translator is *the* community for Reddit translation requests. Need something translated? Post here! We will help you translate any language, including Japanese, Chinese, German, Arabic, and many others. If you speak more than one language - especially rare ones - and want to put your multilingual skills to use, come join us!
/German is a community focused on discussion related to learning the German language. It is also a place to discuss the language at large. New visitors, please read the FAQ: /German/wiki/faq
A community for professional translators about translation.
Cisco Router Security
What are the two access privilege modes of the Cisco router?
User EXEC Mode: This is the initial access mode for a router. In this mode, the user can access only a limited set of basic monitoring commands.
Privileged EXEC Mode: This mode provides access to all router commands, such as debugging and configuration commands. It requires a password for access to ensure security.
What is the approach for password for the privileged mode of the router?
enable secret [password]
uses hashing algorithm so that the password is not in plain text but encrypted
How to ensure that all passwords in the router are stored in the encrypted form?
service password-encryption
What is the difference between the Cisco router’s startup and running configurations?
How to save the running configuration into start up configuration?
Startup Configuration: Stored in the NVRAM, this configuration is used to boot the router. It remains unchanged until an administrator explicitly saves the running configuration to it.
Running Configuration: Held in the router’s RAM, this configuration is active on the router. Changes to the router’s configuration are made here and are effective immediately.
Know and be able to configure all aspects of the Cisco router covered in class. For example,
configuring the router interfaces, setting the router OSPF ID, etc.
enable
configure terminal
hostname MyRouter
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
exit
interface Serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.1.0 0.0.0.255 area 0
exit
enable secret mysecretpassword
line console 0
password myconsolepassword
login
exit
line vty 0 4
password myvtypassword
login
exit
crypto key generate rsa
ip ssh version 2
ip ssh time-out 60
ip ssh authentication-retries 2
ip route 0.0.0.0 0.0.0.0 192.168.1.254
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 deny any
Practical Routing, OSPF, and Security
What is the difference between static and dynamic routing?
Static Routing: Involves manually setting up routes in the router's routing table through configuration commands. These routes do not change unless manually updated or removed. Static routing is simple, secure, and uses less bandwidth but lacks scalability and flexibility.
Dynamic Routing: Automatically adjusts routes in the routing table based on current network conditions using routing protocols. This approach allows for more flexibility, scalability, and fault tolerance, but consumes more resources and can be complex to configure.
What is the difference between link state and distance vector routing?
Distance Vector Routing: Routers using distance vector protocols calculate the best path to a destination based on the distance and direction (vector) to nodes. Updates are shared with neighboring routers at regular intervals or when changes occur. This approach can lead to slower convergence and issues like routing loops.
Link State Routing: Each router learns the entire network topology by exchanging link-state information. Routers then independently calculate the shortest path to every node using algorithms like Dijkstra’s. This results in quicker convergence and fewer routing loops.
Distance Vector Routing: Each router computes distance from itself to its next immediate neighbors. (RIP, EIGRP, & BGP)
-Does not build a full map of the network
-Focuses more on the next hop towards the destination
Link State Routing: Each router shares knowledge of its neighbors with every other router in the network. (OSPF and IS-IS)
-Builds a full map of the network
-Each router shares information
-Maintains a database of the entire network.
Give an example of the distance vector and link state algorithms.
Distance = RIPLink State = OSPF
What type of protocol is Routing Information Protocol (RIP)? Be able to understand
examples and solve problems.
Example of a distance vector protocol
dynamic protocol
-shares routing info with neighboring routers
-an interior gateway protocol that operates within autonomous system
-oldest of all dynamic protocol; RIPv1
-widely used open standard developed by IETF
-a distance vector routing protocol
-limited to maximum 15 hops;
how rip works -rip sends regular update message (advertisements to neighboring routers)
-every 30 seconds that resets after each successful ack
-route becomes invalid if it has not received a message for 180 seconds
-RIPv1 (obsolete) uses broadcast, while RIPv2 uses a multicast address -Update message only travel to a single hop
downside : limitations, each router in its table can only have one entry per destination. Have to wait for advertisement for an alternative path, cannot reach hops 15 paths away, little to no security.
What type of protocol is Open Shortest Paths First (OSPF) protocol? Be able to under-
stand examples and solve problems.
- an interior gateway protocol that operates within autonomous systems to build a full map of the network.
- widely used open standard developed by IETF
-a link state routing protocol
intra as routing with RIP
What is the Link State Advertisement (LSA) in OSPF? What is the Link State Database
(LSDB)?
-LSA contains data about a router, its subnets, and some other network information.-OSPF puts all the LSAs from different routers into a Link-State Database (LSDB)
The goal of OSPF is to be able to determine a complete map of the interior routing path to be able to create the best route possible.
The way this is done is that OSPF finds all the routers and subnets that can be reached within the entire network. The result is that each router will have the same information about the network by sending out LSA.
