(Lecture 23 Part 6) (Cyber Security) Cyber Security Arabic Course - الأمن الإلكتروني Arabic
Cyber Security Course Arabic
Cyber Security Course Arabic - الأمن الإلكتروني
(Lecture 23 Part 6) (Cyber Security) Cyber Security Arabic Course - الأمن الإلكتروني Arabic
بسم الله الرحمن الرحيم
In the name of God, the Most Gracious, the Most Merciful.
يرجى المساعدة على دعم هذه القناة مجانا
Please help support this channel for free.
وتثبيت المتصفح بريف
Installing the Brave browser.
متصفح مجاني آمن
Free secure browser
مدمج بحجب الإعلانات
Integrated with ad-blocking.
وشبكة خفية تور و تورانت
And a hidden network, Tor and Torrent.
جزاكم الله خيرا
May Allah reward you with goodness.
نتحدث عن الهانيبوت
We talk about the Halloween.
الهانيبوت هو
Al-Hanibut is.
Information System Resources
Information System Resources
اللي هو بي إكس بريس لي
What he means is Xpress to me.
بي سيت أب
B setup
بتعمله عشان تنتر اكتل بيول
You do it to kill him.
أنه هم لو في حد هاكر
"That they are wondering if there is a hacker."
عايز يخش على الشبكة عندنا
He wants to access our network.
خليني أشغله بحاجة بعيدة عن
Let me keep him busy with something far from it.
الريل أسد بتاعتي
The rail is my lion.
دايما الهانيبوت بيبقى عبارة عن
The honey pot is always عبارة عن.
سوفت ويل بتنزله على ويندوز
Softwill is downloaded on Windows.
أو على أوبريدنج سيستم يعني
Or on the operating system, meaning.
ولما بتنزله
And when you download it.
بيعمل حاجتين
He does two things.
بيحسس اللي قدامه أنه هو فيه بورتات كتيرة
He makes the person in front of him feel like there are many ports.
مفتوحة فتعالى بقى
It's open, so come on over.
خش علي
Come in.
وفي نفس الوقت ممكن كمان يلوج
At the same time, it could also stick.
مين اللي بيحاول يفتبي
Who is trying to lie?
يتنت يعمل واتيفر اللي عايز
"Yetenet works whatever you want."
بعد استخدال البرتات المفتوحة
After using the open ports.
أو يعني مفتوحة
Or it means open.
ممكن أنزل معاه كمان
Can I go down with him too?
IDS زي سونارت
IDS like Sonar.
ممكن
Possible
ممكن أحط IDS تاني
Can I put another IDS?
في الشبكة عندي هنا
I have the network here.
بحيث وأعمل بورت ميرورينج
So that I can do port mirroring.
على
on
على السويتش
On the switch.
بحيث برضو يبعتلي
So that he also sends it to me.
اللي بيحصل
What's happening.
مفيش مانع برضو
There's no objection either.
في كل الأحوال لو عندي هاني بوتي
In any case, if I have Hani Bouti.
يفضل تستخدم معاها IDS
It's better to use IDS with it.
وطبعا لو عندك هاني بوتي بقى أنت أكيد
Of course, if you have Hani Poti, then you are definitely sure.
حتحطه في
You will put it in.
الديم زي زون
The dim is like a zone.
مش حتحطه في الانترنال نتورك
You won't put it in the internal network.
يعني الانترنال نتورك بتاعتك المفروض
It means your internal network should be.
محمية هنا
Protected here
ممكن تحطه في الديم زي زون
Can you put it in the dim zone?
بتبقى من المناطق اللي ممكن
It remains one of the areas that could.
نحط فيها الهاني بوتي
We put in it the Hani nobility.
الهاني بوتي
Al-Hani Boti
مشين نفسها المفروض
She should behave herself.
مش ليها أي معنى بالنسبة لك
It doesn't mean anything to you.
يعني لما تكونش حاطة على بانك مهمة
It means when you don't have a task set on your bank.
في عندي
I have.
نوعين من الهاني بوتي
Two types of honey butty
الهاني بوتي الهاني بوتي
Alhany Bouti Alhany Bouti
اللي هو الهاني بوتي اللي بي
Which is the one who is Hani Bouti that is...
