Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,120 --> 00:00:00,530 All right. 2 00:00:00,540 --> 00:00:06,870 So before we go into the OSA model I do want to talk about some common ports and protocols since this 3 00:00:06,870 --> 00:00:10,640 is a refresher most of these should be pretty familiar to you. 4 00:00:10,650 --> 00:00:16,380 I'm going to run through them pretty quickly and just talk about them briefly on each of these common 5 00:00:16,380 --> 00:00:16,800 ports. 6 00:00:16,800 --> 00:00:22,170 And the reason I've listed these is because they are things that we'll see quite often as a penetration 7 00:00:22,170 --> 00:00:23,010 tester. 8 00:00:23,010 --> 00:00:27,030 And it's just something that as we're going through the course if one of these show up it's something 9 00:00:27,030 --> 00:00:32,640 that just rings a bell and you see you see a scan it comes back and you see Port 21 you think I guess 10 00:00:32,730 --> 00:00:36,350 FCP or you see for 80 you think I guess a GP. 11 00:00:36,380 --> 00:00:39,690 So you've got to start training your mind to memorize these ports. 12 00:00:39,690 --> 00:00:43,890 So when we get into our scanning which again we haven't covered scanning but when we get there and we 13 00:00:43,890 --> 00:00:49,060 see what ports are open on a machine we're gonna be able to have these common ports memorized. 14 00:00:49,140 --> 00:00:55,180 So on the TPP side we've got FCP FCP is the file transfer protocol. 15 00:00:55,320 --> 00:00:58,950 You're going to see this in some assessments you're going to see this a lot when we do something called 16 00:00:58,950 --> 00:00:59,820 Capture the Flag. 17 00:00:59,820 --> 00:01:03,960 We run through some test machines you'll see FCP open quite a bit. 18 00:01:03,960 --> 00:01:08,760 So FCP file transfer protocol all that means is we can log into the server. 19 00:01:08,760 --> 00:01:12,010 We can put a file or we can get a file off the server. 20 00:01:12,010 --> 00:01:20,600 Now SSA and telnet kind of play hand in hand telnet is the ability to log into a machine remotely. 21 00:01:20,610 --> 00:01:22,590 Now SSA does the same thing. 22 00:01:22,590 --> 00:01:26,540 The only difference is SS age is the encrypted version of that. 23 00:01:26,550 --> 00:01:34,630 So it tells that you are in clear text and with SSA age you are encrypted now S.M. T.P. POP 3 And I 24 00:01:34,630 --> 00:01:36,980 map all relate to mail. 25 00:01:37,020 --> 00:01:39,140 We're not gonna worry too much about mail in this course. 26 00:01:39,150 --> 00:01:41,650 But you might see it come back up at some point. 27 00:01:41,650 --> 00:01:47,760 So just remember your twenty five one ten and one forty three DNS. 28 00:01:47,760 --> 00:01:54,770 So DNS is a way to resolve IP addresses to names and we could take a quick look at that. 29 00:01:54,780 --> 00:02:00,810 If we go back to our Kelly machine and say we're at Google here we've got Google up. 30 00:02:00,810 --> 00:02:07,080 But the computer doesn't really know what Google is the computer is just using nice text like Google 31 00:02:07,080 --> 00:02:09,100 dot com for us the humans. 32 00:02:09,270 --> 00:02:14,330 What's going on on the back end is Google actually resolves to an IP address. 33 00:02:14,430 --> 00:02:19,380 Now the IP address is how the computer knows to get back and forth because we don't want to sit there 34 00:02:19,380 --> 00:02:26,010 and type in IP addresses this DNS or domain name system has been implemented for us. 35 00:02:26,070 --> 00:02:34,230 So we typed in Google dot com on the back end IT knows hey I want to go out to 1 7 1 7 9 10 20 to 30 36 00:02:34,230 --> 00:02:41,670 for whatever is in reality but this is just a quick way for the computer to relate to a human and the 37 00:02:41,730 --> 00:02:47,000 human to you know have easily readable access to some of this stuff. 38 00:02:47,040 --> 00:02:55,140 So going back to our PowerPoint we have HP and HP yes that is a Web site just what you saw there. 39 00:02:55,230 --> 00:03:02,340 Mostly everything is on for three now or HP yes the HP port 80 you'll see sometimes. 40 00:03:02,400 --> 00:03:06,090 Remember that is the non secure version of the protocol. 