Author: Prof Bill Buchanan
|
|
- Leon Randall
- 6 years ago
- Views:
Transcription
1 Data Loss Prevention 2. Data in-motion Magic Numbers/Discriminators. Detecting from network traffic. Regular Expressions. Extracting Content from traces. Converted formats. Author: Prof Bill Buchanan
2 Data in-motion DLP Data in-motion, data in-use and data at-rest Eve Switch Firewall Domain name server Bob Intrusion Detection System Data inmotion Internet Firewall Router Database server Data inuse Data atrest Web server server DMZ Intrusion Detection System Alice FTP server Proxy server
3 DLP Data in-motion Before Incident (Setting up/ Switch preventing) Switch During Incident (Responding) After Incident Firewall (Forensics) Firewall Eve Domain name server Domain name server Detector/ preventer Bob Bob Intrusion Detection Intrusion System Detection System Data inmotion Data inmotion Internet Internet Detector/ preventer Detector/ preventer Firewall Firewall Router Detector/ preventer Detector/ preventer Router Database server Database server Detector/ preventer Detector/ preventer Detector/ preventer Detector/ preventer Web server Web server server server Detector/ preventer Detector/ preventer FTP server FTP Proxy server server Proxy server DMZ DMZ Detector/ Detector/ preventer preventer Intrusion Detection Intrusion System Detection System Detector/ preventer Detector/ preventer Alice Alice Data in-motion, data in-use and data at-rest Data in-motion, data in-use and data at-rest
4 DLP Data in-motion Network Forensics Author: Prof Bill Buchanan
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25 DLP Data in-motion Network Packet Analysis Author: Prof Bill Buchanan
26 Adv Net For. Cracking usernames ftp.response.code Correct login: ftp.response.code==230 Incorrect login: ftp.response.code==530 ftp contains "PASS" Administrator search: ftp contains "Administrator" Hydra (FTP) Author: Prof Bill Buchanan
27 Adv Net For. Cracking usernames Telnet.data contains login Bad Login: Telnet.data contains unknown Hydra (Telnet) Author: Prof Bill Buchanan
28 Adv Net For. Detecting Scanning tcp.flags.syn && tcp.flags.ack==0 ip.src== && tcp.flags.reset && tcp.flags.ack ip.src== && tcp.flags.syn==1 && tcp.flags.ack==1 Ports not open: [RST, ACK] Ports not open: [SYN, ACK] NMAP (Port Scanning) Author: Prof Bill Buchanan
29 Adv Net For. Detecting Scanning ICMP/ARP Scan arp.opcode==2 Author: Prof Bill Buchanan
30 Advanced Network Forensics Signature Detection Author: Prof Bill Buchanan
31 Adv Net For. File Types http contains "\x25\x50\x44\x46" http contains %PDF http contains "GIF89a" http contains "GIF89a" http contains "\x47\x49\x46\x38" PNG: http contains "\x89\x50\x4e\x47" ZIP: http contains "\x50\0x4b\0x030\x04" Detecting File Types in Payloads Author: Prof Bill Buchanan
32 Advanced Network Forensics Converted Formats Author: Prof Bill Buchanan
33 Adv Net For. File Types MIME Encoding message =_NextPart_001_0005_01CF0A5E.E9FFC =_NextPart_000_0004_01CF0A5E.E9FFC210 Content-Type: image/jpeg;.name="ehealth.jpg" Content-Transfer-Encoding: base64 Content-Disposition: attachment;.filename="ehealth.jpg" /9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAICAgICAgICAgICAgICAwMDAgIDAwQDAwMDAwQFBAQE BAQEBQUGBgcGBgUHBwgIBwcKCgoKCgoKCgoKCgoKCgr/2wBDAQMDAwQDBAcFBQcLCQcJCwwLCwsL DAwKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgr/wAARCABeALQDAREA.. ki0dl8iylfhb6xkc9uw9ynvugsjdpw0wnx1dbomiur2fby/3ypsrkrsiktjhkpdirlnsehsehseh SEHSEHSEHSEHSEHSEHSEf//Z =_NextPart_000_0004_01CF0A5E.E9FFC210 Content-Type: image/gif;.name="cat01_with_hidden_text.gif" Content-Transfer-Encoding: base64 Content-Disposition: attachment;.filename="cat01_with_hidden_text.gif" smtp contains "/9j/4AAQSkZJRgABAQEA" smtp contains "image/gif" R0lGODlhZABVAOYAAP////f39vH08u7u7+fn5+Hk5t/e39fa3e/OztXV1dXT0NnRoczMzMTIzGhl bgxvwnhghmc/vb27uli2tbwzrqqxtqusrauppaampqelnquockycn5mzmzsaoiuvnjosjoynioam lpilzpchgoodg3qeistexvtisij8c3x6fiv6xnn8gplmznr1cmgazmpzghtytx1uumtqbndjx/gq... AMb5Ca3QER7Rn/75nwDqn8bZGwFAEsR5AAh6FAWwoPhpehHJERAaoRI6oRCKkx/ICuiZoaAQLxza or66cieaads= =_NextPart_000_0004_01CF0A5E.E9FFC Author: Prof Bill Buchanan
