Network Mapper: Network exploration tool and security / port scanner

Probing

-Pn Skip discovery phase (treat all hosts as online)

Scanning

-sS SYN scan

-sTfull TCP scan

-sV version scan

Scripting

--script-help [default] print script’s info

--script run script

SANS nmap Cheatsheet v1.0
Image for post
Image for post

Arbitrary TCP and UDP connections and listens

Scan for listening daemon, without sending data

BSD
> nc -z example.com 20-30
GNU
> nc -zv example.com 20-30

Client/Server

BSD
> nc -l 1234 # server
> nc example.com 1234 # client> nc -l 1234 > out.txt # server> nc example.com 1234 < in.txt # clientGNU
> nc -lp 1234
Image for post
Image for post
BSD man page

Nearly every character in American Kingpin seems to have wandered in from one Coen brothers movie or another — Ulbricht’s girlfriend is a born-again Christian who runs an erotic photography business; one of his chief confidantes is an undercover DEA agent who begins stealing from him; and the man who discovers his true identity is a nerdy IRS agent who reads every sentence three times.

[…]

American Kingpin is written as a drama, but so many events in Ulbricht’s life read as farce. His over-the-top conversion to libertarianism; a disastrous early experience as a psychedelic mushroom farmer; his paying hundreds of thousands of dollars for revenge murders that never happened; and his ultimate discovery at the hands of his email address

The Verge

Image for post
Image for post
Book cover

Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency

Author

I (Parmy Olson) cover developments in AI, robotics, chatbots, digital assistants and emerging tech in Europe. I’ve spent close to a decade profiling the hackers and dreamers who are bringing the most cutting-edge technology into our lives, for better or worse. I’m the author of “We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous and the Global Cyber Insurgency”, (Little Brown, 2012) which The New York Times called a “lively, startling book that reads as ‘The Social Network’ for group hackers.” Having worked out of Silicon Valley I’m now based in London and am obsessing over developments in AI, artificial voice technology, chat bots, messaging and robotics. I’ve written several cover stories for Forbes magazine including profiles on the founders of WhatsApp and Yahoo, and the Russian Facebook backer Yuri Milner. Before all this I cut my teeth in local radio and the BBC.
Forbes

Reviews

Resources

Image for post
Image for post

César Hidalgo has a radical suggestion for fixing our broken political system: automate it! In this provocative talk, he outlines a bold idea to bypass politicians by empowering citizens to create personalized AI representatives that participate directly in democratic decisions. Explore a new way to make collective decisions and expand your understanding of democracy.
— TED

Image for post
Image for post

“Configuration guidelines for various technology groups to safeguard systems against today’s evolving cyber threats”

As I’m spinning up new machines and VMs, and at the recommendation of BHIS, I looking at the CIS Benchmarks.

Checkout my ongoing Ansible implementation:

Image for post
Image for post

A Dell PowerEdge R900

Got a used Dell PowerEdge R900 for $300. This beast comes with:

  • 4 Intel Xeon E7440 Quad Core 2.40Ghz with Intel virtualisation technology (VT-x)
  • 64Go RAM
  • 4 150Go 15K SAS hard drives

That makes it a good enough platform to build a virtual lab.

Image for post
Image for post
Dell PowerEdge R900

For the little story, R900 actually means something:

  • R means Rack-mountable server
  • 9 means 4 processors
  • 0 means 10th generation
  • 0 menas Intel CPUs

Cheap and powerful, but big and heavy, not your average tower.

Freaking loud fans

Image for post
Image for post

An other problem is the noise level that thing produces.

It mounts four 120x120 fan upfront and has slots for 4 smaller fans at the back. …


Networking

Image for post
Image for post

OSI Layer 1&2: Ethernet

Ethernet, with Wireless LAN, is part of the IEEE 802 family of standards.
The services and protocol specified in IEEE 802 map the physical layer and data link layer of the OSI model.

Ethernet is a family of networking technologies used for wired LAN and WAN networks.

An Ethernet packet (Layer 1) contains a Ethernet frame (Layer 2). An Ethernet frame is made of a MAC destination, a MAC source, a payload and a CRC error detecting code.

Ethernet was created for devices to communicate over a shared cable (think collision-prone radio systems). Since the communication happens on a same wire, any information sent is received by all; though the Network Interface Controller/Card (NIC) would only interrupt the CPU if it’s the packet’s recipient. The shared wired also means shared bandwidth.
Modern Ethernet networks connect devices to switches and use full-duplex. This create a fast, collision-free, star-shaped switched network.
Switched networks suffer from single point of failure, as they don’t allow for physical loops. Shortest Path Bridging (SPB) technology allows for physical loop while keeping the logical topology loop-free, thus enabling redundant and load-balanced mesh networks. …


Image for post
Image for post
Book cover

Publisher description

“No single invention of the last half century has changed the way we live now as much as the Internet. Alexander Klimburg was a member of the generation for whom it was a utopian ideal turned reality: a place where ideas, information, and knowledge could be shared and new freedoms found and enjoyed. Two decades later, the future isn’t so bright any more: increasingly, the Internet is used as a weapon and a means of domination by states eager to exploit or curtail global connectivity in order to further their national interests.

Klimburg is a leading voice in the conversation on the implications of this dangerous shift, and in The Darkening Web, he explains why we underestimate the consequences of states’ ambitions to project power in cyberspace at our peril: Not only have hacking and cyber operations fundamentally changed the nature of political conflict — ensnaring states in a struggle to maintain a precarious peace that could rapidly collapse into all-out war — but the rise of covert influencing and information warfare has enabled these same global powers to create and disseminate their own distorted versions of reality in which anything is possible. At stake are not only our personal data or the electrical grid, but the Internet as we know it today — and with it the very existence of open and democratic societies.

Blending anecdote with argument, Klimburg brings us face-to-face with the range of threats the struggle for cyberspace presents, from an apocalyptic scenario of debilitated civilian infrastructure to a 1984-like erosion of privacy and freedom of expression. Focusing on different approaches to cyber-conflict in the US, Russia and China, he reveals the extent to which the battle for control of the Internet is as complex and perilous as the one surrounding nuclear weapons during the Cold War — and quite possibly as dangerous for humanity as a whole. …


Image for post
Image for post
Netgate SG-1100 pfSense® Security Gateway.

Hey beauty! No, not you, I’m talking about ← that little thing.
Introducing the Netgate pfSense® Security Gateway.

This found a place in between my cable modem and my Google Wifi access point to help me discover what is actually going on on my home network.

Some things you should know about setting up a Google Wifi access point with an upstream gateway

Here is how my network is setup:

Modem → pfSense Gateway → Google Wifi AP

Here is what Google says about this setup:

Go in “Include a 3rd party router upstream of the Primary Wifi point”.

And it’s just that. Don’t overthink it: set up the Gateway LAN interface with an IP address and enable DHCP, and plug it to the Google Wifi WAN interface. …

About

Xavier Briand

50% solution finder at @ExperiencePoint / 50% endurance cyclist. Will train for food and burn it for adventures.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store