Wednesday, 11 December 2013

Firewall Unleashed

Introduction
Firewalls are used to monitor and control the inbound and outbound traffic on the protected network. They have an ability to block and allow the internal as well as external services within the network. Before allowing access to the service, a firewall may also force the client / user to pass through an authentication. Sometimes a firewall can be also used in IPSEC tunnels as a platform. It monitors security-related events.

Packet Filtering
The packet filtering mechanism mainly contains inspection on TCP/IP and UDP packets. It also includes all ports in its inspection. In this process, certain rules are written for allowing and rejecting the packets passing through the network. The rules written in the firewall may contain TCP and UDP port numbers, source and destination addresses. One can implement firewall rules which may work in both inbound and outbound directions.

Types of Firewalls
There are basically four types of firewalls:
  1. Packet Filter Firewall
  2. Stateful Packet Filter Firewall
  3. Circuit Level Gateway
  4. Application Level Gateway
Packet Filter Firewall
This firewall comes into play when an administrator wants only certain packets to enter into the protected network. In this case, each packet will be monitored and inspected before passing through the network, and after monitoring and inspecting, the firewall will decide whether to let it pass or not.

Sunday, 8 December 2013

Penetration Testng - Remote Shell



Introduction: SSH secure shell is used to establish a remote connection to a Linux box where SSH service is running. SSH runs on port 22 and applications like Open SSH v2.0 provide SSH utilities.  SSH can protect a network from attacks like IP spoofing, IP source routing etc,. However, we will study some vulnerabilities associated with SSH and provide necessary counter measures.

Monday, 2 December 2013

Transport Layer Security - Part 2 SSL

Introduction
I have already discussed about SSL in my previous article. Here I will be explaining you SSLv3. It is developed by Netscape company .In this section I will discuss on SSLv3.

General SSL Architecture
It is designed to secure end-to-end service on the internet. I will illustrate that SSL is not a single handed protocol. It is a layer of more than one protocol such as
a.    SSL record protocol
b.    SSL handshake protocol
c.    SSL change cipher spec protocol
d.    SSL alert protocol

Sunday, 1 December 2013

Hide Your Identity Online

Eat yourself up before someone else eats you. Proving this adage right we have done this rough research on being anonymous online. I doubt anyone can be more silent than this. Read out to find out. 

Wednesday, 27 November 2013

OpenVPN Configuration CentOS - XP ( Server - Client )

OpenVPN
    This is an open source application. It provides ‘VIRTUAL PRIVATE NETWORK’. It provides tunneling in which we can transmit packets securely. The main aim of using any VPN is to secure the network. In my demonstration I am going to install, configure and test openvpn within server and client. I will also generate RDP through rdesktop utility. RDP will be forwarded via TLS tunnel. And as a proof we will also analyze the packet through tcpdump.

Tuesday, 26 November 2013

Http Tunneling

Most of the companies and enterprises use proxies and firewalls for their company’s network security. But majority firewalls and proxies block most or all other services but one – http/https. They allow traffic to destination port 80 or 443 to pass in order for their employees to surf the web. So this particular behavior of the firewall can be exploited in order to connect to remote servers with services running on different ports other than 80 or 443. Let us see how.

ARP Poisoning - A Theoretical Approach

ARP Poisoning is an attack that can be carried out in a LAN that relies on Address Resolution Protocol for its internal routing. ARP Poisoning can then be further extended in different forms of attack like Man-in-the-middle-attack, Packet sniffing, Denial of Service etc. In this attack the attacker spoofs the ARP cache of the target machine.

Monday, 25 November 2013

Cryptography Unleashed - Overhead Analysis[Added]


What is cryptography?

IPSec provides security to the Internet Protocol Layer. It does this by giving us the choices to use any encryption-decryption algorithm along with the mandatory security protocols.. IPSec uses some different important protocols such as AH (Authentication Header), ESP (Encapsulating Security Protocol), ISAKMP (Internet Security Association and Key Protocol) and IKE (Internet key exchange). Each has their own responsibility and functionality. To operate all this functionality, there are two basic modes such as: Transport Mode & Tunnel Mode.

Sunday, 24 November 2013

Everything About SSL

In this article I am going to tell you everything about SSL that what it is why we need it, technical and non technical aspects of SSL etc.. This article covers the introduction, SSL certificate, Encryption, process of encryption and how your browser interact and trust that certificate provided by the website you are visiting.

Existence of SSL
There are basically 2 aspects of SSl. One is Encryption and second is Identification.  Now encryption is what you hide the content of the data sent from one machine to another machine. It is done by changing the content of the data in identical to garbage form which is human readable but not human understandable. It is exactly like speaking in different languages with what one person is not familiar. I am Indian if someone speaks in Russian language, it is not understandable by me. So here Russian language is like encrypted language for me. However if I get a translator and he/she translates that Russian language into Hindi  then I can say that now that is understandable by me. So it is said that message has been decrypted. Identification is related to trust.  In the previous scenario, how can I trust the translator who is converting Russian language to Hindi? Is she/he legitimate ? Can I trust him/her? In the digital world, it is something like this. Your machine has to trust the SSL certificate (security mechanism), provided by the website via an SSL certificate issuing vendor.

Transport Layer Security - Part 1

This is a non-technical guide which will make you familiar with the transport layer. The main purpose of writing this guide is to point out why we need major security implementation on the transport layer. What if the components of this layer get compromised?


Introduction
In this today’s digital world, every business has their website. If it is a small firm or any big agency which is government agency or non-government agency, they have a website and they use websites. It is clearly visible that number of individuals and companies who are accessing the internet has rapidly increased. As the businesses around the globe are rapidly increasing, they want the internet to be act as web e-commerce for their business to manage everything centrally. However, over the years we are watching that web services across the internet are majorly vulnerable in various ways. None of the business wants to put themselves into vulnerable environment. As a result, the need for security in the corporate world is also in demand.

Monday, 18 November 2013

Suspicious File Analysis With PEFRAME

In this article I am going to conduct a walk through with a nice python tool named PeFrame. This tool should be an analyst’s first choice in order to analysis a piece of static malware. I am going to discuss each and every feature provided by this tool and I will also show you why it is important to find information through the malware.

What is Peframe?

This is a python-based. Tool used to assist in the analysis of PE files. There are many different tools available for malware analysis, but this tool is strictly built for portable executable malware analysis such as .exe and .dll files.

Monday, 11 November 2013

Doxing

Lets suppose any thriller stealing movie. Think what does robbers do before they hack the bank or anything else? They gather the information. They collect each and every information about bank system, alarm methodology, CCTV interface, Guards changing time, list of weapons having with guards.After gathering information they make plan and attack or rob the bank. You all are clever. So assume they don't have these much of information and they are going to rob bank directly, what will happen ? You will find them caught with by police.

Same scenario also applied in information security world. Before attacking or testing something a hacker/tester needs to find the information about his/her target. Now this target can be a network, web application, organization or a person. In our world finding information is also called as footprinting or doxing. Also the term reconnaissance can be used sometimes.

CyberCrime - From A Different View Point

Many of you are already familiar with cyber crime. I am just going to share which are the areas in cyber crime that one should keep in mind apart from only hacking and bank fraud. These areas are also called as "Traditional Crime Techniques".

In this article I am going to compare traditional crime techniques to the cyber crime techniques and methodologies. We will come to know how common is that in the real world and how hacker got an idea of doing digital crime by analyzing real world traditional crime.

Internet Safety Tips

Cyber Security Tips - Mind Map
Click on the pic to enlarge

Network Footprinting - Doxing - Information Gathering

This article is all about different information-gathering techniques on the network. It is the most essential and important task of attackers. Knowing the opponents and their interests can be valuable. Here I am going to show you which are the different ways and techniques one can do the network information/intelligence gathering.

INTRODUCTION

Let’s think of any thrilling movie theft. What do robbers do before they break into the bank or anything else? They gather information. They collect each and every bit of information about the bank system, alarm methodology, CCTV interface, the guards’ changing time, and a list of weapons that the guards have. After gathering information they make plans and attack or rob the bank. Assume they don’t have this information and they rob the bank directly. What will happen? You will find that they are caught by the police.

The same scenario can also be applied in the information security world. Before attacking or testing something, a hacker/tester needs to find information about his/her target. This target can be a network, web application, organization, or person. In our world, finding information is also called footprinting or doxing. Also, the word “reconnaissance” can be used sometimes.

How to detect firewall using different packets to it

Before starting your network/web application security auditing it is always good to detect whether your target server is running any firewall/IPS or not. It has been always a best practice and method to send some crafted packets to the server in order to check the response form the server. In this article you will learn how to craft packets and how to send the server on their various ports using hping3. Also you will analyze each and every request coming and going from your machine to your target. Here my target is www.lucideus.com which's IP I have taken.

Review of Different Phishing Countermeasures

In this article I have my best to gather and explain all those possible ways by which phishing can be avoided. Here I am going to explain Phishing counter measures in very details. As you know phishing is kind of technical and psychological attack on human nature, which make him/her to reveal their sensitive information to the attacker. For more information on phishing you may visit Wikipedia and search for a topic “Phishing”. Here I am going to provide you all possible counter measures for phishing attacks.

Scalpel : Data Recovery From Byte Strings

In digital forensics, file carving is an essential process. It is a technique in which investigator uses databases of headers as well footers. These headers and footers contain byte strings. So, suppose you have 5 JPEG files. So all those 5 files will have same header & footer byte strings. So this tool carves data by analyzing that byte string. This Is an advance tool as it also carves file even after its metadata is removed.

Design of Scalpel
It’s a high performance file carving utility which is designed based on 2 principles.
1.    Economical yet flexible : This tool is designed in such a way that it can run on any machine which is having still those ancient Pentium II processors with 256 or even less MB ram. It can also run on Knoppix, Helix or any other Linux system. Additionally this tool is capable of recovering data of any larger size.

