Dan 1

offensive security

tod lammle knjige cisco

SMTP

The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite.
SMTP defines the message format and the message transfer agent (MTA), which
stores and forwards the mail. SMTP servers route SMTP messages throughout the
Internet to a mail server that provides a message store for incoming mail. The
mail server uses the POP3 or IMAP4 access protocol to communicate with the
user's e-mail program. Port 25

POP3

A programming interface (API) from the IETF that enables a user's e-mail program
to access the mail server (RFC 1939 standard). POP3 is a simple system with
limited selectivity. Incoming messages and attachments are downloaded when
users check their mail, and POP is typically configured to delete the messages on
the server after downloading. If the user opts to not delete them, the messages
will download again the next time mail is checked.

IMAP4

A programming interface (API) from the IETF that enables a user's e-mail program
to access the mail server (RFC 3501 standard). IMAP4 has more options than
POP3. For example, it can download only the message headers, which have only
to/from addresses and subject. An essential option in the early days of dial-up,
the user then chooses which messages and attachments to download. IMAP also
keeps the messages on the mail server in synchronization with the downloaded
messages in the client. Users can then decide when and which messages to
delete on the server.

Layer 1

CSMA/CA

(Carrier Sense Multiple Access/Collision Avoidance) The transmission method

used in Wi-Fi networks (IEEE 802.11). When a Wi-Fi device needs to transmit, it
listens to the network (senses the carrier) and backs off a random amount of time
(in microseconds). At the end of that period, as long as the network is idle, it
transmits the frame. If the receiver gets the frame intact, it sends an
acknowledgment (ACK) to the sender. If the sender does not get the ACK, it
retransmits the frame. Also used in Apple's earlier, wired LocalTalk network, Wi-Fi
is a data link protocol, and CSMA/CA is a MAC layer protocol.
CSMA/CD

(Carrier Sense Multiple Access/Collision Detection) The transmission method used

in Ethernet networks. When Ethernet was designed in the 1970s, it was a shared
medium. At any moment, only one frame from one station was transmitting in
one direction (half duplex).

With CSMA/CD, if the network is busy when a station wants to transmit (carrier
sense), the station waits a random number of microseconds before trying again.
However, if two stations coincidentally transmit their frames at exactly the same
time, their signals will collide. Both stations detect the collision and back off a
random duration before retrying. Backof algoritam (kad dodje do kolizije, prekid
saobracaja)

EIA TIA T568B

Is a set of telecommunications standards from the Telecommunications Industry

Association (TIA). The standards address commercial building cabling for
telecommunications products and services.

Perhaps the best known features of ANSI/TIA-568 are the pin/pair assignments for
eight-conductor 100-ohm balanced twisted pair cabling. These assignments are
named T568A (USA) and T568B (Europa). Twisted pair.

IEEE 802.11

Is a set of media access control (MAC) and physical layer (PHY) specifications for
implementing wireless local area network (WLAN) computer communication in
the 900 MHz and 2.4, 3.6, 5, and 60 GHz frequency bands.

802.3 Zicani protokol.

NSTREME

Nstream is a wireless protocol mikrotik proprietary. It allows fast data exchange

and more robust channels, either in point-to-point and in point-to-multipoint.
This protocol have a lot of advanteges, but it can be used only between mikrotik
routers (i.e. from a mikrotik and an ubnt device, you cant use nstream). Radi
samo sa modulima sa Ateros cipom

Dva djela obican i dupli

Nv2 (nstreme veryija 2) - ima bolju propusnost od wifi protokola

Nv2 protocol is proprietary wireless protocol developed by MikroTik for use with
Atheros 802.11 wireless chips. Nv2 is based on TDMA (Time Division Multiple
Access) media access technology instead of CSMA (Carrier Sense Multiple Access)
media access technology used in regular 802.11 devices. TDMA media access
technology solves hidden node problem and improves media usage, thus
improving throughput and latency, especially in PtMP networks.

Nv2 protocol limit is 511 clients. Nv2 protocol is not compatible to or based on
any other available wireless protocols or implementations, either TDMA based or
any other kind. This implies that only Nv2 supporting and enabled devices can
participate in Nv2 network.

Single mode i multi mode kablovi opticki kablovi.

