All Hacking Questions

7/29/2019 All Hacking Questions

1/22

11. what is dos attack?A denial-of-service attack (DoS attack) or distributed denial-of-service attack(DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted, malevolent efforts of a person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely12. what is theft of information?13. what is email forgery?14. what is information security?15. what is data security?16. what is computer security?17. what is lan security?18. what is internet security?19. whay is hacking?Computer security hacking where someone attempts to defeat or exploit the security capabilities of a computer system20. what is firewall and ssl?A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.Secure Sockets Layer, a communications protocol, predecessor to Transport LayerSecurity21. what is ids?

22. what are web vulnerabilities and application vulnerabilities?23. what is lsa?Local Security Authority Subsystem Service (LSASS), is a process in Microsoft Windows operating systems that is responsible for enforcing the security policy onthe system. It verifies users logging on to a Windows computer or server, handles password changes, and creates access tokens. It also writes to the Windows Security Log.24. what is sam?The Security Accounts Manager (SAM) is a database stored as a registry file in Windows NT, Windows 2000, and later versions of Windows. It stores users' passwords in a hashed format (in an LM hash and an NTLM hash). Since a hash function isone-way, this provides some measure of security for the storage of the passwords.

25. what is srm?Storage Resource Management (SRM) refers to software that manages storage from acapacity, utilization, policy and event-management perspective. This includes bill-back, monitoring, reporting and analytic capabilities that allow you to drill down for performance and availability.Key elements of SRM include asset management, charge back, capacity management,configuration management, data and media migration, event management, performance and availability management, policy management, quota management, and media management.26. where is the registry stored?HKEY_CURRENT_USER (HKCU)Abbreviated HKCU, HKEY_CURRENT_USER stores settings that are specific to the currently logged-in user. The HKCU key is a link to the subkey of HKEY_USERS that c

orresponds to the user; the same information is reflected in both locations. OnWindows-NT based systems, each user's settings are stored in their own files called NTUSER.DAT and USRCLASS.DAT inside their own Documents and Settings subfolder (or their own Users subfolder in Windows Vista).The Registry is stored in several files; depending upon the version of Windows,there will be different files and different locations for these files, but theyare all on the local machine. The user-specific HKEY_CURRENT_USER user registryhive is stored in Ntuser.dat. There is one of these per user; if a user has a roaming profile, then this file will be copied to and from a server at logout andlogin respectively.


2/22

Sam HKEY_LOCAL_MACHINE\SAMSecurity HKEY_LOCAL_MACHINE\SECURITYSoftware HKEY_LOCAL_MACHINE\SOFTWARESystem HKEY_LOCAL_MACHINE\SYSTEMDefault HKEY_USERS\.DEFAULTUserdiff Not associated with a hive. Used only when upgrading operating systems.[14]The following files are stored in each user's profile folder:%UserProfile%\Ntuser.dat HKEY_USERS\ (linked to by HKEY_CURRENT_USER)%UserProfile%\Local Settings\Application Data\Microsoft\Windows\Usrclass.dat (path is localized) HKEY_USERS\_Classes (HKEY_CURRENT_USER\Software\Classes)27. what is vulnerabilities?In computer security, the term vulnerability is applied to a weakness in a system which allows an attacker to violate the integrity of that system. Vulnerabilities may result from weak passwords, software bugs, a computer virus or other malware, a script code injection, or a SQL injection. A vulnerability may exist only in theory, or may have a known instance of an exploit.28. what is ftp?29. what is exploit?An exploit (from the same word in the French language, meaning "achievement", or"accomplishment") is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or som

ething electronic (usually computerized). This frequently includes such things as violantely gaining control of a computer system or allowing privilege escalation or a denial of service attack.30. what is windows drm loophole?Virus writers have subverted digital rights management features in Windows MediaPlayer to spread Trojans and other malware. License-protected movie (.wmv) files infected with the WmvDownloader-A or WmvDownloader-B Trojans have entered circulation on P2P networks, reports Madrid-based antivirus firm Panda Software.

Normally when a user tries to play a protected Windows media file, and a valid license is not stored on a computer, the application will look for it on the internet, so that the user buy access to copyright-protected content. This new technology is incorporated in the latest Windows Media Player 10 update as well as XP

SP2.31. what is rdp(remote desktop protocol)?Remote Desktop Protocol (RDP) is a multi-channel protocol that allows a user toconnect to a computer running Microsoft Terminal Services. Clients exist for most versions of Windows (including handheld versions), and other operating systemssuch as Linux, FreeBSD, Solaris, Mac OS X, and PalmOS. The server listens by default on TCP port 3389.[1] Microsoft refers to the official RDP client softwareas either Remote Desktop Connection (RDC) or Terminal Services Client (TSC).32. what is windows wi-fi vulnerabilities?A Windows feature that automatically searches for Wi-Fi connections can be exploited by hackers, a security researcher has warned.The feature is part of Windows XP and 2000 and was exposed as being vulnerable at hacker conference ShmooCon on Saturday by vulnerability researcher Mark Lovele

ss.Loveless claimed that hackers can take advantage of the feature to include a user's PC in a peer-to-peer network, giving them access to information on its harddrive.When a PC running Windows XP or Windows 2000 boots up, it will automatically tryto connect to a wireless network. If the computer can't set up a wireless connection, it will establish an ad hoc connection to a local address. This is assigned with an IP address and Windows associates this address with the SSID of the last wireless network it connected to.The machine will then broadcast this SSID, looking to connect with other compute


3/22

rs in the immediate area.The danger arises if an attacker listens for computers that are broadcasting inthis way, and creates a network connection of their own with that same SSID. This would allow the two machines to associate together, potentially giving the attacker access to files on the victim's PC.33. what is wmf exploit?The Windows Metafile vulnerability is a security vulnerability in Microsoft Windows NT-based operating systems which has been used in a variety of exploits since late December 2005. The vulnerability was first discussed in the computer security community around 26 and December 27, 2005, with the first reports of affected computers subsequently announced within 24 hours. As of January 5, 2006, a high priority update to fix this vulnerability is available via Windows Update (see announcement). No patches are needed for Windows 98, Windows 98 Second Editionor Windows Millennium Edition, as they are unaffected by this vulnerability.The vulnerability, located in gdi32.dll, arises from the way in which Windows operating systems handle Windows Metafile (WMF) vector images, and permits arbitrary code to be executed on affected computers without the knowledge or permissionof their users. The vulnerability therefore facilitates the propagation of various types of malware, typically through drive-by downloads.34. what are virus?35. what are worms?A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it maydo so without any user intervention. Unlike a virus, it does not need to attach

itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.36. what are spywares?Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with thecomputer, without the user's informed consent.37. what are spybot?Spybot - Search & Destroy (often Spybot-S&D) is a popular malware, spyware and adware removal program which works on Microsoft Windows 95 and later. Like most malware scanners, Spybot-S&D scans the computer hard disk and/or RAM for malicious software.38. what is sniffing?

