Certified Ethical Hacker Certification Class descroption



Certified Ethical Hacker (CEH) is a professional who has mastered the techniques to get an access to the target systems, in a lawful manner, which are vulnerable and prone to flaws. This certification is provided by EC Council. Safeguarding of the security system from being exposed to malicious contents is a must, which can be possibly done only by a professional; hence, the Certified Ethical Hacker course has been drawing a lot of attention.

EC-Councils Official delivery platform includes your study material, iLabs (virtual labs) and gives you the most flexible options for training to fit your busy work schedule's give a different type courses of certification, Degrees provide lab iclass &training. C|EH class provide Brochure, Handbook Blue print, Policies, Exam FAQ, Eligibility

Certified ethical hacking course with 20 of the most current security domains any individual will ever want to know when they are planning to beef up the information security posture of their organization. In 20 comprehensive modules, the course covers 340 attack technologies, commonly used by hacker.

The EC-Council CEH attempt exam refundable eligibility application fee of USD 100.00 and you can buy Amazon book CEH v10: EC-Council Certified Ethical Hacker Complete Training guide with Practice labs exam: 312:50 $29.05 office Amazon website link

Nepal offers certified ethical hacking training in Nepal to produce certified ethical hackers capable of identifying and safeguarding IT systems against vulnerabilities. Ethical Hacking certification recognizes IT security professional as an expert to handle security issues in any network and computer system. Our IT institute provide a different type of course better in Nepal C|EH Training & Class the name list down below.



What is C|EH?
The most desired information security training program in the industry, the accredited course provides the advanced hacking & information security professionals alike to break into an organization.
Course content
Over 140 labs that mimic real scenarios
Over 2,200 commonly used hacking tools to immerse you in the hacker world
Over 1,685 graphically rich, specially designed slides to help you grasp complex security concepts in depth.
What's New in CEH V10?
Inclusion of New modules - IoT Hacking and vulnerability analysis, Focus on emerging attack vectors - cloud, Al, ML, etc.
Hacking challenges at the end of each module coverage of the latest Malware, Inclusion of complete Malware analysis process and covers latest hacking tools.
5 Phases of Ethical Hacking
Reconnaissance, Enumeration, Gaining Access, Maintaining Access, Covering Tracks




Duration: 2 Months
About the Exam
Number of Questions: 125
Test Duration: 4 Hours
Test Format: Multiple Choice
Test Delivery: ECC EXAM, VUE
Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)
Passing score 60% to 80%

New in CEH Version 10 Course

CEH Version 10 Course:
Module 01: Introduction to Ethical Hacking
Module 02: Footprinting and Reconnaissance
Module 03: Scanning Networks
Module 04: Enumeration
Module 05: Vulnerability Analysis
Module 06: System Hacking
Module 07: Malware Threats
Module 08: Sniffing
Module 09: Social Engineering
Module 10: Denial-of-Service
Module 11: Session Hijacking
Module 12: Evading IDS, Firewalls, and Honeypots
Module 13: Hacking Web Servers
Module 14: Hacking Web Applications
Module 15: SQL Injection
Module 16: Hacking Wireless Networks
Module 17: Hacking Mobile Platforms
Module 18: IoT Hacking
Module 19: Cloud Computing
Module 20: Cryptography

MikroTik Router's 200, 00 vulnerability hacker inject Crypto mining Malware



MikroTik Router's 200, 00 vulnerability hacker inject Crypto mining Malware
Security research proof of Concept of Winbox Critical Vulnerability (CVE-2018-14847) found MikroTik routers more than 200,000 backdoor access to the device version. Malware campaigns have compromised more than 210,000 routers from Latvian network hardware provider MikroTik across the world

What is MikroTik?
According to the official website, MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world. RouterOS is the operating system of most MikroTik devices. The vulnerability affects all versions of RouterOS from 6.29 (release date: 2015/28/05) to 6.42 (release date 2018/04/20)

The hacker easy exploiting a vulnerability in the Winbox application of MikroTik router that was discovered in April this year and patched within a day of its discoverySecurity flaw can potentially allow an attacker to gain unauthenticated, remote attacker administrative access to any vulnerable MikroTik router.