34 Adv Net For. PCRE PCRE - Perl Compatible Regular Expressions alert tcp any any <> any 25 (pcre:"/[a-za-z0-9._%+-]+@[a-za-z0-9._%+-]/"; \ msg:" in message";sid: ;rev:1;) [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :2826 -> :25 TCP TTL:128 TOS:0x0 ID:13590 IpLen:20 DgmLen:78 DF ***AP*** Seq: 0xB Ack: 0xFB0FDF97 Win: 0xFF71 TcpLen: 20 [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :25 -> :2826 TCP TTL:128 TOS:0x0 ID:2017 IpLen:20 DgmLen:88 DF ***AP*** Seq: 0xFB0FDF97 Ack: 0xB14845AB Win: 0xFAB5 TcpLen: 20 [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :2826 -> :25 TCP TTL:128 TOS:0x0 ID:13591 IpLen:20 DgmLen:66 DF ***AP*** Seq: 0xB14845AB Ack: 0xFB0FDFC7 Win: 0xFF41 TcpLen: 20 [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :25 -> :2826 TCP TTL:128 TOS:0x0 ID:2018 IpLen:20 DgmLen:66 DF ***AP*** Seq: 0xFB0FDFC7 Ack: 0xB14845C5 Win: 0xFA9B TcpLen: 20 [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :2826 -> :25 TCP TTL:128 TOS:0x0 ID:13593 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xB14845CB Ack: 0xFB0FE00F Win: 0xFEF9 TcpLen: 20 [**] [1: :1] in message [**] [Priority: 0] 01/05-21:41: :25 -> :2826 TCP TTL:128 TOS:0x0 ID:2030 IpLen:20 DgmLen:125 DF ***AP*** Seq: 0xFB0FE00F Ack: 0xB148AE2E Win: 0xFAEB TcpLen: 20 smtp matches "[a-za-z0-9._%+-]+@[a-za-z0-9._%+-]" Author: Prof Bill Buchanan
35 Adv Net For. PCRE PCRE for Credit Card Details alert tcp any any <> any any (pcre:"/5\d{3}(\s -)?\d{4}(\s -)?\d{4}(\s -)?\d{4}/"; \ msg:"mastercard number detected in clear text";content:"number";nocase;sid: ;rev:1;) alert tcp any any <> any any (pcre:"/3\d{3}(\s -)?\d{6}(\s -)?\d{5}/"; \ msg:"american Express number detected in clear text";content:"number";nocase;sid: ;rev:1;) alert tcp any any <> any any (pcre:"/4\d{3}(\s -)?\d{4}(\s -)?\d{4}(\s -)?\d{4}/"; \ msg:"visa number detected in clear text";content:"number";nocase;sid: ;rev:1;) [**] [1: :1] Visa number detected in clear text [**] [Priority: 0] 01/06-21:20: :1061 -> :25 TCP TTL:128 TOS:0x0 ID:628 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCA178C7B Ack: 0x Win: 0xFEF9 TcpLen: 20 [**] [1: :1] MasterCard number detected in clear text [**] [Priority: 0] 01/06-21:20: :1061 -> :25 TCP TTL:128 TOS:0x0 ID:628 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xCA178C7B Ack: 0x Win: 0xFEF9 TcpLen: 20 smtp matches "5\\d{3}(\\s -)?\\d{4}(\\s -)?\\d{4}(\\s -)?\\d{4}" Author: Prof Bill Buchanan
36 DLP Data in-motion Magic Numbers Author: Prof Bill Buchanan
37 DLP Image files.gif GIF89 MD5(c:\assets\cat01_with_hidden_text.gif)= 10117e6475c78b74b3a1a18f8d1c0d66 [ ] E FF FF FF GIF89ad.U... [ ] F7 F7 F6 F1 F4 F2 EE EE EF E7 E7 E7 E1 E4 E6 DF... [ ] DE DF D7 DA DD EF CE CE D5 D5 D5 D5 D3 D0 D9 D1... [ ] A1 CC CC CC C4 C8 CC C 6C 6F C0 D1 C hello... [ ] C0 BF BD BD BB B8 B8 B6 B5 B5 B3 AE AA B1 B6 AB... [ ] AC AD AB A9 A5 A6 A6 A6 A7 A5 9E AB A8 70 AC 9C...p.. [ ] 9F A A0 8B 95 9C E 8C 8D 8A....JPG \0xFF\0xD8 [ ] FF D8 FF E A C8...JFIF... [ ] 00 C FF FE 00 1F 4C LEAD.Tec [ ] 68 6E 6F 6C 6F E 63 2E hnologies.inc..v [ ] 31 2E FF DB F C... [ ] C 1A 19 1E 25 3F D...%?)%""%M [ ] 37 3A 2D 3F 5B E 5A B 7:-?[P`^ZPXVeq.{ [ ] 65 6B 89 6D E AC 7F A A2 A4 A2 61 ek.mvx~...a.png \0x89\0x50\0x4E\0x47 MD5(c:\assets\file04.jpg)= d82e64b5ba09960eb3e23aaf46644f45 MD5(c:\assets\bg.png)= 07f4bc9c7d4c36a864dce5c8ad108d82 [ ] E 47 0D 0A 1A 0A D PNG...IHDR [ ] F C C 27...W.' [ ] D AF C A...gAMA [ ] E F tEXtSoftwar [ ] F D e.adobe.imagerea [ ] C9 65 3C A EB DA dyq.e<...idatx. [ ] EC DD DD 6F D C0 F1 E7 9C 33 2F 7D D9 E9...oTi...3/}.. Magic Numbers
