chiwormjava 2.0.4 → 2.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/readme.md +227 -0
package/package.json
CHANGED
package/readme.md
CHANGED
|
@@ -1024,3 +1024,230 @@ Protection applied successfully
|
|
|
1024
1024
|
|
|
1025
1025
|
|
|
1026
1026
|
|
|
1027
|
+
|
|
1028
|
+
|
|
1029
|
+
|
|
1030
|
+
|
|
1031
|
+
|
|
1032
|
+
|
|
1033
|
+
|
|
1034
|
+
|
|
1035
|
+
|
|
1036
|
+
|
|
1037
|
+
|
|
1038
|
+
|
|
1039
|
+
|
|
1040
|
+
|
|
1041
|
+
|
|
1042
|
+
1. Basic Network (OSI Flow)
|
|
1043
|
+
PC
|
|
1044
|
+
ping 192.168.1.2 ++
|
|
1045
|
+
|
|
1046
|
+
|
|
1047
|
+
|
|
1048
|
+
|
|
1049
|
+
|
|
1050
|
+
|
|
1051
|
+
|
|
1052
|
+
|
|
1053
|
+
|
|
1054
|
+
|
|
1055
|
+
|
|
1056
|
+
|
|
1057
|
+
|
|
1058
|
+
|
|
1059
|
+
|
|
1060
|
+
|
|
1061
|
+
2. IPv4 Addressing + Routing
|
|
1062
|
+
Router
|
|
1063
|
+
enable ++
|
|
1064
|
+
configure terminal ++
|
|
1065
|
+
|
|
1066
|
+
interface g0/0 ++
|
|
1067
|
+
ip address 192.168.1.1 255.255.255.0 ++
|
|
1068
|
+
no shutdown ++
|
|
1069
|
+
exit ++
|
|
1070
|
+
|
|
1071
|
+
interface s0/0/0
|
|
1072
|
+
ip address 172.16.1.1 255.255.255.252
|
|
1073
|
+
no shutdown
|
|
1074
|
+
exit
|
|
1075
|
+
|
|
1076
|
+
ip route 10.0.0.0 255.255.255.248 172.16.1.2
|
|
1077
|
+
PC
|
|
1078
|
+
ping 10.0.0.2 ++
|
|
1079
|
+
|
|
1080
|
+
|
|
1081
|
+
|
|
1082
|
+
|
|
1083
|
+
|
|
1084
|
+
|
|
1085
|
+
|
|
1086
|
+
|
|
1087
|
+
|
|
1088
|
+
|
|
1089
|
+
|
|
1090
|
+
|
|
1091
|
+
3. NAT (PAT)
|
|
1092
|
+
Router
|
|
1093
|
+
enable ++
|
|
1094
|
+
configure terminal ++
|
|
1095
|
+
|
|
1096
|
+
interface g0/0 ++
|
|
1097
|
+
ip nat inside
|
|
1098
|
+
exit ++
|
|
1099
|
+
|
|
1100
|
+
interface g0/1 ++
|
|
1101
|
+
ip nat outside
|
|
1102
|
+
exit ++
|
|
1103
|
+
|
|
1104
|
+
access-list 1 permit 192.168.1.0 0.0.0.255 ++
|
|
1105
|
+
|
|
1106
|
+
ip nat inside source list 1 interface g0/1 overload
|
|
1107
|
+
|
|
1108
|
+
ip route 0.0.0.0 0.0.0.0 203.0.113.2
|
|
1109
|
+
Router (Check)
|
|
1110
|
+
show ip nat translations
|
|
1111
|
+
PC
|
|
1112
|
+
ping 203.0.113.2 ++
|
|
1113
|
+
|
|
1114
|
+
|
|
1115
|
+
|
|
1116
|
+
|
|
1117
|
+
|
|
1118
|
+
|
|
1119
|
+
|
|
1120
|
+
|
|
1121
|
+
|
|
1122
|
+
4. IPv4 Packet Analysis
|
|
1123
|
+
Wireshark
|
|
1124
|
+
ip.version == 4
|
|
1125
|
+
PC
|
|
1126
|
+
ping 8.8.8.8 ++
|
|
1127
|
+
|
|
1128
|
+
|
|
1129
|
+
|
|
1130
|
+
|
|
1131
|
+
|
|
1132
|
+
|
|
1133
|
+
|
|
1134
|
+
5. Packet Fragmentation
|
|
1135
|
+
PC
|
|
1136
|
+
netsh interface ipv4 show subinterfaces
|
|
1137
|
+
|
|
1138
|
+
ping 8.8.8.8 -f -l 1472
|
|
1139
|
+
ping 8.8.8.8 -f -l 2000
|
|
1140
|
+
ping 8.8.8.8 -l 2000
|
|
1141
|
+
Wireshark
|
|
1142
|
+
ip.flags.mf == 1 or ip.frag_offset > 0
|
|
1143
|
+
|
|
1144
|
+
|
|
1145
