SSH or Secure Shell was designed as a replacement for insecure protocols such as Telnet, FTP, and the r-commands. SSH provides secure network terminal access and file transfer, which means when someone “SSH’es to a box”, she connects to a system securely.

In addition to session encryption ( which provides confidentiality and integrity), SSH may also leverage certificate-based authentication. This way, you can authenticate with a password, a certificate, or both. Symmetric session keys used to establish confidentiality and integrity are unique for each session.

SSH may also be used as a VPN to tunnel other protocols such as http. SSH operates on TCP port 22. The most popular version of SSH is OpenSSH. SSHv1 is vulnerable to a man-in-the-middle attack, therefore SSHv2 is recommended.

There are a few known methods for password cracking which seem to be so simple but yet so effective.

1. Dictionary attack.

This is the easiest attack that can be performed. You might think who in their right mind would use a simple word as a password. But believe it or not, there are so many passwords that are and can be cracked this way.

Dictionaries are used in a cracking program to determine passwords. What a short dictionary attack does is trying hundeds or thousands of words that are frequently chosen as passwords against several systems.

2. Hybrid attack.

Hybrid attack starts with a dictionary attack and performs a brute force attack of 2-3 characters at the end. For each of the words in the dictionary, there are about 125 variants that will be attempted. So, adding special characters to the end of the password does not guarantee it won’t be cracked.

3. Brute force attack.

All passwords are crackable, it is just a matter of time. A brute force attack will try every possible combination of letters and characters that can form a password. Such a process can be very long and it might take days or weeks before you get positive results.

4. Rainbow tables.

Computers use one-way hashing algorithms to encrypt passwords for storage. A one-way hash is mathematically easy to compute in one direction (for encryption), but nearly impossible to compute the other way. This is important because someone who recovers a password file can’t use the hashed values to reverse the one-way encryption function and recover the original passwords.

Rainbow table acts as a datatbase that contains the pre-computed hashed output for most possible passwords. If you  wish to crack a password, it is simply a matter of querying the database. This usually takes seconds versus hours or days with some of the other tools.

Computers must be able to communicate with each other over the network. For that, we need a wide range of protocols for hardware, software, and communications media. To stay organized and efficient, these protocols are organized in the protocol stack. The stack is comprised of layers on top of each other.

Each layer works directly with the layer above and below it; and each layer works on the packet in different ways. As packets are passed from one layer to the next, each layer examines or modifies the packet in some way. The use of protocol stacks in network communications makes the task of implementing protocols much easier.

So, encapsulation occurs when the packet works its way down the protocol stack. Each layer encapsulates (adds) information around the packet it received from the layer immediately above it and sent to the layer below.