Académique Documents
Professionnel Documents
Culture Documents
offensive security
SMTP
The standard e-mail protocol on the Internet and part of the TCP/IP protocol suite.
SMTP defines the message format and the message transfer agent (MTA), which
stores and forwards the mail. SMTP servers route SMTP messages throughout the
Internet to a mail server that provides a message store for incoming mail. The
mail server uses the POP3 or IMAP4 access protocol to communicate with the
user's e-mail program. Port 25
POP3
A programming interface (API) from the IETF that enables a user's e-mail program
to access the mail server (RFC 1939 standard). POP3 is a simple system with
limited selectivity. Incoming messages and attachments are downloaded when
users check their mail, and POP is typically configured to delete the messages on
the server after downloading. If the user opts to not delete them, the messages
will download again the next time mail is checked.
IMAP4
A programming interface (API) from the IETF that enables a user's e-mail program
to access the mail server (RFC 3501 standard). IMAP4 has more options than
POP3. For example, it can download only the message headers, which have only
to/from addresses and subject. An essential option in the early days of dial-up,
the user then chooses which messages and attachments to download. IMAP also
keeps the messages on the mail server in synchronization with the downloaded
messages in the client. Users can then decide when and which messages to
delete on the server.
Layer 1
CSMA/CA
With CSMA/CD, if the network is busy when a station wants to transmit (carrier
sense), the station waits a random number of microseconds before trying again.
However, if two stations coincidentally transmit their frames at exactly the same
time, their signals will collide. Both stations detect the collision and back off a
random duration before retrying. Backof algoritam (kad dodje do kolizije, prekid
saobracaja)
Perhaps the best known features of ANSI/TIA-568 are the pin/pair assignments for
eight-conductor 100-ohm balanced twisted pair cabling. These assignments are
named T568A (USA) and T568B (Europa). Twisted pair.
IEEE 802.11
Is a set of media access control (MAC) and physical layer (PHY) specifications for
implementing wireless local area network (WLAN) computer communication in
the 900 MHz and 2.4, 3.6, 5, and 60 GHz frequency bands.
NSTREME
Nv2 protocol is proprietary wireless protocol developed by MikroTik for use with
Atheros 802.11 wireless chips. Nv2 is based on TDMA (Time Division Multiple
Access) media access technology instead of CSMA (Carrier Sense Multiple Access)
media access technology used in regular 802.11 devices. TDMA media access
technology solves hidden node problem and improves media usage, thus
improving throughput and latency, especially in PtMP networks.
Nv2 protocol limit is 511 clients. Nv2 protocol is not compatible to or based on
any other available wireless protocols or implementations, either TDMA based or
any other kind. This implies that only Nv2 supporting and enabled devices can
participate in Nv2 network.
Layer 2
MAC ADRESS fizicka je, 48bita, preko nje se broadcastuje, ne preko ip-a, prva 3
bajta su oznaka proizvodjaca. Koliko je kombinacija u prve 3 vendorske cifre.
Moze oko 16 miliona.
The unique 48-bit serial number in the network circuitry of Ethernet and Wi-Fi
devices that identifies that machine from every other globally. Also used in earlier
Token Ring networks, the ID is assigned to vendors by the IEEE and "burned into"
most network adapters (NICs) at the time of manufacture.
A network node may have multiple NICs and each NIC must have a unique MAC
address. Sophisticated network equipment such as a multilayer switch or router
may require one or more permanently assigned MAC addresses.
ICANN
IANA
IANA is the ICANN operating unit that maintains the official repositories of data
and function definitions pertaining to domains, addressing and protocols.
FQDN
(Fully Qualified Domain Name) The complete domain name for a specific
computer (host) on the Internet. The FQDN, which includes the hostname and
domain name, is converted into a physical IP address. For example,
www.computerlanguage.com is the FQDN for the website of the publisher of
this encyclopedia. WWW is the host, while computerlanguage.com is the
domain name. The .com is the generic top-level domain (gTLD) name.
