A subreddit for serious discussion about the NBA. [Join our Discord server](https://discord.gg/8mJYhrT5VZ)
CNN: Anonymous Basement Dweller Edits Posters for Funky Munky Image Board, World Leaders Humbled; "Inspirational"
Cisco Router Security
What are the two access privilege modes of the Cisco router?
User EXEC Mode: This is the initial access mode for a router. In this mode, the user can access only a limited set of basic monitoring commands.
Privileged EXEC Mode: This mode provides access to all router commands, such as debugging and configuration commands. It requires a password for access to ensure security.
What is the approach for password for the privileged mode of the router?
enable secret [password]
uses hashing algorithm so that the password is not in plain text but encrypted
How to ensure that all passwords in the router are stored in the encrypted form?
service password-encryption
What is the difference between the Cisco router’s startup and running configurations?
How to save the running configuration into start up configuration?
Startup Configuration: Stored in the NVRAM, this configuration is used to boot the router. It remains unchanged until an administrator explicitly saves the running configuration to it.
Running Configuration: Held in the router’s RAM, this configuration is active on the router. Changes to the router’s configuration are made here and are effective immediately.
Know and be able to configure all aspects of the Cisco router covered in class. For example,
configuring the router interfaces, setting the router OSPF ID, etc.
enable
configure terminal
hostname MyRouter
interface GigabitEthernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
exit
interface Serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.1.0 0.0.0.255 area 0
exit
enable secret mysecretpassword
line console 0
password myconsolepassword
login
exit
line vty 0 4
password myvtypassword
login
exit
crypto key generate rsa
ip ssh version 2
ip ssh time-out 60
ip ssh authentication-retries 2
ip route 0.0.0.0 0.0.0.0 192.168.1.254
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 deny any
Practical Routing, OSPF, and Security
What is the difference between static and dynamic routing?
Static Routing: Involves manually setting up routes in the router's routing table through configuration commands. These routes do not change unless manually updated or removed. Static routing is simple, secure, and uses less bandwidth but lacks scalability and flexibility.
Dynamic Routing: Automatically adjusts routes in the routing table based on current network conditions using routing protocols. This approach allows for more flexibility, scalability, and fault tolerance, but consumes more resources and can be complex to configure.
What is the difference between link state and distance vector routing?
Distance Vector Routing: Routers using distance vector protocols calculate the best path to a destination based on the distance and direction (vector) to nodes. Updates are shared with neighboring routers at regular intervals or when changes occur. This approach can lead to slower convergence and issues like routing loops.
Link State Routing: Each router learns the entire network topology by exchanging link-state information. Routers then independently calculate the shortest path to every node using algorithms like Dijkstra’s. This results in quicker convergence and fewer routing loops.
Distance Vector Routing: Each router computes distance from itself to its next immediate neighbors. (RIP, EIGRP, & BGP)
-Does not build a full map of the network
-Focuses more on the next hop towards the destination
Link State Routing: Each router shares knowledge of its neighbors with every other router in the network. (OSPF and IS-IS)
-Builds a full map of the network
-Each router shares information
-Maintains a database of the entire network.
Give an example of the distance vector and link state algorithms.
Distance = RIPLink State = OSPF
What type of protocol is Routing Information Protocol (RIP)? Be able to understand
examples and solve problems.
Example of a distance vector protocol
dynamic protocol
-shares routing info with neighboring routers
-an interior gateway protocol that operates within autonomous system
-oldest of all dynamic protocol; RIPv1
-widely used open standard developed by IETF
-a distance vector routing protocol
-limited to maximum 15 hops;
how rip works -rip sends regular update message (advertisements to neighboring routers)
-every 30 seconds that resets after each successful ack
-route becomes invalid if it has not received a message for 180 seconds
-RIPv1 (obsolete) uses broadcast, while RIPv2 uses a multicast address -Update message only travel to a single hop
downside : limitations, each router in its table can only have one entry per destination. Have to wait for advertisement for an alternative path, cannot reach hops 15 paths away, little to no security.
What type of protocol is Open Shortest Paths First (OSPF) protocol? Be able to under-
stand examples and solve problems.
- an interior gateway protocol that operates within autonomous systems to build a full map of the network.
- widely used open standard developed by IETF
-a link state routing protocol
intra as routing with RIP
What is the Link State Advertisement (LSA) in OSPF? What is the Link State Database
(LSDB)?
-LSA contains data about a router, its subnets, and some other network information.-OSPF puts all the LSAs from different routers into a Link-State Database (LSDB)
The goal of OSPF is to be able to determine a complete map of the interior routing path to be able to create the best route possible.
