Cyber security researcher | Msc Electronics | Burp Suite | Nmap | Metasploit | Exploring VAPT with John the Ripper, Hydra, and Nikto | CEH v13 (in progress)
🎉 Another Milestone Achieved! 🚀 I’m thrilled to share that I’ve completed the TryHackMe "Network Services" module! 🔐📡 This module deepened my understanding of critical services like FTP, SSH, HTTP, and how they can be explored and secured in real-world scenarios.
Just completed the Network Services room in TryHackMe which was challenging for me but I have learnt a lot such as different network services and how to exploit them including SMB, Telnet & FTP.
| End-point Security Administrator at Bluechip Technical Services pvt Ltd || BSc (Honors) IT Sp. in Cybersecurity at SLIIT (final year undergraduate) |
DONE Network Services ROOM IN TRYHACKME... Learn about, then enumerate and exploit a variety of network services and misconfigurations.
Cyber security researcher | Msc Electronics | Burp Suite | Nmap | Metasploit | Exploring VAPT with John the Ripper, Hydra, and Nikto | CEH v13 (in progress)
🎉 Continuing the Journey: Network Services 2 Completed! 🚀 Excited to share that I’ve completed the TryHackMe "Network Services 2" module! 🌐🔒 This experience expanded my knowledge of advanced network protocols, service misconfigurations, and exploitation techniques while emphasizing real-world applications.
I have just completed the network services room on TryHackMe and I have learned about network services like FTP, SMB, and TELNET and also learned how to use tools like ➡️ Nmap ➡️ Enum4Linux To Enumerating and Exploiting Network Services
🌟 Learned and Explored Network Services on TryHackMe! 🌟 KEY concepts(Services) : SMB ,TELNET,FTP. Here’s what I discovered: I delved into SMB, Telnet, and FTP. I explored SMB shares, learned about Telnet’s insecure past, and got hands-on with FTP services. From scanning ports to finding weak credentials , learning to use of new tools for ease enumerations and exploiting labs provide by room.🗝️🔓
I have finished a lesson about network services.
Cyber Security Analyst | CompTIA Security+ | SC-200 | Python | Splunk | SPL Language |Tryhackme Top %1 | Wireshark | CrowdStrike | Malware Analysis
It is enjoyable room. You will learn iptables and wireshark usage.
In active reconnaissance, which involves probing and gathering information about a target network or system to understand its structure and potential vulnerabilities, tools like traceroute, ping, and netcat are commonly used. Each serves a different purpose and provides different types of information. #TryhackMe #ActiveReconnaissance
The thing about CVE-2024-6387 "regreSSHion": What about your ROUTERS? Older EOL devices aren't patched! ThePrimeagen (multi-billion) [I think that's him] YT channel has grown on me, lately. I appreciate the added context and sharp, humble & jovial dialog. This video is an excellent walk-through description of the discovery, vulnerability & mitigation of prolific technical & security issues read from this article: https://lnkd.in/eTchJ2BA Qualys singles out the Rocky Linux 9 Distro, for some reason...😏 Here is the key to ensuring you're safe(r), if you're unable to patch: "... if sshd cannot be updated or recompiled, this signal handler race condition can be fixed by simply setting LoginGraceTime to 0 in the configuration file. This makes sshd vulnerable to a denial of service (the exhaustion of all MaxStartups connections), but it makes it safe from [regreSSHion] remote code execution." DISCLAIMER / USE AT YOUR OWN RISK: Use your best judgement & make sure you understand the shell commands first! For systems NOT using a default configuration for ssh/sshd, this WILL (possibly) break your ssh connectivity, which will make it very difficult, if not impossible, to access your systems! Quick & dirty fix for Rocky 9 regreSSHion CVE: ``` # find the sshd_config file and edit the default LoginGraceTime value sudo find /etc/ssh/sshd_config -type f -exec sed -i 's/#LoginGraceTime 2m/#LoginGraceTime 2m # original default vuln to regreSSHion \nLoginGraceTime 0/g' {} \; # restart the sshd service sudo systemctl restart sshd.service ``` IMPORTANT!! Note: This is just an example of how you can protect your SSH-enabled Linux systems from the regreSSHion CVE. The commands are not specific to Rocky 9 Linux & easily understood by SysAdmins/DevOps to be adapted to your specific distro/device *with extreme care*. PSA/Recommendations: Do you have vulnerable routers/VMs/devices with SSH enabled? - 1) Check your sshd_config and verify 'LoginGraceTime' is set to '15s' or lower! (the lower the value, the less statistical likelihood of exploitation; but setting this to 0 or 15s may allow for more likely successful DDoS...) - 2) Is your ASUS router in this list? Update with Asuswrt-Merlin (https://lnkd.in/e4whcfbt) if you have a vulnerable router in this list from SC Media: https://lnkd.in/ecgSwbJZ - 3) Ubiquiti Inc. Routers enable SSH by default... so either disable it, or use the CLI tool and 'vi' to mitigate, if you need to keep ssh enabled - 4) NETGEAR routers aren't without issues... https://lnkd.in/edb23EYr - 5) Tom's Guide has further details on protecting your routers from this & future vulnerabilities: https://lnkd.in/euHEtRsF #regreSSHion #Security #DevSecOps #DedicatedToSophiadAntoine #CVE20246387
Just completed the Network Services room on TryHackMe. I learned about the tools that are used in attacking common services and what those services do.
Assistant Accountant
3moWell done Sanjo Antony!