Skip to main content

Information Security Essential Terminology

 Hello everyone!

Today, we will explore the essential terminology that should you learn if you are in a Cybersecurity, Information Security, or Penetration testing domain. Let's get started.

Cyber Security

It means technologies, processes, and practices that are designed to secure the networks, devices, applications, and data from any kind of cyber-attack. It includes protecting websites, computer systems, and related assets against cyber attacks.

Information Security

To secure the users' private information from unauthorized access, identity theft in anyway. Information security is a small part of cybersecurity.

Network Security

To secure the usability(availability), integrity, and safety of a network, associated components, and data shared over the network. Network security is a small part of cybersecurity.

Application Security

To secure software applications from vulnerabilities that occur due to the flaws in application design, development, installation, upgrade or maintenance phases. Application security is a small part of cybersecurity.

Information protection: 

It protects the data using encryption, security software, etc., from unauthorized access.

Information Assurance:

It keeps the data reliable by ensuring availability, authentication, confidentiality, etc.

Hacking

It refers to exploiting system vulnerability and compromising security controls to gain unauthorized or inappropriate access to the system resource by modifying system or application features using privilege escalation etc.

Hacker

A person with malicious intent, who breaks into a system or network without any authorization to destroy, steal sensitive data or perform malicious attacks.
  1. Black hat hacker: malicious or destructive user, offensive approach
  2. White hat hacker: defensive approach known as Security Analyst
  3. Gray hat hacker: who works both defensive and offensive
  4. Suicide Hacker: not worried about consequences of breaks cyber law terms
  5. Script kiddies: Unskilled hacker, compromise system by other knowledge and tools
  6. Cyber Terrorist: a group of hackers, motivated by religious or political beliefs
  7. State Sponsored: employed by governments
  8. Hacktivists: who promote a political agenda.

Vulnerability

The existence of flaws or weaknesses in the design or implementation error can lead to an unexpected event that can compromise the security of the system.

Vulnerability Scanning

It is the process of scanning for known vulnerabilities in a network using automated tools, such as Nessus, Nexpose, OpenVAS. etc.

Methodology of VA (Vulnerability Assessment):  A security tester will run a vulnerability scan against a defined scope on an internal or external network.  The security tester will prepare a report, based on the vulnerability scan findings.

  • Helps identify risks, vulnerabilities and patch management
  • Fully automated approach
  • Scope and time restrictions
  • Testing frequency as per Compliance standards i.e., Quarterly or Annually

Penetration Testing

It is often known as Pen Testing. It is a method of evaluating the security by scanning and exploiting vulnerabilities on a network through automated and manual methods.

Methodology of PT (Penetration Testing):  A security tester will go beyond the vulnerability scan and attempt to find additional vulnerabilities through manual testing.  The tester will also attempt to exploit all vulnerabilities found, try to breaking into systems and gaining sensitive access.

  • Confirms exploitation and helps reduce false positives
  • Hands-on approach that goes beyond automation
  • Significantly more expensive than a vulnerability scan, depending on network size and scope
  • Testing frequency as per Compliance standards i.e., Quarterly, Bi-Annually or Annually.

Threat

Someone with the potential to cause harm by damaging or destroying the official data to a system or organization, possible danger to the computer system. Successful exploitation of the vulnerability is a threat.

Impact

Potential damage to the assets. The worst case scenario if the vulnerability successfully exploit.

Risk

Risk is the potential for loss, damage or destruction of assets or data. It is a potential for damage when a threats exploit a vulnerability.
  • Risk = Threat (likelihood) + Vulnerability Impact

Exploit

It is a breach of the IT system through vulnerabilities. It is something that can take advantage of vulnerabilities in an asset to cause unintended or unanticipated behavior in the system.

Payload

It is the part of the exploit code that performs the intended malicious action, such as destroying creating backdoors, and hijacking computers.

Hack Value

It is a brief notion among hackers that something is worth or is interesting.

Zero-day Attack

An attack that exploits computer application vulnerability before the software developer releases a patch for the vulnerability.

Daisy-chaining

It involves gaining access to the network or computer and then using the same information to gain access to multiple networks or computers that contain desirable information.

Doxing

Publishing personally identifiable information about an individual collected from publicly available databases and social media.