The way this is done is that OSPF finds all the routers and subnets that can be reached within the entire network. The result is that each router will have the same information about the network by sending out LSA.
How does each router in OSPF create a map of the entire network?
Step 1 : Acquire neighbor relationship to exchange network information.
Step 2: Exchange database information, neighboring routers swap LSDB information with each other
Step 3: Choosing the best routes, each router chooses the best routes to add to its routing table based on the learned LSDB information.
What is the process for two OSPF routers to become neighbors?
A. a neighbor sends out a Hello packet including the router ID along with subnets that it routes to the given multicast address to a given OSPF area ID.
this is also a way for routers to tell neighbors that they are still on and good to go.
B. Once other routers receive this packet, they run some checks. The neighboring routers must match the following requirements:
-area id needs to be the same (also used when scaling up OSPF)
-the shared or connecting link should be on the same subnet.
-The Hello and dead timer must be the same.
-the dead timer is having enogh time before the sending router assumes that the neighbor is down.
-this timer is typically 10 secs for point-to-point and broadcast networks.
C. If all is fine, the receiving router will go into Init stage and sends a hello message of its own. This Hello packet list its own network info along with the known neighbor R1. This puts R1 into a 2-way communication status.
D. R1 sends another Hello message to R2 with the information as a known neighbor. This allows the R2 now with a 2-way communication status as well.E. We now have a 2-way neighboring routers
What is the difference between point-to-point and multi-access networks? How does OSPF
handle each case?
Point-to-Point: A network setup where each connection is between two specific nodes or devices. OSPF treats these links with straightforward neighbor relationships since there are only two routers on each segment.
Multi-Access Networks: Networks where multiple routers can connect on the same segment, such as Ethernet. OSPF uses a Designated Router (DR) and a Backup Designated Router (BDR) on these types of networks to reduce the amount of OSPF traffic and the size of the topological database.
DR selected by the highest OSPF prio.
Be able to configure OSPF routing given a topology.
–
Example:
Consider a topology with three routers R1, R2, and R3. The routers
are connected R1 =⇒R2 =⇒R3 =⇒R1.
R1 has interface f0/0 connected to the
interface f0/0 of R2. R2 has interface f0/1 connecting to the interface f0/0 of R3.
Finally R3 has interface 1/0 connecting to the interface 1/0 of R3. Assuming all
routers are Cisco 7200 routers, configure them to use OSPF to dynamically route in
this topology (you will be given the Cisco router manual for such questions).
•
R1enable
configure terminal
hostname R1
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
R2enable
configure terminal
hostname R2
interface FastEthernet0/0
ip address 192.168.12.2 255.255.255.0
no shutdown
exit
interface FastEthernet0/1
ip address 192.168.23.1 255.255.255.0
no shutdown
exit
router ospf 1
router-id 2.2.2.2
network 192.168.12.0 0.0.0.255 area 0
network 192.168.23.0 0.0.0.255 area 0
exit
end
write memory
R3enable
configure terminal
hostname R3
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
no shutdown
exit
interface FastEthernet1/0
ip address 192.168.31.2 255.255.255.0
no shutdown
exit
router ospf 1
router-id 3.3.3.3
network 192.168.23.0 0.0.0.255 area 0
network 192.168.31.0 0.0.0.255 area 0
exit
end
write memory
How does OSPF authenticate packets to protect against packet spoofing and tempering?
Be able to enable it a Cisco router.
OSPF (Open Shortest Path First) can authenticate packets to protect against packet spoofing and tampering using several methods. The two main types of authentication are:
Plain Text Authentication: This is simple and provides minimal security. It sends the password in clear text.
Message Digest 5 (MD5) Authentication: This provides stronger security by using cryptographic hash functions to authenticate OSPF packets.
Plain textenable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco123
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication
exit
write memory
MD5enable
configure terminal
interface FastEthernet0/0
ip address 192.168.12.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 securepassword
no shutdown
exit
router ospf 1
router-id 1.1.1.1
network 192.168.12.0 0.0.0.255 area 0
area 0 authentication message-digest
exit
write memory
Network Defense Fundamentals
•
What is IP spoofing? Explain.
-The ip packet contains the source and destination Ip addresses.-Is it straightforward to modify the ip address of the packet.
-IP Spoofing: sender chagrin his source address to something other than his real address.
How can IP spoofing be used in security attacks?
-If the attacker sends an Ip packet with a spoofed IP, they will not receive a response form the destination: the machine with the IP matching the spoofed IP will receive the response.Ip spoofing operation - the sender spoofs the source IP address to point to another target. The receiver system replies to the spoofed IP.
