Wednesday, 11 December 2013

Firewall Unleashed

Introduction
Firewalls are used to monitor and control the inbound and outbound traffic on the protected network. They have an ability to block and allow the internal as well as external services within the network. Before allowing access to the service, a firewall may also force the client / user to pass through an authentication. Sometimes a firewall can be also used in IPSEC tunnels as a platform. It monitors security-related events.

Packet Filtering
The packet filtering mechanism mainly contains inspection on TCP/IP and UDP packets. It also includes all ports in its inspection. In this process, certain rules are written for allowing and rejecting the packets passing through the network. The rules written in the firewall may contain TCP and UDP port numbers, source and destination addresses. One can implement firewall rules which may work in both inbound and outbound directions.

Types of Firewalls
There are basically four types of firewalls:
  1. Packet Filter Firewall
  2. Stateful Packet Filter Firewall
  3. Circuit Level Gateway
  4. Application Level Gateway
Packet Filter Firewall
This firewall comes into play when an administrator wants only certain packets to enter into the protected network. In this case, each packet will be monitored and inspected before passing through the network, and after monitoring and inspecting, the firewall will decide whether to let it pass or not.

Sunday, 8 December 2013

Penetration Testng - Remote Shell



Introduction: SSH secure shell is used to establish a remote connection to a Linux box where SSH service is running. SSH runs on port 22 and applications like Open SSH v2.0 provide SSH utilities.  SSH can protect a network from attacks like IP spoofing, IP source routing etc,. However, we will study some vulnerabilities associated with SSH and provide necessary counter measures.

Monday, 2 December 2013

Transport Layer Security - Part 2 SSL

Introduction
I have already discussed about SSL in my previous article. Here I will be explaining you SSLv3. It is developed by Netscape company .In this section I will discuss on SSLv3.

General SSL Architecture
It is designed to secure end-to-end service on the internet. I will illustrate that SSL is not a single handed protocol. It is a layer of more than one protocol such as
a.    SSL record protocol
b.    SSL handshake protocol
c.    SSL change cipher spec protocol
d.    SSL alert protocol

Sunday, 1 December 2013

Hide Your Identity Online

Eat yourself up before someone else eats you. Proving this adage right we have done this rough research on being anonymous online. I doubt anyone can be more silent than this. Read out to find out.