Bot

A bot is a software application that can be controlled remotely to execute or automate predefined tasks.

IP Address

  • IP Address stands for Internet Protocol Address.
  • IP Address is either a four-byte (IPv4) or an eight-byte (IPv6) address. IPv4 uses 32-bit addresses in dotted notations, whereas IPv6 uses 128-bit addresses in hexadecimal notations.
  • A device attached with IP Address can retrieve by RARP protocol.
  • IP Address is the logical address of the computer.
  • IP Address identifies the connection of the device on the network.
  • IP Address operates in the network layer.
  • IPv4 uses A, B, C, D, and E classes for IP addressing.
    • Class A: 1-126
      • Loopback range: 127
    • Class B: 128-191
    • Class C: 192-223
    • Class D: 224-239
    • Class E: 240-254
Public IP Address: Public IP address is the IP address can be visited from any computer in the world.
Private IP Address: Private means the IP address can only be used by those on the same network.
Static IP Address: Static means the IP address never changes as long as you stay with the same provider or same server.
Dynamic IP Address: Dynamic IP address means the IP address can change from time-to-time.

MAC Address

  • MAC Address stands for Media Access Control Address.
  • MAC Address is a six byte hexadecimal address. It is a 48-bit address that contains 6 groups of 2 hexadecimal digits, separated by either hyphens (-) or colons(;)
  • A device attached with MAC Address can retrieve by ARP protocol.
  • MAC Address is the physical address of a computer.
  • MAC Address helps in simply identifying the device.
  • MAC Address operates in the data link layer.

Ping

  • PING: Packet Internet Groper.
  • Ping is a computer utility tool to test the reachability of a host on a Internal Protocol Network.
  • Ping uses only ICMP echo requests under ICMP protocol, which is a layer 3 protocol.

Port

Port is a 16-bit number used to identify specific application and services. It is an logical entity not an hardware.

Port Scanning

Port Scanning is the technique used to identify open ports and service available on a host.

Traceroute/Tracert

Traceroute (for Linux) or Tracert (for Windows) is a computer network diagnostic tool for displaying the route and measuring the transit delay of packets across the IP network. It is used to determine exactly the route of where the data packets are exactly going.

When do we use traceroute/tracert?

When we cannot ping the final destination, traceroute/tracert will help to identify where the connection stops or gets broken, whether it is firewall, ISP, router etc.

CIA Triad

Confidentiality, Integrity, and Availability (CIA) is a popular model which is designed to develop a security policy. Level of security can be defined by strength of these three components.
  • Confidentiality: Ensure the sensitive information is accessed only by an authorized user.
  • Integrity: It means that, the information is in the right format
  • Availability: Ensure the data and resources are available for users who need them.

Cryptography

Cryptography is the practice and study of techniques for securing information and communication 
mainly to protect the data from third parties that the data is not intended for

Symmetric Algorithm

  • When same key is used for encryption & decryption. Encryption is fast but more vulnerable. DES, 3DES, AES and RC4 are the example of symmetric algorithm.
  • Confidentiality can be assured with symmetric encryption.
  • Examples:
    • DES
      • Data Encryption Standard.
      • Takes 64 bit blocks input to encrypt.
      • Key size (56-bit + 8-bit).
    • 3DES
      • Triple DES (Data Encryption Standard).
      • 3DES uses 3 different key, of 56-bit key size each.
      • First encrypt with 1st key, then decrypt with 2nd key and then again encrypt the decrypted text with 3rd key.
    • AES
      • Advanced Encryption Standard
      • AES uses 128-bit, 192-bit, and 256-bit of block size as well as same key size.
    • IDEA
      • International Data Encryption Algorithm
      • Takes 64 bit blocks input to encrypt.
      • IDEA uses 1028-bit key size.
    • Blowfish
      • Takes 64 bit blocks input to encrypt.
      • Blowfish uses variable length of key size (32-bit - 448-bit)
    • Twofish
      • Replaced blowfish algorithm
      • Takes 64 bit blocks input to encrypt.
      • Twofish uses 128-bit, 192-bit, and 256-bit key size.
    • RC4
      • Rivest Cipher
      • It uses Stream Cipher
      • RC4 uses variable key size from 40-bits to 2048-bits
    • RC5
      • Rivest Cipher
      • It uses Block Cipher
      • RC5 uses variable key size upto 2048-bits
    • RC6
      • Rivest Cipher, replacement of DES
      • It uses Block Cipher
      • RC6 uses variable key size upto 2048-bits
AES with 256-bit key size is considered as strongest symmetric encryption algorithm.
DES is considered as least strong symmetric encryption algorithm.
RSA with 2048-bit key size is considered as strongest asymmetric encryption algorithm.

