2015 in review


The WordPress.com stats helper monkeys prepared a 2015 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 21,000 times in 2015. If it were a concert at Sydney Opera House, it would take about 8 sold-out performances for that many people to see it.

Click here to see the complete report.

What are the top skills for systems administrators?


  1. Customer service skills.
  2. Ability to work under pressure.
  3. Writing skills.
  4. Disaster planning.
  5. Person-to-person networking.
  6. Troubleshooting skills.
  7. Learning skills.
  8. Technical skills.

Use Netstat to See Listening Ports and PID in Windows


For instance, my Internet connection was running really slow and I could not figure out why. I restarted the router and that normally fixes any issue, but the Internet would slow down again every time.

Finally, I ran the netstat command just for the heck of it and saw one process using up a few TCP ports. I checked it out and saw there was some weird program I had never heard of running on my computer in the background. I Googled the process and it was a virus!! Goodness knows what kind of data it was transferring, but I killed the process, restarted the computer and scanned it using a offline virus scanning tool. After the virus was gone, everything was back to normal.

I have never had that happen to me before, but had I not used the netstat command to see which ports were being used by what Windows process, I would have never known I had a virus since it was secretly running in the background. In this article, I’ll show you one handy usage of the netstat command instead of telling you 10 different commands that will make things confusing.

To get started, open the command prompt by clicking on Start and then typing cmd. In the command window, go ahead and type in the following command:

netstat -a -n -o

In the command above, the -o parameter is what will add the PID to the end of the table. Press enter and you should see something like this:

netstat ports

You can see the port being used in the second column called Local Address. You’ll see the port number after the colon. You’ll also see some ports and some PIDs listed more than once. That’s because one process can be using the same port number on different protocols like TCP, UDP, etc.

Now to see the name of the process that is using that port, go to Task Manager by pressing CTRL + SHIFT + ESC and then click on the Process tab. By default, the task manager does not display the process ID, so you have to click on View and then Select Columns.

select columns

Go ahead and check the box for PID (Process Identifier) and then click OK.

process identifier

Now you should also see the PID alongside the process name in task manager. You can click on the column header to quickly sort the list by PID, thereby making it easy to find the process you are looking for.

process task manager

And that’s about it! Hopefully this will help you find out which process is listening on what ports in Windows. If you have any questions, post a comment! Enjoy!

Entering an FTP username and password as well as the hostname in a URL


Sometimes it is useful to enter a username and password in a FTP URL.  It is done in this format:

username:password@ftpserver.com
m0nkey" you would enter this string into your browser url bar.

ftp://dave:m0nkey@ftpserver.com

Import a list of Windows computer names into a text file


If you wish to import all of the computers in a domain or workgroup displayed under the Windows Network into a text file there isn’t always an obvious way of doing it. However with a simple cmd prompt command you can get a listing of the machines registered in the domain. In my example I am going to output the computer names into a file called hostnames.txt

Obtain the listing

Open a command prompt Start->Run->cmd Type

net view > hostnames.txt

or if you wish to specify a particular domain

net view /domain:mydomain > hostnames.txt

The output of the domain will then be placed in file called hostnames.txt. You can manipulate this file in Notepad, Excel or any other program capable of editing ascii files.

2013 in review


The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog.

Here’s an excerpt:

The concert hall at the Sydney Opera House holds 2,700 people. This blog was viewed about 18,000 times in 2013. If it were a concert at Sydney Opera House, it would take about 7 sold-out performances for that many people to see it.

Click here to see the complete report.

NESSUS Set up scans


{ Set up scans and read results }


Background Information
  1. What is NESSUS?
    • Tenable Network Security provides enterprise-class solutions for continuous monitoring and visibility of vulnerabilities, configurations, user activity and system events that impact security and compliance.
    • Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.
  2. Reference Link: 
  3. Lab Notes
    • In this lab we will do the following:
      1. Create a Nessus Internal Scan
      2. Scan Damn Vulnerable WXP-SP2
      3. Analyze Results
      4. Export Results
  4. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with “no warranties, either express or implied.” The information contained is provided “as-is”, with “no guarantee of merchantability.”
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • Your are on notice, that continuing and/or using this lab outside your “own” test environment is considered malicious and is against the law.
    • © 2012 No content replication of any kind is allowed without express written permission.
Section 1: Login to PENTEST-WXP (Attacking Machine)
  1. Start Up VMWare Player
    • Instructions:
      1. Click the Start Button
      2. Type Vmplayer in the search box
      3. Click on Vmplayer

     

  2. Edit Virtual Machine Settings
    • Instructions:
      1. Click on PENTEST-WXP
      2. Edit Virtual Machine Settings
    • Note:
      • This VM is running Windows XP.