بيسومليت
Bismillah
cannot be compromised
cannot be compromised
completely طبعا
Of course.
أما الهاني بوتي
As for the Hani Boti.
بيسومليت كل السيرفيس
I will send all the services.
وcan be completely compromised
and can be completely compromised
مفيش
There is nothing.
بيقولوا تعالالي يعني. طبعا من الأمثلة اللي ممكن نشوفها على
They say come to me, meaning. Of course, this is one of the examples we might see about.
Low Interaction Honeybot هيبقى يعني كأبليكيشن بيقول لك في حاجة اسمها Spectre في
Low Interaction Honeybot will be an application that tells you about something called Spectre in
KFS Sensor. في High Interaction Honeybot بيبقى في عندي تول زي
KFS Sensor. In a High Interaction Honeybot, there is a tool like
Semantic Decoy Server. Semantic عاملة Honeybot مخصوص. وفي الHoney Nets.
Semantic Decoy Server. Specialized Honeybot. And in the Honey Nets.
كلمة Honey Nets على فكرة كمان ممكن تكون شائعة الاستخدام. دي لما
The phrase "Honey Nets" can also be commonly used. This is when...
عندك اكتر من Honeybot في الشبكة. ففي الحالة دي ما يسميهم Honey
You have more than one Honeybot in the network. In that case, don't call them Honey.
Nets. ايه تاني؟ التولز اللي ممكن تلاقيها متاحة هو في الاخر يعني
Nets. What else? The tools that you might find available in the end, I mean.
احنا حاطين كده شوية عنديهم.
We have set aside a little bit for them.
Honeybot Tools فيه تولز كتيرة الحقيقة. زي الكيب في الSensor Spectre في
Honeybot Tools has many tools, actually. Like the key in the Sensor Spectre.
ايه تاني؟ في الHoneybot. كمان
What else? In the Honeybot. Also.
موجود.
Available.
لا هو يعني ما تنزلهوش لنوك، لأ ما تنزلهوش في الناتورك بتاعتك. ما
No, it means don't upload it to your Nook, no, don't upload it to your network.
يفضلش. اسهو يعني هتنزلهو في الناتورك. يعني بأني ناتورك.
It shouldn't be preferred. It means he will upload it to the network. It means it's in my network.
Production Environment بتاعتك المفروض ما تجربش فيها حاجة. لا ما يفضلش
You shouldn't try anything in your production environment. It's not advisable.
طبعا. الا لو انت بتلعب بقى على حاجة. ان انت حاسس ان في حد من الموزفين داخليا بيعمل حاجة.
Of course. Unless you're playing around with something. Like you feel that someone from the staff internally is doing something.
فعايز تجيبه. يعني دي الحالة الوحيدة بقى اللي حتخليك عايز تحط الهانيبوت جوة لإنترنته.
So you want to bring it up. I mean, this is the only situation that will make you want to put the honey pot inside the internet.
ان انت حاسس ان فيه يعني حد عمال يجرب ويلعب من الموظفين.
If you feel that someone among the employees is trying out and playing around.
ساعت هتحطه جوة عشان تشوفه هو. تشوفهم هم اللي جوة.
You will put it inside to see him. You will see them inside.
فطبعا يعني ده الهانيبوت بكل بساطة الابليكيشن وفيه كيف السنسور هنا.
So, of course, this is the honey pot, simply put, the application, and it shows how the sensor is here.
قبل ما نقفل التوبيك دوت هو لسه ما تقفلش يعني بس قبل ما نروح يعني الاخر جزئية.
Before we close this topic, it hasn't been closed yet, but before we leave, let's discuss the last part.
كان في حد بيسأل على حد بيسأل على على الساند بوكسنج.
Someone was asking about someone asking about sand boxing.
فكرة الساند بوكسنج لو جناها لتعريف هنقول هي software management strategy
The idea of sandboxing, if we define it, will say it is a software management strategy.
بتأيسوليت الابليكيشن من الcritical system resources.
The application isolates from the critical system resources.
and other programs.
وبرامج أخرى.
بمعنى اخر الساند بوكسنج معناها ان انا معزل ابليكيشن معين بحيث ما يدرنيش وفي نفس الوقت ارائب الbehavior بتاعه.
