Showing posts with label NetworkzPeritus. Show all posts
Showing posts with label NetworkzPeritus. Show all posts

IPV4

An IP address is a unique number / address used to identify a device on a network. An IP address is made up of 32 binary bits, which is divided into a Network portion and Host portion with the help of a Subnet Mask.

The 32 binary bi
ts are broken into four octets (1 octet = 8 bits). Each octet is converted to decimal and separated by a period (dot). For this reason, an IP address is expressed in dotted decimal format (for example, 192.168.10.12). The value in each octet ranges from 0 to 255 decimal, or 00000000 - 11111111 binary.

Below is how binary octets are converted to decimal: The right most bit, or least significant bit, of an octet holds a value of 20. The bit just to the left of that holds a value of 21. This continues until the left-most bit, or most significant bit, which holds a value of 27. So if all binary bits are a one, the decimal equivalent would be 255 as shown here:
1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1 = (128+64+32+16+8+4+2+1=255)
And this sample below shows an IP address represented in binary and decimal.
192. 168. 4. 10 (decimal)
11000000.10101000.00000100.00001010 (binary).



"For more information about NetworkzPeritus, you may visit our website at http://www.NetworkzPeritus.com/ & blog at http://networkzperitus.blogspot.in/


Posted by Viviek
Posted by No comments:
Labels: ,

RIPv2

RIPv2 is a classless, distance vector routing protocol as defined in RFC 1723. Because RIPv2 is a classless routing protocol, which means, it includes the subnet mask with the network addresses in the routing updates. As with other classless routing protocols, RIPv2 supports CIDR super-nets, VLSM and discontiguous networks.

Due to the deficiencies of RIPv1, RIP version 2 (RIPv2) was developed sometime in 1993. It’s equipped with the ability to support subnet information and supports Classless Inter-Domain Routing (CIDR). A router that receives routing updates from multiple routers advertising the same classful summary route cannot determine which subnets belong to which summary route. This inability leads to unexpected results including misrouted packets.

However, with RIPv2 automatic summarization can be disabled with the no auto-summary command. Automatic summarization must be disabled to support discontiguous networks.

RIPv2 still maintains the hop count limit of 15 and incorporated a password authentication mechanism. However, passwords were transmitted in clear-text format, which were found insufficient for secure communications on the Internet.

The default version of RIP is version 1. The command version 2 is used to modify RIPv1 to RIPv2.

Use The show ip protocols command to view that RIP is now sending and receiving version 2 updates and whether or not automatic summarization is in effect.

RIPv2 is actually an enhancement of RIPv1's features and extensions rather than an entirely new protocol. Some of these enhanced features include:

  • Next-hop addresses included in the routing updates
  • Use of multicast addresses in sending updates
  • Authentication option available
Like RIPv1, RIPv2 is a distance vector routing protocol. Both versions of RIP share the following features and limitations:
Use of hold down and other timers to help prevent routing loops.
  • Use of split horizon or split horizon with poison reverse to also help prevent routing loops.
  • Use of hold down and other timers to help prevent routing loops.
  • Use of triggered updates when there is a change in the topology for faster convergence.
  • Maximum hop count limit of 15 hops, with the hop count of 16 signifying an unreachable network.

For more information about NetworkzPeritus, you may visit our website at http://www.NetworkzPeritus.com/ & blog at http://networkzperitus.blogspot.com/

Posted by Shubham,Shushant & Viviek
Posted by No comments:
Labels: , ,

10 hot IT skills for 2013

Wonder what are the IT skills that will help IT professionals sail through the current tough job market? Skills that will help IT pros stay relevant as the business needs of their organization change. A survey conducted shows the following results:

 Networking
19% of the IT recruiters will look for experienced professionals with networking capabilities. Though the demand for networking personnel has declined by 50% over the past three years, the pro
spects for such professionals are still good for coming times.

Help Desk/Technical Support
35% of IT recruiters surveyed by Computerworld said that they will hire IT help desk professionals within the next one year. Such companies' focus is to not only develop modern systems and solutions but also to help end users to access them easily, hence the emphasis on the technical support skills.

Security
IT security also seems to be high on IT companies' agenda as 27% responded that they were on the lookout for professionals with skills for safeguarding systems and data. Therefore, it's time that candidates in IT security industry brush up their knowledge on deploying firewalls, threat detection tools, encryption technology and other security systems.

Virtualization
24% IT companies that Computerworld surveyed plan to hire professionals with virtualization skills in 2013. However, their biggest issue was that they usually find inexperienced candidates with half-baked virtualization skills.

Programming and Application Development
According to the survey, 60% of the respondents wanted to hire employees with programming and application development skills by next year. Those who have experience in Java, J2EE and .Net are at an advantage as these skills will be heavily demanded by companies in the coming time.