A Packet Sniffer (also known as a network sniffer, network analyzer or protocolanalyzer or, for particular types of networks, an Ethernet sniffer or wireless sniffer) is computer software or computer hardware that can intercept and log traffic passing over a digital network or part of a network.[1] As data streams flow across the network, the sniffer captures each packet and eventually decodes and analyzes its content according to the appropriate RFC or other specifications39. what is vpn?A virtual private network (VPN) is a computer network in which some of the linksbetween nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger networkwhen this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as

authentication or content encryption. VPNs, for example, can be used to separatethe traffic of different user communities over an underlying network with strong security features.40. what is proxy?In computer networks, a proxy server is a server (a computer system or an application program) which services the requests of its clients by forwarding requeststo other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource, available from a different server. The proxy server provides the resource by connecting to the specified server and requesting the service on behalf of the client. A proxy server m


4/22

ay optionally alter the client's request or the server's response, and sometimesit may serve the request without contacting the specified server. In this case,it would 'cache' the first request to the remote server, so it could save the information for later, and make everything as fast as possible.A proxy server that passes all requests and replies unmodified is usually calleda gateway or sometimes tunneling proxy.A proxy server can be placed in the user's local computer or at specific key points between the user and the destination servers or the Internet.41. what is nat?n computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address spaceinto another.Most often today, NAT is used in conjunction with network masquerading (or IP masquerading) which is a technique that maps an entire address range into a singleaddress and remaps connections trough this single address into another, usuallyprivate, address space using stateful translation tables in the routing device.This effectively hides (or masquerades, hence the term) a network behind a single address. Because of the popularity of the technique, see below, the term NAThas become virtually synonymous with the method of IP masquerading.42. what is spf?Short for Sender Policy Framework, an extension of SMTP that stops e-mail spammers from forging the From fields in an e-mail. As SMTP itself does not carry an authenticating mechanism, the SPF extension provides the authentication scheme by s

pecifying which computers are authorized to send email from a specific domain. In order to use SPF, the domain sending e-mails must establish an SPF record thatis published in DNS records. When the e-mail passes through the DNS server, itis compared to the SPF record for that domain to determine if the sender is indeed authorized to transmit e-mails from that sender's address. If the e-mail comes from a domain that is not authorized, the DNS server will not forward the e-mail to the expected destination.SPF is one method that can be used to stop spam from being sent using unauthorized domain names. However, it should be noted that SPF only stops the spammer from forging the From field in the e-mail and does not stop the spammer from sendinge-mails from a domain in which it is a member.SPF was formerly called Sender Permitted Form, but the name was later changed while the abbreviation remained the same.

43. what is spoofing?In the context of computer security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data andthereby gaining an illegitimate advantage.44. what is icmp?Short for Internet Control Message Protocol, an extension to the Internet Protocol (IP) defined by RFC 792. ICMP supports packets containing error, control, andinformational messages. The PING command, for example, uses ICMP to test an Internet connection.45. what is fragments?46. what is transparent proxy,anonymous proxy and distorting proxy?"A 'transparent proxy' is a proxy that does not modify the request or response beyond what is required for proxy authentication and identification".

"A 'non-transparent proxy' is a proxy that modifies the request or response in order to provide some added service to the user agent, such as group annotation services, media type transformation, protocol reduction, or anonymity filtering".Transparent proxy servers do not hide your IP address. They do provide anyone with your real IP address and do not hide any information about you and your reading interests.Actually they just retransmit information between your computer and server without modyfying it in any way to keep your privacy. Besides that, they let anyone know that you are surfing through a proxy server.


5/22

Transparent proxy servers can be used for all kinds of Web-services just to speed up data transfers.Distorting proxy servers hide your IP address or modify it in some way to prevent target server know about it. They may provide or may hide information about you and your reading interests. Besides that, they let anyone know that you are surfing through a proxy server.Distorting proxy servers can be used for all kinds of Web-services to speed up data transfers and to keep your privacy. But they specificly tells target serverthat you are using proxy server.Anonymous proxy servers hide your IP address and thereby prevent your from unauthorized access to your computer through the Internet. They do not provide anyonewith your IP address and effectively hide any information about you and your reading interests. Besides that, they do NOT even let anyone know that you are surfing through a proxy server.Anonymous proxy servers can be used for all kinds of Web-services, such as Web-Mail (MSN Hot Mail, Yahoo mail), web-chat rooms, FTP archives, etc. to speed up connection and keep privacy as well.47. what is email header?The section of an email message that contains the sender and recipient's email addresses as well as the routing information48. what is email tracking?E-mail tracking is a method for monitoring the e-mail delivery to intended recipient. Most tracking technologies utilize some form of digitally time-stamped record to reveal the exact time and date that your e-mail was received or opened, a

s well the IP address of the recipient.E-mail tracking is useful when the sender wants to know if the intended recipient actually received the e-mail, or if they clicked the links. However, due to the nature of the technology, e-mail tracking cannot be considered an absolutely accurate indicator that a message was opened or read by the recipient.49. what is proxy bouncing?50. what is irc?Internet Relay Chat (IRC) is a form of real-time Internet chat or synchronous conferencing. It is mainly designed for group communication in discussion forums called channels, but also allows one-to-one communication via private message, aswell as chat and data transfers via Direct Client-to-Client.IRC was created by Jarkko Oikarinen in late August 1988 to replace a program called MUT (MultiUser talk) on a BBS called OuluBox in Finland. Oikarinen found ins

piration in a chat system known as Bitnet Relay, which operated on the BITNET.51. what is tcp/ip?52. what is osi layer?53. what is scanning,fingerprinting and information gathering?TCP/IP stack fingerprinting (a.k.a. OS fingerprinting) is the process of determining the operating system used by a remote target.

There are two types of OS fingerprinting: active and passive. Passive OS FingerprintingPassive fingerprinting is undetectable by an intrusion detection system on the network. A passive fingerprinter (a person or an application) does not send any data across the network (wire); because of this its undetectable. The downside of this method is that the fingerprinter must be on the same hub as the other servers and clients in order to capture any packets on the wire.

