Lazy Diary @ Hatena Blog

PowerShell / Java / miscellaneous things about software development, Tips & Gochas. CC BY-SA 4.0/Apache License 2.0

CEH v9 Practice Tests 1 Notes (1)

Notes for CEH v9: Certified Ethical Hacker Version 9 Practice Tests Practice Test 1 (pp.2-25).

  • ECC means Elliptic Curve Cryptography, not Error Check and Correction (e.g. ECC memory).
  • Smurf attack and Fraggle attack are both using request packet for a broadcast address. Smurf attack uses ICMP Type 8 (Echo Request), while Fraggle attack uses request packet for udp/7 (echo service).
  • Firewalking: For example, if the targeted gateway pass through tcp/22 and the next node of the gateway drop packets for tcp/22, you cannot distinguish whether of them dropped the packet with ordinal packet to tcp/22.
  • PAP: Password Authentication Protocol. Used in PPP, as with CHAP.
  • X.509: X.500 is data model(s) for directory services, e.g. LDAP. X.509 is the format of public key certificates. X.509 is also used in certificates for LDAP (it is a little confusing).
  • TTL default value in different OSes (Wanted: authorized & summarized source)
  • Ping of death: Found in 1996.
  • Melissa: This book (Practice Test1, Q.21) misprinted the name of this macro virus ("Melisa"). I think Melissa and I LOVE YOU (worm) are both very infectious, but this book says Melissa is more infectious.
  • Ncat: included in nmap package.
  • XMAS scan: Sets FIN, PSH, and URG flags. Responce will be RST packet on closed ports (Windows returns RST packet also on opened ports).
  • Flags in TCP Header: CWR, ECE, URG, ACK, PSH, RST, SYN, FIN. XMAX scan becomes 00101001.