Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,120 --> 00:00:00,530
All right.
2
00:00:00,540 --> 00:00:06,870
So before we go into the OSA model I do want to talk about some common ports and protocols since this
3
00:00:06,870 --> 00:00:10,640
is a refresher most of these should be pretty familiar to you.
4
00:00:10,650 --> 00:00:16,380
I'm going to run through them pretty quickly and just talk about them briefly on each of these common
5
00:00:16,380 --> 00:00:16,800
ports.
6
00:00:16,800 --> 00:00:22,170
And the reason I've listed these is because they are things that we'll see quite often as a penetration
7
00:00:22,170 --> 00:00:23,010
tester.
8
00:00:23,010 --> 00:00:27,030
And it's just something that as we're going through the course if one of these show up it's something
9
00:00:27,030 --> 00:00:32,640
that just rings a bell and you see you see a scan it comes back and you see Port 21 you think I guess
10
00:00:32,730 --> 00:00:36,350
FCP or you see for 80 you think I guess a GP.
11
00:00:36,380 --> 00:00:39,690
So you've got to start training your mind to memorize these ports.
12
00:00:39,690 --> 00:00:43,890
So when we get into our scanning which again we haven't covered scanning but when we get there and we
13
00:00:43,890 --> 00:00:49,060
see what ports are open on a machine we're gonna be able to have these common ports memorized.
14
00:00:49,140 --> 00:00:55,180
So on the TPP side we've got FCP FCP is the file transfer protocol.
15
00:00:55,320 --> 00:00:58,950
You're going to see this in some assessments you're going to see this a lot when we do something called
16
00:00:58,950 --> 00:00:59,820
Capture the Flag.
17
00:00:59,820 --> 00:01:03,960
We run through some test machines you'll see FCP open quite a bit.
18
00:01:03,960 --> 00:01:08,760
So FCP file transfer protocol all that means is we can log into the server.
19
00:01:08,760 --> 00:01:12,010
We can put a file or we can get a file off the server.
20
00:01:12,010 --> 00:01:20,600
Now SSA and telnet kind of play hand in hand telnet is the ability to log into a machine remotely.
21
00:01:20,610 --> 00:01:22,590
Now SSA does the same thing.
22
00:01:22,590 --> 00:01:26,540
The only difference is SS age is the encrypted version of that.
23
00:01:26,550 --> 00:01:34,630
So it tells that you are in clear text and with SSA age you are encrypted now S.M. T.P. POP 3 And I
24
00:01:34,630 --> 00:01:36,980
map all relate to mail.
25
00:01:37,020 --> 00:01:39,140
We're not gonna worry too much about mail in this course.
26
00:01:39,150 --> 00:01:41,650
But you might see it come back up at some point.
27
00:01:41,650 --> 00:01:47,760
So just remember your twenty five one ten and one forty three DNS.
28
00:01:47,760 --> 00:01:54,770
So DNS is a way to resolve IP addresses to names and we could take a quick look at that.
29
00:01:54,780 --> 00:02:00,810
If we go back to our Kelly machine and say we're at Google here we've got Google up.
30
00:02:00,810 --> 00:02:07,080
But the computer doesn't really know what Google is the computer is just using nice text like Google
31
00:02:07,080 --> 00:02:09,100
dot com for us the humans.
32
00:02:09,270 --> 00:02:14,330
What's going on on the back end is Google actually resolves to an IP address.
33
00:02:14,430 --> 00:02:19,380
Now the IP address is how the computer knows to get back and forth because we don't want to sit there
34
00:02:19,380 --> 00:02:26,010
and type in IP addresses this DNS or domain name system has been implemented for us.
35
00:02:26,070 --> 00:02:34,230
So we typed in Google dot com on the back end IT knows hey I want to go out to 1 7 1 7 9 10 20 to 30
36
00:02:34,230 --> 00:02:41,670
for whatever is in reality but this is just a quick way for the computer to relate to a human and the
37
00:02:41,730 --> 00:02:47,000
human to you know have easily readable access to some of this stuff.
38
00:02:47,040 --> 00:02:55,140
So going back to our PowerPoint we have HP and HP yes that is a Web site just what you saw there.
39
00:02:55,230 --> 00:03:02,340
Mostly everything is on for three now or HP yes the HP port 80 you'll see sometimes.
40
00:03:02,400 --> 00:03:06,090
Remember that is the non secure version of the protocol.
41
00:03:06,120 --> 00:03:12,370
So HP is encrypted HP is not encrypted and not secure.