How Passive OS Fingerprinting WorksPassive fingerprinting works because TCP/IP flag settings are specific to various operating systems. These settings vary from one TCP stack implementation to another and include the following:Initial TTL (8 bits)Window size (16 bits)Maximum segment size (16 bits)"Don't fragment" flag (1 bit)sackOK option (1 bit)nop option (1 bit)


6/22

Window scaling option (8 bits)Initial packet size (16 bits)When combined, these flag settings provide a unique, 67-bit signature for everysystem.[1] Active OS FingerprintingActive fingerprinting is aggressive in nature. An active fingerprinter transmits to and receives from the targeted device. Itcan be located anywhere in the network, and with the active method you can learn more information about the target than with passive OS fingerprinting. The downside is that the fingerprinter can be identified by an intrusion detection system.Active Fingerprinting MethodsTCP Stack Querying:ICMPTCPSNMPBanner GrabbingFTPTELNETHTTPPort Probing Protecting Against and Detecting FingerprintingBlock all unnecessary outgoing ICMP traffic, especially unusual packet types like address masks andtimestamps. Also, block any ICMP echo replies. Watch for excessive TCP SYN packets. Be warned that blocking things without knowing exactly what they are for canvery well lead to a broken network; for instance, your network could become a black hole. Extensive knowledge of TCP/IP networking is recommended before engagi

ng in traffic blocking. Fingerprinting ToolsNmap is a tool that performs activeTCP/IP stack fingerprinting.

p0f and Ettercap are tools that perform passive TCP/IP stack fingerprinting.54. what is routing?Routing (or routeing - UK English) is the process of selecting paths in a network along which to send data or physical traffic. Routing is performed for many kinds of networks, including the telephone network, the Internet, and transport networks.55. what is port?An interface on a computer to which you can connect a device. Personal computershave various types of ports. Internally, there are several ports for connectingdisk drives, display screens, and keyboards. Externally, personal computers hav

e ports for connecting modems, printers, mice, and other peripheral devices.Almost all personal computers come with a serial RS-232C port or RS-422 port forconnecting a modem or mouse and a parallel port for connecting a printer. On PCs, the parallel port is a Centronics interface that uses a 25-pin connector. SCSI (Small Computer System Interface) ports support higher transmission speeds than do conventional ports and enable you to attach up to seven devices to the sameport.56. what is daemon banner grabbing,active and passive fingerprinting and icmp messages?Pronounced DEE-mun or DAY-mun. A process that runs in the background and performs a specified operation at predefined times or in response to certain events. The term daemon is a UNIX term, though many other operating systems provide support for daemons, though they're sometimes called other names. Windows, for example

, refers to daemons as System Agents and services.Typical daemon processes include print spoolers, e-mail handlers, and other programs that perform administrative tasks for the operating system. The term comesfrom Greek mythology, where daemons were guardian spirits.

Internet control message protocol is part of the Internet protocol suite as defined in RFC 792. ICMP messages are typically generated in response to errors in IP datagrams (as specified in RFC 1122) or for diagnostic or routing purposes.

The version of ICMP for Internet Protocol version 4 is also known as ICMPv4, as


7/22

it is part of IPv4. IPv6 has an equivalent protocol, ICMPv6.

ICMP messages are constructed at the IP layer, usually from a normal IP datagramthat has generated an ICMP response. IP encapsulates the appropriate ICMP message with a new IP header (to get the ICMP message back to the original sending host) and transmits the resulting datagram in the usual manner.

For example, every machine (such as intermediate routers) that forwards an IP datagram has to decrement the time to live (TTL) field of the IP header by one; ifthe TTL reaches 0, an ICMP Time to live exceeded in transit message is sent tothe source of the datagram.

Each ICMP message is encapsulated directly within a single IP datagram, and thus, like UDP, ICMP is unreliable.

Although ICMP messages are contained within standard IP datagrams, ICMP messagesare usually processed as a special case, distinguished from normal IP processing, rather than processed as a normal sub-protocol of IP. In many cases, it is necessary to inspect the contents of the ICMP message and deliver the appropriateerror message to the application that generated the original IP packet, the onethat prompted the sending of the ICMP message.

Many commonly-used network utilities are based on ICMP messages. The traceroutecommand is implemented by transmitting UDP datagrams with specially set IP TTL h

eader fields, and looking for ICMP Time to live exceeded in transit (above) and"Destination unreachable" messages generated in response. The related ping utility is implemented using the ICMP "Echo request" and "Echo reply" messages.

[edit] ICMP segment structure

[edit] HeaderThe ICMP header starts after bit 160 of the IP header (unless IP options are used).

Bits 160-167 168-175 176-183 184-191160 Type Code Checksum

192 ID Sequence

Type - ICMP type as specified below.Code - further specification of the ICMP type; e.g. : an ICMP Destination Unreachable might have this field set to 1 through 15 each bearing different meaning.Checksum - This field contains error checking data calculated from the ICMP header+data, with value 0 for this field.ID - This field contains an ID value, should be returned in case of ECHO REPLY.Sequence - This field contains a sequence value, should be returned in case of ECHO REPLY.

57. what is sockets?(pronounced as separate letters) Short for Secure Sockets Layer, a protocol deve

loped by Netscape for transmitting private documents via the Internet. SSL usesa cryptographic system that uses two keys to encrypt data - a public key known to everyone and a private or secret key known only to the recipient of the message. Both Netscape Navigator and Internet Explorer support SSL, and many Web sitesuse the protocol to obtain confidential user information, such as credit card numbers.By convention, URLs that require an SSL connection start with https: instead of httpAnother protocol for transmitting data securely over the World Wide Web is Secure HTTP (S-HTTP). Whereas SSL creates a secure connection between a client and aserver, over which any amount of data can be sent securely, S-HTTP is designed t


8/22

o transmit individual messages securely. SSL and S-HTTP, therefore, can be seenas complementary rather than competing technologies. Both protocols have been approved by the Internet Engineering Task Force (IETF) as a standard.

58. what is udp ports?Abbreviated UDP, a connectionless protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP provides very few error recovery services, offeringinstead a direct way to send and receive datagrams over an IP network. It's used primarily for broadcasting messages over a network.59. what is xss?Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML codeand client-side scripts. An exploited cross-site scripting vulnerability can beused by attackers to bypass access controls such as the same origin policy. Vulnerabilities of this kind have been exploited to craft powerful phishing attacksand browser exploits. As of 2007, cross-site scripting carried out on websites were roughly 80% of all documented security vulnerabilities.[1] Often during an attack "everything looks fine" to the end-user[2] who may be exposed to unauthorized access, theft of sensitive data and financial loss.[3]60. what is buffer overflow?The condition wherein the data transferred to a buffer exceeds the storage capacity of the buffer and some of the data overflows into another buffer, one that the

data was not intended to go into. Since buffers can only hold a specific amountof data, when that capacity has been reached the data has to flow somewhere else, typically into another buffer, which can corrupt data that is already contained in that buffer.Malicious hackers can launch buffer overflow attacks wherein data with instructions to corrupt a system are purposely written into a file in full knowledge thatthe data will overflow a buffer and release the instructions into the computersinstructions61. what is sql injection attack?SQL injection is a technique that exploits a security vulnerability occurring inthe database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embeddedin SQL statements or user input is not strongly typed and thereby unexpectedly

executed. It is in fact an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded insideanother.62. what is ping of death attack?(ping &v deth) (n.) A type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows.While a ping larger than 65,536 bytes is too large to fit in one packet that canbe transmitted, TCP/IP allows a packet to be fragmented, essentially splittingthe packet into smaller segments that are eventually reassembled. Attacks took advantage of this flaw by fragmenting packets that when received would total morethan the allowed number of bytes and would effectively cause a buffer overloadon the operating system at the receiving end, crashing the system.Ping of death attacks are rare today as most operating systems have been fixed t

o prevent this type of attack from occurring63. what is tear drop attack,smurf and land attack?64. what is ddos attack?65. what is format string attack?66. what is input validation attack?