38 DLP Data in-motion Timelining Author: Prof Bill Buchanan
39 Timelining DLP NetWitness Who why when when? Pcap file IP/MAC addresses Geolocation Timeline Assets Timeline Start of incident End of incident
40 Data Loss Prevention 2. Data in-motion Magic Numbers/Discriminators. Detecting from network traffic. Regular Expressions. Extracting Content from traces. Converted formats. Author: Prof Bill Buchanan
Advanced Network Forensics User/Password Crack. Port Scan. Signature Detection. Converted Formats. ARP Spoofing. DDoS Detection.
Advanced Network Forensics User/Password Crack. Port Scan. Signature Detection. Converted Formats. ARP Spoofing. DDoS Detection. Setup Setup 192.168.47.171 192.168.47.200 Snort -i 1 -c 1.rules alert.ids
More informationCIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1
Version 1 1. (20 Points) Given the class A network address 121.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 8,100 subnets? b. (5 Points) What is
More informationCIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1
Version 1 1. (20 Points) Given the class A network address 119.0.0.0 will be divided into a maximum of 15,900 subnets. a. (5 Points) How many bits will be necessary to address the 15,900 subnets? b. (5
More informationCIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1
Version 1 Instructions Write your name on the exam paper. Write your name and version number on the top of the yellow paper. Answer Question 1 on the exam paper. Answer Questions 2-4 on the yellow paper.
More informationCIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1
Version 1 1. (20 Points) Given the class A network address 117.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 4,000 subnets? b. (5 Points) What is
More informationLab 6: Advanced Network Attack Analysis
Lab 6: Advanced Network Attack Analysis A Evidence Bag The malicious activity has been captured in the file: https://dl.dropboxusercontent.com/u/40355863/newtrace.rar Video: http://youtu.be/sup4juplmgq
More informationCIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. NOTE: Router E should only be used for Internet traffic. Router A Router
More informationCIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. Router A Router B Router C Router D Network Next Hop Next Hop Next Hop Next
More informationCIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1
Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present
More informationCIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1
Version 1 Instructions 1. Write your name and version number on the top of the yellow paper and the routing tables sheet. 2. Answer Question 2 on the routing tables sheet. 3. Answer Questions 1, 3, 4,
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More information4. Specifications and Additional Information
4. Specifications and Additional Information AGX52004-1.0 8B/10B Code This section provides information about the data and control codes for Arria GX devices. Code Notation The 8B/10B data and control
More informationTo use Snort for deep packet inspection, for log analysis, and to detect reconnaissance attacks from a Windows Application
Lab 7B: Intrusion Detection Systems (IDS) 2 (Invoking Snort from C# - Advanced) Details Aim: To use Snort for deep packet inspection, for log analysis, and to detect reconnaissance attacks from a Windows
More informationIncident Response Introduction. Risk Analysis. Risk Management. Outline of threats. Data Loss. Fundamentals.