•
What are the countermeasures to IP spoofing?
Ingress and Egress Filtering: Network operators should implement filtering rules on routers and firewalls to block packets with source IP addresses that should not originate from those networks. Ingress filtering blocks incoming packets with a source IP address that is not valid for the network, while egress filtering blocks outgoing packets with an invalid source IP address.
Reverse Path Forwarding (RPF): This technique ensures that the incoming packets are received on the same interface that the router would use to send traffic back to the source. If the path does not match, the packet is discarded, preventing spoofed packets from passing through.
IPsec (Internet Protocol Security): IPsec can be used to authenticate and encrypt IP packets, ensuring that they come from legitimate sources and have not been tampered with. This makes spoofing attacks significantly more difficult.
How can IP spoofing be used to perform DoS attacks?
IP spoofing is often used in Denial of Service (DoS) attacks to obscure the attacker's identity and to overwhelm the target with traffic from what appears to be multiple sources. One common type of DoS attack that utilizes IP spoofing is a Smurf Attack. In a Smurf Attack, the attacker sends ICMP (Internet Control Message Protocol) echo requests to broadcast addresses of networks, with the source IP address spoofed to that of the victim. The devices on the network respond to the echo requests, sending replies back to the victim's IP address. This amplifies the traffic directed at the victim, potentially overwhelming their network and causing a DoS condition.
•
Know how to use
hping3
for performing ping floods.
Using hping3 to perform ping floods involves sending a high volume of ICMP Echo Request packets to a target to overwhelm it.basic ping floodsudo hping3 -1 --flood [target_IP]
Using spoofed source ipsudo hping3 -1 --flood -a [spoofed_IP] [target_IP]
Controlling the Packet Sending Rateo hping3 -1 --flood -i u1000 [target_IP]Combining sudo hping3 -1 --flood -a 10.0.0.1 -i u1000 192.168.1.1
Firewalling
What is a firewall?
a filtering device on a network that enforces network security policy and protects the network against external attacks.
According to NIST SP 800-41, what are the characteristics of a firewall?
NIST standard defines the possible characteristics that a firewall can use to filter traffic.
-(IP Address and Protocol type) filtering based on source/destination IP address/ports, traffic direction and other transport layer characteristics.
-(Application Protocols)controls access based on application protocol data
-(User identity) controls access based on user identity
-(Network activity)
What are the limitations of the firewall?
Firewall capabilities: -Define a traffic chokepoint in the network and protects against IP spoofing and routing attacks
-Provide a location for monitoring the security events -Provide non-security functions: loggin internet usage, network address translation-Serve as platform for VPN/IPSec
Firewall limitations:-protect against attacks bypassing the firewall, connections from inside the organization to the outside that do not go through the firewall.-protect against internal threats such as disgruntled employees.
What is a packet filter firewall? Be able to write and interpret rules and to spot configu-
rationflaws.
Packet filtering firewall : applies a set of rules to each packet based on the packet headers.Filters based on: source/destination IP, source/destination port numbers, IP Protocol Field:defines the transport protocol, Interface : for firewalls with 3+ network interfaces, the interface from which the packet came from/going to
•
What is the difference between the default and allow and default deny policies? Which
one is the more secure one?
-when no rules apply to a packet, a default rule is applied: default deny : what is not explicitly permitted is denied default forward : what is not explicitly denied is allowed
default deny is more secure, you dont have to identify all of the cases that needs to be blocked, if one is missed, default deny will deny it.
Port 0-1023 reserved
1024-2**17 ephemeral
source port used by the system initialiatizng a connection is always chosen from the ephemeral ports
Be able to configure the packet filtering functions of iptables.
–
Example:
Write iptables rules to block all ICMP traffic to and from the system.
iptables -A INPUT -p icmp -j DROP
iptables -A OUTPUT -p icmp -j DROP
Example:
Write iptables rules to block all traffic on port 22
iptables -A INPUT -p tcp --sport 22 -j DROP
iptables -A OUTPUT -p tcp --dport 22 -j DROP
–
Example:
Write iptables rules to block traffic to host 192.168.2.2
iptables -A OUTPUT -p tcp --dest 192.168.2.2 -j DROP
iptables -A INPUT -p tcp --src 192.168.2.2 -j DROP
What are the limitations of the packet filter firewall?
-does not examine upper layer data : cannot prevent attacks that employ application specfic vulnerabilities or functions.cannot block application specific commands.
•
What is the stateful firewall and how does it compare to a packet filter?