In other words, sandboxing means that I isolate a specific application so that it doesn't affect me while simultaneously monitoring its behavior.
او ممكن مرائبش الbehavior بتاعه اسيبه يشتغل.
He can ignore his behavior and let him work.
علشان كده انا بعتبر مثلا الجافا runtime machine هي نوع من انواع الساند بوكسنج.
That's why I consider, for example, the Java runtime machine as a type of sandboxing.
لما عندي ابليكيشن جافا بيشتغل بيشتغل في runtime machine بتاعته او في الvm بتاعته small vm خاصة بيه.
When I have a Java application, it runs in its own runtime machine or in its own small VM.
فطبعا وده المبدأ ده هنلاقيه في الموبايل السمارت فونز كمان هنتكلم عليه.
Of course, we will find this principle in smartphones as well, and we will discuss it.
هنا المبدأ اللي احنا هنتكلم عليه في الساند بوكسنج ان انت عندك فايل مثلا والفايل ده انت شكك فيه.
Here is the principle that we will discuss in sandboxing: you have a file, for example, and you are suspicious of this file.
طيب هتعمل ايه؟
Okay, what are you going to do?
هيبقى عندك خيارات.
You will have options.
لو خدنا خلينا ناخد الكميرشال والاوبن سورس.
If we take, let's take the commercial and the open source.
لو جينا على الكميرشال كسبيل المثال هنلاقيه مثلا في عندنا cisco thread grid advancement wear protection.
If we look at the commercial, for example, we will find something like Cisco Thread Grid Advancement wear protection.
الان.
Now.
الامب بتاع الthread grid هو بكل بساطة بيتقسم لخدمتين.
The thread grid's amp is simply divided into two services.
هيقولك انا ممكن اجيبلك device عندك في المؤسسة والdevice ده متوصل بالcloud بتاعتنا.
He will tell you that he can bring you a device at your institution, and this device is connected to our cloud.
بيجيله اخر الاحداثيات.
He gets the latest coordinates.
هات الفايل بتاعك ده حطه جوه الdevice اللي عندك دوت اللي هو cisco thread grid on premises.
"Take your file and put it inside the device you have, which is the Cisco Thread Grid on premises."
وهو هيشيك ويقولك هالفايل ده بايروس ولا لا اي رائب الbehavior بتاعه.
He will check and tell you whether this file is a virus or not; just observe its behavior.
يديه حسسه نوع of environment خاصة بيه.
His hands feel a special type of environment.
وفي ممكن واحد يقول لا انا مش عايز اجيب الdevice عندي.
And one could say, no, I don't want to bring the device to me.
انا ممكن ابعتلكوا انا الملفات للكلاود بتاعتكم.
I can send you the files for your cloud.
ابعت للcisco thread grid وحيشوفهولك يعني.
Send it to the Cisco thread grid and they will check it for you.
فده الadvanced sandboxing ميكانيزم اللي عند cisco يعني.
This advanced sandboxing mechanism is what Cisco has.
في طبعا ممكن انت تعمل لنفسك مش هقول بقى thread grid لان طبعا حببازل بالthread grid.
Of course, you can create a thread grid for yourself, but I won't say it will be a thread grid because it complicates things.
بس تقدر تعمل sandboxing عندك في open sources زي الcoco.
But you can do sandboxing in open sources like coco.
كوكوكو.
Cuckoo.
كوكوكو sandboxing.
Kukuku sandboxing.
تقدر تنزله.
You can download it.
طبعا بس هو غير شوافة الinstallation بتاعه.
Of course, but he has a different setup for his installation.
برضو موجود كsandbox يعني.
It's still available as a sandbox, you know.
ما نكون جبت الفكرة شوية.
I just didn't bring the idea a little bit.
اخر حاجة في التوبيك ديت هي how to evade الIBS والIDS.
The last thing in this topic is how to evade IBS and IDS.
كده.
Like this.
الحاجات اللي بتتكتك دي نقدر نإفادها ازاي.
How can we benefit from these things that are being mentioned?
نسميها ال evade technique او ال evasive technique.
We call it the evade technique or the evasive technique.
فيه تكنيزم او تكنيكز كتيرة زي.