42
00:03:13,050 --> 00:03:18,120
So lastly SMB ports one thirty nine and four forty five.
43
00:03:18,150 --> 00:03:24,090
Originally it was just one thirty nine in the later versions of Windows they put on for four or five
44
00:03:24,360 --> 00:03:26,640
you're going to see these ports a lot.
45
00:03:26,640 --> 00:03:29,700
This is probably the most common port you're going to see as a pen tester.
46
00:03:29,760 --> 00:03:34,070
These relate to file share as you might also hear this called samba.
47
00:03:34,620 --> 00:03:39,630
So there are a few names for it but when you think of SMB and you see one thirty nine or forty five
48
00:03:39,900 --> 00:03:47,070
think of file shares and as a pin tester perspective you got to think about all the crazy exploits we've
49
00:03:47,070 --> 00:03:49,010
had regarding SMB.
50
00:03:49,020 --> 00:03:54,350
The most recent one as of this course was the one to cry virus.
51
00:03:54,360 --> 00:03:54,990
Right.
52
00:03:55,020 --> 00:04:00,750
So you had the want to cry virus is also known as Eternal Blue was what it was built off of or M.S.
53
00:04:00,810 --> 00:04:09,900
17 0 1 0 was the official term of that exploit that exploit utilized and SMB exploit to navigate through
54
00:04:09,900 --> 00:04:10,530
networks.
55
00:04:10,560 --> 00:04:16,130
So it became very vicious very quick because S&P is open so frequently on networks.
56
00:04:16,290 --> 00:04:19,790
Now on the UDP side we also have DNS over here.
57
00:04:19,790 --> 00:04:22,820
DNS is both ATP and UDP protocol.
58
00:04:22,830 --> 00:04:27,720
We also have DHS BP now when it comes to IP addresses.
59
00:04:27,720 --> 00:04:32,420
DHS GP associates you with an IP address kind of at random.
60
00:04:32,490 --> 00:04:36,760
Now you could have the opposite of that is what is a static IP address.
61
00:04:36,810 --> 00:04:43,320
So with DCP you plug into your network say your home network and the Internet just fires up.
62
00:04:43,500 --> 00:04:44,220
Guess what.
63
00:04:44,280 --> 00:04:49,850
Probably DHS VPN the back end it just picks a number between arrange says Hey here's your IP address.
64
00:04:49,890 --> 00:04:54,750
I'm going to let you lease that out for eight hours or a day or a week or however long the timing is
65
00:04:54,750 --> 00:04:55,320
set for it.
66
00:04:55,600 --> 00:04:57,710
And that IP address is yours.
67
00:04:57,750 --> 00:05:03,450
Now the opposite of that again is static so you could say hey I want a static IP address and anytime
68
00:05:03,530 --> 00:05:05,810
I plug in with this specific computer.
69
00:05:05,930 --> 00:05:07,820
Go ahead and give it this IP address.
70
00:05:07,820 --> 00:05:09,210
So how are we going to know that.
71
00:05:09,350 --> 00:05:10,700
Most likely the MAC address.
72
00:05:10,700 --> 00:05:11,000
Right.
73
00:05:11,000 --> 00:05:15,460
So from layer two it's gonna know layer three and how to assign it.
74
00:05:15,470 --> 00:05:18,440
So again DCP should be pretty familiar to you.
75
00:05:18,440 --> 00:05:26,660
We've also got TFT APM port sixty nine which is the trivial FTB and utilizes UDP instead of TPP.
76
00:05:26,840 --> 00:05:32,420
And we also have SMP which is the simple network management protocol.
77
00:05:32,420 --> 00:05:39,650
So you will encounter as an MP occasionally on networks not always but when we do encounter it there
78
00:05:39,650 --> 00:05:45,440
may be some information to be gathered especially if there are strings being used that are community
79
00:05:45,500 --> 00:05:47,090
or public strings.
80
00:05:47,090 --> 00:05:49,320
And we'll worry about that when we encounter it.
81
00:05:49,340 --> 00:05:52,320
But you will probably see it again in this course.
82
00:05:52,340 --> 00:05:58,430
So that is it in this video we're going to go ahead and move on to the OSCE model and tie all this together
83
00:05:58,700 --> 00:06:05,000
then we'll get into a little bit submitting and we'll end this with a refresher on networking a final
84
00:06:05,480 --> 00:06:07,520
final video on networking.
85
00:06:07,520 --> 00:06:09,110
So I'll see you over in the next video.
8828
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.