Study Note : ByteHacker
EC-Council Certified Security Analyst (ECSA) (412-79)
Credit Towards Certification:
* EC-Council Certified Security Analyst
Exam Objectives and Sub-Objectives:
Need to have competency in the following objectives to be certified as an ECSA:
1. Understand the five stages of a common penetration test attack methodology
* Understand how to structure and organize security tests
* Analyze the tactical application of each phase
2. Define the five main professional categories
* Compare and contrast the different job roles in the security testing and analysis industry
3. Understand the three most common present vulnerability types
* Identify the potential impact of Information Vulnerabilities
* Identify the risks of Network Vulnerabilities
* Understanding the different types of System Vulnerabilities and their impact
4. Understand the scoping process of designated target systems
* Know the rules of engagement as they pertain to client target networks/systems
* Knowing what results are expected at the end of the test
5. Demonstrate understanding of the field of Competitive Intelligence
6. Develop skills involved in competitive intelligence gathering
7. Demonstrate understanding of Informational Vulnerabilities in depth
8. Engage in Passive network discovery techniques
* Use advanced web resource skills to research identified targets in depth
* Formulate a picture of network boundaries, using IP and DNS information
* Analyze documents for potential Information Vulnerabilities
9. Demonstrate understanding of Network Vulnerabilities in depth
* Build a secure network design, and analyze it for vulnerabilities using threat modeling
* Explore the role of modems and Virtual Private Networks in Perimeter breaches
* Understand common vulnerabilities with 802.11 Wireless
10. Analyze and map live network hosts using multiple correlated modalities
* Employ common and advanced tools to identify live hosts leveraging output from previous discovery processes
* Analyze e-mail headers to enumerate target network resources for location, type and other data points
11. Install various Packet Sniffers
12. Demonstrate skills in deploying Packet Sniffers for the purpose of packet analysis
* Demonstrate use of Packet Sniffers to intercept user-names and passwords
* Demonstrate use of Packet Sniffers in intrusion signature analysis
* Understand the output and results from common Packet Sniffers
13. Demonstrate knowledge of vulnerabilities in routers
*
Understanding many Informational Vulnerabilities, as well as network vulnerabilities present in many routers
*
Analyzing Cisco packet captures for information disclosure and cracking Cisco passwords.
14. Demonstrate knowledge of vulnerabilities in various network devices
*
Explore the role of Network Appliances such as printers and PBX's in potential security violation
*
Using Man-in-the-Middle Attacks to intercept secured and encrypted traffic
15. Demonstrate knowledge of tools and techniques for enumerating specific hosts and services
16. Use commonly available Microsoft Resource Kits for advanced Windows enumeration
*
Use Null Sessions for advanced Windows enumeration
*
Use various common tools in Linux for Linux and Unix enumeration
17. Employ Automated Vulnerability Scanners
*
Understand the strengths and weaknesses of Automated Scanners
*
Using Nessus to refine target information
*
Analyzing the results given by Nessus and other Automated Scanners
18. Understand the specifics of common classes of System Vulnerabilities
*
Understand Stack-based overflows
*
Understand Format String vulnerabilities
*
Understand Heap-based overflows
*
Develop and execute proof of concept Stack-based overflows
*
Develop and execute proof of concept Understand Format String vulnerabilities
*
Develop and execute proof of concept Understand Heap-based overflow
19. Demonstrate understanding of aspects of an exploit, in terms of threat agents
*
Verify payload differences across multiple operating systems§ Demonstrate ability to use
*
Exploits against targets in a non-destructive manner
*
Use a debugger to find the Return Address
*
Develop proof-of-concept code to generate a working exploit
*
Execute actual exploit code to compromise target servers
*
Demonstrate understanding how passwords work in common operating systems
*
Demonstrate knowledge of the Windows password schemes (PWL, LANMAN, NTLM, Kerberos)
*
Demonstrate knowledge of Linux/Unix authentication mechanisms
*
Demonstrate knowledge of alternate authentication mechanisms (SASL, LDAP, PAM, etc)
20. Understand threat posed by inside and outside human threat agents
*
Define coherent policy and policy enforcement
*
Analyze implicit vulnerabilities resulting from improper policy design and enforcement
*
Understand Operational Security doctrine and Information Vulnerabilities as they pertain to personnel
*
Employ methods for testing personnel security compliance
Exams Detail:
Number of Question:
50
Type of Questions: Multiple Choice
Passing Score: 70 %
Time Duration: 120 min
http://www.clubedowarchalking.com.br/index.php?option=com_content&view=article&id=32&Itemid=61
Friday, June 26, 2009
Wednesday, June 24, 2009
My Dm500s
Lots of reading in the internet . . .