Stateful PIX/ASA firewall Incident Response Introduction. Risk Analysis. Risk Management. Outline of threats. Data Loss. Fundamentals. Eve Bob Trent Bob Alice Inc Response Types Stateful PIX/ASA firewall
More informationGateway Ascii Command Protocol
Gateway Ascii Command Protocol Table Of Contents Introduction....2 Ascii Commands.....3 Messages Received From The Gateway....3 Button Down Message.....3 Button Up Message....3 Button Maintain Message....4
More informationZN-DN312XE-M Quick User Guide
ZN-DN312XE-M Quick User Guide This manual provides instructions for quick installation and basic configuration of your IP device. Step1. Connect cables to IP device Connect required cables to the device
More informationCIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1
Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present
More informationFirst Data Dual Interface EMV Test Card Set. Version 1.20
First Data Dual Interface EMV Test Card Set August, 2016 Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information available
More informationC1098 JPEG Module User Manual
C1098 JPEG Module User Manual General Description C1098 is VGA camera module performs as a JPEG compressed still camera that can be attached to a wireless or PDA host. Users can send out a snapshot command
More informationFirst Data EMV Test Card Set. Version 1.30
First Data EMV Test Card Set.30 January, 2018 Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information available from industry
More informationCIS-331 Final Exam Spring 2016 Total of 120 Points. Version 1
Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present
More informationFirst Data EMV Test Card Set. Version 2.00
First Data EMV Test Card Set.00 February, 2018 Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information available from industry
More informationLab 4: Network Packet Capture and Analysis using Wireshark
Lab 4: Network Packet Capture and Analysis using Wireshark 4.1 Details Aim: To provide a foundation in network packet capture and analysis. You may be faced with network traffic analysis, from traffic
More informationSCP SC Security Certified Program. Download Full Version :
SCP SC0-502 Security Certified Program Download Full Version : https://killexams.com/pass4sure/exam-detail/sc0-502 building and exactly opposite Troytec. The device is not in your office, and you will
More informationData Loss Leakage/Prevention - Fundamentals Fundamentals. Regular Expressions. Author: Prof Bill Buchanan
Data Loss Leakage/Prevention - Fundamentals Fundamentals. Regular Expressions. http://asecuritysite.com/dlp Author: Prof Bill Buchanan Data Loss Detection/ Prevention Introduction Author: Prof Bill Buchanan
More informationLab 4: Services, Logging and Intrusions
Lab 4: Services, Logging and Intrusions A Challenge Our challenge is to test services for their operation and to log network event for MyBank Incorp, where each of you will be allocated a network and hosts
More informationAcquirer JCB EMV Test Card Set
Acquirer JCB EMV Test Card Set July, 2017 Powered by Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information available
More informationJuly Registration of a Cyrillic Character Set. Status of this Memo
Network Working Group Request for Comments: 1489 A. Chernov RELCOM Development Team July 1993 Status of this Memo Registration of a Cyrillic Character Set This memo provides information for the Internet
More informationFOCUS on Intrusion Detection: Intrusion Detection Level Analysis of Nmap and Queso Page 1 of 6
FOCUS on Intrusion Detection: Intrusion Detection Level Analysis of Nmap and Queso Page 1 of 6 Intrusion Detection Level Analysis of Nmap and Queso by Toby Miller last updated Wednesday, August 30, 2000
More informationFirst Data DCC Test Card Set. Version 1.30
First Data DCC Test Card Set.30 April, 2018 Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information available from industry
More informationUNH-IOL MIPI Alliance Test Program
DSI Receiver Protocol Conformance Test Report UNH-IOL 121 Technology Drive, Suite 2 Durham, NH 03824 +1-603-862-0090 mipilab@iol.unh.edu +1-603-862-0701 Engineer Name engineer@company.com Panel Company
