Security

The Bandit wargame taught me the basics needed to be able to play other wargames. Level 0 –> 1 Login : ssh bandit0@bandit.labs.overthewire.org -p 2220 Password : bandit0 Steps to resolve : cat readme Level 1 -> 2 Login : ssh bandit1@bandit.labs.overthewire.org -p 2220 Password : ZjLjTmM6FvvyRnrb2rfNWOZOTa6ip5If Steps to resolve : cat ./- prefix the filename with a path Level 2 -> 3 Login : ssh bandit2@bandit.labs.overthewire.org -p 2220 Password : 263JGJPfgU6LtdEvgfWU1XP5yac29mFx ...

What is a Shell? Shell = command interpreter program that provides an interactive environment for running commands. Common shells: /bin/bash - Bourne Again Shell (most common) /bin/sh - Bourne Shell (POSIX standard) /bin/zsh - Z Shell /bin/dash - Debian Almquist Shell What shells do: Provide interactive prompt for typing commands Interpret and execute commands Run other programs Handle scripting with shell syntax Manage environment (variables, paths, job control) Understanding /etc/passwd /etc/passwd = file containing user account information ...

What Are These Devices? Three different network security devices that control and inspect internet traffic, each operating at different layers and serving different purposes. 1. Network Firewall Physical or virtual device at network perimeter that blocks/allows traffic based on IP, port, and protocol. Key Characteristics Layer: 3-4 (Network/Transport Layer) Location: On-premises, between internal network and internet Type: Physical appliance or virtual machine Purpose: Control which connections are allowed What It Checks ✓ Source IP address ✓ Destination IP address ✓ Port number (80, 443, 22, etc.) ✓ Protocol (TCP, UDP, ICMP) ✗ Cannot see HTTP headers ✗ Cannot see URLs ✗ Cannot see content Example Decision Rule: Allow port 443 (HTTPS) to any destination Request: 192.168.1.100 → 203.0.113.50:443 Decision: ALLOW (port 443 is allowed) Rule: Block port 22 (SSH) to internet Request: 192.168.1.100 → 203.0.113.50:22 Decision: BLOCK (port 22 is blocked) Common Products Palo Alto Networks PA-Series (physical appliance) Cisco ASA (physical appliance) Fortinet FortiGate (physical appliance) AWS Network Firewall (virtual/cloud) pfSense (software firewall) Physical Deployment [Internet] | [Physical Firewall Appliance] ← Rack-mounted in data center | [Internal Network Switch] | [User Devices] 2. Proxy Server Physical or virtual device that forwards HTTP/HTTPS requests, can inspect and modify content. ...