There are many techniques or mechanisms like that.
obfuscation, fragmentation, encryption, flooding.
Obfuscation, fragmentation, encryption, flooding.
فيه tools بتساعدك على الكلام ده.
There are tools that help you with this.
normally هتلاقينا بنقول عليها script kd product.
Normally, you'll find us referring to it as a script kd product.
زي حاجات كتيرة موجودة عندنا في colostratical hacking.
Like many things that exist in colostratical hacking.
زي less annuity, stick, fargout, flaggerout وwhisker.
Like less annuity, stick, fargout, flaggerout, and whisker.
التكنيكز نفسها لو حبينا نتكلم عليها.
The techniques themselves if we want to talk about them.
على مستوى الIDS انا ممكن لو انا عندي traffic سيء عايز اعدي من الIDS ممكن اعمل له fragmentation.
At the IDS level, if I have bad traffic that I want to pass through the IDS, I can perform fragmentation.
a fragmental packet.
حزمة مجزأة.
بس fragmentation الباكت احياناً برضو بتطلعت من الIDS.
But sometimes packet fragmentation also comes out of the IDS.
لان الIDS انت ممكن عنده قدرة ان هو او الIBS يعني عنده قدرة ان هو لو فيه signature triggered.
Because the IDS has the capability, or the IBS, it can trigger if there is a signature.
ممكن تكون مبنية على.
It could be based on.
اكتر من signature تانية.
More than another signature.
يعني يعني الattack نفسه اللي انا عندي ده يعني based على 3 انماط وكل نمط له signature بتاعته كمان.
It means that the attack I have is based on three patterns, and each pattern has its own signature as well.
فهو عنده قدرة دي.
He has that ability.
عموماً fragmentation الباكت ان انا اقسم البانات بحيث انت ما تبقاش شايف.
In general, packet fragmentation means that I divide the data in such a way that you don't see it.
ما يبقاش عندي match للsignature.
I no longer have a match for the signature.
لان انا شايف نص القصة بتحصل بس مش القصة كلها عشان احذرك يعني.
Because I see that half of the story is happening, but not the whole story, just to warn you.
spoofing الباكت.
Packet spoofing.
فيه source routing.
It has source routing.
source routing انك انت يعني لو حبيت ادي لك مثال بسيط على source routing.
Source routing means, if you want, I can give you a simple example of source routing.
تخيل مثلاً انك انت عندك عند السيرفر بكرتتين network راح تمشغله كrouter بيشتغله هو rep.
Imagine, for example, that you have two network cards at the server, and you will set it up as a router. It will operate as a representative.
ومن خلاله تقدر تحدد له الترافيك يقدر يتجه ازاي.
Through it, you can determine how the traffic can be directed.
هقدر احدد السورس بتاع الrouting بتاعي.
I will be able to specify the source of my routing.
استخدم proxy server علشان اعدي.
Use a proxy server to get through.
اconnect to proxy server.
Connect to proxy server.
I encrypt الترافيك برضو.
I also encrypt the traffic.
من الحاجات اللي موجودة.
Among the things that are available.
الobfuscation معناها بكل بساطة ان العب في البيلود شوية.
Obfuscation simply means to play around with the payload a little.
بحيس ميبقاش بفهم من الids وميبقاش بفهم من الtarget computer.
So that I don't understand from the IDs and don't understand from the target computer.
انكود بعض البيانات يعني بعض.
Encoding some data means some.
دي بتبقى بس طبعا انكودينج.
This is just, of course, encoding.
الencryption هو اللي صعب لان انا.
Encryption is what is difficult because I.
how to يعني لازم بقى اعمل.
How to means I have to do it now.
الencryption عندي يعني decrypt.
Encryption for me means decrypt.
طبعا حد decrypt ازاي معايا الprivate key ولا معايا الsymmetric key.
Of course, how to decrypt with me the private key or with me the symmetric key.
الencoding ما اعتقدش ان هو قصة كبيرة.
I don't think encoding is a big deal.
لكن هو still واحد من الطرق اللي بيستخدموها.
But it's still one of the ways they use.
اللي هي بكل بساطة انك انت ممكن تكتب الحاجة بالطريقة اخرى.
Which is simply that you can write something in another way.