How does each router in OSPF create a map of the entire network?
Step 1 : Acquire neighbor relationship to exchange network information.
Step 2: Exchange database information, neighboring routers swap LSDB information with each other
Step 3: Choosing the best routes, each router chooses the best routes to add to its routing table based on the learned LSDB information.
What is the process for two OSPF routers to become neighbors?
A. a neighbor sends out a Hello packet including the router ID along with subnets that it routes to the given multicast address to a given OSPF area ID.
this is also a way for routers to tell neighbors that they are still on and good to go.
B. Once other routers receive this packet, they run some checks. The neighboring routers must match the following requirements:
-area id needs to be the same (also used when scaling up OSPF)
-the shared or connecting link should be on the same subnet.
-The Hello and dead timer must be the same.
-the dead timer is having enogh time before the sending router assumes that the neighbor is down.
-this timer is typically 10 secs for point-to-point and broadcast networks.
C. If all is fine, the receiving router will go into Init stage and sends a hello message of its own. This Hello packet list its own network info along with the known neighbor R1. This puts R1 into a 2-way communication status.
D. R1 sends another Hello message to R2 with the information as a known neighbor. This allows the R2 now with a 2-way communication status as well.E. We now have a 2-way neighboring routers
What is the difference between point-to-point and multi-access networks? How does OSPF
handle each case?
Point-to-Point: A network setup where each connection is between two specific nodes or devices. OSPF treats these links with straightforward neighbor relationships since there are only two routers on each segment.
Multi-Access Networks: Networks where multiple routers can connect on the same segment, such as Ethernet. OSPF uses a Designated Router (DR) and a Backup Designated Router (BDR) on these types of networks to reduce the amount of OSPF traffic and the size of the topological database.
DR selected by the highest OSPF prio.
Be able to configure OSPF routing given a topology.
–
Example:
Consider a topology with three routers R1, R2, and R3. The routers
are connected R1 =⇒R2 =⇒R3 =⇒R1.
R1 has interface f0/0 connected to the
interface f0/0 of R2. R2 has interface f0/1 connecting to the interface f0/0 of R3.
Finally R3 has interface 1/0 connecting to the interface 1/0 of R3. Assuming all
routers are Cisco 7200 routers, configure them to use OSPF to dynamically route in
this topology (you will be given the Cisco router manual for such questions).
•
R1enable
configure terminal
hostname R1
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
R2enable
configure terminal
hostname R2
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
no shutdown
exit
interface FastEthernet0/1
ip address 192.168.23.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 2.2.2.2
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
exit
end
write memory
R3enable
configure terminal
hostname R3
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.2 255.255.255.0
no shutdown
exit
router ospf 1
router-id 3.3.3.3
network 192.168.23.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
How does OSPF authenticate packets to protect against packet spoofing and tempering?
Be able to enable it a Cisco router.
OSPF (Open Shortest Path First) can authenticate packets to protect against packet spoofing and tampering using several methods. The two main types of authentication are:
Plain Text Authentication: This is simple and provides minimal security. It sends the password in clear text.
Message Digest 5 (MD5) Authentication: This provides stronger security by using cryptographic hash functions to authenticate OSPF packets.
Plain textenable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco123
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication
exit
write memory
MD5enable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 securepassword
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication message-digest
exit
write memory
Network Defense Fundamentals
•
What is IP spoofing? Explain.
-The ip packet contains the source and destination Ip addresses.-Is it straightforward to modify the ip address of the packet.
-IP Spoofing: sender chagrin his source address to something other than his real address.
How can IP spoofing be used in security attacks?
-If the attacker sends an Ip packet with a spoofed IP, they will not receive a response form the destination: the machine with the IP matching the spoofed IP will receive the response.Ip spoofing operation - the sender spoofs the source IP address to point to another target. The receiver system replies to the spoofed IP.
•
What are the countermeasures to IP spoofing?
Ingress and Egress Filtering: Network operators should implement filtering rules on routers and firewalls to block packets with source IP addresses that should not originate from those networks. Ingress filtering blocks incoming packets with a source IP address that is not valid for the network, while egress filtering blocks outgoing packets with an invalid source IP address.
Reverse Path Forwarding (RPF): This technique ensures that the incoming packets are received on the same interface that the router would use to send traffic back to the source. If the path does not match, the packet is discarded, preventing spoofed packets from passing through.
IPsec (Internet Protocol Security): IPsec can be used to authenticate and encrypt IP packets, ensuring that they come from legitimate sources and have not been tampered with. This makes spoofing attacks significantly more difficult.
How can IP spoofing be used to perform DoS attacks?
IP spoofing is often used in Denial of Service (DoS) attacks to obscure the attacker's identity and to overwhelm the target with traffic from what appears to be multiple sources. One common type of DoS attack that utilizes IP spoofing is a Smurf Attack. In a Smurf Attack, the attacker sends ICMP (Internet Control Message Protocol) echo requests to broadcast addresses of networks, with the source IP address spoofed to that of the victim. The devices on the network respond to the echo requests, sending replies back to the victim's IP address. This amplifies the traffic directed at the victim, potentially overwhelming their network and causing a DoS condition.
•
Know how to use
hping3
for performing ping floods.
Using hping3 to perform ping floods involves sending a high volume of ICMP Echo Request packets to a target to overwhelm it.basic ping floodsudo hping3 -1 --flood [target_IP]
Using spoofed source ipsudo hping3 -1 --flood -a [spoofed_IP] [target_IP]
Controlling the Packet Sending Rateo hping3 -1 --flood -i u1000 [target_IP]Combining sudo hping3 -1 --flood -a 10.0.0.1 -i u1000 192.168.1.1
Firewalling
What is a firewall?
a filtering device on a network that enforces network security policy and protects the network against external attacks.
According to NIST SP 800-41, what are the characteristics of a firewall?
NIST standard defines the possible characteristics that a firewall can use to filter traffic.
-(IP Address and Protocol type) filtering based on source/destination IP address/ports, traffic direction and other transport layer characteristics.
-(Application Protocols)controls access based on application protocol data
-(User identity) controls access based on user identity
-(Network activity)
What are the limitations of the firewall?
Firewall capabilities: -Define a traffic chokepoint in the network and protects against IP spoofing and routing attacks
-Provide a location for monitoring the security events -Provide non-security functions: loggin internet usage, network address translation-Serve as platform for VPN/IPSec
Firewall limitations:-protect against attacks bypassing the firewall, connections from inside the organization to the outside that do not go through the firewall.-protect against internal threats such as disgruntled employees.
What is a packet filter firewall? Be able to write and interpret rules and to spot configu-
rationflaws.
Packet filtering firewall : applies a set of rules to each packet based on the packet headers.Filters based on: source/destination IP, source/destination port numbers, IP Protocol Field:defines the transport protocol, Interface : for firewalls with 3+ network interfaces, the interface from which the packet came from/going to
•
What is the difference between the default and allow and default deny policies? Which
one is the more secure one?
-when no rules apply to a packet, a default rule is applied: default deny : what is not explicitly permitted is denied default forward : what is not explicitly denied is allowed
default deny is more secure, you dont have to identify all of the cases that needs to be blocked, if one is missed, default deny will deny it.
Port 0-1023 reserved
1024-2**17 ephemeral
source port used by the system initialiatizng a connection is always chosen from the ephemeral ports
Be able to configure the packet filtering functions of iptables.
–
Example:
Write iptables rules to block all ICMP traffic to and from the system.
iptables -A INPUT -p icmp -j DROP
iptables -A OUTPUT -p icmp -j DROP
Example:
Write iptables rules to block all traffic on port 22
iptables -A INPUT -p tcp --sport 22 -j DROP
iptables -A OUTPUT -p tcp --dport 22 -j DROP
–
Example:
Write iptables rules to block traffic to host 192.168.2.2
iptables -A OUTPUT -p tcp --dest 192.168.2.2 -j DROP
iptables -A INPUT -p tcp --src 192.168.2.2 -j DROP
What are the limitations of the packet filter firewall?
-does not examine upper layer data : cannot prevent attacks that employ application specfic vulnerabilities or functions.cannot block application specific commands.
•
What is the stateful firewall and how does it compare to a packet filter?
A stateful firewall is a network security device that monitors and tracks the state of active connections, making decisions based on the context of the traffic. Unlike a simple packet filter, which examines individual packets in isolation based on predetermined rules, a stateful firewall keeps track of connections over time, distinguishing between legitimate packets that are part of an established session and potentially malicious ones. This contextual awareness allows it to block unauthorized connection attempts and prevent attacks such as spoofing and session hijacking. While packet filters, or stateless firewalls, operate faster and consume fewer resources by applying static rules to each packet independently, they lack the sophisticated traffic pattern handling and enhanced security provided by stateful firewalls.
•
What is the application-level firewall? What are its advantages and limitations?
An application-level firewall, also known as an application firewall or proxy firewall, operates at the application layer of the OSI model. It inspects and filters traffic based on the specific application protocols (e.g., HTTP, FTP, DNS) rather than just IP addresses and port numbers. limitations : increased communications overhead due to two separate TCP connections
and not transparent to the client
Application-level gateways are also known as application-level proxies.
-act as a relay for the application-level traffic.
-runs at the application layer, and examines application-layer data
Supported ProtocolsFTPSTMPHTTP
What is a circuit-level firewall? What are its advantages and limitations?
-Similar to the application-level gateway, but only tracks the state of the TCP/UDP sessions.
-Does not examine application data , simply relays TCP segments
-Allow/deny decisions based on whether a packet belongs to an established and trusted connection
Advantage of circuit-level firewall -do not filter individual packets(simplifies rules)
-fast and efficient
Disadvantages:
-do not filter individual packets -require frequent updates: traffic is filtered with rules and policies that need regular updates for new threats and risks -the vendor needs to modify the TCP/IP implementation for thor applications to use the circuit-level proxy.
What are the different approaches to basing the firewall?
-stand-alone machines -software modules in roosters, switches, or servers, or pre-configured security appliances.
What are the host-based firewalls?
Host-based firewalls: a firewall software module used to secure a single host.
What are the network device firewalls?
Network device firewall = routers and switches often have firewall functions, like packet filtering and stateful inspection, to check and filter packets
What are the virtual firewalls?
-in a virtualized environment, servers, switches, and routers can be virtualized and share physical hardware. The hypervisor that manages the virtual machines can also have firewall capabilities.
What is the DMZ? How is it used for securing networks?
A Demilitarized Zone (DMZ) in network security is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, typically the internet. The primary purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN). By isolating these externally accessible services, the DMZ ensures that if an attacker gains access to the public-facing systems, they do not have direct access to the rest of the network.
How the DMZ Secures Networks
Isolation of Public Services: Services that need to be accessible from the outside, such as web servers, mail servers, FTP servers, and DNS servers, are placed in the DMZ. These services are isolated from the internal network, which helps protect the internal systems from attacks that may exploit vulnerabilities in the public-facing services.
Controlled Access: Firewalls are used to create boundaries between the internet, the DMZ, and the internal network. The firewall rules are configured to allow only specific types of traffic to and from the DMZ. For example, incoming web traffic might be allowed to reach a web server in the DMZ, but not to access internal systems directly.
Minimal Exposure: Only the necessary services are exposed to the internet. This minimizes the attack surface, reducing the number of entry points that an attacker can exploit. Internal systems and data remain protected behind the additional layer of the firewall.
Layered Security: The DMZ provides an additional layer of defense (defense-in-depth). Even if an attacker manages to compromise a server in the DMZ, the internal network is still protected by another firewall, making it harder for the attacker to penetrate further.
Monitoring and Logging: Activities within the DMZ can be closely monitored and logged. Any suspicious behavior can be detected early, and appropriate actions can be taken to mitigate potential threats before they impact the internal network.
Traffic Filtering: The firewalls between the internet and the DMZ, as well as between the DMZ and the internal network, can filter traffic based on IP addresses, ports, and protocols. This filtering ensures that only legitimate traffic is allowed and that malicious traffic is blocked.
-if attacker compromises a server on the network, they will be able to pivot to other systems on the network.
What are the advantages and disadvantages of having the two DMZ firewalls be from
different vendors?
Using different firewall manufacturers for the two firewalls maybe a good idea, avoids possibility of both having the same vulnerability but introduces more complexity and management overhead.
Be able to write pfSense firewall rules
Penetration Testing
•
What is penetration testing?
-legal and suthorzied attempt to locate and exploit vulnerable systems for the purpose of making those systems more secure.
pen testing, pt, hacking, ethical hacking, whitehate hacking, offensive security, red teaming
What is the objective of the penetration testing?
Use tools and techniques used by the attackers in order to discover security vulnerabilities before the attackers do.
What is the BAD pyramid?
The purpose of a red team is to find ways to improve the blue team, so purple teams should not be needed in an organization where the red/blue teams interaction is healthy and functioning properly.
red attack
purple defender changes based off attack knowledge
blue defend
green builder changes based on defender knowledge
yellow build
orange builder changes based on attacker knowledge
Why are the penetration tests conducted?
-a company may want to have a stronger understanding of their security footprint.
-system policy shortcomings -network protocol weaknesses -network/software misconfigurations -software vulnerabilities
What is the difference between penetration testing and vulnerability assessment?
-two terms often incorrectly ,interchangeably used in practice.
-vulnerability assessment : review of systems services to find potential vulnerabilities-penetration testing: finding an exploiting system vulnerabilities as proof-of-concept
What is the difference between black-box, white-box, and grey-box testing.
Black-Box Testing
Tester Knowledge: The tester has no knowledge of the internal structure, code, or implementation details of the system.
-lack knowledge of system
White-Box Testing
Tester Knowledge: The tester has full knowledge of the internal structure, code, and implementation details of the system.
-very thorough , but not completely realistic
Grey-Box Testing
Tester Knowledge: The tester has partial knowledge of the internal structure, code, or implementation details of the system.
What is the difference between ethical and unethical hackers?
-penetration testers, with proper authorization of the company, help improve the security of the company.
-unethical hackers, personal gain through extortion or other devious methods, profit, revenge, fame, etc. No authorization to conduct the attacks
•Ethical vs unethical hacking, penetration testers: obtain the authorization from the organization whose systems they plan to attack unethical hackers: attack without authorization.
Know the stages of penetration testing and the importance of following a structured ap-
proach.
–
Planning and Reconnaissance:
Planning: Define the scope and goals of the test, including the systems to be tested and the testing methods.
Reconnaissance: Gather information about the target, such as IP addresses, domain names, and network infrastructure, to understand how to approach the test.
Scanning:
Purpose: Identify potential entry points and vulnerabilities in the target system.
Methods: Use tools to scan for open ports, services running on those ports, and known vulnerabilities.
Gaining Access:
Purpose: Attempt to exploit identified vulnerabilities to gain unauthorized access to the system.
Techniques: Use techniques like password cracking, SQL injection, or exploiting software vulnerabilities.
Maintaining Access:
Planning and Reconnaissance:
Purpose: Ensure continued access to the compromised system to understand the potential impact of a prolonged attack.
Methods: Install backdoors or use other methods to maintain control over the system.
Analysis and Reporting:
Scanning
Purpose: Document the findings, including vulnerabilities discovered, methods used, and the level of access achieved.
Report: Provide a detailed report to the organization, highlighting the risks and recommending steps to mitigate the vulnerabilities.
Remediation:
Gaining Access
Purpose: Address and fix the identified vulnerabilities to improve the security of the system.
Action: Implement the recommended security measures from the report to protect against future attacks.
Retesting:
Maintaining Access
Purpose: Verify that the vulnerabilities have been successfully remediated.
Process: Conduct a follow-up test to ensure that the fixes are effective and no new issues have been introduced.
Importance of Following a Structured Approach
Consistency: A structured approach ensures that each stage is systematically followed, making the testing thorough and reliable.
Comprehensiveness: Following each stage helps identify and address all potential vulnerabilities, leaving no gaps in the security assessment.
Documentation: A structured method produces detailed documentation, which is crucial for understanding the security posture and for future reference.
Effectiveness: It ensures that the penetration test effectively mimics real-world attack scenarios, providing valuable insights into how an actual attacker might exploit vulnerabilities.
Risk Management: By identifying and addressing vulnerabilities, organizations can proactively manage security risks and protect their assets from potential attacks.
Example:
What is the difference between the passive and active reconnaissance?
•
Passive Reconnaissance
Definition: Gathering information about the target without directly interacting with the target system or network. The aim is to collect data without alerting the target.
Methods:
Publicly Available Information: Searching for information that is freely available on the internet, such as social media profiles, company websites, and news articles.
DNS Queries: Looking up domain registration information (WHOIS data), DNS records, and IP address ranges.
Network Traffic Analysis: Capturing and analyzing network traffic without sending packets to the target (e.g., using tools like Wireshark in a non-intrusive manner).
Search Engines: Using search engines to find information about the target, such as employee names, email addresses, and technical details.
Advantages:
Low Risk: Minimizes the chance of detection by the target because no direct interaction occurs.
Stealth: Suitable for the early stages of reconnaissance when the goal is to remain undetected.
Disadvantages:
Limited Information: May not provide as much detailed or specific information about vulnerabilities or configurations as active reconnaissance.
Active Reconnaissance
Definition: Actively engaging with the target system or network to gather information. This involves direct interaction, such as sending packets or probing the target.
Methods:
Network Scanning: Using tools like Nmap to scan for open ports, running services, and network topology.
Vulnerability Scanning: Running vulnerability scanners (e.g., Nessus, OpenVAS) to identify known weaknesses in the target systems.
Social Engineering: Directly interacting with individuals (e.g., phishing attacks) to gather information.
Probing and Enumerating: Sending specific queries or packets to the target to elicit responses that reveal information about the system (e.g., banner grabbing).
Advantages:
Detailed Information: Provides more detailed and specific information about the target's vulnerabilities, configurations, and active services.
Identification of Weaknesses: More effective in identifying exploitable vulnerabilities that can be used in subsequent attack phases.
Disadvantages:
Higher Risk: Increases the risk of detection by the target, which could alert them to the reconnaissance activity.
Potential Legal Issues: Unauthorized active reconnaissance can lead to legal repercussions if done without permission.
Summary
Passive Reconnaissance: Involves gathering information without direct interaction with the target, resulting in lower risk of detection but potentially less detailed information.
Active Reconnaissance: Involves direct interaction with the target to gather detailed information, but carries a higher risk of detection and potential legal consequences.
Both types of reconnaissance are essential in penetration testing to understand the target's environment and identify potential vulnerabilities while balancing the need for stealth and detailed information.
Be able to use the penetration testing tools discussed in class
nmap 192.168.1.1
nmap -sS -sV -O -A 192.168.1.1-sS: Perform a stealth SYN scan.
-sV: Detect service versions.
-O: Detect operating system.
-A: Perform aggressive scan (includes OS detection, version detection, script scanning, and traceroute).
I was really excited to play this game when it got added to Playstation plus, and I have to say, it's a massive understatement to say that this game is not made for me.
