)
IIS Manager (Internet Information Services)
Allows admins to define the behavior + structure of sites run by IIS (an admin tool)
Packet Filtering
Allows or denies packets based on source and destinations addresses, ports, or protocols
IP Address
An identifying number for hosts and servers on the internet. Either in IPv4 or IPv6 form
Grey Hat Hacker
An in-b/w hacker who uses unethical means to find vulnerabilities but they share findings + issues they encounter
Packet Bytes Pane
Bottom pane of Wireshark that shows all the info in a packet
HTML Tag
Code that defines every structure on an HTML page (start with < and end with >)
DDoS Attack
Distributed Denial of Service Attack Targets websites + web servers to try and bring them to a halt 1 host: DoS Attack Multiple hosts: DDoS Attack
White Hat Hacker
Ethical hacker who has permission to perform certain tests + discloses their activities, they report vulnerabilities + help improve the security's system. Their behavior is to help society
SYN
Extending your hand
Hardening
Increase a computer's security + reduce vulnerabilities
Domain Name
Last two elements of a URL. Helps organizations build URL's (ex. google.com helps build drive.google.com)
FTP (File Transfer Protocol)
Lets computers copy files to + from devices on a network (malicious users can use this to deliver malware)
CIA Triad
Most common security model; Confidentiality (protecting data from unauthorized access), Integrity (ensuring data is never tampered with), Accessibility (making sure data is readily available)
Ping
Network tool used to check host status
Pen (Penetration) Test
Performing a computer attack to evaluate the security of a system
Data Cleansing
Protecting against XSS or SQL exploits by adding measures that recognize any scripting tags entered by the user; the server treats them as plain text or removes them
Packet Sniffing
Watching and analyzing network traffic at the packet level (like Wireshark)
XSS Stored Attack
Similar to an XSS reflected attack with one major difference: This exploit permanently stores the malware script in the database
Packet
Small units of data transmitted on a network; can compose larger data like packets
Rootkit
Software running with elevated privileges to control a computer or gain access to restricted data
Ransomware
Software that locks your computer requiring you to pay to remove it; can spread
Keylogger
Software that records keystrokes
Botnet
Software that replicates and infects many computers which will turn it into a "zombie" which is remotely controlled
Loose Lipped Errors
Systems provide error messages and sometimes why the execution failed; this is a rich source of info for hackers
OUI (Organizationally Unique Identifier)
The first half of the MAC address, designating the manufacturer of the network device.
Command Execution (Injection) Attack
The goal is execution of arbitrary commands on the host operating system via a vulnerable application
IoT (Internet of Things)
The network of devices that are connected to the internet, enabling the sending and receiving data among them
Timestamp
The time the packet arrived
IEEE (Institute of Electrical and Electronic Engineers)
They are best known for developing standards in the computer and electronics industries
HTTP (HyperText Transfer Protocol)
This protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands.
Black Hat Hacker
Unethical criminal hacker; their behavior is meant to cause harm, draw attention to something, or for personal gain
TCP (Transmission Control Protocol)
Used to establish and maintain connections over a computer network
Linux
Used to host routers + web servers
Man in the Middle (MITM)
When a user intercepts communication b/w the victim's computer and the internet
Forceful Directory Browsing
When hackers can use their knowledge of a web server's directory structure to craft URL addresses and navigate to locations that are unreferenced and unlinked in a web site