ENCRYPTION AND AUTHENTICATION
- Layout topology for this exercise:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIOD_3XSj16Sspnr2I-5VXxjl6AAeT0rjxkIBSui0PYrHN1cUw2ABiG80aohvPTQ5r90_bt0pwuHVdsmVVe_xqsIv7WaGu4Jsry_D754ZzXyYgFncsxKK9OOI_8DcYdc5cDTQkbZ211lK0/s1600/screenshot.5.jpg)
- In this exercise encryption is used to avoid eavesdropping and IDS detection. Also, authentication ensures that only the desired partner is able to establish the connection.
- The command structure is similar to the usual bind shell with the only differences of using ncat for the command, --ssl for encryption, and --allow for authentication.
- Windows specifies that the only allowed host to communicate via ncat with him will be the Kali machine, and also that the connection will be encrypted:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1wPrBRQUB699l84hQli0IA6ZYuRVsCfmk0CCj36wZkeAENruWUCTvm3XcF6DOJIYmsomzsIvP3FiLkB03lgqhc2bGt69vOb1jdhSALQ185FrR_SxWDvx8imzdPbjRi2J5IWqSJpPQyPEo/s1600/screenshot.13.jpg)
- Kali launches the connection also with --ssl encryption:
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR8-sik18s5iEHZKchzAhbndS_iSRjwncjnW7JoefnDjlMk24nR-IYYiHqtmkP3IZiuU8Y8ZfaMbr-v1qj1EEo8nlnnDa7-9Uq8O9c7LSP8lsYfUqw9R8w8m3VLbjnN8KsWyxjgaTQXj1N/s1600/screenshot.14.jpg)