• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • HomePage
  • About
  • Structure
  • Schedule
    • First Half of the Semester
      • Week 1: Overview of Course
      • Week 2: TCP/IP and Network Architecture
      • Week 3: Reconnaissance
      • Week 4: Vulnerability scanning
      • Week 5: System and User enumeration
      • Week 6: Sniffers
      • Week 7: NetCat, Hellcat
    • Second Half of the Semester
      • Week 8: Social Engineering, Encoding, and Encryption
      • Week 9: Malware
      • Week 10: Web application hacking, Intercepting Proxies, and URL Editing
      • Week 11: SQL injection
      • Week 12: Web Services
      • Week 13: Evasion Techniques
      • Week 14: Review of all topics and wrap up discussion
  • Assignments
    • Analysis Reports
    • Quizzes & Tests
  • Webex
  • Harvard Coursepack
  • Gradebook

ITACS 5211: Introduction to Ethical Hacking

Wade Mackay

Comments for “Protect yourself from one of the easiest ways people can steal your personal data in public”

Comments for “Protect yourself from one of the easiest ways people can steal your personal data in public”

September 4, 2016 by Wade Mackey 3 Comments

One thing to keep in mind is that firms that process PII or other sensitive data may restrict staff that access these systems from working remotely.  In particular, financial firms often have sophisticated monitoring programs that may not work for remote users.

Wade Mackey

 

Comments for “A Password for my Password”

September 4, 2016 by Wade Mackey 3 Comments

One thing to keep in mind is that password keepers and the browser function to remember passwords have their own vulnerabilities that can resut in an attacker taking advantage of these.

Wade

 

A Password for my Password

September 3, 2016 by Loi Van Tran

Is it me or does it seem like we are accumulating more and more passwords everyday.  From work to school to our personal life, we are constantly creating new accounts and passwords that we have to remember.  The world is online and with it a requirement to create an account with every site you visit.  We have accounts for basically everything we need; online banking, shopping, gaming, social networks, educations, mobile apps, loans, mortgages, and privileged account for systems at work.  How do we remember it all? As a student in the ITACS program, we know better than to write it down or even worst, put it on a sticky note under our laptop.   Fortunately for us, some systems may have Single-Sign on, like mobile apps where you can sign on using your Facebook account, or Two-Factor Authentication where we have to carry a physical device. At the end of the day we still have to remember some passwords and of course we do not want to use the same passwords for every account.  To add on to this problem, passwords requirements are becoming more complex.  Rules such as 1 upper case, 1 lower case, special characters, and no dictionary words makes it even more difficult to remember passwords.

There are programs out there like Secure Password Manager, or Keeper that allows you to store your passwords with another password which doesn’t seem to solve our issue.  What happen if these service providers get hacked, now all of our accounts are at risk.  I’ve recently read an article that made REMEMBERING password a little easier.  It basically said to think of a sentence and use that sentence to help create a password that you can remember while meeting password criteria.  For example: I bought my daughter first dog for 200 dollar .  My password would be “Ibmd1stdf200$”  By using the first letter of each word and replacing first with “1st,”  I am able to create a password that meets all the password criteria.  It’s a simple tip, but I never thought about it until I read this article.

Please see the article for more details: http://www.businessinsider.com/hacker-strong-pass-2016-5?pundits_only=0&get_all_comments=1&no_reply_filter=1

Protect yourself from one of the easiest ways people can steal your personal data in public

September 3, 2016 by Mauchel Barthelemy

It becomes a common approach for many large organizations to allow people to work remotely. In fact, companies from industries such as: IT Health Care, Manufacturing, Finance etc. have adopted this method to give certain people the freedom to work conveniently. It is nice for an organization to provide freedom for its workforce; however, security represents a major con to that strategy. This is when it becomes crucial to teach those particular workers the best ways to protect PII or PHI while in public. Most security people are so focused on sophisticated ways to protect software and application programs that they often times neglect about physical protection for laptops. Physical protection is the area of focus of this article as it explains in details the benefits and side benefits to ensure privacy and data protection while working on the road.

 

The article can be accessed via this link below:

http://www.businessinsider.com/protect-yourself-from-one-of-the-easiest-ways-people-can-steal-your-personal-data-in-public-2016-9

 

Feds Warn States to Batten Down Hatches Following Election System Attacks

September 2, 2016 by Ioannis S. Haviaras

With the election coming up shortly, many hackers have been trying to exploit election databases to get PII about voters. Both Illinois and Arizona had to perform extensive security reviews regarding their vulnerabilities in their systems. An SQL injection attack was discovered to be hitting the voter registration database for 24 hours a day from June 23 to August 12, showing that an attack can go under the radar for so long. Department of Homeland Security Secretary have been pressed about the issue and are still investigating how to prevent this from happening in the future.

Article Link:
http://www.technewsworld.com/story/83866.html

Cisco Switch Config

September 2, 2016 by BIlaal Williams

Hi all,

I found this video on Lynda.com and it’s a pretty good tutorial on configuring a cisco switch and setting up VLANs.  It’s not long and broken up into short segments. Definitely helped me with understanding the reading for week 2.

cisco 2950 switch video

Bilaal

 

September 1, 2016 by Scott Radaszkiewicz

Article: Students can use the dark web to cheat their way through school

Link: http://www.businessinsider.com/students-can-use-the-dark-web-to-cheat-their-way-through-school-2016-8

I work in education, K-12 and this article is a constant reminder to me on how students are constantly one step ahead of us.   Sure, I know some of the kids in the schools who have a interested in computers, and some I have actually taken under my wing and worked to provide them proper resources to explore their passion.   Years back I had a student who used a USB key to boot a teacher workstation and hack the SAM to get the local administrator password.   The student didn’t do anything with it, but showed the teacher what he had done.   Kind of a, “hey, look how smart I am” gesture.   So, we put that student into an independent study program for computer networking, and to this day, I still keep in touch with the student who is now in college.  

But this offers a whole new level of hacking.  Not only am I on the lookout for those students who will tinker and hack themselves, but any student can pay for the service, if they want to take advantage of it.   Security is a constant life of catch up.   We can’t fix an issue, until we know it’s an issue and we are constantly chasing after the next generation of kids who know more then us.   And kids sometimes have nothing better to do than sit in class and “tinker”.

This is just plain and simple fact.  At my school, we work very hard to educate students about the rights and wrongs of use.   I can attempt to stop as much unethical behavior as I want, but the reality is that I can’t.   So, education on what is the proper use is paramount!    But at the end of the day, we can make it tough for students to cheat/hack/etc, but anyone intend on real harm can either do it themselves if they have the skill, or hire a professional to get it done!

 

https://community.mis.temple.edu/itacs5211fall16/2016/09/01/3158/

Article: SWIFT discloses more cyber thefts, pressures banks on security

September 1, 2016 by Ahmed A. Alkaysi 2 Comments

http://www.reuters.com/article/us-cyber-heist-swift-idUSKCN11600C

I found this article from this morning pretty interesting. SWIFT, which basically allows financial transactions between banks worldwide, declared that their were new cyber attacks on its member banks. They said that attacks have ramped up since the Bangladesh Bank lost $81 million dollars back in February’s cyber attack. The attackers are specifically targeting banks that lack proper security for “SWIFT-enabled transfers.” It seems like SWIFT is having trouble with their member banks complying to security procedures. The biggest issue stated in this article is that SWIFT does not have “regulatory authority over its members.” So they cannot FORCE these banks to comply to proper security controls. SWIFT is threatening to disclose security lapses for these banks, which I don’t see how it helps. Before these banks were capable of using the SWIFT transaction system, SWIFT should have sent their own IT auditors to make sure these banks had the proper IT security and controls in place. Otherwise, we will see problems like this where banks or companies in general, especially in developing countries, aren’t taking IT security seriously.

Week 1 Presentation

August 31, 2016 by Wade Mackey

Here is the presentation from Week 1

 

Intro to Ethical Hacking

Welcome to Ethical Hacking

August 19, 2016 by Wade Mackey

Welcome to Ethical Hacking

  • « Go to Previous Page
  • Page 1
  • Interim pages omitted …
  • Page 26
  • Page 27
  • Page 28

Primary Sidebar

Weekly Discussions

  • Uncategorized (133)
  • Week 01: Overview (1)
  • Week 02: TCP/IP and Network Architecture (8)
  • Week 03: Reconnaisance (25)
  • Week 04: Vulnerability Scanning (19)
  • Week 05: System and User Enumeration (15)
  • Week 06: Sniffers (9)
  • Week 07: NetCat and HellCat (11)
  • Week 08: Social Engineering, Encoding and Encryption (12)
  • Week 09: Malware (14)
  • Week 10: Web Application Hacking (12)
  • Week 11: SQL Injection (11)
  • Week 12: Web Services (10)
  • Week 13: Evasion Techniques (7)
  • Week 14: Review of all topics (5)

Copyright © 2025 · Magazine Pro Theme on Genesis Framework · WordPress · Log in