Asymmetric Algorithm

  • When different key (a pair of public and private key) is used for encryption & decryption. Encryption is slow due to high computation. DH (Diffie-Hellman) and RSA are the example of asymmetric algorithm. It is often used for securely exchanging secret keys.
  • Key distribution can be challenging with the asymmetric encryption.

Encoding

Encoding modifies data from one format into another format using a scheme that is publicly available. It can be easily restore back into the predefined data, and it does not need any key to decode. You need only the algorithm which accounts for its encoding.

Encryption

Encryption is used to convert readable data into an unreadable format. However, encrypted data can be transformed into original data by decryption. Encryption is used to ensure the confidentiality of the data.

Hashing

Hashing is used to convert readable data into an unreadable format. However, hashed data cannot be processed back to the original data. Hashing is used to ensure the integrity of the data.

SSL/TLS Handshake

SSL: Secure Socket Layer - was the original encryption protocol developed for HTTP.
TLS: Transport Layer Security - SSL was replaced by TLS, SSL handshakes are now called TLS handshakes.
  • The 'client hello' message: The client initiates the handshake by sending a "hello" message to the server with TLS version the client supports, the cipher suites supported, and a string of random bytes known as the client random.
  • The 'server hello' message: In reply to the client hello message, the server sends a message containing the server's SSL certificate, the server's chosen cipher suite, and the "server random," another random string of bytes that's generated by the server.
  • Authentication: The client verifies the server's SSL certificate with the certificate authority that issued it. This confirms that the server is who it says it is, and that the client is interacting with the actual owner of the domain.
  • The premaster secret: The client sends one more random string of bytes, the "premaster secret." The premaster secret is encrypted with the public key and can only be decrypted with the private key by the server. (The client gets the public key from the server's SSL certificate.)
  • Private key used: The server decrypts the premaster secret.
  • Session keys created: Both client and server generate session keys from the client random, the server random, and the premaster secret. They should arrive at the same results.
  • Client is ready: The client sends a "finished" message that is encrypted with a session key.
  • Server is ready: The server sends a "finished" message encrypted with a session key.
  • Secure symmetric encryption achieved: The handshake is completed, and communication continues using the session keys.
Handshake Flow: Client hello message>Server hello message>Authentication(of Server SSL Certificate)>Premaster Secret(encrypted with server public key)>Session key created>Client ready>Server ready>Secure symmetric encryption achieved.

TLS Algorithm

TLS is an encryption protocol designed to secure Internet communications. A cipher suite used in establishing a secure communications connection.

TLS 1.2 Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, a cipher suite is made up of four ciphers:

  1. Key exchange algorithm: ECDHE (Elliptic Curve Diffie Hellman), others are RSA and DH.
  2. Authentication algorithm: ECDSA (Elliptic Curve Digital Signature Algorithm), others are RSA and DHA.
  3. Bulk Data Encryption: AES_256_GCM
  4. Message authentication code (MAC) algorithm: SHA384
TLS 1.3 cipher suite: TLS_AES_256_GCM_SHA384, a cipher suite is made up of only 2 ciphers:
it is because there’s no need to display the type of key exchange algorithm and, by extension, authentication algorithm, as there is only one accepted type of key exchange algorithm, which is the ephemeral Diffie-Hellman method.

Cipher Suite

A cipher suite is a set of encryption algorithms used in establishing a secure communications connection.

Block Cipher

  • Both block cipher and stream cipher belongs to the symmetric key cipher. These methods are used for converting the plain text into ciphertext.
  • Block cipher converts the plain text into cipher text by taking a block (such as 64 bit block) of plain text at a time. AES, DES, 3DES, etc. are the examples of Block Cipher.