More informationCertified Ethical Hacker
Certified Ethical Hacker ECCouncil 312-49 Dumps Available Here at: /eccouncil-exam/312-49-dumps.html Enrolling now you will get access to 316 questions in a unique set of 312-49 dumps Question 1 When an
More informationID: Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version:
ID: 59176 Cookbook: browseurl.jbs Time: 19:37:50 Date: 11/05/2018 Version: 22.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis
More informationThe cache is 4-way set associative, with 4-byte blocks, and 16 total lines
Sample Problem 1 Assume the following memory setup: Virtual addresses are 20 bits wide Physical addresses are 15 bits wide The page size if 1KB (2 10 bytes) The TLB is 2-way set associative, with 8 total
More informationSANS FORENSIC CHALLENGES REPORT
SANS FORENSIC CHALLENGES REPORT Nama 이름 : Fitroh Qori Saputro : 피뜨로코리사뿌뜨로 NIM : 10152147 1. Wireshark Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your
More informationTEL
2003 6 Snort TEL 06-2533131 2605 E-mail ccsu@mail.stut.edu.tw m9090102@email3.stut.edu.tw paper, we use Open Source like Snort[10] to construct the Intrusion Detection System (IDS). Snort system will produce
More informationScan Results - ( Essentials - Onsharp )
Scan Results - www.onsharp.com ( Essentials - Onsharp ) Overview Open Ports (18) Scan ID: 7675527 Target: www.onsharp.com Max Score: 2.6 Compliance: Passing PCI compliance, Expires undefined Profile: 15
More informationThe Tic-Tac-Toe Game with the NST (Not-So-Tiny) CPU Introduction
The Tic-Tac-Toe Game with the NST (Not-So-Tiny) CPU Introduction The entire project file can be downloaded from the ELE405 FTP site as TTT2.ZIP (needless to say that this is version 2 of the TTT line).
More informationWhat s going on in /8. George Michaelson Geoff Huston
What s going on in 1.0.0.0/8 George Michaelson ggm@apnic.net Geoff Huston gih@apnic.net Standard Address TesCng IANA assigns /8 to APNIC RIPE NCC, on APNIC s behalf, announces selected subnets to test
More informationAcquirer JCB Dual Interface EMV Test Card Set
Acquirer JCB Dual Interface EMV Test Card Set.00 July, 2018 Powered by Disclaimer Information provided in this document describes capabilities available at the time of developing and delivering this document
More informationECHO Process Instrumentation, Inc. Modbus RS485 Module. Operating Instructions. Version 1.0 June 2010
ECHO Process Instrumentation, Inc. Modbus RS485 Module Operating Instructions Version 1.0 June 2010 ECHO Process Instrumentation, Inc. PO Box 800 Shalimar, FL 32579 PH: 850-609-1300 FX: 850-651-4777 EM:
More informationLynX-10 Legacy Protocol Specification Version 1.01
LynX-10 Legacy Protocol Specification Version 1.01 Marrick Limited LynX-10 TM Legacy Protocol Specification Manual revision 1.01 Marrick Limited, Incorporated P.O. Box 950940 Lake Mary, FL 32795 (407)
More information! ' ,-. +) +))+, /+*, 2 01/)*,, 01/)*, + 01/+*, ) 054 +) +++++))+, ) 05,-. /,*+), 01/-*+) + 01/.*+)
! "#! # $ %& #! '!!!( &!)'*+' '(,-. +) /,*+), 01/-*+) + 01/.*+) ) 05,-. +))+, /+*, 2 01/)*,, 01/)*, + 01/+*, ) 054 +) +++++))+,3 4 +. 6*! ) ) ) ) 5 ) ) ) ) + 5 + + ) ) ) 5 9 + ) ) + 5 4 ) ) + ) 5, ) )
More informationTLS 1.2 Protocol Execution Transcript
Appendix C TLS 1.2 Protocol Execution Transcript In Section 2.3, we overviewed a relatively simple protocol execution transcript for SSL 3.0. In this appendix, we do something similar for TLS 1.2. Since
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 02, FALL 2012
CMSC 33 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 2, FALL 22 TOPICS TODAY Bits of Memory Data formats for negative numbers Modulo arithmetic & two s complement Floating point formats
More informationSPAREPARTSCATALOG: CONNECTORS SPARE CONNECTORS KTM ART.-NR.: 3CM EN
SPAREPARTSCATALOG: CONNECTORS ART.-NR.: 3CM3208201EN CONTENT SPARE CONNECTORS AA-AN SPARE CONNECTORS AO-BC SPARE CONNECTORS BD-BQ SPARE CONNECTORS BR-CD 3 4 5 6 SPARE CONNECTORS CE-CR SPARE CONNECTORS
More informationRS 232 PINOUTS. 1. We use RJ12 for all of our RS232 interfaces (Link-2-Modbus & Link-2-PC- Serial/RS232). The diagram below shows our pin out.
RS 232 PINOUTS 1. We use RJ12 for all of our RS232 interfaces (Link-2-Modbus & Link-2-PC- Serial/RS232). The diagram below shows our pin out. 2. A DB9 Female to RJ12 Female Serial/Terminal Modular Adaptor
More informationAPPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC
APPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC This update to the AppleShare PC User's Guide discusses AppleShare PC support for the use of international character sets, paper sizes, and date
More informationCMSC 313 Lecture 03 Multiple-byte data big-endian vs little-endian sign extension Multiplication and division Floating point formats Character Codes
Multiple-byte data CMSC 313 Lecture 03 big-endian vs little-endian sign extension Multiplication and division Floating point formats Character Codes UMBC, CMSC313, Richard Chang 4-5 Chapter
More informationInterac USA Interoperability EMV Test Card Set
Interac USA Interoperability EMV Test Card Set.00 April, 2018 Powered by Disclaimer Information provided in this document describes capabilities available at the time of developing this document and information
More informationSPARE CONNECTORS KTM 2014
SPAREPARTSCATALOG: // ENGINE ART.-NR.: 3208201EN CONTENT CONNECTORS FOR WIRING HARNESS AA-AN CONNECTORS FOR WIRING HARNESS AO-BC CONNECTORS FOR WIRING HARNESS BD-BQ CONNECTORS FOR WIRING HARNESS BR-CD
More informationTechnical Specification. Third Party Control Protocol. AV Revolution
Technical Specification Third Party Control Protocol AV Revolution Document AM-TS-120308 Version 1.0 Page 1 of 31 DOCUMENT DETAILS Document Title: Technical Specification, Third Party Control Protocol,
More informationExam Number/Code: Exam Name: Computer Hacking. Version: Demo. Forensic Investigator.
Exam Number/Code:312-49 Exam Name: Computer Hacking Forensic Investigator Version: Demo http://www.it-exams.com QUESTION NO: 1 When an investigator contacts by telephone the domain administrator or controller
More informationCSC Network Security
CSC 474 -- Security Topic 9. Firewalls CSC 474 Dr. Peng Ning 1 Outline Overview of Firewalls Filtering Firewalls Proxy Servers CSC 474 Dr. Peng Ning 2 Overview of Firewalls CSC 474 Dr. Peng Ning 3 1 Internet
More informationAdvanced Security and Forensic Computing
Advanced Security and Forensic Computing Unit 2: Network Security Elements Dr Dr Bill Buchanan, Reader, School of of Computing. >Unit 2: 2: Network Security Elements Advanced Security and Forensic Computing
More information6. Specifications & Additional Information
6. Specifications & Additional Information SIIGX52004-3.1 Transceier Blocks Table 6 1 shows the transceier blocks for Stratix II GX and Stratix GX deices and compares their features. Table 6 1. Stratix
More informationKNX TinySerial 810. Communication Protocol. WEINZIERL ENGINEERING GmbH
WEINZIERL ENGINEERING GmbH KNX TinySerial 810 Communication Protocol WEINZIERL ENGINEERING GmbH Bahnhofstr. 6 DE-84558 Tyrlaching GERMAY Tel. +49 8623 / 987 98-03 Fax +49 8623 / 987 98-09 E-Mail: info@weinzierl.de
More informationLab 1: Creating Secure Architectures (Revision)
Lab 1: Creating Secure Architectures (Revision) A Challenge Our challenge is to setup MyBank Incorp, where each of you will be allocated a network and hosts to configure and get on-line (Figure 1). For
More informationINTERNET & WORLD WIDE WEB (UNIT-1) MECHANISM OF INTERNET
INTERNET & WORLD WIDE WEB (UNIT-1) MECHANISM OF INTERNET 1. INTRODUCTION Hello friends are topic is Internet and World Wide Web the most popular services of our topic is social networking and online shopping
More informationDBK24. Isolated Digital Output Chassis. Overview
DBK24 Isolated Digital Output Chassis Overview 1 Power Requirements 2 Hardware Setup 2 Card Connection 2 Card Configuration 3 DaqBook and DaqBoard Connection 4 DaqBoard/2000 Series Board Connection 5 DaqBook
More information2-Type Series Pressurized Closures
2-Type Series Pressurized Closures A complete pressure tight reenterable closure system for enclosing spliced connections of communications cables in a wide variety of applications. The 2-type Closure
More informationHash Constant C Determinants leading to collisionfree
Hash Constant C Determinants leading to collisionfree (Ernst Erich Schnoor) eschnoor@multi-matrix.de Addendum to article: Core of the CypherMatrix Method http://www.telecypher.net/corecyph.htm#z6 Object
More informationProxy VPN. Network Forensics. Adv Security and. Eve. Bob. Alice SIEM. Author: Prof Bill Buchanan
Adv Security and Network Forensics Proxy VPN Eve Bob Alice Author: Prof Bill Buchanan Big Data Four Vs of Big Data V- Velocity [Speed of data generation] V- Variety [Different forms of data] V- Veracity
More informationDigital Lighting Systems, Inc.