A stateful firewall is a network security device that monitors and tracks the state of active connections, making decisions based on the context of the traffic. Unlike a simple packet filter, which examines individual packets in isolation based on predetermined rules, a stateful firewall keeps track of connections over time, distinguishing between legitimate packets that are part of an established session and potentially malicious ones. This contextual awareness allows it to block unauthorized connection attempts and prevent attacks such as spoofing and session hijacking. While packet filters, or stateless firewalls, operate faster and consume fewer resources by applying static rules to each packet independently, they lack the sophisticated traffic pattern handling and enhanced security provided by stateful firewalls.
•
What is the application-level firewall? What are its advantages and limitations?
An application-level firewall, also known as an application firewall or proxy firewall, operates at the application layer of the OSI model. It inspects and filters traffic based on the specific application protocols (e.g., HTTP, FTP, DNS) rather than just IP addresses and port numbers. limitations : increased communications overhead due to two separate TCP connections
and not transparent to the client
Application-level gateways are also known as application-level proxies.
-act as a relay for the application-level traffic.
-runs at the application layer, and examines application-layer data
Supported ProtocolsFTPSTMPHTTP
What is a circuit-level firewall? What are its advantages and limitations?
-Similar to the application-level gateway, but only tracks the state of the TCP/UDP sessions.
-Does not examine application data , simply relays TCP segments
-Allow/deny decisions based on whether a packet belongs to an established and trusted connection
Advantage of circuit-level firewall -do not filter individual packets(simplifies rules)
-fast and efficient
Disadvantages:
-do not filter individual packets -require frequent updates: traffic is filtered with rules and policies that need regular updates for new threats and risks -the vendor needs to modify the TCP/IP implementation for thor applications to use the circuit-level proxy.
What are the different approaches to basing the firewall?
-stand-alone machines -software modules in roosters, switches, or servers, or pre-configured security appliances.
What are the host-based firewalls?
Host-based firewalls: a firewall software module used to secure a single host.
What are the network device firewalls?
Network device firewall = routers and switches often have firewall functions, like packet filtering and stateful inspection, to check and filter packets
What are the virtual firewalls?
-in a virtualized environment, servers, switches, and routers can be virtualized and share physical hardware. The hypervisor that manages the virtual machines can also have firewall capabilities.
What is the DMZ? How is it used for securing networks?
A Demilitarized Zone (DMZ) in network security is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network, typically the internet. The primary purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN). By isolating these externally accessible services, the DMZ ensures that if an attacker gains access to the public-facing systems, they do not have direct access to the rest of the network.
How the DMZ Secures Networks
Isolation of Public Services: Services that need to be accessible from the outside, such as web servers, mail servers, FTP servers, and DNS servers, are placed in the DMZ. These services are isolated from the internal network, which helps protect the internal systems from attacks that may exploit vulnerabilities in the public-facing services.
Controlled Access: Firewalls are used to create boundaries between the internet, the DMZ, and the internal network. The firewall rules are configured to allow only specific types of traffic to and from the DMZ. For example, incoming web traffic might be allowed to reach a web server in the DMZ, but not to access internal systems directly.
Minimal Exposure: Only the necessary services are exposed to the internet. This minimizes the attack surface, reducing the number of entry points that an attacker can exploit. Internal systems and data remain protected behind the additional layer of the firewall.
Layered Security: The DMZ provides an additional layer of defense (defense-in-depth). Even if an attacker manages to compromise a server in the DMZ, the internal network is still protected by another firewall, making it harder for the attacker to penetrate further.
Monitoring and Logging: Activities within the DMZ can be closely monitored and logged. Any suspicious behavior can be detected early, and appropriate actions can be taken to mitigate potential threats before they impact the internal network.
Traffic Filtering: The firewalls between the internet and the DMZ, as well as between the DMZ and the internal network, can filter traffic based on IP addresses, ports, and protocols. This filtering ensures that only legitimate traffic is allowed and that malicious traffic is blocked.
-if attacker compromises a server on the network, they will be able to pivot to other systems on the network.
What are the advantages and disadvantages of having the two DMZ firewalls be from
different vendors?
Using different firewall manufacturers for the two firewalls maybe a good idea, avoids possibility of both having the same vulnerability but introduces more complexity and management overhead.
Be able to write pfSense firewall rules
Penetration Testing
•
What is penetration testing?
-legal and suthorzied attempt to locate and exploit vulnerable systems for the purpose of making those systems more secure.
pen testing, pt, hacking, ethical hacking, whitehate hacking, offensive security, red teaming
What is the objective of the penetration testing?
Use tools and techniques used by the attackers in order to discover security vulnerabilities before the attackers do.