I absolutely CANNOT STAND the fact that this game is in a fake language and that short of hand translating every single text box (which takes several minutes per rune absolutely rips me out of the immersion), there is no way for me to enjoy the game. I don't skip text boxes unless I have already read them in any game ever. Text boxes for GAME MECHANICS? Text boxes with CHOICES? These NEED to be readable.
There are plenty of games with little to no text that are intuitive and need no instruction, things like limbo or even animal well. Tunic is not one of those games.
There are entire cutscenes, whole dialogs, a manual, and COUNTLESS TEXT BOXES ALL OVER THE GAME that are unreadable without translation. I can't overlook these. I don't play games in languages I don't read or speak for a reason, and dyslexia makes translating the runes nigh impossible. If there was some function where I could instantly translate an entire text box with like a Google lens, I could maybe feasibly play this game, but as it stands, there is no way for me to get past this.
I quit about 20 minutes in, after using some kind of disposable item and not even understanding what it did, which really frustrated me. The game either needs everything to be context sensitive and intuitive, or it needs actual readable instructions. There is no in between.
I love zelda-likes, and my heart hurts that this game has such an unnecessary wall in front of it. I am only glad I didn't pay money for it directly. If anyone ever makes a mod to translate the entire game into English, I'll come back to it, but I'm not going to hold my breath.
I (27F) last last winter (2022) wrote a long letter to my mom. I poured my heart into it, I cried the whole time writing it. I showed it to my husband to make sure I wasn’t being too mean in my writing towards my mom. I showed it to my stepsister to again make sure it was okay and made sense and to get emotional support (I’m Mexican and I didn’t want to push too far because i understand how deep generational trauma is and the parent child dynamic) I even showed it to my stepdad who immediately called me apologizing for the things I wrote in the letter (which I will get into in a moment) and was telling me about how he will divorce her (I didn’t want that and made me feel shitty) and explained why some scenarios ended up the way they did. Everyone encouraged me to send it. I was so confident that my mom was going to read it and drive over ? Write back? Call me. Something ! So I mailed it. (I mailed it because I instantly cry every time I try talking to her in person about not surface level things, it would of been easier getting words out especially when having to translate to Spanish)
In the letter I wrote about:
-Feeling emotionally neglected -the name calling my mom would do (calling me “retarded” and mimicking noises and movements of people with disability towards me among other things -My uncle being a pedo and scaring me into not saying anything to them, i later said something to a friend in HS who went to the counselor who called the police and I made up a person to protect my uncle, I was then grounded for over a year. -the carpet in my bedroom always being wet when it rained which is a lot where I live ruining my feet with a fungal infection that was just ignored (i understand it was a money issue but the hurt remains) -being yelled at for not cleaning everyday (I was the only child who would clean the kitchen and pick up leaves in the fall and stuff), sometimes she would clean again after I would do it. when asking to teach me how to do it better I would be ignored -asking her a question and being ignored -being blamed for high utility bills n being expensive for needing braces -my boyfriend in high school being suicidal when I would try to break up with him and hurting that I couldn’t go to them for help -saying that I tried to hit her to my step dad when I moved out of the way of her too quickly and making a scene about it leaving me confused -about the time she grabbed me by the hair and dragged me to the shower because I forgot to pick up the hairs I left in there after my shower -understanding that i understand she probably had a rough childhood and that all I wanted was a normal mother daughter relationship
That’s pretty much the gist among a bunch of other little things that really hurt me and I explained that it was hard to form a relationship with her in my adulthood and trust her with my kids until we addressed these things. I wanted to be acknowledged. Not even an apology really. But a conversation. I wanted to understand her more because I literally don’t know anything about her. We would never talk unless it was to eat dinner or clean something. I was always in my room during that time.
I waited a few weeks, my stepsister would visit them here and there and tell me how my mom appears sad? And maybe she needed more time.
A few months pass by I see my mom smiling in Hawaii having a good time.
At this point I’m in therapy because I’m losing hair from the stress of this and severely depressed.
Fall comes around and I finally go to visit with the encouragement of my husband, stepsister and stepdad. She acts like I’m not even there. This makes me angry. At one point my mom goes outside to smoke a cigarette im at the table with everyone and I start just talking about the hurts again, I say my mom is a narcissistic. My mom comes back inside. And for an hour. I’m complaining and she’s in the living room a few feet away saying absolutely nothing.
