lab.txt

lab.txt

+encrypt with symmetric key
+openssl enc -aes-128-cbc -e/-d -K '5a04ec902686fb05a6b7a338b6e07760' -in sat.txt -out sat1.txt -iv '5a04ec902686fb05a6b7a338b6e07760'
+hashing:
+openssl dgst -sha1 sat.txt > mon.tx
+
+private key gen:
+openssl genrsa -out private.key 1024
+gen public key:
+openssl rsa -in private.key -pubout -out public.key
+
+sign:
+openssl dgst -sha256 -sign private.key -out sat.sig sat.txt
+verify sign:
+openssl dgst -sha256 -verify public.key -signature sat.sig sat.txt
+
+CA Certificate:
+ openssl req -new -x509 -keyout ca.key -out cat.crt -config openssl.cnf
+explore
+openssl rsa -in ca.key -text
+openssl x509 -in ca.crt -text
+
+request by agent:
+openssl req -new -key private.key -out agent.csr -config openssl.cnf 
+//to sign his public key  and send it to ca
+
+CAFOLDER--
+demoCA---
+	certs/
+	crl/
+	newcerts/
+	index.txt
+	serial  /*1000
+CA generating agent's cert:
+openssl ca -in agent.csr -out agent.crt -cert cat.crt -keyfile ca.key -config openssl.cnf
+
+
+verify the cert by agent:
+openssl verify -CAfile cat.crt agent.crt
+
+
+
+
+lab9:
+((ip.src==ksbfbh) && (ip.dst==jsfhvsdjb)) ||
+
+lab10:
+nmap -sn 10.0.2.0/24 to scan machine in network
+nmap -sT to check open ports
+
+
+sudo nmap 10.0.2.* -sT -p 7777 --open
+
+10.0.2.* will scan the 10.0.2.0/24 subnet
+-sT flag is used to scan TCP ports
+-p 7777 restricts the scan to only port 7777
+--open will only list the IPs with 7777 open
+PS: -sT is optional since default is also TCP
+
+nmap -v -A <site> 
+