Web applications are notorious for taking practically any type of input, assuming that it's valid, and processing it further. Not validating input is one of thegreatest mistakes that Web-application developers can make. This can lead to system crashes, malicious database manipulation, and even database corruption.


9/22

Input attacks

Several attacks can be run against a Web application that insert malformed data often, too much at once which can confuse, crash, or make the Web application divulge too much information to the attacker.

67. what is phishing?In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details,by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, Youtube or online banks are commonlyused to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging,[1] and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users.[2] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.A phishing technique was described in detail in 1987, and the first recorded useof the term "phishing" was made in 1996. The term is a variant of fishing,[3] probably influenced by phreaking,[4][5] and alludes to baits used to "catch" financial information and passwords.68. what is brute force attack?In cryptanalysis, a brute force attack is a method of defeating a cryptographic

scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message. In most schemes, the theoretical possibility of a brute force attack is recognized, but it is set up in such a way that it would be computationally infeasible to carry out. Accordingly, one definition of "breaking" a cryptographic scheme is to find a method faster than a brute force attack.

The selection of an appropriate key length depends on the practical feasibilityof performing a brute force attack. By obfuscating the data to be encoded, bruteforce attacks are made less effective as it is more difficult to determine whenone has succeeded in breaking the code.

The brute force attack could be combined with a dictionary attack.

69. what is sniffer attack?A "sniffer" is a program that monitors communications on a local area network, or "LAN".There are millions of small LANs -- each building on campus where your computersare connected, for example, has one or more LANs -- that are in turn connectedto bigger networks like the University of Washington's network, which are in turn connected to even larger networks. The sum of all these interconnected networks is the "thing" we call the Internet.

Many of these LANs are made up of shared Ethernet network segments on which allsystems communicate using the same physical medium. Practically any systems on t

hese shared Ethernet LANs can be turned into a sniffer that can be used to stealpasswords of users connecting to and from hosts on that LAN.

Sniffers work by monitoring the communication flow on a LAN to find when someonebegins using a network service, such as a terminal emulator session using "telnet", a file transfer session using "ftp", or a remote electronic mail session using IMAP or POP services.

All these services are all handled with "protocols" and each protocol, or service, has its own identifying number. When you connect from one computer to another


10/22

computer using a particular service, its like making a call to a switchboard, where an operator asks what extension you want and then transfers your call, going back to wait patiently to accept a new call.

Similar to the diplomatic term, "protocols" are strict rules that define how a particular session is established, how your account is identified and authenticated, and how the service is used. It is the authentication part of these protocols, which occurs at the start of every session, that the sniffer gathers.

The first part of many protocols goes something like this:

COMPUTER A: Hello COMPUTER B? I'd like to start a file transfer session.COMPUTER B: Hello, COMPUTER A. For whom should I transfer files?

A: USER "dittrich" would like transfer files.

B: What is the PASSWORD for "dittrich"?

A: The PASSWORD is "op3nS3sam3".

B: That matches the password for "dittrich" that I have stored; "dittrich" may now transfer files.

...and so on.70. what is vnc and remote admin?In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system which uses the RFB protocol to remotely control another computer. It transmits the keyboard and mouse events from one computer to another, relaying the graphical screen updates back in the other direction, over a network.

VNC is platform-independent a VNC viewer on any operating system usually connects to a VNC server on any other operating system. There are clients and servers for almost all GUI operating systems and for Java. Multiple clients may connect to a VNC server at the same time. Popular uses for this technology include remotetechnical support and accessing files on one's work computer from one's home co

mputer, or vice versa.

VNC was originally developed at the Olivetti Research Laboratory in Cambridge, England. The original VNC source code and many modern derivatives are open sourceunder the GNU General Public License

71. what is san?In computing, a storage area network (SAN) is an architecture to attach remote computer storage devices (such as disk arrays, tape libraries and optical jukeboxes) to servers in such a way that, to the operating system, the devices appear as locally attached. Although cost and complexity are dropping, as of 2007, SANsare still uncommon outside larger enterprises.By contrast to a SAN, Network Attached Storage (NAS) uses file-based protocols s

uch as NFS or SMB/CIFS where it is clear that the storage is remote, and computers request a portion of an abstract file rather than a disk block.72. what is penetration testing?A penetration test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious user, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that may result from poor or improper system configuration, known and/or unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security


11/22

vulnerabilities. Any security issues that are found will be presented to the system owner together with an assessment of their impact and often with a proposalfor mitigation or a technical solution. The intent of a penetration test is to determine feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security audit.73. what is spam?Spam originally referred to SPAM, a canned meat product sold by the Hormel FoodsCorporation. Since then, many other uses of the term have emerged.

Spam (Monty Python), a Monty Python comedy sketch. The "Spam" in the sketch refers specifically to the meat. Most later uses of "spam" refer in one way or another to undesirable repetition, and this sketch is considered to be the most likely source of such uses of the term.

[edit] Uses referring to repetitionSpam (electronic), unsolicited or undesired bulk electronic messages. There aremany types of electronic spam, includingE-mail spam, unsolicited e-mailMobile phone spam, unsolicited text messagesForum spam, posting advertisements or useless posts on a forumSpamdexing, manipulating a search engine to create the illusion of popularity for webpagesSpam in blogs, posting random comments or promoting commercial services to blogs, wikis, guestbooks

Newsgroup spam, advertisements and forgery on newsgroupsMessaging spam ("SPIM"), use of instant messenger services for advertisement oreven extortionSpam (computer game), to repeatedly use one weapon or tactic. This term is basedon the technological meaning of "undesired bulk electronic message"Flyposting ("street spam"), illegal blanket advertising in public places74. what is cookies?A message given to a Web browser by a Web server. The browser stores the messagein a text file. The message is then sent back to the server each time the browser requests a page from the server.Also see session cookie and persistent cookie.