I leave feeling so weird. So lonely? We are now I’m 2024. I don’t have a relationship with her or my step dad really. I had to block her because she would go to Hawaii again and just living her life having a great time I was trying not to be bitter. Or angry. My step sister and step dad eventually started to question how legitimate my statements were (a lot of the meanness was when it was just my mom and I) it was so painful being misunderstood. Being told that that’s just the mom that I have. Being told that things were maybe my fault for having a problem with everything (I would always speak up when my parents would be racist and things)
I few months ago I did send her a text as a final effort. I asked why she never responded. If she wants to just leave this alone that’s okay and I will move on. And she told me that all that was on the letter were complaints. And told me about how when I was 20 I made a comment on a Facebook post about bad parenting and how everyone saw. About how embarrassed she was when people reached out to her. About how I wrote that I felt like I was in a dark environment. I didn’t know everyone saw it. I apologized for that. She told me to come over to talk because she personally has some complains about me. But she never acknowledged me. I didn’t want to go, to feel yelled at and again taken back to being a child getting yelled at.
I’m currently feeling grief. Mistrust to my family. Lonely. Jealous? About how my other siblings seem to be having a better time. How do I move on from feeling misunderstood. I feel like everyone is okay and I’m abandoned. I feel guilt for pulling my small family away from them from how hurt I am. Most times I’m okay until I see my stepsister at a family gathering that I’m never invited to. And then I’m back again to being a lonely child.
Hello everyone, I have a question about a specific Quran verse and how it translates into english. Specifically 24:43:
أَلَمۡ تَرَ أَنَّ ٱللَّهَ يُزۡجِي سَحَابٗا ثُمَّ يُؤَلِّفُ بَيۡنَهُۥ ثُمَّ يَجۡعَلُهُۥ رُكَامٗا فَتَرَى ٱلۡوَدۡقَ يَخۡرُجُ مِنۡ خِلَٰلِهِۦ وَيُنَزِّلُ مِنَ ٱلسَّمَآءِ مِن جِبَالٖ فِيهَا مِنۢ بَرَدٖ فَيُصِيبُ بِهِۦ مَن يَشَآءُ وَيَصۡرِفُهُۥ عَن مَّن يَشَآءُۖ يَكَادُ سَنَا بَرۡقِهِۦ يَذۡهَبُ بِٱلۡأَبۡصَٰرِ
The translations seem to significantly differ towards the end however:
Do you not see that Allah drives clouds? Then He brings them together, then He makes them into a mass, and you see the rain emerge from within it. And He sends down from the sky, mountains [of clouds] within which is hail, and He strikes with it whom He wills and averts it from whom He wills. The flash of its lightening almost takes away the eyesight. -Sahih International
Seest thou not that Allah makes the clouds move gently, then joins them together, then makes them into a heap? – then wilt thou see rain issue forth from their midst. And He sends down from the sky mountain masses (of clouds) wherein is hail: He strikes therewith whom He pleases and He turns it away from whom He pleases, the vivid flash of His lightning well-nigh blinds the sight. - Yusuf Ali
There are multiple examples of each of these translations from multiple translators. The discrepancy seems to be between whether or not the lightning is being referred to as belonging to god (his) or to the cloud (it). I am wondering if there is a conclusive most accurate translation? Is it possible that "it" in this circumstance could also be referring to god, is there any precedent for god being referred to in that manner throughout the text?
Dealing with the mother in law is hard enough, but can you imagine if you also need to deal with his sisters?
His oldest sister is living next door with her husband and her parent in laws. Her husband has a little bro. According to what she said, the brother is spoiled by the parents and she dislike him. Therefore, her front door uses key because she doesn’t want the brother to come so easily and so often. But our front door uses passcode, and she came over to our house every weekends at that time. She stayed the whole day in our house on weekends.
My husbands father has diabetes and needs kidney dialysis. Most of the time, his second sis is the one who took him to the doctor or hospital. But she needs to work, so my husband also needs to help from time to time. However, whenever they ask the oldest sis to help with the dad, she would say, I am married out already. In my memory, she seldom took the dad to the doctor or the kidney dialysis. I am not good at driving, and was pregnant at that time, I picked his dad up from the hospital once (what is ironic here is that his second sis thought it was their oldest sis picked them up from the hospital even though she is the one also complained the biggest never helped), helped his second sis to send his dad to the kidney dialysis ( because she needs people to help the dad get out or in the car), and helped with translation for his dad’s physical therapy when his second sis was not available. In January of 2021, his dad’s situation is very bad and the nurse asked them to make a decision if the hospital should save his life if ….. the chance is only 50/50, and even though he was saved, he would have to do kidney dialysis for the rest of his life, and he also would have to have his leg amputation. Considering his life quality and the care taking part, his mom and second sis agreed to let him passed away naturally if that really happens. My husband had a hard time making the decisions. The oldest sister kept crying over there, and said we should not give up his life. Suddenly, she turned to me and asked about my opinion. Then I expressed my opinion, if you guys decide to save his life then you guys should share the responsibility of taking care of him and help with doctor visit and kidney dialysis, but you guys also need to think about his life quality and the fact that he would lose his legs. His second sis agreed with what I said, and my husband agreed with his mum and second sis at the end The oldest sis also agreed with then after her husband s persuasion. After his dad passed away, the oldest sis is the one cried the hardest, and the mum told one of their aunt on the phone how sad the oldest daughter is, and asked her not to cry so much, otherwise her health might be affected. Mam, you should show your love and contribute more to your father when he s still alive.