Stream Cipher

  • Both block cipher and stream cipher belongs to the symmetric key cipher. These methods are used for converting the plain text into ciphertext.
  • Stream cipher converts the plain text into cipher text by taking 1 byte (8 bit) of plain text at a time. RC4 algorithm is the example of Stream Cipher.

Confusion

To hide the relationship between ciphertext and key.

Diffusion

To hide the relationship between ciphertext and plaintext.

Wireless Encryption and Protocols

Authentication Security Protocols:
  1. WEP - Wired Equivalent Privacy
  2. WPA - WiFi Protected Access
    • WPA-PSK, also called WPA-Personal. It uses both TKIP as well as AES
  3. WPA2 - WiFi Protected Access 2
    • WPA2-PSK uses CCMP and AES.
  4. WPA3 -  WiFi Protected Access 3
  5. EAP - Extensible Authentication Protocol
Wireless Encryption Algorithms:
  1. TKIP - Temporal Key Integrity Protocol, with 128-bit key size.
  2. CCMP - Counter Mode Cipher Block Chaining Message Authentication Code Protocol.
  3. AES - Advanced Encryption Standard.

OSI Model

OSI refers how applications communicate over network. The main objective of the OSI (Open systems interconnection) model is to process the communication between two endpoints in a network. OSI Model is a logical and conceptual model that defines network communication used by systems open to interconnection and communication with other systems.

TCP/IP Model

TCP/IP helps you to determine how a specific computer should be connected to the internet and how you can transmit data between them.

TCP/IP stands for Transmission Control Protocol/ Internet Protocol. It is specifically designed as a model to offer highly reliable and end-to-end byte stream over an unreliable internetwork.

Difference between OSI and TCP/IP Model

OSI refers to Open Systems Interconnection. TCP refers to Transmission Control Protocol. OSI uses the network layer to define routing standards and protocols. TCP/IP uses only the Internet layer.

Authenticated Scan

An authenticated scan reports weaknesses exposed to the authenticated users of the system. Authenticated scans can check for software applications and packages and verify patches.

Unauthenticated Scan

An unauthenticated scan reports weaknesses from a public viewpoint (this is what the system looks like to the unauthenticated users) of the system. An unauthenticated scan can examine only publicly visible information and are unable to provide detailed information about assets.

Reverse Shell

A reverse shell is a shell initiated from the target host (victim machine) back to the attack box (attacker machine) which is in a listening state to pick up the shell. Request will come from victim machine to attacker machine. In reverse shell, attacker machine will be in listening state.

Bind Shell

A bind shell is set up on the target host (victim machine) and binds to a specific port to listens for an incoming connection from the attack box. Request will transferred from attacker machine to victim machine. In Bind shell, victim machine will be in listening state.

Encrypted Shell

Encrypted shells, as the name suggests, encrypt the communication, thereby disallowing intermediary sniffers to decipher what we are trying to accomplish on the target machine.

CVSS

The Common Vulnerability Scoring System, is a free and open industry standard for assessing the severity of computer system security vulnerabilities.

Base Score

It represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

Exploitability Metric
  • Attack vector
  • Attack Complexity
  • Privileges required
  • User Interaction
Impact Metric
  • Confidentiality
  • Integrity
  • Availability
  • Scope

Temporal Score

It represents the characteristics of a vulnerability that may change over time but not across user environments.
  • Exploitability
  • Remediation Level
  • Report Confidence

Environmental Score

It represents the characteristics of a vulnerability that are relevant and unique to a particular user’s environment.
  • Confidentiality Requirement
  • Integrity Requirement
  • Availability Requirement
  • Modified Attack vector
  • Modified Attack Complexity
  • Modified Privileges required
  • Modified User Interaction
  • Modified Scope
  • Modified Confidentiality
  • Modified Integrity
  • Modified Availability

CVE

  • CVE stands for Common Vulnerabilities and Exposures.
  • CVE is simply a list of currently known issues regarding specific systems and products with a ID.

CWE

  • CWE stands for Common Weakness Enumeration
  • CWE categorizes types of software vulnerabilities.