Digital Lighting Systems, Inc. Four Channel Dry Contacts Relays Switch Pack DMX512 compatible USER'S MANUAL -UM User's Manual - Page 1 GENERAL DESCRIPTION The is a 4-channel DMX-512 compatible electro-mechanical
More informationCSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms
CSCI 454/554 Computer and Network Security Topic 3.1 Secret Key Cryptography Algorithms Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms? Security by
More informationChapter 7. Network Intrusion Detection and Analysis. SeoulTech UCS Lab (Daming Wu)
SeoulTech UCS Lab Chapter 7 Network Intrusion Detection and Analysis 2015. 11. 3 (Daming Wu) Email: wdm1517@gmail.com Copyright c 2015 by USC Lab All Rights Reserved. Table of Contents 7.1 Why Investigate
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 3.1 Secret Key Cryptography Algorithms Instructor: Dr. Kun Sun Outline Introductory Remarks Feistel Cipher DES AES 2 Introduction Secret Keys or Secret Algorithms?
More informationTutorial & Demo! image and audio transmission on wireless sensor networks!
Tutorial & Demo! image and audio transmission on wireless sensor networks! CARI 2014 tutorial - PART III! Gaston Berger University! October, 17 th, 2014! Saint-Louis, Senegal! Prof. Congduc Pham! http://www.univ-pau.fr/~cpham!
More informationCSE 123: Computer Networks
CSE 123: Computer Networks Homework 2 Solutions Total points = 50 Problems 1. The Domain Name System (DNS) [6 points] In the figure below, the first two steps are shown in the process of the local DNS
More informationID: Cookbook: browseurl.jbs Time: 23:19:26 Date: 20/08/2018 Version:
ID: 73278 Cookbook: browseurl.jbs Time: 23:19:26 Date: 20/08/2018 Version: 23.0.0 Table of Contents Analysis Report Overview General Information Detection Confidence Classification Analysis Advice Signature
More informationFORENSICS CYBER-SECURITY
FORENSICS CYBER-SECURITY MEIC, METI 2016/2017 1 st Semester 1 st Exam January 10, 2017 Duration: 2h00 - Use a pen only; no extra material is allowed, such as calculator, scratch paper, etc. - Write your
More informationID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:
ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationNetwork Interconnection
Network Interconnection Covers different approaches for ensuring border or perimeter security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Lecture
More informationCommunications guide. Line Distance Protection System * F1* GE Digital Energy. Title page
Title page GE Digital Energy D90 Plus Line Distance Protection System Communications guide D90 Plus firmware revision:.9x GE publication code: 60-9070-F (GEK-3469) GE Digital Energy 650 Markland Street
More information6.1 Combinational Circuits. George Boole ( ) Claude Shannon ( )
6. Combinational Circuits George Boole (85 864) Claude Shannon (96 2) Signals and Wires Digital signals Binary (or logical ) values: or, on or off, high or low voltage Wires. Propagate digital signals
More informationTriple DES and AES 192/256 Implementation Notes
Triple DES and AES 192/256 Implementation Notes Sample Password-to-Key and KeyChange results of Triple DES and AES 192/256 implementation For InterWorking Labs customers who require detailed information
More informationDigital Projector X30N/X35N
Digital Projector X30N/X35N Operator's Guide TECHNICAL Warranty 3M warrants that when the 3M Product is used according to 3M s Intended Use Statement (www.3m.com/meetings), it will perform satisfactorily
More informationAnalyzing Huge Data for Suspicious Traffic. Christian Landström, Airbus DS
Analyzing Huge Data for Suspicious Traffic Christian Landström, Airbus DS Topics - Overview on security infrastructure - Strategies for network defense - A look at malicious traffic incl. Demos - How Wireshark
More informationASCII Code - The extended ASCII table
ASCII Code - The extended ASCII table ASCII, stands for American Standard Code for Information Interchange. It's a 7-bit character code where every single bit represents a unique character. On this webpage
More informationCMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 02, SPRING 2013
CMSC 313 COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE PROGRAMMING LECTURE 02, SPRING 2013 TOPICS TODAY Bits of Memory Data formats for negative numbers Modulo arithmetic & two s complement Floating point