What is the BAD pyramid?
The purpose of a red team is to find ways to improve the blue team, so purple teams should not be needed in an organization where the red/blue teams interaction is healthy and functioning properly.
red attack
purple defender changes based off attack knowledge
blue defend
green builder changes based on defender knowledge
yellow build
orange builder changes based on attacker knowledge
Why are the penetration tests conducted?
-a company may want to have a stronger understanding of their security footprint.
-system policy shortcomings -network protocol weaknesses -network/software misconfigurations -software vulnerabilities
What is the difference between penetration testing and vulnerability assessment?
-two terms often incorrectly ,interchangeably used in practice.
-vulnerability assessment : review of systems services to find potential vulnerabilities-penetration testing: finding an exploiting system vulnerabilities as proof-of-concept
What is the difference between black-box, white-box, and grey-box testing.
Black-Box Testing
Tester Knowledge: The tester has no knowledge of the internal structure, code, or implementation details of the system.
-lack knowledge of system
White-Box Testing
Tester Knowledge: The tester has full knowledge of the internal structure, code, and implementation details of the system.
-very thorough , but not completely realistic
Grey-Box Testing
Tester Knowledge: The tester has partial knowledge of the internal structure, code, or implementation details of the system.
What is the difference between ethical and unethical hackers?
-penetration testers, with proper authorization of the company, help improve the security of the company.
-unethical hackers, personal gain through extortion or other devious methods, profit, revenge, fame, etc. No authorization to conduct the attacks
•Ethical vs unethical hacking, penetration testers: obtain the authorization from the organization whose systems they plan to attack unethical hackers: attack without authorization.
Know the stages of penetration testing and the importance of following a structured ap-
proach.
–
Planning and Reconnaissance:
Planning: Define the scope and goals of the test, including the systems to be tested and the testing methods.
Reconnaissance: Gather information about the target, such as IP addresses, domain names, and network infrastructure, to understand how to approach the test.
Scanning:
Purpose: Identify potential entry points and vulnerabilities in the target system.
Methods: Use tools to scan for open ports, services running on those ports, and known vulnerabilities.
Gaining Access:
Purpose: Attempt to exploit identified vulnerabilities to gain unauthorized access to the system.
Techniques: Use techniques like password cracking, SQL injection, or exploiting software vulnerabilities.
Maintaining Access:
Planning and Reconnaissance:
Purpose: Ensure continued access to the compromised system to understand the potential impact of a prolonged attack.
Methods: Install backdoors or use other methods to maintain control over the system.
Analysis and Reporting:
Scanning
Purpose: Document the findings, including vulnerabilities discovered, methods used, and the level of access achieved.
Report: Provide a detailed report to the organization, highlighting the risks and recommending steps to mitigate the vulnerabilities.
Remediation:
Gaining Access
Purpose: Address and fix the identified vulnerabilities to improve the security of the system.
Action: Implement the recommended security measures from the report to protect against future attacks.
Retesting:
Maintaining Access
Purpose: Verify that the vulnerabilities have been successfully remediated.
Process: Conduct a follow-up test to ensure that the fixes are effective and no new issues have been introduced.
Importance of Following a Structured Approach
Consistency: A structured approach ensures that each stage is systematically followed, making the testing thorough and reliable.
Comprehensiveness: Following each stage helps identify and address all potential vulnerabilities, leaving no gaps in the security assessment.
Documentation: A structured method produces detailed documentation, which is crucial for understanding the security posture and for future reference.
Effectiveness: It ensures that the penetration test effectively mimics real-world attack scenarios, providing valuable insights into how an actual attacker might exploit vulnerabilities.
Risk Management: By identifying and addressing vulnerabilities, organizations can proactively manage security risks and protect their assets from potential attacks.
Example:
What is the difference between the passive and active reconnaissance?
•
Passive Reconnaissance
Definition: Gathering information about the target without directly interacting with the target system or network. The aim is to collect data without alerting the target.
Methods:
Publicly Available Information: Searching for information that is freely available on the internet, such as social media profiles, company websites, and news articles.
DNS Queries: Looking up domain registration information (WHOIS data), DNS records, and IP address ranges.
Network Traffic Analysis: Capturing and analyzing network traffic without sending packets to the target (e.g., using tools like Wireshark in a non-intrusive manner).
Search Engines: Using search engines to find information about the target, such as employee names, email addresses, and technical details.
Advantages:
Low Risk: Minimizes the chance of detection by the target because no direct interaction occurs.
Stealth: Suitable for the early stages of reconnaissance when the goal is to remain undetected.