CVE vs CWE

  • CVE tells about the vulnerability regarding associated with the specific systems and product, however CWE tells about the different types of vulnerabilities exist.
  • CVE has to do with the specific instance within a product or system—not the underlying flaw, however CWE has to do with the vulnerability—not the instance within a product or system.

CWE vs OWASP

OWASP stands for Open Web Application Security Project.
OWASP top 10 is the main category (top issues) and CWE is a break down to each issue. CWEs will have some issues that don't fall into any of the 10 categories of the OWASP top 10 because CWEs cover software issues and not just web application specific.

Types of Pentesting Methodology

  • White Box Pentesting: White box penetration testing, sometimes referred to as clear, crystal or oblique box pen testing. In this, security tester may have full network and system information of the target host, including network maps and credentials.
  • Black Box Pentesting: In this, no information is provided to the tester at all. The pentester follows the approach of an unprivileged attacker, from initial access and execution through to exploitation.
  • Gray Box Pentesting: Combination of both of black-box and white-box testing. The pentester has some advanced knowledge on the targets (only limited information is shared with the tester) they plan to attack.
  • Tiger Box Pentesting: This hacking is usually done on a laptop which has a collection of OSs and hacking tools. This testing helps penetration testers and security testers to conduct vulnerabilities assessment and attacks. Tiger box means, a machine assembled using specific hardware and software to be used for hacking and penetration testing.

SAST

  • Static Application Security Testing.
  • SAST is a white-box security testing methodology in which an security tester will have application source code.
  • A security tester examines an application when it is not running and tries to identify the range of vulnerabilities in application's source code.
  • SAST Tools:
    • Fortify
    • Appscan

DAST

  • Dynamic Application Security Testing.
  • DAST is a black-box security testing methodology in which an application is tested from the outside.
  • A security tester examines an application when it is running and tries to hack it just like an attacker.
  • DAST Tools:
    • BurpSuite
    • Acunetix
    • Nikto
    • OWASP ZAP

IAST

  • Interactive Application Security Testing.
  • IAST is a black-box security testing methodology, which combines the benefits of black-box and white-box methodologies.
  • A security tester examines an application's source code as well as application when it is running and tries to hack it just like an attacker.
  • IAST Tools:
    • Both SAST and DAST Tools

Same Origin Policy (SOP)

Same origin policy is a security mechanism to protect web applications from accessing resources from another website. It restricts how a document or script loaded by one origin (actual domain) can interact with a resource from another origin (another domain). Note that, by default, Same-origin policy will restrict the response from loading.

Cross-Origin Resource Sharing (CORS)

CORS is controlled relaxation in SOP for a domain. CORS allows a site A to give permission to site B to read (potentially private) data from site A.

Content Security Policy (CSP)

It will secure the content of your website. Content security policy response header allows web site administrators to control resources the user agent is allowed to load for a given page. CSP allows a site to prevent itself from loading (potentially malicious) content from unexpected sources (e.g. as a defense against XSS).

Difference between SOP and CSP?

  • SOP: which foreign source is allowed to interact with the webpage/service.
  • CORS: CORS allows a site A to give permission to site B to read (potentially private) data from site A.
  • CSP: which location for script/images is allowed to be integrated in the webpage. CSP set a policy of what content can run on the current site.

Cryptographic Protocols

Cryptographic protocols provide Confidentiality (encryption) and prevent eavesdropping.

VPN

To prevent or wrap clear text (no encryption) into the cryptographic one.

Compliance

  • Compliance involves meeting(follow) various controls (usually enacted by a regulatory authority, law, or industry group) to protect the confidentiality, integrity, and availability of data.
  • Compliance requirements vary and can be imposed by law, regulatory bodies, and even private industry groups such as the Payment Card Industry

PCIDSS

  • Payment Card Industry Data Security Standard.
  • PCI DSS compliance is mandatory for the organization who store. process and transmit credit card data.

PADSS

  • Payment Application Data Security Standard.
  • PA DSS is one of the matured standards in the industry to evaluate the application (payment application) against, showcases the security index of your application.