More informationHow to Digital Sign a PDF document With Nexus Personal software
How to Digital Sign a PDF document With Nexus Personal software Version 1.1 Page 1 from 11 1. Introduction This document describes the procedure must be followed to digitally sign a PDF document using
More informationA quick theorical introduction to network scanning. 23rd November 2005
A quick theorical introduction to network ASBL CSRRT-LU (Computer Security Research and Response Team Luxembourg) http://www.csrrt.org/ 23rd November 2005 IP protocol ACK Network is not exact science When
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationUser Role Firewall Policy
User Role Firewall Policy An SRX Series device can act as an Infranet Enforcer in a UAC network where it acts as a Layer 3 enforcement point, controlling access by using IP-based policies pushed down from
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationNetwork Security. Kitisak Jirawannakool Electronics Government Agency (public organisation)
1 Network Security Kitisak Jirawannakool Electronics Government Agency (public organisation) A Brief History of the World 2 OSI Model vs TCP/IP suite 3 TFTP & SMTP 4 ICMP 5 NAT/PAT 6 ARP/RARP 7 DHCP 8
More informationegov & PKI By: Alaa Eldin Mahmoud Aly YOUR LOGO
egov & PKI By: Alaa Eldin Mahmoud Aly YOUR LOGO e-government Survey 2014 United Nations Page 2 EGDI: E-Government Development Index National ID & Digital Signature Estonian Prime Minister Andrus Ansip
More informationID: Cookbook: browseurl.jbs Time: 03:15:55 Date: 26/01/2019 Version: Tiger's Eye
ID: 106158 Cookbook: browseurl.jbs Time: 03:15:55 Date: 26/01/2019 Version: 25.0.0 Tiger's Eye Table of Contents Table of Contents Analysis Report http://viads.blogsyte.com/target/ Overview General Information
More informationAdvanced Security and Forensic Computing. Advanced Security and Forensic Computing
Advanced Security and Forensic Computing Dr Dr Bill Buchanan, Reader, School of of Computing. >Unit 3: 3: Intrusion Detection Systems Advanced Security and Forensic Computing WJ Buchanan. ASFC (1) Data
More informationID: Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: Fire Opal
ID: 85066 Cookbook: browseurl.jbs Time: 09:46:57 Date: 19/10/2018 Version: 24.0.0 Fire Opal Table of Contents Table of Contents Analysis Report http://lux-motors.com/nnngg/nngbbgh/fffee Overview General
More informationCDR File Information. Comments Direct PCM
IMPORTANT NOTICE: Robert Bosch LLC and the manufacturers whose vehicles are accessible using the CDR System urge end users to use the latest production release of the Crash Data Retrieval system software
More informationChapter 8 roadmap. Network Security
Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing
More informationNetwork Security: Scan
Network Security: Scan Seungwon Shin, KAIST some slides from Dr. Brett Tjaden More about Scan Scan Techniques Network scanning where is a target? which service is available on a target? can I have more
More informationQuick Note 15. Quality of Service (QoS) on a TransPort router. UK Support
Quick Note 15 Quality of Service (QoS) on a TransPort router UK Support November 2015 Contents 1 Introduction... 3 1.1 Outline... 3 1.2 Assumptions... 3 1.3 Version... 3 2 Scenario... 4 3 Configuration...
More informationETSI TS V ( )
TS 135 233 V12.1.0 (2014-10) TECHNICAL SPECIFICATION Universal Mobile Telecommunications System (UMTS); LTE; Specification of the TUAK algorithm set: A second example algorithm set for the 3GPP authentication
More informationChapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing
Chapter 6: Digital Certificates Introduction Methods PKI Digital Certificate Passing Prof Bill Buchanan OBE http://asecuritysite.com/crypto06 http://asecuritysite.com/encryption Identity on the Internet
More informationDigital Lighting Systems, Inc. CD400-DMX DMX512 Four Channel Dimmer and Switch module
, Inc. DMX512 Four Channel Dimmer and Switch module Input: 5 Amps @ 6-24 VDC Outputs: 5 Amps Maximum each, total 4 outputs 8 Amps Maximum. FRONT BACK USER'S MANUAL -UM User's Manual - Page 1 GENERAL DESCRIPTION
More informationInterested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More information