The main purpose of cookies is to identify users and possibly prepare customized

Web pages for them. When you enter a Web site using cookies, you may be asked to fill out a form providing such information as your name and interests. This information is packaged into a cookie and sent to your Web browser which stores itfor later use. The next time you go to the same Web site, your browser will send the cookie to the Web server. The server can use this information to present you with custom Web pages. So, for example, instead of seeing just a generic welcome page you might see a welcome page with your name on it.

The name cookie derives from UNIX objects called magic cookies. These are tokensthat are attached to a user or program and change depending on the areas entered by the user or program

75. what is honeypots?

In computer terminology, a honeypot is a trap set to detect, deflect, or in somemanner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part ofa network but which is actually isolated, (un)protected, and monitored, and which seems to contain information or a resource that would be of value to attackers. A honeypot that masquerades as an open proxy is known as a sugarcane[citationneeded76. what is encryption and cryptography?The translation of data into a secret code. Encryption is the most effective wayto achieve data security. To read an encrypted file, you must have access to a


12/22

secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text.There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption.

Cryptography (or cryptology; derived from Greek ???pt? krpto "hidden" and the verb ???f? grfo "to write" or ???e?? legein "to speak")[1] is the practice and studyof hiding information. In modern times, cryptography is considered to be a branch of both mathematics and computer science, and is affiliated closely with information theory, computer security, and engineering. Cryptography is used in applications present in technologically advanced societies; examples include the security of ATM cards, computer passwords, and electronic commerce, which all depend on cryptography.77. what is kerberos?Kerberos is the name of a computer network authentication protocol, which allowsindividuals communicating over a non-secure network to prove their identity toone another in a secure manner. It is also a suite of free software published byMassachusetts Institute of Technology (MIT) that implements this protocol. Itsdesigners aimed primarily at a client-server model, and it provides mutual authentication both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.

Kerberos builds on symmetric key cryptography and requires a trusted third party. Extensions to Kerberos can provide for the use of public-key cryptography duri

ng certain phases of authentication.

78. what is computer forensic?Computer forensics is a branch of forensic science pertaining to legal evidencefound in computers and digital storage mediums.

Computer forensics adheres to standards of evidence admissible in a court of law. Computer forensics experts investigate data storage devices, (such as hard drives, USB Drives, CD-ROMs, floppy disks, tape drives, etc.), identifying, preserving, and then analyzing sources of documentary or other digital evidence.

79. what is mobile technology?

80. what is bluetooth?Bluetooth is a wireless protocol utilizing short-range communications technologyfacilitating data transmissions over short distances from fixed and/or mobile devices, creating wireless personal area networks (PANs). The intent behind the development of Bluetooth was the creation of a single digital wireless protocol,capable of connecting multiple devices and overcoming issues arising from synchronization of these devices. Bluetooth provides a way to connect and exchange information between devices such as mobile phones, telephones, laptops, personal computers, printers, GPS receivers, digital cameras, and video game consoles overa secure, globally unlicensed Industrial, Scientific, and Medical (ISM) 2.4 GHzshort-range radio frequency bandwidth. The Bluetooth specifications are developed and licensed by the Bluetooth Special Interest Group (SIG). The Bluetooth SIGconsists of companies in the areas of telecommunication, computing, networking,

and consumer electronics.81. what is infrared?Infrared (IR) radiation is electromagnetic radiation whose wavelength is longerthan that of visible light, but shorter than that of terahertz radiation and microwaves. The name means "below red" (from the Latin infra, "below"), red being the color of visible light with the longest wavelength. Infrared radiation has wavelengths between about 750 nm and 1 mm, spanning three orders of magnitude. Humans at normal body temperature can radiate at a wavelength of 10 microns.[1]

Infrared imaging is used extensively for both military and civilian purposes. Mi


13/22

litary applications include target acquisition, surveillance, night vision, homing and tracking. Non-military uses include thermal efficiency analysis, remote temperature sensing, short-ranged wireless communication, spectroscopy, and weather forecasting. Infrared astronomy uses sensor-equipped telescopes to penetratedusty regions of space, such as molecular clouds; detect cool objects such as planets, and to view highly red-shifted objects from the early days of the universe.[2]

At the atomic level, infrared energy elicits vibrational modes in a molecule through a change in the dipole moment, making it a useful frequency range for studyof these energy states. Infrared spectroscopy examines absorption and transmission of photons in the infrared energy range, based on their frequency and intensity.[3]

82. what is gprs?General Packet Radio Service (GPRS) is a packet oriented Mobile Data Service available to users of Global System for Mobile Communications (GSM) and IS-136 mobile phones. It provides data rates from 56 up to 114 kbit/s.

GPRS can be used for services such as Wireless Application Protocol (WAP) access, Short Message Service (SMS), Multimedia Messaging Service (MMS), and for Internet communication services such as email and World Wide Web access. GPRS data transfer is typically charged per megabyte of traffic transferred, while data comm

unication via traditional circuit switching is billed per minute of connection time, independent of whether the user actually is using the capacity or is in anidle state. GPRS is a best-effort packet switched service, as opposed to circuitswitching, where a certain Quality of Service (QoS) is guaranteed during the connection for non-mobile users.

2G cellular systems combined with GPRS is often described as "2.5G", that is, atechnology between the second (2G) and third (3G) generations of mobile telephony. It provides moderate speed data transfer, by using unused Time division multiple access (TDMA) channels in, for example, the GSM system. Originally there wassome thought to extend GPRS to cover other standards, but instead those networks are being converted to use the GSM standard, so that GSM is the only kind of network where GPRS is in use. GPRS is integrated into GSM Release 97 and newer re

leases. It was originally standardized by European Telecommunications StandardsInstitute (ETSI), but now by the 3rd Generation Partnership Project (3GPP).

83. what is wap?Short for the Wireless Application Protocol, a secure specification that allowsusers to access information instantly via handheld wireless devices such as mobile phones, pagers, two-way radios, smartphones and communicators.

WAP supports most wireless networks. These include CDPD, CDMA, GSM, PDC, PHS, TDMA, FLEX, ReFLEX, iDEN, TETRA, DECT, DataTAC, and Mobitex.

WAP is supported by all operating systems. Ones specifically engineered for handheld devices include PalmOS, EPOC, Windows CE, FLEXOS, OS/9, and JavaOS.

WAPs that use displays and access the Internet run what are called microbrowsers--browsers with small file sizes that can accommodate the low memory constraintsof handheld devices and the low-bandwidth constraints of a wireless-handheld network.


14/22

Although WAP supports HTML and XML, the WML language (an XML application) is specifically devised for small screens and one-hand navigation without a keyboard.WML is scalable from two-line text displays up through graphic screens found onitems such as smart phones and communicators. WAP also supports WMLScript. It issimilar to JavaScript, but makes minimal demands on memory and CPU power because it does not contain many of the unnecessary functions found in other scriptinglanguages.