PCI PIN

  • PCI Personal Identification Number.
  • PCI PIN is a set of requirements defined by the PCI Security Standards Council for the secure handling of personal identification number (PIN) data during payment processing at ATMs or over point-of-sale (POS) terminals.
  • PCI PIN and PCI PTS (PIN Transaction Security) requirements emphasize on maintaining physical and logical security of the POS (point-of-sale) devices, PIN pad services, and UPTs.
  • The intention of this standard is to reduce the number of credit card frauds around Point-of-Sale devices.

PCI SAQ

  • PCI Self-Assessment Questionnaire.
  • PCI SAQ is a blueprint for merchants and service providers to become PCI DSS compliant.
  • PCI SAQ is something like a checklist to ensure you don’t miss on the security requirements applicable to your business.
  • PCI SAQ is applicable for small merchants and service providers who do not need to go for an onsite audit and submit a report on compliance to their acquiring Banks or Payment brands, but need to comply with all the applicable requirements in PCI DSS standard.

HIPAA

  • Health Insurance Portability and Accountability Act.
  • HIPAA provides rules and regulations for protecting the privacy of Patient Health Information (PHI - Protected Health Information) and the security of Electronic records stored or transmitted.
  • This includes PHI in any form - physical copy, electronic or oral. PHI consists of individually identifiable patient information such as Name, health records, demographic information, contact information, Social Security Number, etc.

GDPR

  • General Data Protection Regulation.
  • GDPR is for Data Privacy and Protection. The European Union brought GDPR into enforcement on 25th May 2018.
  • GDPR provides specific guidance on how Personally Identifiable Information (PII) should be recorded, stored, and transferred without invasion of the right to privacy of the EU citizens.

ISO 27001

  • International Standard Organization.
  • ISO 27001, a globally recognized standard for managing information security-related risks.
  • It specifies a set of standardized requirements for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).
  • The standard provides the framework to manage the confidentiality, availability, and integrity of organizational assets such as financial data, intellectual property, employee details, customer confidential data, or information entrusted by third parties.

NIST

National Institute of Standards and Technology

SANS

SysAdmin Audit Network Security

CIS

Center for Internet Security

Protocols

Protocols are set of rules and procedures that are used to communicate over the Internet. Protocols determine how data is transmitted between different devices in the same network.

FTP

FTP stands for File Transfer Protocol. FTP is used to transfer files between devices over a network. File transfer protocol is a way to download, upload, and transfer files from one location to another on the internet and between computer systems.

SSH

SSH is a software package that enables secure system administration and file transfers over insecure networks. The SSH protocol uses encryption to secure the connection between a client and a server.

TELNET

TELNET stands for Terminal Network.  It is a protocol that enables one computer to connect to local computer. It provides a command line interface for communication with a remote device or server.

SMTP

SMTP stands for Simple Mail Transfer Protocol. SMTP protocols is used to send emails. SMTP is nothing but a set of commands which is used to send emails.

DNS

DNS stands for Domain Name System. DNS is an application layer protocol, a naming system for computers that converts human-readable domain names e.g. (prabhathudda.com) into computer-readable IP addresses. DNS is something like the phonebook of the Internet. It typically runs on port 53.

DHCP

DHCP stands for Dynamic Host Configuration Protocol. It is an application layer protocol which is used to dynamically assign IP addresses within a network. It provides:
  • IP address
  • Subnet mask
  • Default Gateway
  • DNS Server

HTTP

  • Hyper Text Transfer Protocol
  • It is a way to protect sensitive data—like your credit card number while HTTPS uses TLS to encrypt the communications between clients and servers, preventing people from intercepting and reading your data in flight.
  • It also preserves the integrity of data, helping to prevent it from being broken or corrupted.
  • While HTTP is not naturally problematic, but its use for the transmission of sensitive data is definitely a major risk. When plaintext credentials are transmitted over HTTP, those credentials are left exposed, the internet equivalent of shouting passwords across a crowded room, making it trivial for anyone to intercept and steal those credentials.