Disadvantages:
Limited Information: May not provide as much detailed or specific information about vulnerabilities or configurations as active reconnaissance.
Active Reconnaissance
Definition: Actively engaging with the target system or network to gather information. This involves direct interaction, such as sending packets or probing the target.
Methods:
Network Scanning: Using tools like Nmap to scan for open ports, running services, and network topology.
Vulnerability Scanning: Running vulnerability scanners (e.g., Nessus, OpenVAS) to identify known weaknesses in the target systems.
Social Engineering: Directly interacting with individuals (e.g., phishing attacks) to gather information.
Probing and Enumerating: Sending specific queries or packets to the target to elicit responses that reveal information about the system (e.g., banner grabbing).
Advantages:
Detailed Information: Provides more detailed and specific information about the target's vulnerabilities, configurations, and active services.
Identification of Weaknesses: More effective in identifying exploitable vulnerabilities that can be used in subsequent attack phases.
Disadvantages:
Higher Risk: Increases the risk of detection by the target, which could alert them to the reconnaissance activity.
Potential Legal Issues: Unauthorized active reconnaissance can lead to legal repercussions if done without permission.
Summary
Passive Reconnaissance: Involves gathering information without direct interaction with the target, resulting in lower risk of detection but potentially less detailed information.
Active Reconnaissance: Involves direct interaction with the target to gather detailed information, but carries a higher risk of detection and potential legal consequences.
Both types of reconnaissance are essential in penetration testing to understand the target's environment and identify potential vulnerabilities while balancing the need for stealth and detailed information.
Be able to use the penetration testing tools discussed in class
nmap 192.168.1.1
nmap -sS -sV -O -A 192.168.1.1-sS: Perform a stealth SYN scan.
-sV: Detect service versions.
-O: Detect operating system.
-A: Perform aggressive scan (includes OS detection, version detection, script scanning, and traceroute).
Hi everyone - I used this sub to track down some information related to my N-400 application, and wanted to make sure I shared my timeline in case others may find it helpful.
3/4/24 - Submitted my N-400 application 3/4/24 - Notified of the biometric re-use 3/11/24 - Interview scheduled 4/29/24 - Interview/recommendation for approval/placed in line for oath ceremony 4/30/24 - Oath ceremony scheduled 5/16/24 - Oath ceremony
This was all through the Chicago office.
Interview was probably 25-30 minutes, of which 10 of that was spent answering questions and the tests. Most of the time the agent was completing paperwork on their computer, and trying to get around a glitch in the system.
Oath ceremony was today. 12:30 appointment time. 98 people from 32 countries. I'm sure it might be different from time to time, but the event went down like this. Elevator to the 25th floor and met at the courtroom by an employee. Guests asked to wait outside, 'candidates' allowed inside and sat down on one side of the room. One of the people would send row by row of people to get in line at the front of the courtroom; that line led to 3 USCIS employees. One checked me off a list and took my green card. Person in the middle took my paperwork and confirmed it was all there (for me that was my letter and the form for the day of attesting that I'm still not a habitual drunkard). Last person got my certificate and asked me to check the photo, name, country of birth, and birth date. Then asked to sit down in another section of the courtroom while everyone went through that process. This went from 12:30 until 1:15. At 1:15 they allowed guests in the room. Judge entered around 1:35 or so. USCIS agent addressed the court on everyone's behalf for the applications, judge accepted the order, and we're asked to stand and take the oath. We all sit down and the judge spent maybe 7-10 minutes talking through her family's immigration story and the roles and responsibilities of being American. I appreciated the fact it was sincere and not boilerplate. Judge left the room, USCIS employees handed out certificates.
There were some people there to take your completed voter registration application if you wanted. A lot of people mingled and you could go down a few floors for photos.
They asked several times at the beginning of the proceedings, and signs were posted outside the courtroom, that no photos or videos were allowed. All the new citizens complied but there were a handful of guests that did not. You could tell the USCIS employees were bothered by this but they didn't say anything.
Forgiener, and have lost my bank card, and need to get a large amount of cash to last me until I can get a replacement. What's the easiest way for doing this? I can't use a number of the options I've used in the past due to not having proper proof of address as I'm in an Airbnb etc etc.
Is there currency exchange places I can pay via bank transfer or something?
I have to move soon. So, I’ll have to update my address with the DMV.
Will I have to submit documents (passport, two proofs of address) again, so my license keeps its Real ID status?
Or can I just simply update my address, without submitting those documents again (and my license will keep its Real ID status)?
California.
Thanks.