زي ما انت ابعتلك كلمة ازايك بالانجليزي او اكتبها بالعربي.
Just like you send me the word "how are you" in English or write it in Arabic.
الاتنين معناهم واحدة ولكن الشكل بتاعهم حيبقى مختلف.
The two have the same meaning, but their form will be different.
فهو هنا بيقولك مثلا لو انا عايز ابعتلك string cgi-bin.
He is saying to you, for example, if I want to send you the string cgi-bin.
قالك انا ممكن ابعتولك بالشكل.
He told you I can send it to you in this way.
تمام.
Okay.
وفيه طبعا مواقع url, encode, decode ممكن توريلك.
And there are of course URL sites that can show you how to encode and decode.
ممكن ت-encode و decode ال-url بحيس انه يبقى الشكل مش واضح ومكتوب بالهيكسا ديسميل.
Can you encode and decode the URL so that it appears unclear and written in hexadecimal?
فيه طبعا البوليمورفيزم.
Of course, there is polymorphism.
البوليمورفيزم encoding وبرضو encoding على فكرة.
Polymorphism is encoding, and also encoding, by the way.
البوليمورفيزم وبرضو يعتبر obfuscation.
Polymorphism is also considered obfuscation.
البوليمورفيزم ان انا بلعب في الحاجة بحيس برضو ال-ids ما اقدرش يفهمها الجهاز.
Polymorphism means that I am playing with something in a way that the device cannot understand the IDs.
وفي نفس الوقت ما اعمل encoding.
At the same time, I don't do encoding.
بس ال-encoding المرة دي مش ان انا بقى احول البيانات لهيكسا ديسميل ومش عارف ايه.
But this time the encoding is not about converting the data to hexadecimal and I don't know what else.
والكلام ده وال-url يبقى شكله مختلف.
This talk and the URL will look different.
لا.
No.
يعني حاجة على ال-payload نفسه بتاع الميلوير.
It means something about the payload itself of the malware.
او بتاع ال-attack بتاعي.
Oh, the one for my attack.
واغير فيه.
And I change in it.
اغير في شكله شوية.
I change its shape a little.
ده قصة البوليمورفيزم.
This is the story of polymorphism.
طبعا فيه tools كتيرة.
Of course, there are many tools.
وطبعا انت هنا بت-avoid السينكتر بيزد.
And of course, you are here to avoid the sync trap.
ids او ips.
IDS or IPS.
ليه؟ لان السينكتر هنا مفيهاش match.
Why? Because the synchronizer here doesn't have a match.
انت بتقولي المفروض يبقى ال-content كذا كذا كذا.
You are telling me that the content should be like this, this, and this.
انا بديك content مختلف تماما.
I want completely different content.
طبعا فيه من احلى ال-application اللي بتعمل الموضوع ده.
Of course, there are some great applications that do this.
هو حاجة اسمها v-evation tool.
It's something called a v-evation tool.
وده بالمناسبة fully compatible مع ال-metasploit.
By the way, this is fully compatible with Metasploit.
لو انت مش عايز تستخدم ال-encodes اللي موجودة في ال-metasploit.
If you don't want to use the encoders available in Metasploit.
وتستخدموه هو.
And you use him.
وفيه website تحت ال-framework.
And there is a website under the framework.
انصحكم ان انتم تشوفوه.
I advise you to watch it.
فيه كمان ال-insertation.
There is also the insertion.
ال-fragmentation.
The fragmentation.
اتكلمنا عليها.
We talked about it.
ال-dose attack.
The dose attack.
فيه ال-flooding.
There is flooding.
كمان يعتبر واحد من الممكن مش مسكور هنا ال-flooding.
Also, it is considered one of the possible (things) that may not be mentioned here is the flooding.
برضو ممكن واحد من حاجة ال-ids.
Also, one of the ID issues could be a possibility.
ال-ids هو في النهاية او ال-ips كمان بالذات.
The IDs are ultimately the same as the IPs as well.
بيعتبر زي checkpoint.
It's considered like a checkpoint.
فال-checkpoint دي تخيل ان انا ابعتلك 100 واحد عليها.
So, imagine if I send you 100 people about this checkpoint.
طب مش هتلحق بقى تمسك ده وتمسك ده وتمسك ده.