HTTP 1.0

  • HTTP 1.0 is non-persistent
  • HTTP 1.0 requires multiple connections to serve a single request.
  • HTTP 1.0 serves the response and disconnects the connection

HTTP 1.1

  • HTTP 1.1 is persistent.
  • Head of line blocking, only 6 TCP connections parallelly (Limitation)
  • Header information is repeated with every request (Limitation)
  • Keep-alive option enables re-using the same TCP connection for multiple HTTP request

HTTP 2.0

  • HTTP 2.0 is also persistent.
  • HTTP 2.0  is same as HTTP 1.1 with some additional features
  • HTTP 2.0 uses the single TCP connection pipeline with multiple streams for different request.
  • HTTP 2.0 requires the TLS setup as a mandatory requirement
  • HTTP 2.0 uses HPACK, where header data is separated from actual request data, allows compression for header data, reduces the entire request size
  • HTTP 2.0 uses PUSH Frames to send necessary resource in advance
  • HTTP 2.0 is built top of HTTP 1.1 and will be work if client is using HTTP 1.1

POP3

POP3 stands for Post Office Protocol, which is used to retrieving emails from the email server. With POP3, we download the email to the device from the email server.

IMAP

IMAP stands for Internet Message Access Protocol, which is also used to retrieving emails from the email server. With IMAP, we can download the email to the device from the email server.

What is the difference between POP3 and IMAP?

NetBIOS

It is used for name registration and resolution with Windows-based Client.

SMB

SMB stands for Server Message Block, is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers. SMB is a client server, request-response protocol.

SNMP

SNMP is an application layer protocol that uses UDP port number 161/162. SNMP is used to monitor the network, detect network faults, and sometimes even used to configure remote devices. 
Components of SNMP:

SNMP Manager

It is a centralized system used to monitor network. It is also known as Network Management Station (NMS) 

SNMP agent

It is a software management software module installed on a managed device. Managed devices can be network devices like PC, routers, switches, servers, etc. 

Management Information Base

MIB consists of information on resources that are to be managed. This information is organized hierarchically. It consists of objects instances which are essentially variables. 

ARP

It is a protocol used for finding MAC address associated with IPv4 address. This protocol work as an interface between the OSI network and OSI link layer.

NTLM

New Technology LAN Manager (NTLM) is a proprietary Microsoft protocol introduced in 1993 to replace Microsoft LAN Manager (LANMAN). NTLM is part of a cohort of Microsoft security protocols designed to collectively provide authentication, integrity, and confidentiality to users.

NTLM is what is known as a challenge-response protocol used by servers to authenticate clients using password hashes. In its original incarnation NTLMv1 used a fairly simple (and easily compromised) authentication method.

Using NTLM for authentication exposes organizations to a number of risks. A skilled attacker can easily intercept NTLM hashes that are equivalent to passwords or crack NTLMv1 passwords offline. A successful exploit against NTLMv1 authentication can enable an attacker to launch machine-in-the-middle (MITM) attacks or take complete control of a domain.

LLMNR

Link-Local Multicast Name Resolution (LLMNR) is a protocol that allows name resolution without a DNS server. Essentially, LLMNR is a layer 2 protocol that provides a hostname-to-IP resolution on the basis of a network packet that's transmitted via Port UDP 5355 to the multicast network address (224.0.0.0 through 239.255.255.255). The multicast packet queries all network interfaces looking for any that can self-identify authoritatively as the hostname in the query.

LLMNR was originally created as a temporary solution to enable name resolution in environments in which DNS servers would be impractical, such as small private networks. LLMNR was created as a way to achieve name resolution without the difficult requirements of DNS. The protocol has been (and still is) used by operating systems, including Microsoft Windows, to identify networked devices like file servers.

We are Updating everyday...

Comments

Other Popular Post

About - Prabhat Hudda

Prabhat Hudda  is an IT Security Professional, currently working as an Application Security Engineer with more than 5 years of expertise in Information Security. He holds a Bachelor's degree in Information Technology, and his significant interests spin around Application Security & Penetration Testing. Further, he loves to participate in several security events, conferences, and bug bounty programs. He actively blogs about his experience, knowledge, and skills in Information Security via Medium  and  LinkedIn . Skills: Threat Modeling Software Composition Analysis Static Code Analysis (SAST) DAST Web Application Security Testing API Security Assessment Android Application Security Testing iOS Application Security Testing Cloud Security Testing Network Penetration Testing Experience Trantor Software Pvt Ltd Duration: March 2022 - Present Conduct thorough security assessments and assess the security posture of digital Fintech NBFC applications, identifying vulnerab...