Because WAP is fairly new, it is not a formal standard yet. It is still an initiative that was started by Unwired Planet, Motorola, Nokia, and Ericsson.

84. what is edge technology?]Enhanced Data rates for GSM Evolution (EDGE), Enhanced GPRS (EGPRS), or IMT Single Carrier (IMT-SC) is a digital mobile phone technology that allows increaseddata transmission rates and improved data transmission reliability. EDGE is generally classified as 2.75G, although it is part of ITU's 3G definition[1]. EDGE has been introduced into GSM networks around the world since 2003, initially by Cingular (now AT&T) in the United States.[2]

EDGE can be used for any packet switched application, such as an Internet connection. High-speed data applications such as video services and other multimedia b

enefit from EGPRS' increased data capacity. EDGE Circuit Switched is a possiblefuture development.

EDGE Evolution continues in Release 7 of the 3GPP standard providing doubled performance e.g. to complement High-Speed Packet Access (HSPA).

85. what is gsm,tdma and cdma?86. what is nmt(nordic mobile telephone)?87. what is tacs?Total Access Communication System (TACS) and ETACS are mostly-obsolete variantsof AMPS which were used in some European countries (including the UK & Ireland).TACS was also used in Japan under the name Japanese Total Access Communication

(JTAC).[1][1][2][2] It was also used in Hong Kong [3]. ETACS was an extended version of TACS with more channels.

TACS and ETACS are now obsolete in Europe, having been replaced by the GSM system. In the United Kingdom, the last ETACS service operated by Vodafone was discontinued on 31 May 2001, after sixteen years of service. ETACS is however still inuse in a handful of countries elsewhere in the world. NMT is another analog cellular standard that was widely used in Europe, mainly in the Nordic countries, which has now been fully replaced by GSM except for limited use in rural areas due to its superior range.

88. what is d-amps and pdc?This system was developed as a digital enhancement to the AMPS system via the us

e of dual-mode phones. In the US these phones are able to switch between the AMPS analog and TDMA digital networks, giving the user the benefit of digital in TDMA areas and the widespread coverage of analog in AMPS areas.

89. what is w-cdma,cdma-2000,td-scdma,umts?90. what is sim?91. how does sim works?92. what is sms,mms,wap and gprs and define all their protocols?WAP is an open international standard for application layer network communications in a wireless communication environment. Its main use is to enable access to


15/22

the Internet (HTTP) from a mobile phone or PDA.

A WAP browser provides all of the basic services of a computer based web browserbut simplified to operate within the restrictions of a mobile phone, such as its smaller view screen. WAP sites are websites written in, or dynamically converted to, WML (Wireless Markup Language) and accessed via the WAP browser.

Before the introduction of WAP, service providers had extremely limited opportunities to offer interactive data services. Interactive data applications are required to support now commonplace activities such as:

Email by mobile phoneTracking of stock market pricesSports resultsNews headlinesMusic downloadsThe Japanese i-mode system is another major competing wireless data protocol.

93. what is voip?Voice-over-Internet protocol (VoIP, IPA: /v?jp/) is a protocol optimized for thetransmission of voice through the Internet or other packet-switched networks. VoIP is often used abstractly to refer to the actual transmission of voice (rather than the protocol implementing it). This latter concept is also referred to as

IP telephony, Internet telephony, voice over broadband, broadband telephony, and broadband phone.

VoIP providers may be viewed as commercial realizations of the experimental Network Voice Protocol (1973) invented for the ARPANET providers. Some cost savingsare due to utilizing a single network to carry voice and data, especially whereusers have underused network capacity that can carry VoIP at no additional cost.VoIP-to-VoIP phone calls are sometimes free, while VoIP calls connecting to public switched telephone networks (VoIP-to-PSTN) may have a cost that is borne bythe VoIP user.

Voice-over-IP systems carry telephony signals as digital audio, typically reduced in data rate using speech data compression techniques, encapsulated in a data-

packet stream over IP.

There are two types of PSTN-to-VoIP services: Direct inward dialing (DID) and access numbers. DID will connect a caller directly to the VoIP user, while accessnumbers require the caller to provide an extension number for the called VoIP user.

94. what is ip telephony and ip paging?95. what are the different types of voip?96. what is cam overflow?97. what is arp poisoning?98. what is vlan hoping?

99. what is spanning tree attack?100.what is dhcp rouge server?101.what is dhcp starvation?DHCP StarvationA DHCP starvation attack works by broadcasting DHCP requests with spoofed MAC addresses. This is easily achieved with attack tools such as gobbler. If enough requests are sent, the network attacker can exhaust the address space available tothe DHCP servers for a period of time. This is a simple resource starvation attack just like a SYN flood is a starvation attack. The network attacker can thenset up a rogue DHCP server on his or her system and respond to new DHCP requests


16/22

from clients on the network. Exhausting all of the DHCP addresses is not required to introduce a rogue DHCP server, though.102.what is cdp attacks?Cisco Systems IOS is vulnerable to a denial-of-service attack using

Cisco's proprietary Cisco Discovery Protocol (CDP).

When flooded with CDP neighbor announcements, the IOS uses up all it'smemory to store the neighbor information. The device is then unable toperform operations that need additional memory such as receivingrouting updates and accepting inbound telnet(1) connections.

Some device/IOS combinations tested reboot, others simply stopworking completely.

103.what is hsrp attacks?Are HSRP's vulnerabilities critical? After all, other Layer 2 attacks can lead to the same results: ARP spoofing, DHCP spoofing, and so on. However, as the other attacks can be mitigated (as shown in Chapter 5, "Leveraging DHCP Weaknesses,"and Chapter 6, "Exploiting IPv4 ARP"), HSRP is the only risk exposure whose risks need to be mitigated.

The good news is that the DoS, MITM, and information leakage attacks work only i

n the local Ethernet segment. Indeed, the 224.0.0.2 and 224.0.0.102 multicast addresses are for multicasting only on the local link; packets sent to those addresses are never forwarded on.

Nevertheless, the attacks can be easily launched locally. The ways to mitigate these attacks rely on preventing an attacker from doing the following:

Forging valid authentication data. If the attacker is unable to present the correct credentials, all other routers reject his packets.

Sending HSRP packets. The network infrastructure blocks all HSRP packets exceptthose sent by authorized HSRP routers.

Note

There is no easy way to prevent information leakage from HSRP, but this is not critical.

104.what is network segregation?Network segregation separates one Network into two LANs keeping the unsafe computers in the front Network and moving the computers that you would like to protect to a second shielded Network.

A simple segregation can be achieved by using two Entry Level Cable/DSL Routers.