|
+
|
|
1146
|
+
6. Network Security (ACL)
|
|
1147
|
+
Router
|
|
1148
|
+
enable ++
|
|
1149
|
+
configure terminal ++
|
|
1150
|
+
|
|
1151
|
+
access-list 1 deny 192.168.1.20
|
|
1152
|
+
access-list 1 permit any
|
|
1153
|
+
|
|
1154
|
+
interface g0/0 ++
|
|
1155
|
+
ip access-group 1 in
|
|
1156
|
+
exit ++
|
|
1157
|
+
PC
|
|
1158
|
+
ping 192.168.1.10 ++
|
|
1159
|
+
|
|
1160
|
+
|
|
1161
|
+
|
|
1162
|
+
|
|
1163
|
+
7. IP Spoofing Protection
|
|
1164
|
+
Router
|
|
1165
|
+
enable ++
|
|
1166
|
+
configure terminal ++
|
|
1167
|
+
|
|
1168
|
+
ip access-list extended ANTI-SPOOF
|
|
1169
|
+
deny ip 192.168.1.0 0.0.0.255 any
|
|
1170
|
+
permit ip any any
|
|
1171
|
+
|
|
1172
|
+
interface g0/1
|
|
1173
|
+
ip access-group ANTI-SPOOF in
|
|
1174
|
+
|
|
1175
|
+
interface g0/0 ++
|
|
1176
|
+
|
|
1177
|
+
|
|
1178
|
+
ip verify unicast source reachable-via rx
|
|
1179
|
+
|
|
1180
|
+
|
|
1181
|
+
|
|
1182
|
+
|
|
1183
|
+
|
|
1184
|
+
|
|
1185
|
+
|
|
1186
|
+
|
|
1187
|
+
|
|
1188
|
+
|
|
1189
|
+
|
|
1190
|
+
|
|
1191
|
+
|
|
1192
|
+
8. TCP Hijacking (Prevention)
|
|
1193
|
+
Router
|
|
1194
|
+
enable ++
|
|
1195
|
+
configure terminal ++
|
|
1196
|
+
|
|
1197
|
+
ip access-list extended BLOCK_TCP
|
|
1198
|
+
deny tcp any any eq 23
|
|
1199
|
+
permit ip any any
|
|
1200
|
+
|
|
1201
|
+
interface g0/0 ++
|
|
1202
|
+
ip access-group BLOCK_TCP in
|
|
1203
|
+
9. UDP Hijacking (DNS)
|
|
1204
|
+
📍 PC
|
|
1205
|
+
nslookup example.com
|
|
1206
|
+
📍 Server (DNS setup)
|
|
1207
|
+
|
|
1208
|
+
(No CLI, but concept command equivalent)
|
|
1209
|
+
|
|
1210
|
+
example.com → 192.168.1.100
|
|
1211
|
+
|
|
1212
|
+
|
|
1213
|
+
|
|
1214
|
+
|
|
1215
|
+
|
|
1216
|
+
|
|
1217
|
+
|
|
1218
|
+
|
|
1219
|
+
|
|
1220
|
+
|
|
1221
|
+
|
|
1222
|
+
|
|
1223
|
+
|
|
1224
|
+
|
|
1225
|
+
|
|
1226
|
+
10. DoS Simulation
|
|
1227
|
+
PC (Attack)
|
|
1228
|
+
ping 192.168.1.100 ++
|
|
1229
|
+
Switch (Protection)
|
|
1230
|
+
enable ++
|
|
1231
|
+
configure terminal ++
|
|
1232
|
+
|
|
1233
|
+
interface fa0/2
|
|
1234
|
+
switchport port-security
|
|
1235
|
+
switchport port-security maximum 1
|
|
1236
|
+
switchport port-security violation shutdown
|
|
1237
|
+
|
|
1238
|
+
interface fa0/3
|
|
1239
|
+
switchport port-security
|
|
1240
|
+
switchport port-security maximum 1
|
|
1241
|
+
switchport port-security violation shutdown
|
|
1242
|
+
MASTER REPEATED COMMAND LIST
|
|
1243
|
+
|
|
1244
|
+
These appear everywhere (VERY IMPORTANT):
|
|
1245
|
+
|
|
1246
|
+
enable ++
|
|
1247
|
+
configure terminal ++
|
|
1248
|
+
interface g0/0 ++
|
|
1249
|
+
no shutdown ++
|
|
1250
|
+
exit ++
|
|
1251
|
+
ping ++
|
|
1252
|
+
access-list ++
|
|
1253
|
+
ip access-group ++
|