PDU prvog lejera je bit

Layer 2

MAC ADRESS fizicka je, 48bita, preko nje se broadcastuje, ne preko ip-a, prva 3
bajta su oznaka proizvodjaca. Koliko je kombinacija u prve 3 vendorske cifre.
Moze oko 16 miliona.

The unique 48-bit serial number in the network circuitry of Ethernet and Wi-Fi
devices that identifies that machine from every other globally. Also used in earlier
Token Ring networks, the ID is assigned to vendors by the IEEE and "burned into"
most network adapters (NICs) at the time of manufacture.

MAC addresses are most often assigned by the manufacturer of a network

interface controller (NIC) and are stored in its hardware, such as the card's read-
only memory or some other firmware mechanism. If assigned by the
manufacturer, a MAC address usually encodes the manufacturer's registered
identification number and may be referred to as the burned-in address (BIA). It
may also be known as an Ethernet hardware address (EHA), hardware address or
physical address (not to be confused with a memory physical address). This can
be contrasted to a programmed address, where the host device issues
commands to the NIC to use an arbitrary address.

A network node may have multiple NICs and each NIC must have a unique MAC
address. Sophisticated network equipment such as a multilayer switch or router
may require one or more permanently assigned MAC addresses.
ICANN

(Internet Corporation for Assigned Names and Numbers, www.icann.org) A non-

profit, international association incorporated in the U.S. in 1998. ICANN
coordinates all the Internet's naming, addressing and protocol systems, and it
accredits domain name registrars.

IANA

IANA (Internet Assigned Numbers Authority)

IANA is the ICANN operating unit that maintains the official repositories of data
and function definitions pertaining to domains, addressing and protocols.

FQDN

(Fully Qualified Domain Name) The complete domain name for a specific
computer (host) on the Internet. The FQDN, which includes the hostname and
domain name, is converted into a physical IP address. For example,
www.computerlanguage.com is the FQDN for the website of the publisher of
this encyclopedia. WWW is the host, while computerlanguage.com is the
domain name. The .com is the generic top-level domain (gTLD) name.

UNC putanja

(Universal Naming Convention) A standard for identifying servers, printers and

other resources in a network, which originated in the Unix community. A UNC
path uses double slashes or backslashes to precede the name of the computer.
The path (disk and directories) within the computer are separated with a single
slash or backslash, as in the following examples. Note that in the DOS/Windows
example, drive letters (c:, d:, etc.) are not used in UNC names.

//servername/path Unix

\\servername\path DOS/Windows

ARP arp protokol na osnovu ip addrese vraca mac adresu, arp poziv je npr
bradcast zahtjev

(Address Resolution Protocol) A TCP/IP protocol used to obtain a node's physical

address. A client station broadcasts an ARP request onto the network with the IP
address of the target node it wishes to communicate with, and the node with that
address responds by sending back its physical address so that packets can be
transmitted. ARP returns the layer 2 address for a layer 3 address.
ARP'ing

The IP protocol broadcasts the IP address of the destination station onto the
network, and the node with that address responds.

frame ralay 2

pdu protocol data unit, razlicit na svim nivoima, 2 je frame...

Broadcast domen

iee 802.1q Vlan protokol

Layer 3

IPX/SPX

IPX (Internetwork Packet EXchange) and SPX were the network and transport
layers, equivalent to IP and TCP in a TCP/IP network. The network layer protocol in
the NetWare operating system, which years ago was the major LAN OS. Similar to
the IP layer in TCP/IP, it contained a network address and allowed messages to be
routed to a different network or subnet. IPX did not guarantee delivery of a
complete message. Just like IP packets, NetWare IPX packets could get dropped
from overloaded routers.

IPv4 Class A,B,C,D,E

In the early days of the Internet, the IANA (Internet Assigned Numbers Authority)
defined five classes of public IP addresses.

LOOPBACK INTERFACE (pinganjem ove adrese testiramo da li svi

protokoli rade u TCP-u)
A loopback interface is a logical, virtual interface in a router. A loopback
interface is not a physical interface like Fast Ethernet interface or Gigabit
Ethernet interface. A loopback interface has many uses.

Device identificationThe loopback interface is used to identify the device. While

any interface address can be used to determine if the device is online, the
loopback address is the preferred method. Whereas interfaces might be removed
or addresses changed based on network topology changes, the loopback address
never changes.

