Seven Domains of IT
21 Jan 2022
Seven Domains of a Typical IT Infrastructure
- User - deals with authentication
- Workstation - the computer/office
- LAN - segmentation and authentication
- LAN to WAN - our access point to the Internet, ingress/egress filtering with firewalls, IDS . . .
- WAN
- Remote Access Domain - hotels, coffee shop . . . vpns are important here for encryption
- System/Application Domain - Databases, web servers, application servers . . . this is what attackers are after, so need good encryption
Linux Folder Structure
/dev - pointers to storage and IO systems/etc - admin, password and shadow files/homesbin - admin binaries like daemons/usr - unique files to user
Linux Password Architecture
/etc/passwd - text file, human-readable, the x is where the password would be/etc/shadow - hashed passwords, everyone can read but only root can change it (though I’m not sure why you would)
- Colon-delimited, user is at the beginning and then after colon is the hashed password, followed by some metadata
- Metadata includes minimum and maximum days required between valid passwords/password changes
- Hashed password =
"$id$salt$hashed"
- ID identifies the type of hash, like
$6 is SHA512
- Salt is random data added
Windows Password Architecture
Password Cracking
- Active online - actively trying to guess online passwords
- Passive online - sniffing, running a program online
- Offline - dictionary-style, hybrid, brute-force
John the Ripper
- Built into cyberrange
john shadow_file first time, john --show shadow_file to dump the info again
Assignments
- Lab 1 posted soon
- Read chapter 2 of book