After I had my first kid, especially my relationship with my mother in law was like freezing at that time, my husband and I would go to visit my parents every weekend, one reason is that I could escape that prison like house, the other reason is that my parents could help me with the baby there so that I can rest a little bit. However, I accidentally found out she complained to my husband about me in the message why I always showed them bitchy face at home and why would I go back to my parents house every weekend. But the fact is she came over to our house more often when their dad’s situation was bad. And after the dad passed away, she still came over very often, which lead to her mother in law yelling at her at one time(when her father in law was in hospital because of Covid), saying no daughter in law would go back to her mums house so frequently. She’s lucky to have her husband to back her up by then. And she came over to our house to complained about it, and said I was married to her son but not selling myself to his family. My mother in law told her to keep quiet then the situation would become better.
Talking about the message, how I found out she bitched about me and my family is also very interesting. Thats like when my son was like about 8 months old, my husband told me to let his mum to watch the baby a little bit and would go grocery shopping with me after that meeting. I was waiting for my husband in his office room, and his mom was holding the baby to nap. I left my phone in the living room, so I played with my husband s phone. I accidentally went to the message, and saw that the last msg his oldest sis said is if you go bankrupt don’t expect me to help you. I was wondering what would make her say this. Then I went into their msg. The first time I found out that actually she had so many complaints about my family and me. So my husband got my dad a free tablet through promotion and he shipped it to our house for setup. She saw that package with my dad’s name on it. Second sis said it might be sending here for set up. In the text she told my husband that she wanted to get a tablet and ask for suggestion. My husband asked why would u need that, you don’t use that. Then she said is this your father in law s Xmas gift? My husband explained that’s through a promotion, not he buying it. Then she said, I guess he would not get a Christmas gift since you already got him a house! lol my dad paid half of that retirement house. And because my sis and I could not get a good rate, my husband said he could help, but my sis s side will be responsible for half of the mortgage. My husband s name is also on that title! How come this house would become my dad’s Christmas gift? And in the message, she also said she s not as lucky as me, no need to wash dishes at home. But the fact is I am the one who cooked most in our house and did most of the dish cleaning before my baby came out, I am the one who cleaned the house all the time. I didn’t do so many dishes wash after the baby was born because I needed to take care of the baby and power pump is very exhausting for me at that time. For her, she doesn’t cook much at her house, because either her father in law cook or the parent in laws bring food home when they are off work or her mum would cook and ask the second sis to bring food over! And her parents in laws would clean the whole house every Wednesday at that time! Reading this I felt super angry, my face was burning and my heart was about to jump out of my breast! I directly replied bitch to her! I hung up on her when she called my husband s phone. After my husband finished the meeting , I said, “ u r in trouble now, because I just called your sis bitch!” She called my mother in law saying the brother curse her. And MIL came knocking at the door, disregarding if my husband is still in the meeting or my son was napping in her arm. She asked my husband why cursed his sis! I couldn’t stand any more, then I exploded, and questioned her why every time you defend your daughter no matter shes right or not. Do you know what she said about my parents and me in the message. I also directly called her bitch and claimed that it's her who kicked my mom out of our house when she was here to help me! That became a big arguement and I took my son back to my parents house right after the arguement.
Because of my husband, I tried to fix the relationship after half a year, and also we have our own house now.
However, just two days ago (5/14), his oldest sis called him around 10:30pm using second sis s phone because her husband got her a new phone and would like my husband to set it up for her. Her old phone is still usable, why the new phone must be set up now? And my husband is wondering why she’s not using the her husband’s phone to call but second sister’s phone. My husband went to check and found out she moved into our house, where his mom and second sis are living, with her 18 month son . And He traced that she was living there since 3/16. Not sure about exactly when as the history can only go back to two or three months. My husband and his second sis are the owners, and my husband is helping paying the mortgage ( before we moved out, he is the only one paying the mortgage). Why no one telling us about her move in. And we are sure she has no issue with her husband and parents in law because the husband just bought her the new iPhone and she s living in our house on weekdays, but on weekends she would go back to her own house. How hypocritical it is! When my son was about 8 months old she complained we went back to my parents house every weekend. But now she moved into our house even though her house is next door !!! My husband called the second sis and told her about this, expressed his disappointment about not letting him knowing this, telling her this whole shit is basically slapping my face. And also told them we are not going to NC trip with them. BTW, a few days ago, his oldest sister texted my husband asked him to go back to that house help clean the doggie this week, before the NC trip. Why the heck you live there , eat there, free baby sitter there, you can’t clean the dog with your sister?!!!
If the masoretic texts didn't exist, from what version of the Torah was the text being translated?