Well, you won't manage to hold onto this and that and that.
فممكن واحد منهم يعدي يكون هو ده ال-bad file.
So one of them might pass and be the bad file.
بالنسبة لل-firewall.
Regarding the firewall.
ال-port scanning.
Port scanning.
بيعتبر من ال-tech.
It is considered part of the tech.
ال-techniques المهمة.
The important techniques.
بالاضافة ل-technique حسابة ال-hubs اللي ما بينك وما بين ال-firewall.
In addition to the technique of calculating the hubs between you and the firewall.
عشان تقدر تعرف لو فيه firewall ولا لأ.
So you can determine if there is a firewall or not.
حاجة زي firework tool.
Something like a firework tool.
ال-port scan برضو بيعتبر من الاساسيات هنا.
Port scanning is also considered one of the fundamentals here.
اولا لان بعض ال-firewall ب-uniquely identify themselves.
First, because some firewalls uniquely identify themselves.
يعني بمعنى اخر لما انت بتعمل port scanning على firewall.
In other words, when you perform port scanning on a firewall.
ال-firewall احيانا بيكون مشغل بورتات خاصة بي.
The firewall is sometimes running its own specific ports.
هنا هو مديك مثال.
Here is your example.
مثال بيقول.
It says an example.
ال-checkpoint firewall 1 بيبقى شغال على بورتات التي سي بي اللي قدامك ديت.
The checkpoint firewall 1 operates on the TCP ports in front of you.
وال-netguard guardian pro بيبقى شغال على دول.
The Netguard Guardian Pro works on those.
فانت لو لقيت الفايلز ديت.
So if you find these files.
لو لقيت البورتز ديت شغالة يبقى انت كده ايه.
If you find the ports date working, then what are you?
ده ال-firewall ده موجود فعلا.
This firewall actually exists.
انت عملت identification او detection لل-firewall.
You performed identification or detection of the firewall.
طبعا في ال-firewall firewalking.
Of course, there is firewalking in the firewall.
وفي كمان ال-banner grabbingbing.
And there is also the banner grabbing.
الاسلوب البسيط اللي اتكلمنا عنه في ال-banner grabbingbing.
The simple style we talked about in the banner grabbing.
still موجود.
Still available.
انا كنت هتحاول تعرف.
I was going to try to understand.
طبعا من ضمن الاشياء برضو اللي هي بتستخدم.
Of course, it's one of the things that is also used.
وهم الحقيقة دي بتستخدم في كل حاجة.
And this illusion of truth is used in everything.
بس هم حابين ان هم يتكلموا عليها داخل الشابتر دوت.
They just want to talk about it within this chapter.
اللي هو ال-IP address spoofing.
Which is IP address spoofing.
انه اكيد الشخص ممكن ي-spoof ال-IP address بتاعته.
Surely a person can spoof their IP address.
زي ال-MAC address spoofing وزي ال-IP address spoofing.
Like MAC address spoofing and like IP address spoofing.
القصة مفهومة بالنسبة لنا.
The story is understood by us.
لو تفتكروا امبارح كنت بتكلم على انه في RFC.
If you remember, yesterday I was talking about the RFC.
بيقولك ايه الحاجات اللي لازم تعملها.
He is telling you what things you need to do.
وتفلترها عندك على ال-device على router او على الكلام ده.
"And you filter it on your device, on the router or on this thing."
او على firewall.
Or on the firewall.
ال-RFC 1918 anti spoofing filtering.
RFC 1918 anti-spoofing filtering.
بيقولك المفروض تمنع ال-private IP addresses.
He says you should block the private IP addresses.
اللي هي 1072-192.
Which is 1072-192.
طلعاز ان احنا منعينهم.
We should prevent them.
في RFC تاني 1827.
In RFC 1827.
request for comment يعني.
"Request for comment" means.
PDF.
PDF.
بيقولك المفروض انه ال-traffic.
They say that the traffic should be.
اللي بي-level your network.
The one who levels your network.
should have source IP version for address.
Should have source IP version for address.
only from your address space.
فقط من مساحة عنوانك.
يعني منفعش مثلا الاي traffic طالع من ال-internal network.
It means, for example, the traffic cannot come out of the internal network.