Downloaded the following:
1. Dreamup
2. FlashWizard
3. DreamBox_Tools_v3
**************************
* *
* The Gemini Project *
* *
* Chinese EPG Added *
* by baozi_bp *
* *
**************************
welcome on your dreambox! - Kernel 2.6.9 (11:31:32).
dreambox login:
Sending username: root
Using Telnet to backup the image
using Ftp command to copy the image to my PC
DCC
DreamBoxEdit
LlamaWareDreamboxedit
CCcam+Quickedit
\\\|///
\\~~ ~~//
³ ( @ @ )
³ +---------oOOO------(_)---------oOOO--------+
³ | |
³ | Orginal Keymaker |
³ |-------------------------------------------|
³ | -----> LPuyod July 15, 2009 <----- | ³
³ | | ³
³ | | ³
³ | | ³
³ | | ³
³ | ooO | ³
³ +-----------------( )-Ooo-----------------+ ³
³ \ ( ( ) ³
\_) ) / ³
(_/
#!/bin/sh
echo "Script Created by: Lpuyod July 15, 2009"
echo "DM500s Key Downloader"
echo "*******************"
echo "Downloading Keys..."
cd /tmp
#keys
wget http://www.uydu.ws/deneme6.php?file=SoftCam.Key -O /tmp/SoftCam.Key
wget http://www.uydu.ws/deneme6.php?file=softcam.cfg -O /tmp/softcam.cfg
wget http://www.uydu.ws/deneme6.php?file=nagra -O /tmp/nagra
wget http://www.uydu.ws/deneme6.php?file=AutoRoll.Key -O /tmp/AutoRoll.Key
wget http://www.uydu.ws/deneme6.php?file=constant.cw -O /tmp/constant.cw
wget http://www.uydu.ws/deneme6.php?file=camd3.keys -O /tmp/camd3.keys
#scce
wget http://www.uydu.ws/deneme6.php?file=keylist -O /tmp/keylist
wget http://www.uydu.ws/deneme6.php?file=rsakeylist -O /tmp/rsakeylist
wget http://www.uydu.ws/deneme6.php?file=constantcw -O /tmp/constantcw
echo "*******************"
find /tmp/SoftCam.Key
find /tmp/softcam.cfg
find /tmp/nagra
find /tmp/AutoRoll.Key
find /tmp/constant.cw
find /tmp/camd3.keys
find /tmp/keylist
find /tmp/rsakeylist
find /tmp/constantcw
echo ""
chmod 644 /tmp/SoftCam.Key
chmod 755 /tmp/softcam.cfg
chmod 644 /tmp/nagra
chmod 644 /tmp/AutoRoll.Key
chmod 644 /tmp/constant.cw
chmod 644 /tmp/camd3.keys
chmod 644 /tmp/keylist
chmod 644 /tmp/rsakeylist
chmod 644 /tmp/constantcw
echo ""
cp SoftCam.Key /var/keys/
cp softcam.cfg /var/keys/
cp nagra /var/keys/
cp AutoRoll.Key /var/keys/
cp constant.cw /var/keys/
cp camd3.keys /var/keys/
cp keylist /var/scce/
cp rsakeylist /var/scce/
cp constantcw /var/scce/
echo ""
rm -rf /tmp/SoftCam.Key
rm -rf /tmp/softcam.cfg
rm -rf /tmp/nagra
rm -rf /tmp/AutoRoll.Key
rm -rf /tmp/constant.cw
rm -rf /tmp/camd3.keys
rm -rf /tmp/keylist
rm -rf /tmp/rsakeylist
rm -rf /tmp/constantcw
echo "*******************"
echo "All keys Updated."
echo "*******************"
sleep 2
exit 0
Possible CS account:
http://www.eurocardsharing.com/cccam-exchange-free/f199
c: csharing.dyndns.tv 16969 filsat3 gmkfree yes
or this one
C: technoshare.dyndns.tv 12000 techno17 republic yes
ccam.cfg
Using DCC you can modify and try this C: lines follow the directory below.
Enjoy !!!!! Free Sharing
Note: this is for nagra only
/var/etc/ccam.cfg
c:freetech.dynalias.org 12000 free tech yes
c:freetech.dynalias.org 12000 free1 tech yes
c:freetech.dynalias.org 12000 free2 tech yes
Thanks to the following links:
http://filsat.com/forum/index.php
http://www.austech.info/dreambox/332-making-backup-full-backup-your-dreambox-incl-firmware.html
http://www.eurocardsharing.com/f30/guide-use-flashwizard-install-gemini-cccam-dm500s-73993
http://www.digital-kaos.co.uk/forums/f34/guide-flash-backup-image-via-telnet-760/
Using Null Modem ----> http://www.digital-kaos.co.uk/forums/f71/guide-cables-required-flashing-eurovox-9786/
http://www.eurocardsharing.com/cccam-exchange-free/f199
http://www.dreambox.it/tools.htm
http://www.freecardsharing.com/free.php
http://klona.4t.com/v3.1/guide_eng/dbox-howto.htm#101
http://www.cccamforum.com/forums/download/index.php?dir=Dreambox%20500s%20Images/
http://www.pli-images.org/modules/wiki/index.php?wakka=E1Softcam
http://thaimisc.pukpik.com/freewebboard/php/vreply.php?user=boranphone&topic=49636
http://www.digitalsatkey.com/keyfiles.html
http://thaidreambox.bayore.net/index.php?topic=2238.0
http://xdreamx.awardspace.com/#
http://forum.paytv.ro/showthread.php?t=61052
http://www.dreamboxtips.com/category/general-dreambox-topics/
http://72.14.203.132/translate_c?hl=en&langpair=zh|en&u=http://www.mydvbs.com/index.asp&rurl=translate.google.com&usg=ALkJrhhIxC8Mf5xn-f3F4vzICKcKNtCMbw
https://www.grc.com/x/ne.dll?rh1dkyd2
http://www.no-ip.com/support/guides/update_clients/setting_up_linux_update_client.html
http://canyouseeme.org/
http://webs.ips-online.ch/kb/?View=entry&EntryID=162
Downloaded the following:
1. Dreamup
2. FlashWizard
3. DreamBox_Tools_v3
**************************
* *
* The Gemini Project *
* *
* Chinese EPG Added *
* by baozi_bp *
* *
**************************
welcome on your dreambox! - Kernel 2.6.9 (11:31:32).
dreambox login:
Sending username: root
Using Telnet to backup the image
using Ftp command to copy the image to my PC
DCC
DreamBoxEdit
LlamaWareDreamboxedit
CCcam+Quickedit
\\\|///
\\~~ ~~//
³ ( @ @ )
³ +---------oOOO------(_)---------oOOO--------+
³ | |
³ | Orginal Keymaker |
³ |-------------------------------------------|
³ | -----> LPuyod July 15, 2009 <----- | ³
³ | | ³
³ | | ³
³ | | ³
³ | | ³
³ | ooO | ³
³ +-----------------( )-Ooo-----------------+ ³
³ \ ( ( ) ³
\_) ) / ³
(_/
#!/bin/sh
echo "Script Created by: Lpuyod July 15, 2009"
echo "DM500s Key Downloader"
echo "*******************"
echo "Downloading Keys..."
cd /tmp
#keys
wget http://www.uydu.ws/deneme6.php?file=SoftCam.Key -O /tmp/SoftCam.Key
wget http://www.uydu.ws/deneme6.php?file=softcam.cfg -O /tmp/softcam.cfg
wget http://www.uydu.ws/deneme6.php?file=nagra -O /tmp/nagra
wget http://www.uydu.ws/deneme6.php?file=AutoRoll.Key -O /tmp/AutoRoll.Key
wget http://www.uydu.ws/deneme6.php?file=constant.cw -O /tmp/constant.cw
wget http://www.uydu.ws/deneme6.php?file=camd3.keys -O /tmp/camd3.keys
#scce
wget http://www.uydu.ws/deneme6.php?file=keylist -O /tmp/keylist
wget http://www.uydu.ws/deneme6.php?file=rsakeylist -O /tmp/rsakeylist
wget http://www.uydu.ws/deneme6.php?file=constantcw -O /tmp/constantcw
echo "*******************"
find /tmp/SoftCam.Key
find /tmp/softcam.cfg
find /tmp/nagra
find /tmp/AutoRoll.Key
find /tmp/constant.cw
find /tmp/camd3.keys
find /tmp/keylist
find /tmp/rsakeylist
find /tmp/constantcw
echo ""
chmod 644 /tmp/SoftCam.Key
chmod 755 /tmp/softcam.cfg
chmod 644 /tmp/nagra
chmod 644 /tmp/AutoRoll.Key
chmod 644 /tmp/constant.cw
chmod 644 /tmp/camd3.keys
chmod 644 /tmp/keylist
chmod 644 /tmp/rsakeylist
chmod 644 /tmp/constantcw
echo ""
cp SoftCam.Key /var/keys/
cp softcam.cfg /var/keys/
cp nagra /var/keys/
cp AutoRoll.Key /var/keys/
cp constant.cw /var/keys/
cp camd3.keys /var/keys/
cp keylist /var/scce/
cp rsakeylist /var/scce/
cp constantcw /var/scce/
echo ""
rm -rf /tmp/SoftCam.Key
rm -rf /tmp/softcam.cfg
rm -rf /tmp/nagra
rm -rf /tmp/AutoRoll.Key
rm -rf /tmp/constant.cw
rm -rf /tmp/camd3.keys
rm -rf /tmp/keylist
rm -rf /tmp/rsakeylist
rm -rf /tmp/constantcw
echo "*******************"
echo "All keys Updated."
echo "*******************"
sleep 2
exit 0
Possible CS account:
http://www.eurocardsharing.com/cccam-exchange-free/f199
c: csharing.dyndns.tv 16969 filsat3 gmkfree yes
or this one
C: technoshare.dyndns.tv 12000 techno17 republic yes
ccam.cfg
Using DCC you can modify and try this C: lines follow the directory below.