Project Management
Project management will be in huge demand next year as 40% of the companies questioned in the survey said that they will recruit project managers in the next 12 months. The rising demand for candidates with this profile is due to the jump in the number of as well as increase in the complexity of such projects as applications are now more connected.

Business Intelligence/Analytics
Big data is a major concern for IT firms, which is why many companies are looking for business analytics professionals. In the Computerworld survey, 26% of the respondents stated that they will hire business intelligence/analytics professionals in 2013.
Recruiters will keep in mind technical know-how, business knowledge and strong statistical and mathematical backgrounds while hiring personnel for this domain.

Cloud/SaaS
25% of the IT companies interviewed by Computerworld said that they will hire employees who are proficient with cloud computing capabilities. cloud services/Software-as-a-Service are set to become the next big thing in the IT world according to research firms like Gartner, and professionals who have the requisite skills will be high in demand next year.

Mobile Applications and Device Management
This is a fairly new job title, but will grow at a rapid pace with the increase in the penetration of mobile devices in the life of consumers. 19% IT companies are looking such professionals, who will be responsible for handling the increase growth in mobile apps on various consumer devices.

Data Center
Data center professionals are still in demand as their skills are essential to server management. 16% of the companies surveyed by Computerworld will hire personnel with data center management and data back-up capabilities.


For Further Details Contact:
shubham@networkzperitus.com

For more information about NetworkzPeritus, you may visit our website at http://www.NetworkzPeritus.com/ & blog at http://networkzperitus.blogspot.com/

Posted by Shubham
www.NetworkzPeritus.com


Posted by No comments:
Labels: , , ,

How to Hack Website


Here I am going to share some real hacking techniques, using which one can hack any server or website.

This post is for educational purpose only.

The best vulnerability scanner software and assessment tool: Nessus & Exploitation Tool: Metasploit Framework

Used Tools are freely available on internet:Tool

  • 1. NESSUS
  • 2. OpenVAS Server
  • 3. OpenVAS Client
  • 4. Nmap
  • 5. Nikto
  • 6. SQLMap
  • 7. Metasploit

Steps need to be followed to hack a server is as cited below:

 1. Fist port scanning, Scan target server open ports with N-Map or Angry-IP

2. Second step is Service enumeration. Here you have to use N-Map to determine what services are open and available.
To know how to perform Enumeration and foot printing attack, please Google it :)

3. The third step is Scanning target to find the vulnerabilities. For this you have to use NESSUS or OPEN VAS. These tools will scan all open ports, regardless of common and defaulted settings. This will confirm listening services and check those against a database of exploitable services. To see if you are running any services that are mis-configured or vulnerable to exploits.

Note:If you want to working of NESSUS...OR How to use NESSUS video tutorials available on YouTube.com

4. You can also use Nikto. It will used to check the web server(s) for mis-configurations and exploitable web applications.

5. After all these scanning, play with SQL. Use Sqlmap for this. You can also use few more SQL tools, softwares and techniques.

6. The next step is to get access on system using the vulnerabilities found. Gaining Access on remote system. This you can achieve using Metasploit software. To know how to use metasploit search in http://www.securitytube.net

7. The next step is to maintain you access on the compromised system.
Upload shell like c99,b374k,r57_kartal or upload any backdoors like sshdoor and also any perl,python backdoors.

8. Now you are able to anything like deface or root server (rooting server pritty much interesting but for that need good command in Linux)

10. After uploading shell check kernel version with this command "uname -a" it show like this "Linux shell99 2.6.35-28-generic #50-Ubuntu SMP Fri Mar 18 19:00:26 UTC 2011 i686 GNU/Linux"

11. Now u have kernel version now search Local kernel exploit and upload into server and run (exploit upload in Temp folder coz temp folder always writable) don't forget to change the permission of the exploit to using this command "chmod 777"

12. Run exploit and you will get root, check with this command "whoami"

9. THIS IS THE MOST IMPORTANT STEP Covering Tracks. After you activities, you must remove all your track records....;)
Remove all Log files using Log Cleaner

Posted by Viviek
www.NetworkzPeritus.com

Posted by No comments:
Labels: , ,

Meaning of NetworkzPeritus


NetworkzPeritus is combination of two words network-Z-peritus. Network can be any type of network and Peritus is a Latin word which means “expert”.

Peritus is the title given to Roman Catholic theologians who are present to give advice at an ecumenical council. At the most recent council, the Second Vatican Council, some periti (the plural form) accompanied individual bishops or groups of bishops from various countries. Others were formally appointed as advisers to the whole Council.

The periti often advocated ideas of reform in the Church and were often at the center of debates with some
of the more traditional scholars from the Coetus Internationalis Patrum.

www.NetworkzPeritus.com
Posted by No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)