Malware campaigns that infected 25,500 and 16,000 MikroTik routers, mainly in Moldova, with malicious crypto currency mining code from infamous CoinHive service. 

Targeting networking devices in Brazil, where a hacker or a group of hackers compromised more than MikroTik routers devices. MikroTik routers are targeted to spread malware. In March this year, a sophisticated APT hacking group exploited unknown vulnerabilities in MikroTik routers to covertly plant spyware into victims' computers.


MikroTik devices. However, the vulnerability which allowed the firm's routers to become crypto currency mining slaves was no zero-day; instead, it is CVE-2018-14847, a known security bug impacting Winbox for MikroTik RouterOS.
Through version 6.42 of the software, remote attackers are able to bypass authentication and read arbitrary files by modifying a request to change one byte related to a Session ID, according to the vulnerability description. 

Vulnerability MikroTik router exploiting PoC WinboxPoC.py ip address target and MAC address they can access to the device. The office github link WinboxPoC.py download python script pentesting os platform Linux os. All versions from 6.29 (release date: 2015/28/05) to 6.42 (release date 2018/04/20) are vulnerable. "WARNING EDUCATIONAL PURPOSE ONLY"





















How to use
Note that this script will NOT run with Python2.x. Use only Python 3+
Winbox (TCP/IP)
$ python3 WinboxExploit.py 172.17.17.17
User: admin
Pass: Th3P4ssWord

MAC server Winbox (Layer 2)
You can extract files even if the device doesn't have an IP address :-)
$ python3 MACServerDiscover.py

Looking for Mikrotik devices (MAC servers)
    aa:bb:cc:dd:ee:ff
    aa:bb:cc:dd:ee:aa
$ python3 MACServerExploit.py aa:bb:cc:dd:ee:ff
User: admin
Pass: Th3P4ssWord


















Mitigation Techniques
Update your RouterOS to the last version or Bugfix version
Do not use Winbox and disable it :| it's nothing just a GUI for NooBs ..
you may use some Filter Rules (ACL) to deny anonymous accesses to the Router
ip firewall filter add chain=input in-interface=wan protocol=tcp dst-port=8291 action=drop
Surces page GitHub

Define LAN, MAN, WAN,IP ADDRESS



Define LAN, MAN, WAN,IP ADDRESS

What is IP address?
The internet address (IP address) is 32bits that uniquely and universally defines a host or router on the internet. The portion of the IP address that identifies the network is called net id. The portion of the IP address that identifies the host or router on the network is called host id.

What is Special Public IP?
ISP have provided a specific public IP for you, you have full rights to use and manage this public IP into your network, because this public IP specifically for you and no one can use it. You like given the address or name on the internet to your network. ISP will give you a special price for this.

What is Common Public IP?
ISP is not given special IP address or name to you on the internet, but you still use public IP to be connected to the internet. In this case you will use the public IP together with all clients of your ISP and this public IP fully managed by ISP itself. You like being under their clients network there is no special name for your network.

What is Static Public IP?
Public IP that is used will not be changed because it is not planned to be changed, this public IP can be Special Public IP or Common Public IP as our terms.

What is Dynamic Public IP?
Public IP that always be changed dynamically when you use connect to internet, the changes have ranges as the network mask of the public IP that used by ISP. Same like Static Public IP, it can be Special Public IP or Common

What is Local IP?
Local IP addresses both serve the same purpose, the difference is scope. An external or public IP address is used across the entire Internet to locate computer systems and devices. A local or internal IP address is used inside a private network to locate the computers and devices connected to it.

Define LAN, MAN and WAN.
LAN- A local area network (LAN) is a privately owned and links the devices in a single office, building or campus. It allows resources to be shared between personal computers and work stations. MAN- A metropolitan-area network (MAN) spreads over an entire city. It may be wholly owned and operated by a private company, example local telephone company. WAN – A wide area network (WAN) provides long distance transmission of data, voice, image and video information over large geographic areas that comprise a country, a continent or even whole world.

Nepal Telecom ISP Upgrade System use the FortiGATE firewall



Nepal Telecom ISP Upgrade System use the FortiGATE firewall  

 Just few months ago Nepal Telecom (ISP) internet Service Provider Company upgrade the system & security, use next generation Fort iGATE firewall and network security now is filter the internet using suffer internet. The internet user protect the connection safe the hacker anti phishing our network Communication system. Nepal Telecom maintained system of Nepalese organizations more & more cyber criminals are targeting Nepal cyberspace to get focus security system. 


 Nepal Telecom last few years ago dozen of the attack the anonymous hacker group has claimed to have breach the Nepal Telecom ADSL server, and have gained access to user's Wi-Fi SSID and password more than 43700 router is vulnerability found NTC's server was hacked last months, a group called Anonymous opnep gained access to all the details of NTC user that include username, citizenship name, father's name as well as other private information which you have to fill up during new SIM card registration.
The Fort iGATE firewall feature consolidated security platforms deliver unmatched performance and protection while simplifying your network. Fortinet offers models to satisfy any deployment requirement from the FortiGate-30 series for small offices to the FortiGate-5000 series for very large enterprises, service providers and carriers.
Fort iGATE platforms combine the FortiOS security operating system with Forti AISIC processors and latest-generation CPUs to other hardware to provide a comprehensive, high-performance security. Each Fort iGATE includes the widest range of security and networking functions on the market, including:

Firewall, VPN, and Traffic shaping
Intrusion Prevention (IPS)
Antivirus/Antispyware/Antimalware
Integrated wireless controller
Application Control
IPv6 Support
Data Leak Prevention
Secure WI-FI
Web Filtering
Antispam
VoIP Support
Layer 2/3 routing
WAN Optimization & Web Caching
 This example describes how to improve the reliability of a network connection using two ISPs. The example includes the configuration of equal cost multi-path load balancing, which efficiently distributes sessions to both Internet connections without overloading either connection
Create a security policy for the primary interface connecting to the ISPs and the internal network. Create a security policy for each interface connecting to the ISPs and the internal network


How to know RJ-45 jack color codes Female port clamping network tips



How to know RJ-45 jack color codes Female port clamping network tips

Network router and switch are female port diagram may be the four cable working our network note this one, another cable not using ports. Registered Jack 45 (RJ45) is a standard type of physical connector for network cables. 
(RJ45) connectors are most commonly seen with Ethernet cables and networks. Modern Ethernet cables feature small plastic plugs on each end that are inserted into the( RJ45) jacks of Ethernet devices
Layout the (RJ-45) format console port male pin out showing down below tables:

RTS 1 PIN
Request to Send
DTR 2 PIN
Ready Out
TXD 3 PIN
Data Out
GND 4 PIN
Ground
GND 5 PIN
Ground
RXD 6 PIN
Data in
DCD 7 PIN
Carrier Detect
CTS 8 PIN
Clear to Send

The table's string-Through cable and crossover cable show down below:
 (RJ-45) jack male color codes two tables and Figure example network tester device:



String- Through cable
Crossover Cable
1. White/Orange
1. White/Green
2. Orange
2. Green
3. White/Green
3. White/Orange
4. Blue
4. Blue
5. White/Blue
5. White/Blue
6. Green
6. Orange
7. White/Brown
7. White/Brown
8. Brown
8. Brown

Second step crossover cable & Straight-Through Cable to the tables down below this topology to the network stranded networking straight-Through cable and Crossover Cable 

Straight-Through Cable

Crossover Cable
Switch + Router

Switch + Switch
Switch + PC

Switch + Hub
Switch + Server

Hub + Hub
Hub + PC

Router + Router
Hub + Server

Router + PC
Hub + Router

PC + PC

When I check network tester RJ-45 & RJ-11 remote and master tips its easy find out fault to the wire Straight-Through LED light indication diagram down below

Maximum length 10/100/1000BASE-T, the maximum allowed length of a CAT-6 cable is100 meters or 328 feet. This consists of 90 meters (300 ft) of solid "horizontal" cabling between the patch panel and the wall jack, plus 10 meters (33 ft) of stranded patch cable between each jack and the attached device
Maximum length a CAT-5 cable can have is 100 meters. In the case you require a cable longer than 100 meters, you need to install a simple repeater I.E. a hub, or a switch, which will allow you to extend the total length.

How to remove KMSpico Malware from your computer



How to remove KMSpico Malware from your computer?

KMSPico Description (Malware)

KMSPico is any malicious computer program created by cyber hacker to hack into a computer through misleading users. It spread by some form of social engineering, alike e-mail attachment, bundled with third party application or lurks inside PC through sharing data in open network. Do lots of malicious activities into targeted as:

Although KMSPico malware is not destructive itself, the majority of websites which provide its download link are untrustworthy and seek to spread malware. However, there is nothing more to expect from sites that present an illegal program.

That is not a commendable behavior; however, cyber criminals aim to exploit users who seek to obtain paid software for free. Therefore, they infect most requested computer programs with harmful components, such as Trojans or worms, or less-harmful threats like adware. It was noticed that KMSPico virus frequently promotes adware programs, and that is why some security researchers name this dangerous program as KMSPico adware





Normally, the network administrators would contact KMS servers through the Remote Procedure Call and then activate the desired services. The KMSpico creators offer to replace the existing key with a new volume license key and activate the services without having to connect to this KMS server.

Bring modification into Windows registry.
Help Spammers via opening system backdoor etc.
KMSPico Intrusion Methods
As malicious attachment via Spam emails.
By drive-by download.
Sharing data in open network.
Visits to infected websites, torrents.
Clicks to suspicious ads, offers and text-links.
Other social engineering scam etc.
Harmful Impacts of KMSPico  
Crashing the computer or device
Spreading other malware across the network.
Use computer as part of a botnet.
Able to format disks, destroying all contents.
Degraded PC performance and internet speed.
Opens backdoor of cyber crook to access PC.
Spy you’re online activates to record information.

Step By step guide to remove Trojan so hold shift key while choosing option. Restart the windows system. After the system reboot a blue screen papers, now choose troubleshoot option.

Now click on advanced option next from available options of advance option menu, go for startup setting. Now list will appear title restart to change windows options, click on restart button at bottom right corner. 
Take help keys form F1 to F9 you select your desired option of startup settings, once advanced boot options appear go to the safe mode with networking. Press enter key when open safe mode interface then kill malicious KMSPico processes from task manager press Ctrl+ Alt + Del keys together on your keyboard. Now in the processes tab look for any suspicious running process and click on it. Further click end task terminate the malicious process.

Next step clean malicious registry entries made by KMSPico Trojan and tap and hold windows + R keys together search suspicious entries related related with KMSPico. Right click on it > select delete option from there, once startup appear press F6 key to choose safe Mode along with command prompt option.
It is the easiest and fastest way to clean your computer from threats and potentially unwanted programs. In case you just want to remove KMSPico, delete the following files and folders from your computer:
§  AutoPico.exe
§  Service_KMS.exe
§  unins000.exe
§  KMSELDI.exe
§  UninsHs.exe
§  tap-windows-9.21.0.exe

You can also perform Clean Boot. You need to turn off all the startup programs that may be the reason why the program won’t uninstall.
  • Press Windows + R;
  • In the Run window type msconfig;
  • Choose Services section;
  • Find Hide all Microsoft services line, tick the box;
  • The click Disable all;
  • Return back to General section;
  • Find the line Selective startup and untick the box Load startup items;
  • Select Apply, then OK;
  • Reboot your PC;
  • Remove KMSpico from Control Panel.