Renci.SshNet.dll was already mentioned in current blog. It is client library to connect to SSH servers for example Linux sshd daemon. Similar as other ssh related software Renci.SshNet.dll has list of default Ciphers, Key Exchange Algorithms, Message Authentication Code and other connection settings. These setting are defined in Renci ConnectionInfo class. It is possible to… Read More »
FIPS or Federal Information Processing Standards was developed by US National Institute of Standards and Technology and used widely not only in United Stated. FIPS defines certain specific encryption methods and make to force application to use FIPS-validated encryption schemes. The first time I met problem with FIPS when Windows computer sends smnp v3 request… Read More »
SSH is the great thing to troubleshot, transfer files, make some changes or even do development task on remote devices. Smart phone is not an exception and also could be accessible via ssh. Beside ssh client on desktop computer may be more ergonomically friendly than terminal on Android phone with tiny screen and small keyboard.… Read More »
The TCP Split Handshake attack is initiated by server, which sends to the client non-transitionally configured handshaking packets. There is lot of rumor about a TCP split-handshake vulnerability that can affect firewalls and other networking and security devices. To understand the TCP split-handshake attack let us look how network devices handshaking during TCP connections. In… Read More »
Usually such tools as telnet, nmap or nc are used to find listening remote ports. However nmap and netcat are not included in default Linux installation, telnet is good for manual testing and is not friendly for scripting task. So sometime I am using cURL or wget to get information about open ports on remote… Read More »
Network discovery is a process to find other computers and devices on some network and to get obtainable information about them. The discovery procedure is based on sending out request messages over and analyzing responses from remote devices. ICMP (Internet Control Message Protocol) is most frequently method detect remote device. Below is presented simple Linux… Read More »
WHOIS is a TCP-based query/response protocol which is used to get information about registered domain names, domain name servers, registrar, creation and paid till date. Also it may contain data about domain owner and/or owner’s contact requisites. Default tcp port of WHOIS protocol is 43. The WHOIS client send a text request to the WHOIS… Read More »
Public and private key pair is alternative way of server logging using Secure Shell (SSH) protocol. It gives possibility to avoid user name and password prompts so could be faster and more comfortable. Besides both keys represent two long string of characters, so eventually it is more difficult to crack. There are a lot of… Read More »
SNMP v3 is the version of Simple Network Management Protocol with advance security mechanism to handle SNMP packets. The net-snmp agent is free snmp v3 agent. The version 3 of Simple Network Management Protocol provides more secure authentication and cryptographic features. The snmpv3 defined in RFCs 3413 and 3414. The steps presented below related to… Read More »
Query to DNS server and response that NNS client receives are not so user friendly as for SMTP or FTP. DNS query and response formats presented in RFC-1035. For example A type query to DNS sever to get IP addresses of cnn.com domain in byte-by-byte hex dump looks like: 000000 02 01 00 00 01… Read More »