41 00:03:06,120 --> 00:03:12,370 So HP is encrypted HP is not encrypted and not secure. 42 00:03:13,050 --> 00:03:18,120 So lastly SMB ports one thirty nine and four forty five. 43 00:03:18,150 --> 00:03:24,090 Originally it was just one thirty nine in the later versions of Windows they put on for four or five 44 00:03:24,360 --> 00:03:26,640 you're going to see these ports a lot. 45 00:03:26,640 --> 00:03:29,700 This is probably the most common port you're going to see as a pen tester. 46 00:03:29,760 --> 00:03:34,070 These relate to file share as you might also hear this called samba. 47 00:03:34,620 --> 00:03:39,630 So there are a few names for it but when you think of SMB and you see one thirty nine or forty five 48 00:03:39,900 --> 00:03:47,070 think of file shares and as a pin tester perspective you got to think about all the crazy exploits we've 49 00:03:47,070 --> 00:03:49,010 had regarding SMB. 50 00:03:49,020 --> 00:03:54,350 The most recent one as of this course was the one to cry virus. 51 00:03:54,360 --> 00:03:54,990 Right. 52 00:03:55,020 --> 00:04:00,750 So you had the want to cry virus is also known as Eternal Blue was what it was built off of or M.S. 53 00:04:00,810 --> 00:04:09,900 17 0 1 0 was the official term of that exploit that exploit utilized and SMB exploit to navigate through 54 00:04:09,900 --> 00:04:10,530 networks. 55 00:04:10,560 --> 00:04:16,130 So it became very vicious very quick because S&P is open so frequently on networks. 56 00:04:16,290 --> 00:04:19,790 Now on the UDP side we also have DNS over here. 57 00:04:19,790 --> 00:04:22,820 DNS is both ATP and UDP protocol. 58 00:04:22,830 --> 00:04:27,720 We also have DHS BP now when it comes to IP addresses. 59 00:04:27,720 --> 00:04:32,420 DHS GP associates you with an IP address kind of at random. 60 00:04:32,490 --> 00:04:36,760 Now you could have the opposite of that is what is a static IP address. 61 00:04:36,810 --> 00:04:43,320 So with DCP you plug into your network say your home network and the Internet just fires up. 62 00:04:43,500 --> 00:04:44,220 Guess what. 63 00:04:44,280 --> 00:04:49,850 Probably DHS VPN the back end it just picks a number between arrange says Hey here's your IP address. 64 00:04:49,890 --> 00:04:54,750 I'm going to let you lease that out for eight hours or a day or a week or however long the timing is 65 00:04:54,750 --> 00:04:55,320 set for it. 66 00:04:55,600 --> 00:04:57,710 And that IP address is yours. 67 00:04:57,750 --> 00:05:03,450 Now the opposite of that again is static so you could say hey I want a static IP address and anytime 68 00:05:03,530 --> 00:05:05,810 I plug in with this specific computer. 69 00:05:05,930 --> 00:05:07,820 Go ahead and give it this IP address. 70 00:05:07,820 --> 00:05:09,210 So how are we going to know that. 71 00:05:09,350 --> 00:05:10,700 Most likely the MAC address. 72 00:05:10,700 --> 00:05:11,000 Right. 73 00:05:11,000 --> 00:05:15,460 So from layer two it's gonna know layer three and how to assign it. 74 00:05:15,470 --> 00:05:18,440 So again DCP should be pretty familiar to you. 75 00:05:18,440 --> 00:05:26,660 We've also got TFT APM port sixty nine which is the trivial FTB and utilizes UDP instead of TPP. 76 00:05:26,840 --> 00:05:32,420 And we also have SMP which is the simple network management protocol. 77 00:05:32,420 --> 00:05:39,650 So you will encounter as an MP occasionally on networks not always but when we do encounter it there 78 00:05:39,650 --> 00:05:45,440 may be some information to be gathered especially if there are strings being used that are community 79 00:05:45,500 --> 00:05:47,090 or public strings. 80 00:05:47,090 --> 00:05:49,320 And we'll worry about that when we encounter it. 81 00:05:49,340 --> 00:05:52,320 But you will probably see it again in this course. 82 00:05:52,340 --> 00:05:58,430 So that is it in this video we're going to go ahead and move on to the OSCE model and tie all this together 83 00:05:58,700 --> 00:06:05,000 then we'll get into a little bit submitting and we'll end this with a refresher on networking a final 84 00:06:05,480 --> 00:06:07,520 final video on networking. 85 00:06:07,520 --> 00:06:09,110 So I'll see you over in the next video. 8828