/HELP – shows general help or help on the given command.
/LIST – lists all current channels.
/JOIN – to join a channel
/PART – to leave a channel (same as LEAVE)
/QUIT – exits your IRC session, (same as BYE and EXIT)
/NICK – changes your nickname
/AWAY – leaves a message saying you’re away or not paying attention
/WHOIS – displays information about someone
/INVITE – ends an invitation to another user
/KICK – gets rid of someone on a channel
/TOPIC – changes the topic of the channel
/ME – sends anything about you to a channel or QUERY
IRC freenode Registration
Within IRC console, type command – “/msg NickServ REGISTER <password> <email-address>”
Confirm account registration using command sent in email within IRC console. Typically formatted as – “/msg NickServ VERIFY REGISTER <username> <variable>
Authenticate username within IRC console – “/msg NickServ IDENTIFY <password>”
Initiate SSLv3/TLS Connections with Nmap Script
Locate Nmap scripts folder (location varies by platform – “find / -name ‘*.nse'”
Confirm “ssl-enum-ciphers” exists in folder. Download from Nmap if required – https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html
Invoke Nmap and run command – “nmap -p 80,443 -T4 –script ssl-enum-ciphers <hostname>.
Repairing MongoDB
sudo -u mongodb mongod –repair –dbpath /var/lib/mongodb/
sudo service mongod start
Installing Modern Honey Network (Ubuntu)
Install Git
- $ sudo apt-get install git -y
Install MHN
- $ cd /opt/
- $ sudo git clone https://github.com/threatstream/mhn.git
- $ cd mhn/
- $ sudo ./install.sh
Configuration
===========================================================
MHN Configuration
===========================================================
Do you wish to run in Debug mode?: y/n n
Superuser email: YOUR_EMAIL@YOURSITE.COM
Superuser password:
Server base url [“http://1.2.3.4”]:
Honeymap url [“http://1.2.3.4:3000”]:
Mail server address [“localhost”]:
Mail server port [25]:
Use TLS for email?: y/n n
Use SSL for email?: y/n n
Mail server username [“”]:
Mail server password [“”]:
Mail default sender [“”]:
Path for log file [“mhn.log”]:
Running
user@precise64:/opt/mhn/scripts$ sudo /etc/init.d/nginx status
* nginx is running
user@precise64:/opt/mhn/scripts$ sudo /etc/init.d/supervisor status
is running
user@precise64:/opt/mhn/scripts$ sudo supervisorctl status
geoloc RUNNING pid 31443, uptime 0:00:12
honeymap RUNNING pid 30826, uptime 0:08:54
hpfeeds-broker RUNNING pid 10089, uptime 0:36:42
mhn-celery-beat RUNNING pid 29909, uptime 0:18:41
mhn-celery-worker RUNNING pid 29910, uptime 0:18:41
mhn-collector RUNNING pid 7872, uptime 0:18:41
mhn-uwsgi RUNNING pid 29911, uptime 0:18:41
mnemosyne RUNNING pid 28173, uptime 0:30:08
Metasploit: Module database cache not built yet, using slow search
msf console:
msf > db_status
[*] postgresql connected to msf
msf > search samba
[!] Module database cache not built yet, using slow search
msf > db_rebuild_cache
Terminal:
#msfdb init
#service postgresql start
HTTP Strict Transport Security
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. It also prevents HTTPS click through prompts on browsers.
The specification has been released and published end of 2012 as RFC 6797 (HTTP Strict Transport Security (HSTS)) by the IETF.
Links:
DMitry Package Description
DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more.
The following is a list of the current features:
- An Open Source Project.
- Perform an Internet Number whois lookup.
- Retrieve possible uptime data, system and server data.
- Perform a SubDomain search on a target host.
- Perform an E-Mail address search on a target host.
- Perform a TCP Portscan on the host target.
- A Modular program allowing user specified modules
- Source: http://mor-pah.net/software/dmitry-deepmagic-information-gathering-tool/
- Author: James Greig
- License: GPLv3
Tools included in the dmitry package
dmitry – Deepmagic Information Gathering Tool
root@kali:~# dmitry -h
Deepmagic Information Gathering Tool
“There be some deep magic going on”
dmitry: invalid option — ‘h’
Usage: dmitry [-winsepfb] [-t 0-9] [-o %host.txt] host
-o Save output to %host.txt or to file specified by -o file
-i Perform a whois lookup on the IP address of a host
-w Perform a whois lookup on the domain name of a host
-n Retrieve Netcraft.com information on a host
-s Perform a search for possible subdomains
-e Perform a search for possible email addresses
-p Perform a TCP port scan on a host
* -f Perform a TCP port scan on a host showing output reporting filtered ports
* -b Read in the banner received from the scanned port
* -t 0-9 Set the TTL in seconds when scanning a TCP port ( Default 2 )
*Requires the -p flagged to be passed
dmitry Usage Example
Run a domain whois lookup (w), an IP whois lookup (i), retrieve Netcraft info (n), search for subdomains (s), search for email addresses (e), do a TCP port scan (p), and save the output to example.txt (o) for the domain example.com
root@kali:~# dmitry -winsepo example.txt example.com
Deepmagic Information Gathering Tool
“There be some deep magic going on”
Writing output to ‘example.txt’
HostIP:93.184.216.119
HostName:example.com
Gathered Inet-whois information for 93.184.216.119
———————————
CISSP CPE Requirements
For certification cycles that began on or prior to December 1, 2014
| CPE Type | Annual Req. | 3-Year Total |
|---|---|---|
| Group A | 20 | 80 |
| Group A or B | N/A | 40 |
| Total Required | 20 | 120 |
For certification cycles that began on or after January 1, 2015
| CPE Type | Annual Req. | 3-Year Total |
|---|---|---|
| Group A | 30 | 90 |
| Group A or B | 10 | 30 |
| Total Required | 40 | 120 |
Common Junos Commands
- show version
- show version detail
- show chassis hardware
- show chassis hardware detail
- configure
- show configuration
- commit confirmed
- request system snapshot
- rollback
- file list detail /config
- file list detail /var/db/config
- show interfaces terse
- show interfaces
- show interfaces interface-name
- show interfaces detail
- show interfaces detail interface-name
- show interfaces extensive
- show interfaces extensive interface-name
- show route
- show route inet.0
- show route inet.6l
- show route detail
- show route protocol
- show route forwarding-table
- show rip neighbor
- show isis interface
- show isis adjacency
- show ospf interface
- show ospf neighbor
- show bgp neighbor
- show bgp summary
- show route protocol bgp
- show Ethernet-switching interfaces
- show vlans
- show virtual-chassis status
- show spanning-tree bridge
- show spanning-tree interface
- show log messages
- show system uptime