Commands & Tools You Need to Know for Security+ SY0-601

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
so you want to take the Security Plus you get to the section where you need to know all these Linux commands right not just Linux you need to know Windows commands too you don't want to sit there and memorize definitions of commands no what you need to do is actually use these commands and get some hands-on experience that will help you remember what these commands do so today in this video I'm going to walk through the commands that we will need to know for the CompTIA Security Plus exam and if you are at your computer I highly recommend that you follow along and do this yourself because you might want to take a little more time on some and you might want to skip over some of the others let's get into it so over here I've pulled up the CompTIA Security Plus learning objectives um you can see here the list of tools and commands that they want us to learn I'm not going to go through all these tools today but I'm going to cover most of these commands and you can see the first one here example is Tracer t or trace route and the reason they have it listed with a slash is because they're basically the same tool one is for Linux and Mac one is for Windows so what I've done is I've pulled up Kali Linux in Oracle virtualbox and by the way if you don't haven't done this before I did a live stream where I walk you through real quick like in 10 minutes how to do this for free and get your own version of Kali Linux up and running and then I just have my command line through my host operating system so with the First Command on the list being Tracer T what does this do this basically helps us pinpoint areas in our Network that may be breaking down it helps us narrow down where the problem may be and the way it does that is it uses a time to live value that is assigned to icmp packets and it sends these icmp packets out and sets the time to live at first to zero then to one then to two then to three so it's getting information from every single device along the way and that's why it's called trace route because it's tracing the route from your endpoint to whatever IP address you specify all right so let's go ahead and try Tracer out on Kali Linux and I'm going to do this to facebook.com just so we can get an idea you can see the first IP address listed here is on my internal Network as an internal IP address and then you can see it's going to uh Spectrum address so obviously it's going into spectrums um internal routers uh bouncing through three of those Charter routers and switches and then a whole bunch actually so I don't necessarily know what all these are but I know that um my router is connected directly to a spectrum and from Spectrum it's going to a bunch of Charter machines it's popping through all of those and so basically each one of these is a ping that has a slightly longer time to live right and that's how traceroute figures out where each point is now if you were troubleshooting an internal Network you would see a problem um along the way and let's say you know it was this device here number five then you would know that uh something's wrong with the device at this IP address and we could go troubleshoot that so I've used Tracer out actually a lot um in in my job and troubleshooting internal networks uh at an Enterprise and trying to figure out you know is it the switch is it the end point is it the router is it the site to site VPN and it shows you where that connection is breaking down all right so now we're going to try the same command on Windows command line and we're just gonna do a traceroute to google.com so you can see here it's actually quite a bit slower it's doing a default setting of I believe three pings to each point along the Route and it's giving us um the latency so that's cool again you can see it's going to my home router and then it's jumping in the Spectrum and then going to Charter devices we'll expect to see three to five Charter devices here and we're getting the different IP addresses for each of these devices along the way this is a useful tool and it definitely has its place uh for a help desk or a network technician if you know if a user can't reach out to a certain site you might do Tracer out to that site which you can enter IP address or the domain name of that site and you'll you'll trace your path there so we can see we're not getting as much information here this could be maybe Google's network devices or something like that and then it does give us in the end this name here and this IP address for a server that is serving the google.com website freezer is pretty cool but what if you don't know the IP address of a device or what if you don't know the domain name of a device but you have that IP address well that's where nslookup comes in so nslookup or dig is used to gather information on a domain name so we're looking up google.com let's say and it should give us an IP address that will resolve to google.com so you can see here the answer for DNS is being given by the IP address that is attributed to my home router and that's because my home router it it knows where google.com is and so it sees this device asking hey does anyone know where google.com is and my home router is actually answering and saying yeah I know where google.com is it's at 142 250 17614 so this is why it says non-authoritative answer now if my home router did not know where google.com was this request would go to you know a higher level uh to look for the answer to this uh NS lookup and uh I believe if it got to a high enough level it would come back as an authoritative answer all right so nslookup is great and I've also used this in the workplace actually for example I had the workstation name of an employee but I needed to issue a command to that workstation based on the IP address so I would just do nslookup and then type in the workstation name because really this is giving me uh you know this is giving me information about domains but also gives me information about hosts on domains right so if you have a bunch of hosts in a domain on an Enterprise level you can find the IP address with the workstation name or you can find the workstation name based on the IP address it's a it's it's useful but it's a little outdated and it works the same exact same way on