2.    Time Complexity : Here I am using this “High Performance” word frequently because when we talk about high performance, we always consider quality along with time. This tool is carving files in no time without compromising the quality of the carving service.

Sunday, 3 November 2013

Email encryption: Mailvelope

Between constant password breaches and the NSA looking in on everything you do, you’ve probably got privacy on the mind lately. If you’re looking for a little personal privacy in your communications with friends and loved ones, or you just want to trust that the documents you email to your accountant or client aren’t being intercepted and read, you’ll need to encrypt those messages. Most email is sent as plain text. This means that anyone can intercept email messages. To rescue ourselves from man in middle attack we must have to use email encryption. Mailvelope is a browser extension that allows exchanging encrypted emails following the OpenPGP encryption standard.

Email encryption
Email encryption refers to encryption of email messages, to protect the content from being read by any unauthorized recipients. By using Email encryption we can keep our data safe when we send our documents. By the use of email encryption technique any unauthorized person is unable to understand the content of our mail. Email encryption can rely on public-key cryptography, in which users can each publish a public key that others can use to encrypt messages to them, while keeping secret a private key they can use to decrypt such messages or to digitally encrypt and sign messages they send.

Mechanism of email encryption
Encrypted email is a way of keeping the content of your email safe from eavesdropping as it bounces around the internet. The most common type of encryption is OpenPGP (PGP is “Pretty Good Privacy”). It was created by Phil Zimmerman in 1991. We can perform hard drive encryption, file system encryption as well as attachment encryption. It’s basically based on Public Key cryptography which contains a public key and a private key.
Pretty Good Privacy is a popular program used to encrypt and decrypt e-mail over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender’s identity and know that the message was not changed en route.

Thursday, 31 October 2013

Building A Digital Arm Force For Your Country

This article will be showing you why we need to really think of our nation’s cyber army. Where we are, which digital weapons we have? What are the challenges faced by your countries in the digital world. So, How to overcome this problem? How to recruit your digital arm force smartly? This article will help the government as well as private security firms too.

         History of Hacking

Over the past years we have seen many big hacking case studies which lead us to think seriously about cyber crime world. Some of the stories I want to share with you.

Moonlight Maze: Although the feds aren't talking publicly about a three-years-plus cyber-attack believed to be coming from Russia, a member of the U.S. National Security Agency's Advisory Board says the case, dubbed "Moonlight Maze," reveals huge cracks in the U.S. government's defense system. The Moonlight Maze stealth attack, which has targeted sensitive but unclassified information since it was launched in March 1998, is the "largest sustained cyber-attack" on the U.S., according to Adams. (Abreu, 2001)

Wednesday, 30 October 2013

Can You Explain Me SSL Please !!!?

In this article I am going to tell you everything about SSL that what it is why we need it, technical and non technical aspects of SSL etc.. This article covers the introduction, SSL certificate, Encryption, process of encryption and how your browser interact and trust that certificate provided by the website you are visiting.

Existence of SSL
There are basically 2 aspects of SSl. One is Encryption and second is Identification.  Now encryption is what you hide the content of the data sent from one machine to another machine. It is done by changing the content of the data in identical to garbage form which is human readable but not human understandable. It is exactly like speaking in different languages with what one person is not familiar. I am Indian if someone speaks in Russian language, it is not understandable by me. So here Russian language is like encrypted language for me. However if I get a translator and he/she translates that Russian language into Hindi  then I can say that now that is understandable by me. So it is said that message has been decrypted. Identification is related to trust.  In the previous scenario, how can I trust the translator who is converting Russian language to Hindi? Is she/he legitimate ? Can I trust him/her? In the digital world, it is something like this. Your machine has to trust the SSL certificate (security mechanism), provided by the website via an SSL certificate issuing vendor.

Thursday, 14 February 2013

Apple iOS 6 Hack


Techcrunch on 14.02.13 at 7:00pm reported :
With just a few quick steps, it’s easy to open the phone app on any locked iPhone running iOS 6.1. From there a person has full access to the photo library, can edit contacts, send emails, text messages or even make a FaceTime call. It’s so easy that it’s downright silly.
As shown in the video below, the process involves holding down the power button and aborting an emergency call. 
The flaw causes the phone to load the phone app, giving anyone full access to the dialer, contact list, voicemails, call history and photos by editing a contact. An email or text message can be sent by sharing a contact. FaceTime is accessible through the contacts as well.
The exploit is fairly easy to access but the timing is tricky.

Here are the steps to hack iPhone iOS 6 - 

  • From a locked iPhone running iOS 6, load the emergency dial screen.
  • Press and hold the power button and then hit cancel.
  • Make a fake emergency call — dialed 112 in the video.
  • Hang up immediately.
  • Hit the power button to put the phone back in standby.
  • Hit the home button to bring up the lockscreen
  • Hold down the power button and at the three-second mark, hit the Emergency Call button.
  • Keep holding the power button until the Phone App comes up.
  • Hit the Home Button and release as if you’re taking a screen shot.
The last bit is the hard part. The timing needs to be just right.