12 Antworten
0
Sounds great! But its already been done. I wouldn't scap it though cause its great practice! I say keep goin! Just didn't know if you knew about scp or not
28th Aug 2021, 1:22 PM
Slick
Slick - avatar
+ 2
Certain ports are for certain services, if you see a port open, you can see what services are running on a machine, potentially having an exploit depending on the version of the service. Its part of the recon phase.
28th Aug 2021, 4:14 PM
Slick
Slick - avatar
+ 1
Slick, ok. Thank you for your advice. I'll keep going and learning :)
28th Aug 2021, 1:26 PM
Yahel
Yahel - avatar
+ 1
That's if someone is sitting in your network or compromised one of the machines in your network. You can only do things to prevent like mac whitelisting, blocking unnecissary ports, had ids and ips protection, vlans, and ect but you can only do so much. You can have the biggest and most secure gates in the world, but if someone steals or gets a hold of a key, well those gates mean nothing.
28th Aug 2021, 3:16 PM
Slick
Slick - avatar
0
ftp or for secure ssh. look up ssh for encrypted data trnsfer
28th Aug 2021, 12:02 PM
Slick
Slick - avatar
0
Slick, that's not what I need... ssh allows control over the shell of another machine... I need a proper and efficient way to trade public keys between the client and the server and store them safely etc.. I'd appreciate if you read the 4 steps I wrote in that question and give me a feedback if they are good...
28th Aug 2021, 12:15 PM
Yahel
Yahel - avatar
0
scp (which uses ssh) does exactly that
28th Aug 2021, 12:16 PM
Slick
Slick - avatar
0
Slick, so if SCP already provides you secure transportation of data, why do you need public keys? Sockets? Etc...
28th Aug 2021, 12:29 PM
Yahel
Yahel - avatar
0
They actually use a key (or fingerprint) system already. And sockets are just how nodes communicate
28th Aug 2021, 12:31 PM
Slick
Slick - avatar
0
Slick, so can I just delete most of the code that I did where I generate keys, establish a connection over python sockets etc... and just replace it with the scp python library? Or should I keep as I did and "invent the wheel" again? 😃 Will It show in my project that I understand the topic better, if I continue as I did so far? What should I do? And if I want to continue my way and not use SCP, what do you think about my 4 steps that I wrote?
28th Aug 2021, 12:46 PM
Yahel
Yahel - avatar
0
Slick, as we said in a previous post - a hacker can read the data but it's encrypted so he can't understand. But, he can modify the data. Is there a way to somehow prevent it?
28th Aug 2021, 3:07 PM
Yahel
Yahel - avatar
0
Slick I understand... If you already mentioned open ports I'd like to know how can it be dangerous
28th Aug 2021, 3:52 PM
Yahel
Yahel - avatar