Here is what's happening, my fiance found a leak in our hot water, he found the leak by our heating element going out on our hot water heater. Well we called maintenance. We made them aware of the problem along with a few others such as, mold on the roof, and the tile around the shower needing a seal and molding. It was never sealed properly upon moving in. Also we wanted him to take a look at the roof because we had also noticed water in the wall one day after a hard rain. While checking the roof he stated the roof has absoulty no screw screwed down so basically we had tin just sitting on our roof for God only knows how long. So the work he did all together was 1.fix heating element (left a mess) 2. Corrected the bathroom wall to ceiling with caulk and some pieces of molding. 3. Put screws in our roof. He replaced the extremely outdated panel in the home as well. We have been at this address for 4 years and we barely ever call and bother them unless it's an emergency. If it's an easy fix my fiance will do it properly. Sidenote: this company never checked on our property after hutricane Sally. We have told them about a leak in the past they came to check and blew it off saying it was the condensation from our dryer, we have texts to prove. Also the hot water heater is outdated and I know is as old as four years for sure don't know how long it was there before us. They never check on the property and we have made the property value go up for sure with clearing of land and also landscape work and now a few weeks after they finally fix repairs, they sent us a letter stating because of the severity of the issues THEY ARE CHARGING US OVER 900 DOLLARS!? CAN THEY DO THAT? Please give me any advice. I won't be able to find another spot at what I pay here for what I get but this doesn't seem right or legal but I don't have money to take them to court I just want things to be fair and it doesn't feel like that's what's happening.
hi there!! i am hoping to get back into art journaling and i would love to recieve some new stuff for my collection while giving away some unused older things! im looking to give away 5 envelopes of stationery (i.e. washi tape samples, stickers, letter paper + envelopes, cards/postcards, assorted ephemera, etc.) in exchange for any of the items i just listed + any junk journaling supplies or unique items!
i'll pick 5 people in the comments to exchange with :) comment what themes you like!
For those of you who have sent demand letters.
A) did you send it to the correct address?
B) did you include a deadline? If so how long did you give?
C) did you proceed with SC? What were your results?
Hello all, I was recently offered a job from Scotiabank but the issue which came from pre-employment screening team was my work permit is expiring within three months but they require to have atleast 6 months of WP remaining. Although I have already filled for my extension like 3 months ago ( 6 months before my WP is expiring) and submitted them this proof. Also, submitted them the proof that my PR application is also in its final stage.
Been 4 days now since conveyed these letters but still no reply from their side. Has anyone been in this dilemma before and do you think they will hire me. my joining date is in 10 days...plz let me know what u all think
I (27F) last last winter (2022) wrote a long letter to my mom. I poured my heart into it, I cried the whole time writing it. I showed it to my husband to make sure I wasn’t being too mean in my writing towards my mom. I showed it to my stepsister to again make sure it was okay and made sense and to get emotional support (I’m Mexican and I didn’t want to push too far because i understand how deep generational trauma is and the parent child dynamic) I even showed it to my stepdad who immediately called me apologizing for the things I wrote in the letter (which I will get into in a moment) and was telling me about how he will divorce her (I didn’t want that and made me feel shitty) and explained why some scenarios ended up the way they did. Everyone encouraged me to send it. I was so confident that my mom was going to read it and drive over ? Write back? Call me. Something ! So I mailed it. (I mailed it because I instantly cry every time I try talking to her in person about not surface level things, it would of been easier getting words out especially when having to translate to Spanish)
In the letter I wrote about:
-Feeling emotionally neglected -the name calling my mom would do (calling me “retarded” and mimicking noises and movements of people with disability towards me among other things -My uncle being a pedo and scaring me into not saying anything to them, i later said something to a friend in HS who went to the counselor who called the police and I made up a person to protect my uncle, I was then grounded for over a year. -the carpet in my bedroom always being wet when it rained which is a lot where I live ruining my feet with a fungal infection that was just ignored (i understand it was a money issue but the hurt remains) -being yelled at for not cleaning everyday (I was the only child who would clean the kitchen and pick up leaves in the fall and stuff), sometimes she would clean again after I would do it. when asking to teach me how to do it better I would be ignored -asking her a question and being ignored -being blamed for high utility bills n being expensive for needing braces -my boyfriend in high school being suicidal when I would try to break up with him and hurting that I couldn’t go to them for help -saying that I tried to hit her to my step dad when I moved out of the way of her too quickly and making a scene about it leaving me confused -about the time she grabbed me by the hair and dragged me to the shower because I forgot to pick up the hairs I left in there after my shower -understanding that i understand she probably had a rough childhood and that all I wanted was a normal mother daughter relationship
That’s pretty much the gist among a bunch of other little things that really hurt me and I explained that it was hard to form a relationship with her in my adulthood and trust her with my kids until we addressed these things. I wanted to be acknowledged. Not even an apology really. But a conversation. I wanted to understand her more because I literally don’t know anything about her. We would never talk unless it was to eat dinner or clean something. I was always in my room during that time.