ومن جهاز رقم 40-40-40.
From device number 40-40-40.
وانا مش بستخدم الشبكة دي.
I don't use this network.
هسابين مثال.
Hesabine is an example.
قالك مفروض تعمل access list.
He said you should create an access list.
تسمح فقط بال-address scheme اللي عندك ليه تطلع.
It only allows the address scheme you have to come out.
3330 اعمى واشمل.
3330 is blind and inclusive.
وبيشملهم كلهم.
And it includes them all.
لان هو بيقولك انت المفروض تمنع ال-list دي من ال-IP addresses.
Because he is telling you that you should block this list from the IP addresses.
private IP addresses.
عناوين IP الخاصة.
برنجتها.
Her burden.
ال-4 صفار.
4 yolks.
ال-multicast addresses.
The multicast addresses.
كل الحاجات ديت.
All these things.
بطبع انت مش بحتاجها المفروض انك انت تشيلها.
Of course, you don't need it; you're supposed to remove it.
حتى ال-APIBA اللي هي 162.254.
Even the APIBA which is 162.254.
كل الكلام ده لازم يتشيله ويد-denyها.
All of this talk needs to be removed and denied.
source routing زي ما قلنا.
Source routing as we mentioned.
لو انت هتخلي الجهاز ده يشتغل كأنه router.
If you are going to make this device work as a router.
لو هنا في firewall بس عندي اتجاه تاني يوديني لل-destination.
If there is a firewall here, but I have another route that takes me to the destination.
فممكن اطلب من جهازي لما تيجي نكلم ال-destination ده.
Can I ask my device to call this destination when it comes?
استخدم ال-interface دوت او ال-network card ديت وخش كده.
Use this interface or this network card and log in like that.
fragmentation اتكلمنا عليها.
We talked about fragmentation.
bypass the blocked site using IP address in place of URL.
Bypass the blocked site using the IP address instead of the URL.
علاقة احيانا بعض المواقع بعض ال-websites.
The relationship sometimes between some websites.
بالنسبة لل-website انت ما تقدرش تخشها علشان هي ممنوعة بال-domain name.
As for the website, you cannot access it because it is blocked by the domain name.
فانت ممكن تكتب ال-IP address بتاعها هتخش عادي.
You can write its IP address and access it normally.
فيه application زي host to IP جيب لك ال-IP addresses بتاعتهم.
There is an application like host to IP that gives you their IP addresses.
طبعا تقدر ت-browse to bypass the blocked site using
Of course, you can browse to bypass the blocked site using
anonymous website serving sites.
anonymous website serving sites.
فيه بعض المواقع اللي ممكن تسمح لك ان من خلالها
There are some websites that might allow you to do so.
من خلال جوة ال-site نفسه تستخدم تكتب URL معين
Through the site itself, a specific URL is used to write.
وهو يروح يجيب لك الطلب ويعرضه لك يعني من غير ما
"He goes to get the order for you and presents it to you without any..."
القصة تشتغل معاك من غير ما تكون محتاج يعني
The story works with you without you needing to, I mean.
من غير ما تكون محتاج مثلا software زي tour او hotspot shield او الحاجات دي.
Without needing to use software like Tour or Hotspot Shield or things like that.
او تستخدم ال-website.
Or use the website.
ال-tools اللي هي او ممكن تستخدم بروكسي بروكسي كمان bypass firewall باستخدام بروكسي
The tools that can also use a proxy to bypass the firewall using a proxy.
وطبعا هنا محتاج انك انت تconfigure ال-browser بتاعك.
Of course, you need to configure your browser.
فيه كمان ال-ICMP tunneling وال-HTTP tunneling بكل بساطة ان انا ممكن يبقى الترافيك باين ان هو ICMP
There is also ICMP tunneling and HTTP tunneling, simply put, my traffic might appear to be ICMP.
بس هو فيه payload بيمثل حاجة سيئة يعني.
But there is a payload that represents something bad.
اه طبعا فيسبوك لا طبعا مش هتشتغل احيانا.
Oh, of course Facebook, no, it's not going to work sometimes.
احيانا مش بيتكلم طبعا اكيد يعني بعض احد الزملاء عندكم بيسأل على طب هي لو HTTPS فيسبوك لا قصة مختلفة طبعا.
Sometimes he doesn't talk, of course, some of your colleagues are asking about it. Well, if Facebook has HTTPS, it's a different story, of course.
HTTPS هتبقى مختلفة خالص يعني.
HTTPS will be completely different, meaning.
اه ما فيش فين ال-certificate بالضبط يعني لما انت بتقول كده.
Oh, there's no exact location for the certificate, I mean when you say that.
اه لازم تكون لازم ال-domain يكون موجود.
Yes, the domain must exist.
ال-IC tunneling مثلا برضو موجود ان انا ابعتلك اك قالك ال-firewall دايما يعني دي ملاحظة مهمة.
IC tunneling is also present, for example, so I can tell you that the firewall is always important, which is an important observation.
some firewall does not check the packet with ACK.
Some firewalls do not check the packet with ACK.
اه ما فيش ACK يعني I'm sorry ما فيش checking لل-ACK packets.
Oh, there's no ACK, which means I'm sorry, there's no checking for the ACK packets.
قالك ما هي دي ACK انا هتملها ليه.
He said, "What is this ACK? Why should I fill it out?"
لكن ال-ACK دي ممكن انت ال-firewall شايفها ان هي ACK ضمن session معينة.
But the ACK might be seen by the firewall as an ACK within a specific session.
بس هي ال-ACK دي الحاجة جواها بيلود.
But this ACK is the thing that has a payload inside it.
وفي برامج قالك ممكن تبليمنت ACK tunneling زي ACK CMD مثلا.
In programs, they said you might implement ACK tunneling, like ACK CMD for example.
HTTP tunneling نفس القصة شغال بنفس الطريقة وفي عندي tools ممكن تبعت traffic.
HTTP tunneling is the same story, it works in the same way, and I have tools that can send traffic.
يعني هو HTTP لكن هو بدخله بيانات اخرى.
It means it's HTTP, but it's inputting other data.
ال-SSH tunneling نفس القصة في عندي ال-Bitvice بيعمل الموضوع ده.
SSH tunneling is the same story; I have Bitvice doing this.
وطبعا ال-NMAP من التولز برضو اللذيذة اللي ممكن تخليك ترسل البيانات fragmented.
Of course, NMAP is also one of those cool tools that can allow you to send fragmented data.
يعني تعمل evading شوية زي مثلا انا هحط ديلو-F ف-F معناها هعمل NMAP و هعمل port scanning ولكن هخليه fragmented.
It means you do some evading, like for example, I'm going to use the keyword DILO-F, and F means I will do NMAP and perform port scanning, but I will leave it fragmented.
اغير ال-MTU تعمل decoy زي ما قلنا.
I will change the MTU to work as a decoy, as we said.
تخلي ال-System اللي بيحصل له scanning يحس ان هو بيانات جاهله من multiple system.
The system that is being scanned feels that it is data from multiple systems.
خصوصا لو كان firewall اللي بحاول يعمل كده.
Especially if it's the firewall that's trying to do this.
وال-Ideal Zombie Scan طبعا موجود.
And of course, the Ideal Zombie Scan is available.
سايبالكو تسبوف your MAC address through NMAP برضو انا سايبالكو ان انت فيه script بيخليك تسبوف الماك ادرس بتاعتك تبعت بعد Chuck Sam و اي كذا ايام.
I’m sending you instructions on how to spoof your MAC address through NMAP. Also, I’m letting you know that there’s a script that allows you to spoof your MAC address, send after Chuck Sam, and it will take a few days.
ده كان بالنسبة للجزء الاول عندنا.
That was for the first part for us.
بسم الله الرحمن الرحيم.
In the name of Allah, the Most Gracious, the Most Merciful.
يرجى المساعدة على دعم هذه القناة مجانا.
Please help support this channel for free.
وتثبيت المتصفح Brave.
And installing the Brave browser.
متصفح مجاني امن مدمج بحجب الاعلانات.
A free secure browser with ad-blocking built-in.
وشبكة خفية Tor و Torrent.
And the hidden network Tor and Torrent.
جزاكم الله خيرا.
May Allah reward you with goodness.
Continue listening and achieve fluency faster with podcasts and the latest language learning research.