Litnotes Kali Revealed - Avalonian Memex

- win32 disk imager for usb - ssh config 110 - firewall like fwmonitor - lulu for mac - aide for hids baselining, store reference on read-only, similar to tripwire see p. 165 - chksecurity and rkhunter for rootkit detection - apt upgrade then apt update - For example, when visiting some parts of the world, you may be at substantial __risk __of catching malaria. This is because the __threat __of mosquitoes is very high in some areas, and you are almost certainly not immune to malaria. Fortunately, you can control the __vulnerability __with medication and attempt to control the __threat __with the use of bug repellent and mosquito nets. With controls in place addressing both the __threat __and the __vulnerability__, you can help ensure the __risk __does not actualize. - not all vulnerabilities are exploitable, but all must be treated as such bc of 0 days and private exploits - NIST SP 800-30 defines the true risk of a discovered vulnerability as __a combination of the likelihood of occurrence and the potential impact__. - memory corruption - StackBufferOverflow:Whenaprogramwritesmoredatatoabufferonthestackthanthere is space available for it, adjacent memory can be corrupted, often causing the program to crash. - HeapCorruption:Heapmemoryisallocatedatrun-timeandusuallycontainsdatafromthe running program. Heap corruptions occur by manipulating the data to overwrite through the linked list of heap memory pointers. - IntegerOverflow:Theseoverflowsoccurwhenanapplicationtriestocreateanumericvalue that can’t be contained within its allocated storage space. - FormatString:Whenaprogramacceptsuserinputandformatsitwithoutcheckingit,mem- ory locations can be revealed or overwritten, depending on the format tokens that are used. - web attacks - SQL injection: These attacks take advantage of improperly-programmed applications that do not properly sanitize user input, leading to the ability to extract information from the database or even the complete takeover of the server. - Cross-site scripting: As with SQL injection, XSS attacks result from improper sanitization of user input, allowing attackers to manipulate the user or site into executing code in the context of their own browser session. - https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf