-
Wade Mackey wrote a new post on the site Intro to Ethical Hacking 10 years, 1 month ago
No issues if you already posted in previous weeks presentation, no need to repost. Also, all have been moved to “Author” status.
-
Wade Mackey wrote a new post on the site Intro to Ethical Hacking 10 years, 1 month ago
-
IN THE NEWS:
Google says Gmail credential dump not result of company breach
http://www.scmagazine.com/google-says-gmail-credential-dump-not-result-of-company-breach/article/371092/The credentials dump was not a result of a breach but was obtained through a combination of sources. If the same credentials are used across different websites then it makes it easier to hack other systems if one of the websites is compromised.
Are the FBI and “weev” both hackers?
FBI’s conduct to find Silk Road servers was similar to “weev’s” criminal hacking.
http://arstechnica.com/tech-policy/2014/09/are-the-fbi-and-the-weev-both-hackers/
The actions the FBI took to find the servers of the online drug haven Silk Road could fall under the same hacking statute in which his high-profile client was charged.Andrew Auernheimer, aka ‘weev,’ who readers may recall was criminally prosecuted for his role in visiting website addresses on an AT&T server that AT&T had thought and hoped would not be found by the public. Auernheimer’s co-conspirator found that AT&T had posted e-mail addresses on its server at IP addresses that the public was not expected to find. In defending its prosecution, DOJ took the view that obtaining information at the website addresses was criminal unauthorized access because AT&T had not intended for the public to see it and it was in a place where an ordinary computer user would likely not find it.
In defending conduct in the Silk Road case, however, DOJ takes the view that there is ‘nothing . . . unlawful’ about taking advantage of a server misconfiguration to obtain data inadvertently ‘leaked’ by the server because that information is ‘fully accessible to the public.’
Shedding Light on the Foreign Intelligence Surveillance Court (FISC): Court Findings from Our 2007-2008 Case
-
-
Wade Mackey wrote a new post on the site Intro to Ethical Hacking 10 years, 1 month ago
-
Hi guys,
If your using the latest and greatest flavor of the month (Windows 8/8.1), Powershell comes installed by default per Microsoft. Opps! Check out this site that discusses using Kali with Powershell to by pass AV and fingerprint the machine.
o a. One key point you took from each assigned reading. (One or two sentences per reading)
Both articles make it abundantly clear that “Research skills” and the use of various freeware tools will be of great assistance in quietly fingerprinting a customer/client.
o b. One question that you would ask your fellow classmates that facilitates discussion.?
Do you have any great recon sites that you use that you would be willing to share? -
Hello,
1. One key point you took from each assigned reading.
a) The Art of Reconnaissance
The author of this article shows the basics on how to find weaknesses when gathing
information about a particular possibly before an attack like ping sweeps, fingerpring and port scanning. This in turn
can detect if the remote machine is “up”, detecting the operation system and detecting which ports are open and shut down.b) Using Open Source Reconnaissance Tools for Business Partner Vulnerability Assessment
The author of this article shows issues which are important to follow regarding Ethica Hacking procedures.
Leaving passwords for user “Root” as Password (perhaps the Default) or performing intense scanning may cause website to
crach or fill up the available bandwith2. What each of the articles have in common
c) What the two article both share the flaws a system may have and how by using the right tools, an outsider can
cause problems, to say the least, about the system whether it be an internal or external.
The both show what precautions one may want to take to lesson some of these problmens.3. One question that you would ask your fellow classmates that facilitates discussion.?
What kind of safeguards do you think large coporations like Walmart, Target and major Banks like Wells Fargo may
take, on top of what was mentioned in the articles, which may decrease external hacker penetration
What kind of internal actions may the same organations take to make sure that each of it’s employee are
doing their part not to give hackers, either from the inside or outside, a way of obtaining access to a system
where they may do reputable damage.4. Here is article which discusses the pros and cons of cloud coputing and since cloud computing are in the
early stages of seurity protection, consumers may want to take the proper precaution, some mentioned in this article
to help protect their information. See link below;
http://www.technewsworld.com/story/80991.htmlDave Siegelman
-
Reading one keypoint:
Your IP is one of the starting blocks for outsiders to gain information about you or your organization. They can gather information about your ISP and your approximate whereabouts.
The key in reconn is to observe and study the targeted system and look for patterns and weaknesses, may it be from the systems or personnel. Reconn = patienceReading two keypoint:
The open source reconn tools can be used by both sides, i.e, the corporate and the outsiders. The outsiders are very creative and imaginative in seeing possible routes to the discovered systems. On the business side, they have to be diligent in keeping their systems up-to-date and properly configured all the way to the desktops, and most importantly make the employees aware of information security through trainings. -
Key points from assigned reading:
Art of Reconnaissance: Two things that I like from the reading, apart from the technical how-to’ is to consider basic steps before attempting any recon testing:
(a) To get a written consent before you do any recon testing on a network and (b) to never do recon testing using your own network connection. The question here is: how does one ensure that their own system’s integrity remains intact?
Using open Source tools for Business Vulnerability Assessment:
The reading lists some open source tools one can use to check for business vulnerability. It is important for the sake of network integrity and intrusion prevents that it vulnerability management be taken seriously as part of a “good information security program”. Question is what steps do you take to enforce decisions with your vendors about information sharing and access to your systems? At the end of the day, it’s not just one system that is vulnerable by getting shared information.Article:
Better Cyber Security methods: invest in people and processes, says Art Gilliland http://alturl.com/jat9zHP’s enterprise and security chief, Art Gilliand, in an interview points that the industry needs to invest on people who understand the nature of the threat and invest in processes that will help keep the network available and secure. The biggest concern is to fill the ‘skill gap’ that currently exists.
-
Interesting reading from SANS: The Keep Within the Castle Walls – An Experiment
in Home Network Intrusion Detection: http://alturl.com/3hy3y -
An interesting article from KrebsOnSecurity about the latest breach at Home Depot.
http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/There seems to be evidence that it used the same method as last year’s attack on Target, only a newer version of BlackPOS.
This version ‘disguises the malware as a component of the antivirus product running on the system.’
-
-
Wade Mackey wrote a new post on the site Intro to Ethical Hacking 10 years, 1 month ago
Here are the links for downloading Kali and VMware Player:
http://www.kali.org/downloads/
https://my.vmware.com/web/vmware/downloads
Still working on confirming VMware Workstation
-
Wade Mackey wrote a new post on the site Intro to Ethical Hacking 10 years, 1 month ago
Here is our first weeks presentation material: Intro to Ethical Hacking
http://articles.philly.com/2014-09-13/news/53855445_1_pennsylvania-health-system-patient-information-desktop-computer
a. One key point you took from each assigned reading. (One or two sentences per reading)
With all of the talk of security in the news, we still have people that do not take the minimal precautions in business to secure private customer data.
b. One question that you would ask your fellow classmates that facilitates discussion?
What does your physician do to secure your personal information at their place of business.
Last week it looked like the malware which caused the Home Depot breach was a newer version of BlackPOS. That may need to be re-considered.
This article has a list of major differences which would indicate it is not a version of BlackPOS, but another family of malware.
http://www.darkreading.com/home-depot-breach-may-not-be-related-to-blackpos-target/d/d-id/1315636
An interesting point was made in the comments: Why don’t companies do a better job of monitoring what data is being exfiltrated from their systems?
Point from the reading:
Not only is it good to be proactive in monitoring attempts to infiltrate the system, but proper reports and records must be kept to so that proper use can be made of the results of the scan. Also, the focus of the scanning tool seems to be only on infiltration, not on exfiltration. This relates to the comment made about the article above.
Question:
This article is from 2002. Is this product still available and effective today? If not, what are the current effective products for scanning?
1. Key points taken from the reading.
Scanning: Many individuals are unaware of how vulnerable their systems are and simply having good “password etiquette” is simply enough to prevent outsiders from hacking into their systems and doing any considerable damage. Also, new viruses and hacks are being developed every day and if one isn’t on top of the latest fixes, one may become a victim pretty quickly. With such tools as Nessus, businesses and organizations can stay on top of most of the vulnerabilities which can harm their systems, though one needs to remember tools such as Nessus will only point out the vulnerabilities and it is the part of the user to check out and fix those which are identified by the Nessus tool. Also, new updated plugins are being introduced on a regular basis to fix the newest threats and if one doesn’t stay on top of this as well, one can’t check for and then fix the more recent threats.
2. Question for the class. As technology becomes more complex in the near to late future, do you ever see the possible of a system which is 100% (or close to) hack proof and if so do you think the solution will be one that has been drastically improved upon over the years or one that is innovative and unique?
3. Here is article in regards to Twitter, who not so long ago (the beginning of September) has started paying individuals $140 or more if they find flaws under its new Bug Bounty program. One individual found a way to delete the credit cards of any account as long as one obtained the twitter account id and the credit card id. Once a user had these two fields, a basic Ajax post request substitution is all one needs to cause a little havoc.
http://thehackernews.com/2014/09/twitter-vulnerability-allows-hacker-to_16.html
Hello everyone,
I forgot to post this information earlier this week. I found a pretty interesting book that Penetration Testing A Hands-On Introduction to Hacking by Georgia Weidman. The site also presents a torrent file to download a Kali Linux VM. I believe it is Kali 1.0.6. The company is “No Starch Press.” If you get the book don’t stay up too late. Enjoy!
Cheers,
Britt
Week 4 – Reading and article:
Key point
Periodic vulnerability scanning helps discover weaknesses that would likely be exploited by hackers. However, a single tool, like Nessus, can not replace the information security professional knowledge and experience about security strategy and configuration.
Question for the class
What types of vulnerabilities can be discovered with Nessus ?
Article
How to Choose the Best Vulnerability Scanning Tool for Your Business
http://www.cio.com/article/2683235/security0/how-to-choose-the-best-vulnerability-scanning-tool-for-your-business.html
Some of the best-known and more highly rated commercial vulnerability scanners are Nessus (Tenable Network Security), Secunia CSI and Core Impact (Core Security). Nessus started as a free tool but was eventually converted to a commercial product, with a beefed-up feature set and higher quality tech support. Secunia is free for personal use and affordable for commercial use. Core Impact is pricey ($40,000 and up) but offers terrific value for the money.
A newer type of vulnerability scanner is delivered on-demand as Software as a Service (SaaS). Products such as Qualys Vulnerability Management provide continuous, hands-free monitoring of all computers and devices on all network segments (perimeter to internal). They can also scan cloud services such as Amazon EC2.