If the Wireless connection is "invaded", or any of the Wired or Wireless computers become compromised. The "Shielded Network" would be protected by the "ShieldRouter's" NAT Firewall from the "Invader".

105.what is srtp?SRTP (Secure Real-Time Transport Protocol or Secure RTP) is an extension to RTP(Real-Time Transport Protocol) that incorporates enhanced security features. Like RTP, it is intended particularly for VoIP (Voice over IP) communications.


17/22

SRTP was conceived and developed by communications experts from Cisco and Ericsson and was formally published in March 2004 by the Internet Engineering Task Force ( IETF ) as Request for Comments (RFC) 3711. SRTP uses encryption and authentication to minimize the risk of denial of service( DoS ) attacks. SRTP can achieve high throughput in diverse communications environments that include both hard-wired and wireless devices. Provisions are included that allow for future improvements and extensions.

106.what is vpn?A virtual private network (VPN) is a computer network in which some of the linksbetween nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger networkwhen this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such asauthentication or content encryption. VPNs, for example, can be used to separatethe traffic of different user communities over an underlying network with strong security features.

A VPN may have best-effort performance, or may have a defined service level agreement (SLA) between the VPN customer and the VPN service provider. Generally, aVPN has a topology more complex than point-to-point. The distinguishing characteristics of VPNs are not security or performance, but that they overlay other net

work(s) to provide a certain functionality that is meaningful to a user community.

107.what is opaque packet transport?108.what is quality of service guarantee?109.what is tunneling mechanism?110.what is cpe?111.what is extranet?112.what is vpn tunneling?113.what is tunneling protocol requirement for vpn?114.what is virtual leased lines?Virtual Leased Line (VLL) is a way to provide Ethernet based point to point comm

unication over IP/MPLS networks.

In the industry, the technology is also referred to as Virtual Private Wire Service (VPWS) or EoMPLS (Ethernet over MPLS).

VLL uses the pseudo-wire encapsulation for transporting Ethernet traffic over anMPLS tunnel across an IP/MPLS backbone.

115.what is vprn?116.what is generic requirement of vprn?117.what does open vpn offer?118.how is open vpn different from other vpn packages?OpenVPN is a full-featured SSL VPN which implements OSI layer 2 or 3 secure netw

ork extension using the industry standard SSL/TLS protocol, supports flexible client authentication methods based on certificates, smart cards, and/or username/password credentials, and allows user or group-specific access control policiesusing firewall rules applied to the VPN virtual interface. OpenVPN is not a webapplication proxy and does not operate through a web browser.

OpenVPN 2.0 expands on the capabilities of OpenVPN 1.x by offering a scalable client/server mode, allowing multiple clients to connect to a single OpenVPN server process over a single TCP or UDP port.


18/22

119.what is routed ip tunnels?120.what is bridge ethernet tunnel?121.what are the uses of open vpn?OpenVPN is a free and open source virtual private network (VPN) program for creating point-to-point encrypted tunnels between host computers. It was written byJames Yonan and is published under the GNU General Public License (GPL).OpenVPN allows peers to authenticate to each other using a pre-shared secret key, certificates, or username/password. It uses the OpenSSL encryption library extensively, as well as the SSLv3/TLSv1 protocol. It is available on Solaris, Linux, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP/Vista. It contains many security and control features. It is not a "web-based" VPN, and is not compatible with IPsec or any other VPN package. The entire package consists of one binary for both client and server connections, an optional configuration file, and one or more key files depending on the authentication method used.122.what is the difference between layer 2 vpn and layer 3 vpn?123.what is leased lines?A leased line is a symmetric telecommunications line connecting two locations. It is sometimes known as a 'Private Circuit' or 'Data Line' in the UK. Unlike traditional PSTN lines it does not have a telephone number, each side of the line being permanently connected to the other. Leased lines can be used for telephone,data or Internet services. Some are ringdown services, and some connect two PBXes.

In the U.K., leased lines are usually available at speeds of 64k, 128k, 256k, 512k, 2Mb/s and provided to the customer on X.21 presentation. Higher speeds are available on alternative interfaces.

In the U.S., low-speed leased lines (56 kbit/s and below) are usually provided using analog modems. Higher-speed leased lines are usually presented using FT1 (Fractional T1): a T1 bearer circuit with 1 to 24 56k or 64k timeslots. Customersmust manage their own network termination equipmentChannel Service Unit or Data Service Unit (CSU/DSU).

In Hong Kong, leased lines are usually available at speeds of 64k, 128k, 256k, 512k, T1 (channelized or not) or E1 (less common). Whatever the speed, telcos usually provide the CSU/DSU and present to the customer on V.35 interface.

For many purposes, leased lines are gradually being replaced by DSL and metro Ethernet.

124.what is frame relay?125.what is atm circuit?Asynchronous Transfer Mode (ATM) is a cell relay, packet switching network and data link layer protocol which encodes data traffic into small (53 bytes; 48 bytes of data and 5 bytes of header information) fixed-sized cells. ATM provides data link layer services that run over Layer 1 links. This differs from other technologies based on packet-switched networks (such as the Internet Protocol or Ethernet), in which variable sized packets (known as frames when referencing Layer 2

) are used. ATM is a connection-oriented technology, in which a logical connection is established between the two endpoints before the actual data exchange begins.

The standards for ATM were first developed in the mid 1980s. The goal was to design a single networking strategy that could transport real-time video and audioas well as image files, text and email. Two groups, the International Telecommunications Union and the ATM Forum were involved in the creation of the standards.ATM has been used primarily with telephone and IP networks.


19/22

126.define mapping between layer 2 qos and layer 3 qos?127.what is mpls switching?128.what is ce router, pe router and p router?A CE router ( customer edge router ) is a router located on the customer premises that provides an Ethernet interface between the customer's LAN and the provider's core network. CE routers, P (provider) routers and PE (provider edge) routers are components in an MPLS (multiprotocol label switching) architecture. Provider routers are located in the core of the provider or carrier's network. Provider edge routers sit at the edge of the network. CE routers connect to PE routersand PE routers connect to other PE routers over P routers.The PE router, where "PE" stands for provider edge, is a router between one network service provider's area and areas administered by other network providers. Anetwork provider is usually an Internet Service Provider as well (or only that).The term PE router covers equipment capable of a broad range of routing protocols, notably:Border Gateway Protocol (BGP)Open Shortest Path First (OSPF)Multi-Protocol Label Switching (MPLS)PE routers need not be aware of what kind of traffic is coming from the provider's network. However, some PE routers also do labeling.