     

  3. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button “Bridged: Connected directly to the physical network”.

     

  4. Start Up PENTEST-WXP
    • Instructions:
      1. Click Play virtual machine
  5. Send Ctrl+Alt+Del
    • Instructions:
      1. Click Player
      2. Click Send Ctrl+Alt+Del

     

  6. Logging into PENTEST-WXP
    • Instructions:
      1. Username: administrator
      2. Password: Supply your password

     

  7. Open a Command Prompt
    • Instructions:
      1. Start –> All Programs –> Accessories –> Command Prompt

     

  8. Determine IP Address
    • Instructions:
      1. ipconfig
    • Note(FYI):
      • My IP Address is 192.168.1.111. 
      • Your IP Address will probably be different.

 

Section 2: Login to Damn Vulnerable WXP-SP2 (Victim Machine)
  1. Edit Virtual Machine Settings
    • Instructions:
      1. Click on Damn Vulnerable WXP-SP2
      2. Edit Virtual Machine Settings
    • Note:
      • This VM is running Windows XP.
      • This is the Victim Machine that we will be scanning with PENTEST-WXP.

     

  2. Set Network Adapter
    • Instructions:
      1. Click on Network Adapter
      2. Click on the radio button “Bridged: Connected directly to the physical network”.

     

  3. Start Up Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Start Up your VMware Player
      2. Play virtual machine

     

  4. Logging into Damn Vulnerable WXP-SP2.
    • Instructions:
      1. Username: administrator
      2. Password: Use the Class Password or whatever you set it.

     

  5. Open a Command Prompt
    • Instructions:
      1. Start –> All Programs –> Accessories –> Command Prompt

     

  6. Obtain the IP Address
    • Instructions:
      1. In the Command Prompt type “ipconfig”
    • Note(FYI):
      • In my case, Damn Vulnerable WXP-SP2’s IP Address 192.168.1.116.
      • This is the IP Address of the Victim Machine.
      • Record your IP Address.

 

Section 3: Login to Nessus
  1. Start the Nessus Web Client
    • Instructions:
      1. Make sure you are on PENTEST-WXP
      2. Click on the Nessus Web Client located on the desktop
  2. Login To Nessus
    • Instructions:
      1. Username: admin
      2. Password: Supply your password
      3. Click the Sign In To Continue Button

 

Section 4:  Creating a Scan
  1. Click on Scan
    • Instructions:
      1. Click on the Scan Tab
      2. Click on New Scan
  • Create New Scan
    • Instructions:
      1. Scan Title: Damn Vulnerable WXP-SP2
      2. Scan Type: Run Now
      3. Scan Policy: Internal Network Scan
      4. Scan Target: Input Damn Vulnerable WXP-SP2’s IP Address.
        • In my case, the IP Address is 192.168.1.116
      5. Click the Create Scan Button

     

  • Monitor the Scan
    • Instructions:
      1. Click on the Running Status

     

  • Host Result Summary
    • Instructions:
      1. Wait 5 to 10 minutes until scan is 100% complete.
      2. Click on the purple section to see the most critical vulnerabilities.

     

  • View Critical Alert(s)
    • Instructions:
      1. Click on MS08-067

     

  • Analyzing MS08-067 Results
    • Instructions:
      1. Read the Synopsis
      2. Read the Description
      3. Read the Vulnerability Information
        • This will show you which tools can be used to exploit this vulnerability.
    • Note(FYI):
      • Basically the attacker can use a tool like Metasploit to mangle the kernel by overflowing the stack and then execute code after overrunning the kernel.

     

  • View Critical Alert
    • Instructions:
      1. Export Format: CSV
      2. Click the Export Button

     

  1. Download Report
    • Instructions:
      1. Click the radio button “Save File”
      2. Click the OK button.

     

Section 5:  Proof of Lab
  1. Open a Command Prompt
    • Instructions:
      1. Start –> All Programs –> Accessories –> Command Prompt

     

  2. Proof of Lab Instructions
    • Instructions:
      1. cd “My Documents\Downloads”
      2. type *.csv | findstr MS08-067
      3. date /t
      4. echo “Your Name”
        • Replace the string “Your Name” with your actual name.
        • e.g., echo “John Gray”
      5. Do a PrtScn
      6. Paste into a word document
      7. Upload to Moodle
%d bloggers like this: