Need some advice on learning networking

Re: Need some advice on learning networking

I don't think you're gonna have problems using telnet in your lab. I just wanted to point you that it's like SMB1 disabled in Windows features and for reasons. Of course other network savvy guys here may have better explanation than copier tech with limited knowledge like me

Re: Need some advice on learning networking

I think it is like setting up a FTP server on a customer's PC. It creates an easy to detect and access backdoor for every hacker in the world to use.

Re: Need some advice on learning networking


I looked it up. You're right.





Contents

• Vital information on this issue
• Scanning For and Finding Vulnerabilities in Telnet Detection
• Penetration Testing (Pentest) for this Vulnerability
• Security updates on Vulnerabilities in Telnet Detection
• Disclosures related to Vulnerabilities in Telnet Detection
• Confirming the Presence of Vulnerabilities in Telnet Detection
• False positive/negatives
• Patching/Repairing this vulnerability
• Exploits related to Vulnerabilities in Telnet Detection

Vital Information on This Issue
Vulnerabilities in Telnet Detection is a Low risk vulnerability that is one of the most frequently found on networks around the world. This issue has been around since at least 1990 but has proven either difficult to detect, difficult to resolve or prone to being overlooked entirely.

Re: Need some advice on learning networking

I did something really, really dumb. I joined my computer to a virtual windows server on a domain and when I restarted my computer of course the virtual server was no longer running so I couldn't log on to my PC. I panicked. After my heart slowed down I saw where I could still log in on a local account.

After I did that I fired back up the virtual server and took this PC off the domain. I gotta stop playing around too much. It's getting dangerous.

Re: Need some advice on learning networking

After a lot of trials of tribulations, I finally accomplished what I set out to do:

Set up a Windows 2019 Sever with the following:

1. Domain Server
2. Join another client on the domain
3. DHCP Server
4. File Server
5. Set up users, computers, and groups
6. Learn how to grant or deny user privileges.

Once I set all that up, I then added a Kyocera copier to the domain and successfully scanned a document to a folder on the desktop.

I then set up a folder on the File Server and successfully scanned a document to said folder. (And created a shortcut to the folder on the client's PC.)

I've never set up a copier in a network environment as I always subcontracted that out thru a friend of mine. I wanted to learn how to do it myself thus the reason for doing all of this. But it does raise some questions in my mind.

In order to set up SMB (or install a print driver) on a domain's client PC, you must have DOMAIN ADIMINISTRATOR RIGHTS. Not Administrator Rights, but Domain Administrator Rights. At least that was my experience. I doubt every client has those level of rights, so I suppose IT would have to grant temporary Domain privileges in order for a copier tech to do the job.

Can anyone shed light on this?

Re: Need some advice on learning networking

The way I would approach that is if the customer already has IT, then that's their job, not the copier tech. If you knew how to achieve what was required, you could talk the IT guy through it but I wouldn't want to have those privileges on a customer's PC, because if something goes wrong, even if you didn't do it, you're going to get blamed for it. Which I think has already been discussed ad nauseum in this thread.

BUT, I will say this thread has taught me quite a few handy things since I've followed it from the start.

Re: Need some advice on learning networking

I was thinking along the same lines. I can't imagine an IT giving out the password for a Domain Admin. But that would mean the IT guy would have to do all the work for every PC. I'm not opposed to that, tho.

Re: Need some advice on learning networking


Nope as long as it's local ftp site Never goes outside using filezilla server for years as a local FTP still do for older machines were smb is NOT available
YOU IT trained NOPE
WOW You learned something NEW

Re: Need some advice on learning networking

FileZilla Vulnerability

Summary
Background
What is the issue?
How does the riskware get installed?
What can you do?
More information
MORE ARTICLES
Summary

The Office of the CISO recently learned of suspicious processes created by the FileZilla SFTP program. While we do not consider the behavior to rise to the level of malware, it does have the potential to pose a risk.
Note that the behavior exhibited by FileZilla refers to the “bundled” version of the program (which is the default download version). It is still possible to download the un-bundled version, but this introduces an extra level of complexity to the end user that can be avoided by recommending other SFTP options.
Background

FileZilla is a cross-platform graphical File Transfer Protocol (FTP), Secure File Transfer Protocol (SFTP), and FTP Secure (FTPS) file management tool for Windows, Linux, Mac OS X, and other operating systems. FileZilla’s tools allow the user to manage and transfer files between their local machine and a remote server. For example, it allows for comparison and file synchronizing, as well as tab browsing between servers, transferring files to multiple servers simultaneously, and editing remote files on the go.
What is the issue?

FileZilla users observed the “complete” FileZilla installer creating an unidentified process which spawns multiple command line prompts that append dat files (a generic data file) together.
Many programs create, open, or reference dat files. These files may contain data in binary or text format, and typically they are accessed only by the application that created them. While using FileZilla, users observed a process that reaches out to random, unrelated IP Addresses over TCP/80. This can be an indication of malicious behavior, such as command and control traffic.
How does the riskware get installed on your computer?

A pop-up link alerts the user their FileZilla application is out of date and directs the user to the website for filezilla-project.org. The download from this link delivers a bundled installation wrapper (a program used to execute one or more other installation program). The wrapper contains potentially unwanted application / potentially unwanted program (PUA/PUP) (e.g., possibly fusioncore, installcore, Eldorado); and riskware. Many of these applications may not be detected by antivirus software.
What can you do?

1. To protect yourself against this riskware, don’t use FileZilla.
2. For user data exchange, consider cloud-based storage-as-a-service.
3. If you need a file transfer application, consider options such as WinSCP or Cyberduck.
4. When downloading applications and software from the Internet, always save them to a file and run antivirus software against them before execution to ensure they are free of any malware.

Re: Need some advice on learning networking

I have had IT techs provide IP address, domain name, domain DNS and an Active Directory login credentials with permission for scanning to one directory tree only.

Re: Need some advice on learning networking

Then you are the one of a very limited number of IT that allow any type of FTP on their networks.

Re: Need some advice on learning networking

Stick to main body dude your Not IT trained.
Plenty of threads on CTN on using local ftp. It's unfortunate you don't know the difference.

Re: Need some advice on learning networking

Re: Need some advice on learning networking

Re: Need some advice on learning networking

I think I may have found the answer to the question that I asked earlier about needing to be singed in as a Domain Administrator. This is ALL speculation.

In Widows Server 2019, you can set up Remote Desktop Services. What that means is the IT person can remotely log in on any PC as a Domain Admin, thus you're able to install print drivers and set up SMB. That makes a little more sense to me than the IT person doing all the work. Could be wrong.

This way you never get the password and he doesn't have to run around to every PC. Again, all speculation on my part.