windows so I'm not even going to switch over to that one for this but a more advanced tool which I actually don't have very much experience with but I want to show you guys nonetheless it's called dig and let's see what dig gives us when we look up a dig on google.com you can see here there's a lot more information it's a little it's a little overwhelming to be honest um but we get a header no error ID Flags blah blah blah google.com so comparing uh NS lookup to dig see and NS lookup it basically just gives us an IP address um and an IPv6 address when we go down here to dig we get the same IP address here it doesn't look like we get the IPv6 address by default um but we do get a lot more information and you know I'm using the very basic levels of these commands the idea is just to get a little bit of experience get a little bit of familiarity get something in your head that will help you to remember this for the test you don't have to understand every single flag every single option you just need to know maybe what these would be used for right all right next on our list is ipconfig and ifconfig so ifconfig is I would say probably the most used and most basic networking command that you should definitely know um the windows version is ipconfig so ifconfig I believe is stands for interface configuration so this right here shows you I have two interfaces on this virtual machine uh one is facing my home network and another one is the self-assigned or Loop loopback address um and so this is pretty standard if you have a computer with one connection you will see um the internet and then let's see the inner the internet so the interface name is here ethernet 0 and then we have the inet address which is my ipv4 we have inet 6 assigned here um and there's a lot of other statistics and information how many packets have been sent how many packets have been received um and you can you can see here the loopback address as well so this is great if you're on a workstation and you just want to see like is DHCP working for this workstation does it has it received a valid IP address real quick you know you just type in ifconfig and you will get the IP address of the workstation and if it shows only the loopback address then you know or if it shows like um an apipa address then you know that it's not it's not communicating with DHCP properly ipconfig and boom we get a whole bunch of information because I have a lot of interfaces configured on here so let's see we have uh ethernet adapter virtual ethernet ethernet adapter 2 uh Oracle virtualbox ethernet um a VM switch and there's there's a whole bunch here but basically you get the same similar information uh gives you subnet mask ipv4 IPv6 and yeah you know knowing which one of these you're actually looking for and which ones they are uh is a matter of knowing a little bit more about your network and and you know public versus private um IP addresses um so me knowing knowing my network is ten zero zero black 24 or yeah 100 whack 24. I know that this is the address that's actually going to go out to the internet and back right all right so we know we know how to find IP addresses domain names we know how to test connections from point A to point B we know how to get the IP address of a device from that device but let's say let's say we want to scan a device remotely and figure out what ports are open on that device now this is where nmap comes in nmap is probably one of the most popular tools I would say in Linux at least if you're focused on cyber security if you're focused on like penetration testing this is like one of the very first things that you will learn so nmap there's a whole bunch we could say about nmap so if you wanted to scan let's say uh the top 1000 ports that'll happen by default and it's not the top 1000 as in one to one thousand it's the top 1000 most used ports and let's say you wanted to see what versions of services were running on those ports so you would do a lowercase s capital V keep in mind in Linux capitalization matters every command is case sensitive so nmap dash s v and then you would enter the IP address of whatever it is that you wanted to scan all right so I'm kind of doxing myself here but I scan this IP address knowing that that's the address assigned to my printer at home and you can see I scan for service service versions so you can see we have Port 80 open which if you know your port numbers you already know that's HTTP but this actually will give us the name of the service and it will give us the version of the service so we get a lot of information here uh poor 80 is open 443-515-631 9100 and we have all of these um service names here and you know I just recommend doing an nmap lab messing around with it scanning devices on your own network do not scan devices that you do not have permission to scan because that is that is illegal I think it's not a good idea don't scan devices you don't have permission to scan so I recommend getting your hands on experience with these commands but I also would suggest getting some cheat sheets so like I just Googled nmap cheat sheet and you get these useful uh cheat sheets which gives you information you want to scan a single IP you want to scan a specific IP you want to scan a range this gives you the Syntax for range and then these are ones I would definitely recommend knowing as well um different types of scans you can do so there's a sin scan where you only send the first step of the three-way handshake through a handshake sin response sin act response ack right if you don't know what that is just look into it um but the syn scan only sends the syn uh the St is a TCP connect port scan you can do a UDP scan you can do an AK port scan there's so many different things you can do with nmap all right let's say we don't want to scan ports at all let's say we just want to see what's on the network now this could be done with a third-party program like Advanced ip scanner or angry ipscanner or any of the other billions of ips scanners that are out there but if we already have a command line open and we know how to use nmap then we can do it with nmap so let's say we do nmap and we do a post-discovery only it's lowercase as n okay and we just want to know what's in the range of 1080 through 90. so we do that and now we're only doing host Discovery it's very quick and we don't need to um wait for all the ports to be scanned and let's see what we get here and map done one host is up nmap scan report 41090 you could also enter it Insider notation you could scan the entire network uh 100 uh whack24 and there you have it uh all the answers of you know which devices have which which IP addresses are being actively used by different devices now there's other flags you get out on here to get more information um or you could just use a third-party program like Advanced ip scanner or angry ip scanner any of the other billions of Ip scanners that are out there that have automated this process and it'll also be in a nice GUI but we're not here to use nice guis we're here to get hands-on experience right so next on our list is Ping and I may have lied when I said ipconfig was the most used tool because I think ping might be the most used tool Bing is simply do I have connectivity to a device and it'll ping and ping and ping in Linux uh it pings forever if you want to stop hit Ctrl C uh in Windows by default it will send I think uh four let's see so can I reach my home router that is the question and the answer is yes you can the latency is less than one millisecond we sent 32 bytes the time to live was default set to 64. and we reached it in under one millisecond every time the loss was zero percent in Windows if you wanted to send if you want to send a continuous ping to monitor connectivity for a device you could use the T flag and that would just keep going like it does by default in Linux let's say you you could leave this on for 24 hours and you know to monitor connectivity between two devices over a certain period of time you come back the next day you hit Ctrl C and it will give you the percentage of loss of packets over a 24 hour period so that's kind of a cool way to monitor connectivity between two devices over time using a very simple tool like Ping all right I'm going to skip over a couple of these uh due to time constraints and we're gonna jump into file manipulation on Linux now I am by no means Linux Pro if you haven't noticed I have limited experience planets but I've enjoyed learning about it and if you're new to it too then hopefully this will be helpful to you so first things first I'm going to Simply make a file called file.text and that's just so we can mess around with that and manipulate it so let's say you have a file and you know it's a massive file and you don't want to look at the whole thing but you just want to see like what's in there and get a peek right so that's what head is for so you type in head and we look at head file.text you can see the first uh 10 lines of what I have put into that file so that's pretty useful right now the converse of that would be tail tail lets you look at the last 10 lines so maybe um let's say there's you know there's constant information being streamed into a file and it's being added at the bottom and you want to see what was the most recent thing that was added or maybe you just want to see what's the end of the file uh so you use file tail uh tail file.x so tail and then file name and then boom there you go you get the 10 last lines of the file that's pretty simple it's just giving you basic information right now if you do want to see the whole file uh you can use the command cat so we use cat would put the name of the file file.txt boom that's the whole file right there so it's a bunch of random stuff that I typed because I was trying to make an example so we can learn things all right now what if you have a really big file and you just want you're just looking for specific information uh that is where grep would come in so grep can help you search files for certain strings so let's say we want to use we're wondering uh where was the number four typed in this file like I'm looking for the number four so we grep and we grep we put the thing that we're looking for and then we put the name of the file and boom it gives us the lines the full line of anywhere the number four was typed so similarly we could look for the word subscribe and please subscribe now hey now for the doozy if you've if all these other commands have been easy for you and you're like this is no problem I got this Linux is easy this one might trip you up so pay very close attention I call this command chamod I don't know how it's actually pronounced but I call it chamod okay I just looked it up and it is actually pronounced jamad and it stands for change mode which is modes of accessibility modes of authorization um so basically this is used to change permissions on files on directories and it is not as complicated as you think first things first let's use the ls command okay which we'll use to look at things uh and let's see what's in here okay we're in my home folder right so we have desktop documents downloads file.text music pictures public templates and videos okay well what if we want to see the ownership qualities of these files we can use LS Dash L which is for long mode and look at that we can see um d uh indicates that these are directories and so the only one that's not a directory is this file.text that I've created R stands for read and W is Right X is execute and then it starts over if there's a dash it means so so we have three so this is showing permissions for three different groups okay the first one is user the second one is group and the third one is others user means owner of the file so the owner of desktop can read desktop they can write to desktop and they can execute desktop others meaning users outside of the owner can read desktop and they can execute desktop but they cannot write to desktop the second one is for group and this means that group can read and execute but they cannot write that is why you see a dash there and then for others meaning everyone else that's not included in the user category or the group category is considered others and the others can also read and execute desktop but they cannot write okay so for this file.text that I have created um it is not a directory uh me being the user or the owner of the file I can read and write to it I cannot execute it because I suppose that's default security permissions um the group meaning members of the group the file belongs to can only read it and everyone else can only read it so this gives us a good idea of what permissions look like in Linux how to read permissions just remember the ls-l command um so let's check and see if we can change the permissions here now one way to change the permissions is to use the letter indicating the one of those three groups that I explain and then plus or minus certain permissions so let's say we wanted to give ourself the user or owner of file.text execute permissions over that file we would do chamod U plus X oh not your mode not your mode chamod U plus x file dot text all right and now if we list those same permissions we can see we have read write and execute permissions whereas before we only had read and write now it works the same way if you wanted to remove those permissions you could do U minus X on file.text and once again we see the X has been execute has been removed and we now have read and write capabilities so that is a granular way to uh to remove an ad now if you wanted to change the permissions for group uh you would use G um and let's go ahead and give them write and execute permissions on file that text and we can see we've added read right or we've added write and execute for group and others would be o instead of G so this is one way to alter the permissions on a file in like pen testing Labs I've a lot of times when you create something or when you download a file or something you just need to add to mod plus X you don't even need to specify if you don't specify who it's for then it's for everyone okay so you'll see here boom we just gave execute permissions to everyone and maybe we don't care maybe that's fine it's faster whatever it's done all right so that is one way to change now the other way to change modes for a file is based off of numerical shorthand now this is where it gets a little more complicated okay so I want you to think of these three values RW and X as being in binary now if these are in binary the X would be one the W would be 2 and the r would be four so what this means is we can represent a combination of r w and X all combinations with seven numbers sorry with eight numbers being zero through seven all right so this looks super weird but basically zero would mean no permission one would mean execute only because we're giving it a bit in the third slot there write permissions would be a one in the second slot which would translate to two in binary uh read and write would be three read only would be four five would be a combination of read and execute six would be read and write and seven would be all the above so you can see how this translates into shorthand because we're using binary right so um let's just clear the screen that's control L and now um let's let's chamod let's chamod uh let's give zero for myself and full permissions to the other guys okay and we're going to do that to file that text and if we List It you can see the user or owner of the file has zero permissions and groups and the group and others have full permissions um so so that's pretty cool instead of having to you know type in any case that's the shorthand I'm going to give myself back uh full permissions and I'm going to give read and write would be six so let's give six to the other two groups and this will basically restore actually we had it as six yeah this was the original this was the original setup of the file so now we can see we're back to read and write oh no that wasn't it well anyway that's how chamod works that is tramad chamat is great there's one more command I want to show you guys real quick it's pretty cool this command is called curl curl is extremely diverse and extremely useful and the best way I can explain it with my small brain is that it's for grabbing things from places it's like get it's like getting things uh from places and it's so diverse it can be used with so many different protocols um and I just want to show you guys uh from the manual um it supports these protocols dict file FTP ftps go for Gophers HTTP https IMAP imaps ldap ldaps all of these different protocols which are used for transferring files okay so it's like you're it's like you're super multi-tool for grabbing stuff off the internet and uh I I want to show you guys an example of this so I grabbed uh a URL for a picture and if we want to dictate the output of what curl is going to grab we can use the dash o flag and then uh we can give it a name and it's just going to save it to the local file here and then the then the URL here is this random website and so if we use that boom look at that okay we just grabbed something from the internet we output it as gir dot PNG and this was the web address that we went to it was 140 kilobytes download Zero upload speed was fast great awesome so let's check it out what did we download um or in the home folder and look at that we downloaded ger.png isn't he cute that is all I have for you guys today on this brief overview of some of the commands that you will need to know for the CompTIA Security Plus I hope it was helpful for you if you did enjoy it please subscribe hit the like button and if you'd like me to go in more depth on some of these other tools that are going to be on the Security Plus let me know in the comments down below and I'll be happy to make that video for you guys bye
Info
Channel: Vincent Humble
Views: 7,212
Rating: undefined out of 5
Keywords:
Id: e8YB24X60m4
Channel Id: undefined
Length: 27min 38sec (1658 seconds)
Published: Wed Feb 08 2023
Related Videos
How I Passed the Security+
Vincent Humble
4.5K
60 Linux Commands you NEED to know (in 10 minutes)
NetworkChuck
673K
Getting Fired as a Network Analyst
Vincent Humble
4.9K
How I Achieved CompTIA Security+ Certification
Josh Ackland
1.1K
Best Place to Learn Python FOR FREE
Vincent Humble
118
Interview Hacks for your Information Technology Job
Vincent Humble
302
Free Security Tools Everyone Should Use
The PC Security Channel
846K
Comptia Security+ SY0-601 Exam Cram DOMAIN 3
Inside Cloud and Security
47K
CompTIA Sec+ Udemy Test Part 1 SY0-601
Vincent Humble
11K
IT Support/Helpdesk Resume and Cover Letter Hacks
Vincent Humble
616
Security+ NETLAB+ 10 - Basic Command Line Tool Techniques (ping, traceroute, netstat, and more)
Cypress College Cyber Club C4
1.5K
Security+ Performance Based Questions (PBQs) SY0-601 Practice
Vincent Humble
9.4K
Getting Into Cyber Security: 5 Skills You NEED to Learn
Cyberspatial
2.4M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.