I waited a few weeks, my stepsister would visit them here and there and tell me how my mom appears sad? And maybe she needed more time.
A few months pass by I see my mom smiling in Hawaii having a good time.
At this point I’m in therapy because I’m losing hair from the stress of this and severely depressed.
Fall comes around and I finally go to visit with the encouragement of my husband, stepsister and stepdad. She acts like I’m not even there. This makes me angry. At one point my mom goes outside to smoke a cigarette im at the table with everyone and I start just talking about the hurts again, I say my mom is a narcissistic. My mom comes back inside. And for an hour. I’m complaining and she’s in the living room a few feet away saying absolutely nothing.
I leave feeling so weird. So lonely? We are now I’m 2024. I don’t have a relationship with her or my step dad really. I had to block her because she would go to Hawaii again and just living her life having a great time I was trying not to be bitter. Or angry. My step sister and step dad eventually started to question how legitimate my statements were (a lot of the meanness was when it was just my mom and I) it was so painful being misunderstood. Being told that that’s just the mom that I have. Being told that things were maybe my fault for having a problem with everything (I would always speak up when my parents would be racist and things)
I few months ago I did send her a text as a final effort. I asked why she never responded. If she wants to just leave this alone that’s okay and I will move on. And she told me that all that was on the letter were complaints. And told me about how when I was 20 I made a comment on a Facebook post about bad parenting and how everyone saw. About how embarrassed she was when people reached out to her. About how I wrote that I felt like I was in a dark environment. I didn’t know everyone saw it. I apologized for that. She told me to come over to talk because she personally has some complains about me. But she never acknowledged me. I didn’t want to go, to feel yelled at and again taken back to being a child getting yelled at.
I’m currently feeling grief. Mistrust to my family. Lonely. Jealous? About how my other siblings seem to be having a better time. How do I move on from feeling misunderstood. I feel like everyone is okay and I’m abandoned. I feel guilt for pulling my small family away from them from how hurt I am. Most times I’m okay until I see my stepsister at a family gathering that I’m never invited to. And then I’m back again to being a lonely child.
So, I got this long term job for seventh graders at my old elementary school (the whole staff knows me and they’ll call me for jobs) for the last three weeks of school so you can imagine how that’s going. It hasn’t been going well, their teacher was basically their friend. There wasn’t a line of professionalism between student and teacher. When I first arrived the class was in disarray, and I had to change the seats around. The students were not happy at all, that I was changing things around. I’d give them book work, and they’d state that they wouldn’t do it because they already did it or that they never used that specific book.
I’ve been subbing there for five days now, and I’ve had teachers, the principal, Vice principal walk in to my class to address bullying or their defiance in completing assignments. I tried to address my fourth period the other day and was met w giggling and all of them talking over me, so I gave up and just sat back down. Today, they were complaining that they wanted to go with the teacher across the courtyard and how it wasn’t fair that they stayed with me. So I addressed this, and mentioned how it wasn’t fair on him to go out of his way and have half of the class with him during his prep period and sixth period till the end of the school year. I understand their frustrated with me and are annoyed I give them work but it’s my job. I had this girl say, “why do you have to call on other people to fix your problems”. I wrote a letter and addressed the constant walk ins as being a good thing but also a bad thing because the students see me as inadequate. I told this student how they refuse to listen to me so how can I solve these problems if they don’t care and she just rolled her eyes and kept asking the same question. Atp I was at my limit, and felt my face get red and my eyes start to water, so I stepped outside. I’m probably going to either get let go because they need someone who won’t waste other staffs time or I’ll just tell the office ladies I’ve known since I was a kid that I’m going to take another job.
I know I’m going to get some direct comments (that I will take to heart) saying that I should grow a backbone and I need to be firm or that this job isn’t for me. I’m 23 and got into this career because after graduating college, I wasn’t too sure what I wanted to do w myself. I know I should have a backbone, but I’m tired of the mockery and disrespect.
So I'm at the point where I've sent all the stuff like proof of address, license, everything. And some of its been approved, but a lot of it is just locked.
Do I have to buy their kit myself first or will they say to do that once I get fully accepted? I'm sort of confused. Any advice would be appreciated.
I guess I'm on the waiting list like everyone else, just wondering if it's something on my end.