UNC putanja
//servername/path Unix
\\servername\path DOS/Windows
ARP arp protokol na osnovu ip addrese vraca mac adresu, arp poziv je npr
bradcast zahtjev
The IP protocol broadcasts the IP address of the destination station onto the
network, and the node with that address responds.
frame ralay 2
Broadcast domen
Layer 3
IPX/SPX
IPX (Internetwork Packet EXchange) and SPX were the network and transport
layers, equivalent to IP and TCP in a TCP/IP network. The network layer protocol in
the NetWare operating system, which years ago was the major LAN OS. Similar to
the IP layer in TCP/IP, it contained a network address and allowed messages to be
routed to a different network or subnet. IPX did not guarantee delivery of a
complete message. Just like IP packets, NetWare IPX packets could get dropped
from overloaded routers.
In the early days of the Internet, the IANA (Internet Assigned Numbers Authority)
defined five classes of public IP addresses.
APIPA
169.254.0.0/16 APIPA B klasa (uvjek mora /16) 128 sec trazi ip iz dhcpa, ako ne
nadje trazi od apipa
RRAS
(Routing and Remote Access Service) Software routing and remote access
capability in Windows, starting with Windows NT. RRAS combines RAS (Remote
Access Service) and Multi-Protocol Routing with additional capabilities including
packet filtering, demand dial routing and OSPF support.
Unassigned IP addresses on the Internet. Packets destined for bogon space may
have been unintentionally corrupted or be deliberately created to attack a
computer system or network. Derived from "bogus," addresses may be in bogon
space one day and the next day be legitimate addresses assigned to an ISP by
IANA.
TOR
The method divides the address space for Internet Protocol Version 4 (IPv4) into
five address classes by address range. Classes A, B, C are networks of three
different network sizes, i.e. number of hosts for unicast addresses. Class D is for
multicast. The class E address range is reserved for future or experimental
purposes. Under classful networking, the subnet mask was implied by which
address range (class) the address occupied and did not need to be specified
separately.
/32 2 -2
/31 4 -2
/30 6 -2
/29 8 -2
/28 16 -2
/27 32 -2
/26 64 -2
/25 128 -2
/24 256 -2
/23 512-2
/22 1024 -2
/21 2048 -2
/20 4096 -2
/19 8192 -2
/18 16,384 -2
/17 32,768 -2
/16 65,536 -2
/15 131,072 -2
/14 262,144 -2
Dan 2
Ruter
DAC ruta je ruta koju ruter izracuna na osnovu unesene ip adrese na interfejs
WI-FI Podesavanje
Prvo podesavamo radio modul (layer1), podesavanje je dobro vrsiti kod ugasenog
radio modula. Mode station su klijentski(kad se on kaci), a ostali su kad se drugi
kace na njega.
security profile = wi fi tables, mode = dynamic keys, wpa psk wpa2 psk
aesc cm aes ccm otkaciti
wpa pre shared key = 123456
Bridge
portovi koji su na bridzu su spojeni na lejer 2, imaju isti broadcast
STP spaning tree protocol sprecava loopove = nema duple putanje izmedju 2 mac
addrese
2.ubacujemo interfejse
ether1 ubacujemo (ne mozemo ubaciti ether 4 jer ima dhcp, port mora biti
cist bez icega, da ga ubacimo!)
MikroTik Neighbor Discovery protocol and LLDP allows to "find" other devices
compatible with MNDP or CDP (Cisco Discovery Protocol) or LLDP in Layer2
broadcast domain. Koriste portove 5,6,7,8 UDP protokol.
Tunelovanje
eoip tunnel
1.
name = ime-666
tunel id = 666
tunel id 0 do 4696?
remote address = krajnja destinacija tunnela (gadjam drugi kraj tunela, tj.
adresu, osoba sa tog kraja gadja moju adresu)
2. onda u ip adresi dodam svoju adresu /32, njegovu adresu stavim kao network, i
mozemo komunicirati kroz tunel.
GRE 47
Dan 3
Firewall
http://dailymikrotik.blogspot.ba
-related: paket otvara novu konekciju, ali vec je vezan za neku konekciju
1.ip>firewall>filter rule
chain input
src add
dest add
2. action log
PITANJA https://sophea-sharing.blogspot.ba/2017/01/mikrotik-mcq-question-and-
answer-mtcna.html
Portknocking
WI FI
-output
-forward
Vazni portovi
-related: paket otvara novu konekciju, ali vec je vezan za neku konekciju
https://sophea-sharing.blogspot.ba/2017/01/mikrotik-mcq-question-and-answer-
mtcna.html