Routing informationThe loopback address is used by protocols such as OSPF to

determine protocol-specific properties for the device or network.

Packet filteringStateless firewall filters can be applied to the loopback address

to filter packets originating from, or destined for, the Routing Engine.

127.0.0.0 /8 A klasa, privatne adrese, loopback interfejs

APIPA

169.254.0.0/16 APIPA B klasa (uvjek mora /16) 128 sec trazi ip iz dhcpa, ako ne
nadje trazi od apipa

The Windows function that provides DHCP autoconfiguration addressing. APIPA

assigns a class B IP address from 169.254.0.0 to 169.254.255.255 to the client
when a DHCP server is either permanently or temporarily unavailable. APIPA is
made by SanMikrosistem.

ICS (Internet Connection Sharing) danas je to RRAS

A Windows Internet sharing feature that enables the Internet connection on a

computer to be shared with other computers. Introduced in Windows 98, ICS
software performs the functions of a router, which is commonly used to connect
multiple computers to the Internet.

RRAS

(Routing and Remote Access Service) Software routing and remote access
capability in Windows, starting with Windows NT. RRAS combines RAS (Remote
Access Service) and Multi-Protocol Routing with additional capabilities including
packet filtering, demand dial routing and OSPF support.

IPv4 privatne adrese

10.0.0.0 10.255.255.255 16,777,216 10.0.0.0/8 (255.0.0.0)

172.16.0.0 172.31.255.255 1,048,576 172.16.0.0/12 (255.240.0.0)

192.168.0.0 192.168.255.255 65,536 192.168.0.0/16 (255.255.0.0)

BOGON space (ip adrese)

Unassigned IP addresses on the Internet. Packets destined for bogon space may
have been unintentionally corrupted or be deliberately created to attack a
computer system or network. Derived from "bogus," addresses may be in bogon
space one day and the next day be legitimate addresses assigned to an ISP by
IANA.

TOR

(The Onion Router) The largest implementation of onion routing, which is a

method for transmitting data anonymously over the Internet. Run by volunteers,
there are approximately a thousand Tor proxy servers on the Internet that provide
the routing paths.

IP4 Classful adresiranje

The method divides the address space for Internet Protocol Version 4 (IPv4) into
five address classes by address range. Classes A, B, C are networks of three
different network sizes, i.e. number of hosts for unicast addresses. Class D is for
multicast. The class E address range is reserved for future or experimental
purposes. Under classful networking, the subnet mask was implied by which
address range (class) the address occupied and did not need to be specified
separately.

IP4 VLSM adresiranje

john mils ip address 5 videa po 10 minuta

Broj mogucih adresa za hostove u zavisnosti od bajta maske

/32 2 -2

/31 4 -2

/30 6 -2

/29 8 -2

/28 16 -2
/27 32 -2

/26 64 -2

/25 128 -2

/24 256 -2

/23 512-2

/22 1024 -2

/21 2048 -2

/20 4096 -2

/19 8192 -2

/18 16,384 -2

/17 32,768 -2

/16 65,536 -2

/15 131,072 -2

/14 262,144 -2

Dan 2
Ruter

DAC ruta je ruta koju ruter izracuna na osnovu unesene ip adrese na interfejs

2 neuspjela pinga smatra se ruta nedostupna

10 sekundi izmedju pingova

WI-FI Podesavanje
Prvo podesavamo radio modul (layer1), podesavanje je dobro vrsiti kod ugasenog
radio modula. Mode station su klijentski(kad se on kaci), a ostali su kad se drugi
kace na njega.

mode = station (station = onaj koji se kaci na bridge interfejs)

band = 2ghz only N

chanel wide = 20/40 Ce (Ce = udruzivanje kanala)