Enjoy !!!!! Free Sharing
Note: this is for nagra only
/var/etc/ccam.cfg
c:freetech.dynalias.org 12000 free tech yes
c:freetech.dynalias.org 12000 free1 tech yes
c:freetech.dynalias.org 12000 free2 tech yes
Thanks to the following links:
http://filsat.com/forum/index.php
http://www.austech.info/dreambox/332-making-backup-full-backup-your-dreambox-incl-firmware.html
http://www.eurocardsharing.com/f30/guide-use-flashwizard-install-gemini-cccam-dm500s-73993
http://www.digital-kaos.co.uk/forums/f34/guide-flash-backup-image-via-telnet-760/
Using Null Modem ----> http://www.digital-kaos.co.uk/forums/f71/guide-cables-required-flashing-eurovox-9786/
http://www.eurocardsharing.com/cccam-exchange-free/f199
http://www.dreambox.it/tools.htm
http://www.freecardsharing.com/free.php
http://klona.4t.com/v3.1/guide_eng/dbox-howto.htm#101
http://www.cccamforum.com/forums/download/index.php?dir=Dreambox%20500s%20Images/
http://www.pli-images.org/modules/wiki/index.php?wakka=E1Softcam
http://thaimisc.pukpik.com/freewebboard/php/vreply.php?user=boranphone&topic=49636
http://www.digitalsatkey.com/keyfiles.html
http://thaidreambox.bayore.net/index.php?topic=2238.0
http://xdreamx.awardspace.com/#
http://forum.paytv.ro/showthread.php?t=61052
http://www.dreamboxtips.com/category/general-dreambox-topics/
http://72.14.203.132/translate_c?hl=en&langpair=zh|en&u=http://www.mydvbs.com/index.asp&rurl=translate.google.com&usg=ALkJrhhIxC8Mf5xn-f3F4vzICKcKNtCMbw
https://www.grc.com/x/ne.dll?rh1dkyd2
http://www.no-ip.com/support/guides/update_clients/setting_up_linux_update_client.html
http://canyouseeme.org/
http://webs.ips-online.ch/kb/?View=entry&EntryID=162
Tuesday, June 23, 2009
Most Expensive and Worst Training
Most Expensive and Worst Training I ever attended EC-SA Council in Global Knowledge.
Here are the reason:
The cost of training Php 75,000 ,5 days training, Start at 9 am. Food not so good, they just order it to KFC and Jolibee.
First day of class: Equipment not properly setup, no INTERNET connection, too many obstruction in the room, can hear voices from other room , glass room and near the lobby area .
Aircon Sharing with other training room.
GLass Room too many obstruction
Tuesday: Troubleshooting our internet connection - still not prepared. The PC that were using have CDrom drive ,but the training materials is in DVD format ..GUSH!
Installing too slow.
Troubleshooting the Internet
Wednesday: Lots of Lab exercises - no working sample. Instructor not prepared for exercise. No Working Good example.
Thursday: Instructor late: He came exactly 11:06 am, as usual still not prepared.
Friday: Thanks God its Friday.. last day of training.. Late na naman ang Instructor 10:00 am na wala pa rin. tagal na naming nag hihintay dito.
4 Big EC-Council Technical Books will not finished on time
Testing Room - not garbage room !
Here are the reason:
The cost of training Php 75,000 ,5 days training, Start at 9 am. Food not so good, they just order it to KFC and Jolibee.
First day of class: Equipment not properly setup, no INTERNET connection, too many obstruction in the room, can hear voices from other room , glass room and near the lobby area .
Aircon Sharing with other training room.
GLass Room too many obstruction
Tuesday: Troubleshooting our internet connection - still not prepared. The PC that were using have CDrom drive ,but the training materials is in DVD format ..GUSH!
Installing too slow.
Troubleshooting the Internet
Wednesday: Lots of Lab exercises - no working sample. Instructor not prepared for exercise. No Working Good example.
Thursday: Instructor late: He came exactly 11:06 am, as usual still not prepared.
Friday: Thanks God its Friday.. last day of training.. Late na naman ang Instructor 10:00 am na wala pa rin. tagal na naming nag hihintay dito.
4 Big EC-Council Technical Books will not finished on time
Testing Room - not garbage room !
Thursday, June 4, 2009
Subscribe to:
Posts (Atom)