In Multi-Protocol Label Switching (MPLS), a P Router or Provider Router is a Lab

el Switch Router (LSR) that functions as a transit router of the core network. The P Router typically connected to one or more PE Routers.129.what is route distinguisher?130.what is vpn ip-v4 addresses?131.what is vrf?132.what is lsr?133.what is igp?134.what is ebgp,ospf,rip and static routing?135.what is ldp?136.what is label stack?137.what is pipe model and hose model?138.what is ike(internet key exchange)?Internet key exchange (IKE) is the protocol used to set up a security associatio

n (SA) in the IPsec protocol suite.139.what is ssid sniffer?140.what is wifind?141.what is wlan?142.what is wi-fi radio devices?An Internet radio device (IRD) is a hardware device that receives and plays audio from Internet radio stations or, optionally, a user's PC.143.what is access points?In computer networking, a wireless access point (WAP or AP) is a device that allows wireless communication devices to connect to a wireless network. The WAP usually connects to a wired network, and can relay data between the wireless devices (such as computers or printers) and wired devices on the network.144.what is gateway?

145.how to acces a wlan?146.what is rouge access point?A rogue access point is a wireless access point that has either been installed on a secure company network without explicit authorization from a local network administrator,[1] or has been created to allow a cracker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security threatto large organizations with many employees, because anyone with access to the premises can ignorantly or maliciously install an inexpensive wireless router thatcan potentially allow access to a secure network to unauthorized parties. Rogueaccess points of the second kind target networks that do not employ mutual auth


20/22

entication (client-server server-client) and may be used in conjunction with a rogue RADIUS server, depending on security configuration of the target network. To prevent the installation of rogue access points, large organizations sometimesinstall wireless intrusion detection systems to monitor the radio spectrum forunauthorized access points.147.what is mini stumbler and net stumbler?MiniStumbler is a sniffer program that will help you search out and identify wireless networks, and it's really designed to test out networks. There is also a version for desktops, laptops, or Tablet PCs called NetStumbler.148.what is wep?149.what is frs?File Replication Service is a Microsoft Windows Server service for distributingFolders stored in the SYSVOL shared folder on domain controllers and DistributedFile System (DFS) shared folders. It is also known as NTFRS after the name of the executable file that runs the service. This service is part of Microsoft's Active Directory.150.what is gmrs?151.what is hpna(home phone networking alliance)?The HomePNA Alliance develops triple-play home networking solutions for distributing entertainment data over both existing coax cable and phone lines. The Alliance creates internationally recognized, open and interoperable standards and bestpractices. By providing data rates up to 320 Mbps with guaranteed Quality of Service (QoS), HomePNA technology enables service providers to meet and drive thegrowing demand for new multimedia services such as IPTV and VoIP to the home. Ho

mePNA technology also provides consumers with the many benefits of "no-new-wires" home networking.

152.for which purpose these scanning tools are used?a. redfang 2.5b. kismetc. thc-wardrived. prism stumblere. mac stumblerf. mognetg. wave stumblerh. stumbverteri. ap scanner

j. ssidk. net chaser v1.0 for palm tops?l. wavemonm. wireless security auditorn. airtraf 1.0o. wi-fi finderp. aire153.for which purpose these sniffing tools are used?a. airopeekb. nai wireless snifferc. ethereald. vpnmonitorle. aerosol v0.65

f. vxsnifferg. etherpegh. driftneti. windumpj. ssidsniffk. airmagnetl. packetyzer154.what is caller id spoofing?Caller ID spoofing is the practice of causing the telephone network to display anumber on the recipient's caller ID display which is not that of the actual ori


21/22

ginating station; the term is commonly used to describe situations in which themotivation is considered nefarious by the speaker. Just as e-mail spoofing can make it appear that a message came from any e-mail address the sender chooses, caller ID spoofing can make a call appear to have come from any phone number the caller wishes. Because of the high trust people have tended to have in the callerid system, spoofing can call the system's value into question.155.what is router?156.what is adsl?157.what is intrusion?158.why do we need of an ids?159.what are the components of an ids?160.what are the types of ids?161.what is not an ids?162.what are detection methodologies?163.what is stateful protocol detection?164.what are signature based detection?165.what are anamoly based detection?166.what is ips?166.why we need for having an ips?167.what are the countermeasures taken by an ips?

_ session snifting_ packet filtering_ packet scrubbling_ ip blocking

_ deception168.what is access control?169.what is the needof an acl?170.what is dac?171.what is ndac?No Data Accepted172.what is mas?Mobile Access Service173.what is role based access control?174.what is temporal constraints?175.what is wfms?Workflow Management SystemA workflow is a depiction of a sequence of operations, declared as work of a per

son, work of a simple or complex mechanism, work of a group of persons,[1] workof an organization of staff, or machines. Workflow may be seen as any abstraction of real work, segregated in workshare, work split or whatever types of ordering. For control purposes, workflow may be a view on real work under a chosen aspect,[2] thus serving as a virtual representation of actualWorkforce Management System

176.what is chinese wall?177.what is access management?178.who defines the access policy?179.how emails works?180.how to steal data from an email?

_ social engineering

_ exploiting the vulnerabilities in security_ keyloogers and browser monitering181.how we secure email exchange server?

_ replay restrictions_ virus protections_ rpc over http_ protecting front ends server_ keep exchange server up to date182.what is vulnerabilities?183.what is the scope of vulnerability assessment?


22/22

184.what is server or network layer test?185.what is application layer test?186.what is risk assessment?187.what is reporting?188.what is penetration testing?189.what is the scope of penetration testing?190.what is network surveying?191.what is automated vulnerability scanning?192.what is escalation of privileges?193.what is backdoors?194.what are the protocols used by backdoors?195.what is wardialers?196.what is enumeration?197.what are the type of enumeration?198.what is stack based overflow?199.what is stack based exploitation?200.what is heap based exploitation?201.what is barriers to exploitation?202.what is stack smashing protection?203.what is executable space protection?204.what is aslr?Address space layout randomization (ASLR) is a computer security technique whichinvolves randomly arranging the positions of key data areas, usually includingthe base of the executable and position of libraries, heap, and stack, in a proc

ess's address space.BenefitsAddress space randomization hinders some types of security attack by preventingan attacker being able to easily predict target addresses. For example attackerstrying to execute return-to-libc attacks must locate the code to be executed; while other attackers trying to execute shellcode injected on the stack have to first find the stack. In both cases, the related memory addresses are obscured from the attackers; these values have to be guessed, and a mistaken guess is not usually recoverable due to the application crashing.205.what is dpi?Dots per inchFrom Wikipedia, the free encyclopediaJump to: navigation, search

Dots per inch (DPI) is a measure of spatial printing or video resolution, in particular the number of individual dots or pixels within the span of one linear inch (2.54 cm.)206.what is source code analysis?207.what is secure program?208.what is ip-v6?209.what are smart cards?