Radio name = R5-Saso (ime wi fija, pojavljuje se i wifi registration tabeli)

wi fi protocol = any (spaja na bilo sta)

security profile = wi fi tables, mode = dynamic keys, wpa psk wpa2 psk
aesc cm aes ccm otkaciti
 wpa pre shared key = 123456

wpa2 pre shared key = 123456

sec prof = profile 1

wmm support = enabled

dodaj dhcp rutu za wifi

DAS rutu dobijamo u ruting tabelu od DHCP klijenta

DHCP 4 zlatna pravila

1. interfejs mora imat staticki dodjeljenju adresu

2. definisemo pool adresa koji cemo djeliti
3. dodamo instance ip > dhcp server > dhcp
a. ime
b. interfejs
c. lease tajm 1 min
d. address pool
e. 2 polja dole otkaciti add i always
4. dodamo instance ip dhcp server networks
a. address = ukucamo skop mreze tj mrezu
b. gateway
c. dns server 8.8.8.8 (Google)
d. ntp server 193.2.1.92 (Ljubljana)

Bridge
portovi koji su na bridzu su spojeni na lejer 2, imaju isti broadcast

1.bridge>stp > rstp(rapid spaning tree protocol?) izabrati

STP spaning tree protocol sprecava loopove = nema duple putanje izmedju 2 mac
addrese

port = usao je u bridge, interfejs = samostalan je

2.ubacujemo interfejse

ether1 ubacujemo (ne mozemo ubaciti ether 4 jer ima dhcp, port mora biti
cist bez icega, da ga ubacimo!)

3.deaktiviramo dhcp, zatim ubacimo i ether 4 u bridge interfejs, zatim

prebacimo ether 4 addresu na bridge i ponovo aktiviramo dhcp
MND Protocol

MikroTik Neighbor Discovery protocol and LLDP allows to "find" other devices
compatible with MNDP or CDP (Cisco Discovery Protocol) or LLDP in Layer2
broadcast domain. Koriste portove 5,6,7,8 UDP protokol.

Tunelovanje
eoip tunnel

1.

name = ime-666

tunel id = 666

tunel id 0 do 4696?

remote address = krajnja destinacija tunnela (gadjam drugi kraj tunela, tj.
adresu, osoba sa tog kraja gadja moju adresu)

2. onda u ip adresi dodam svoju adresu /32, njegovu adresu stavim kao network, i
mozemo komunicirati kroz tunel.

/32 point to point adresiranje

GRE 47
Dan 3
Firewall
http://dailymikrotik.blogspot.ba

Postoji stateless i statefull (cisco, mikrotik). Firewall je layer4, mirkotik moze da

radi 1,2,3,4 i 7 nivo.

Status paketa koji putuje mrezom:

-invalid: na neki nacin pokvaren = zabranimo ih ili odbacimo

-established: pripadaju nekoj konekciji

-related: paket otvara novu konekciju, ali vec je vezan za neku konekciju

-new: paket otvara novu konekciju (njemu pripadaju established i releted)

Uglavnom konrolisemo samo new pakete jer established i related njemu

pripadaju, a invalid pakete odbacujemo. Ovi statusi se pamte u connection
tracking tabeli (treba biti ukljucena)

1.ip>firewall>filter rule

chain input

src add

dest add

protocol = icmp (ping)

2. action log

PITANJA https://sophea-sharing.blogspot.ba/2017/01/mikrotik-mcq-question-and-
answer-mtcna.html

Portknocking

Najbolje rjesjenje je <=4 rula

dmitry firewall mikrotik

WI FI

connect lista definise gdje klijent moze da se prikaci i gdje ne moze

MOGUCE NA TESTU
Neka od ovih pitanja mogu biti na testu, takodje procitajte i sve gore od pocetka, i
to moze biti.

Vrste firewall chainova: -input

-output

-forward

Vazni portovi

161 & 162/udp SNMP

Vrste filter akcija: -accept

-drop silenty or reject

-drop and send ICMP reject msg

-jump/return to/from a user defined chain

Redirect: -special type of dstnat

-this action redirect packet to the router itself

-can be used to create transparent proxy services (e.g. DNS, HTTP)

Connection tracking: -Manage information about all active connections

-Has to be enabled for NAT and Filter to work

-connection state TCP state

Status paketa koji putuje mrezom:

 -invalid: na neki nacin pokvaren = zabranimo ih ili odbacimo

-established: pripadaju nekoj konekciji

-related: paket otvara novu konekciju, ali vec je vezan za neku konekciju

-new: paket otvara novu konekciju (njemu pripadaju established i releted)

https://sophea-sharing.blogspot.ba/2017/01/mikrotik-mcq-question-and-answer-
mtcna.html