MIS-5211
Week 13 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
Regarding the following tested IPS HW security appliances (HP Tipping Point, Check Point Firewall, Palo Alto Networks Firewall, Cisco ASA, Fortinet FortiGate, and Snort open-source IPS), all products failed to protect against multiple TCP/IP network evasion techniques (overlapping fragments, wrapping sequence numbers, and packet insertions) using the “Conficter worm” on vulnerable Windows PCs. Best practices for protecting IPS devices are some of the following: modify default vendor IPS settings for one’s business enterprise network & systems (continue to update as threats evolve), block un-needed NULL sessions (unauthenticated connections) to any networked Windows PCs, always check IPS alerts too.
- Question to classmates (facilitates discussion) from assigned reading…
Which IPS is most secure in an online business enterprise setup?
*Answer: All IPS appliance devices (Cisco, Check Point, PaloAlto Networks, etc) have similar & different vulnerabilities, but enterprise IT staff can minimize vulnerabilities with following best practices: put the IPS in the right place (performance & coverage), teach the IPS what you know (configure for your network & system), think about high availability (plan your disaster recovery), don’t block initially (initially test for false positives), get trained (train IT staff beyond IPS vendor’s info), and plan to tune (continue periodic adjustments for evolving attacks.)
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
Week 12 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
1A. Regarding “web services security” info (other outside component web app services providing info to larger web sites all previously operating over non-secure HTTP), can be vulnerable to following cyber attacks: DoS, spoofing, firewall bypass, etc. One excellent way to protect HTTP traffic is to employ encrypted transport links with SSL/TLS over HTTPS.
1B. Regarding “XML web services & web application security” info (highly distributed, inter-operable, easy-to-use, and very customizable web components all previously running over HTTP) were vulnerable due to initial poor infrastructure designs & implementations with less secure standards. IPSec is one security technology that can be used to secure XML web service applications whenever common end points are known initially (example here would be working with 3rd party online vendors within larger online organizations.)
- Question to classmates (facilitates discussion) from assigned reading…
Which “web services” technology have been most vulnerable to cyber attacks, and how to best provide security for these web services?
*Answers: The poorly designed & implemented web services applications which also initially did not include encrypted end-to-end links. For more info on “ten ways to secure web services”, review info from the following tech site…
www.zdnet.com/article/ten-ways-to-secure-web-services/
… “secure the transport layer HTTP (SSL/TLS over HTTPS), IPSec, firewall filtering, etc.”
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
“US government has shown its mandate on backing HTTPS across its Federal websites and web services (reported on eHackingNews.com on 6/19/2015)…
www.ehackingnews.com/2015/06/us-government-is-moving-to-https.html
… as it will make the access safer for anyone using the government sites… according to the US Chief Information Officer, HTTPS only assures the reliability of the connection between two systems (not designed to protect web servers from being hacked)… an HTTPS-only standard will help to create a stronger privacy standard government-wide (data browser identity, website content, search terms, and other user-submitted information)… US government is moving to HTTPS everywhere on all public gov sites by 12/31/2016.”
Week 11 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
Regarding SQL code injection attacks, hackers would input unexpected characters/text-strings/commands into an online system (front-end)… in order to exploit possible SQL db system (back-end) vulnerabilities (map db system, bypass authentication, write new info [create user accounts], copy/extract db data, etc.) In order to find SQL injection vulnerabilities, one can just input unexpected characters (‘ ; “ — AND OR), and then check the online system output results (system errors, output changes, etc.) Additionally one can perform automated exploitations using the software tool “SQLmap”; however, manual methods make for a more knowledgeable SQL injection hacker.
- Question to classmates (facilitates discussion) from assigned reading…
Which SQL-based db technology (Microsoft SQL, open-source MySQL, Oracle SQL, etc) has more SQL injection vulnerabilities?
*Answer: All outdated SQL-based db technologies have vulnerabilities, and always best for DBAs to configure/maintain SQL dbs with the most updated SQL db technology. Also DBAs should always perform SQL db data input validation checking/testing prior to enabling production online systems.
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
Attackers used SQL injection flaw to attack Joomla (reported on eHackingNews.com 11/2/2015)…
www.ehackingnews.com/2015/11/attackers-used-sql-injection-flaw-to.html
… SQL injection flaws found in v3.2 – 3.44 of Joomla (popular open-source content management system) where remote user hackers could gain full admin access… to then execute additional attacks. After only four (4) hours of the Joomla critical patch release, hackers had already began Joomla system exploits. Web admins from more popular online sites must quickly (within a few hours after vulnerability info released online) upgrade their Joomla systems in order to help thwart these type of SQL injection attacks!
Week X Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
1A. Regarding the “Burp Suite” Part #1 Basic Tools (Burp Proxy, Burp Site Map & Scope, Burp Spider) information (overall software application tools for security testing Internet based applications [initially mapping target web sites, identifying vulnerabilities, and performing exploitations]), Burp Proxy tool used for intercepting login credentials… Burp Site Map & Scope tools used to show target web site’s sub-domains to help with scope… and Burp Spider tool used to obtain complete list of URLs & parameters for target web sites.
1B. Regarding the “Burp Suite” Part #2 Intruder & Repeater Tools information, Burp Intruder tool used to automate customized SQL injection attacks against target web apps (target, positions, payloads)… and Burp Repeater tool used to manually modify HTTP requests & test the responses given by web pages (playback requests to server.)
1C. Regarding the “Burp Suite” Part #3 Sequencer, Decoder, and Composer Tools information, Burp Sequencer tool used to check for web app session token randomness… Burp Decoder tool used to send encoded requests… and Burp Composer tool used for comparison between two sets of data.
1D. Regarding the “Web Application Injection Vulnerabilities” information (client-side submission of unexpected data inputs into SQL dbs) have been so wide-spread for over the last 10 years. For remediations that should have occurred in the past, basically make today’s global online organizations (management, coders, and technologies) more secure!
*NOTE: The free version of the Burp Suite of web tools (although missing scanner tool) is included within the latest version of Kali Linux too. Also for more info on “Burp Suite SQL injection” from YouTube, goto following web link…
https://www.youtube.com/results?search_query=burp+suite+sql+injection
- Question to classmates (facilitates discussion) from assigned reading…
Regarding ongoing “Web Application Injection Vulnerabilities”, what are some examples of current best practices to minimize these vulnerabilities?
*Answers: web app firewalls, input validation (attempts to check all possible inputs), web app security scans (Burp Suite Pro, NMAP/Zenmap, Nessus, etc), and secure code writing training for web app developers.)
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
Week 9 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
1A. Regarding more recent malware developments, hackers have been using “cryptolocker” malware to infect & encrypt all files on more high-value networked computer targets, and then demanding $$$ ransoms in exchange for decrypted files. Best defense against malware is a knowledgeable computer user, and using updated computer software (OSes & AV.)
1B. Again regarding malware, “worms” are the most common & cause maximum damage (no host required & self-replicating.) Also an excellent reported set of methods, used to prevent future malware attacks, are the following from the SANS Institute: preparation, identification, containment, eradication, recovery, lessons learned (involves a good combination of policies, procedures, technology, and people.)
- Question to classmates (facilitates discussion) from assigned reading…
2A. What is another way that an online global organization can work to help prevent malware attacks on their networked business computer systems?
*Answer: The organization can utilize on-going “anti-malware practices” training for all employees as these type threats evolve.
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
Cyber Attack on America’s Thrift Stores exposes credit card numbers (malware-driven security breach which originated from a third-party service provider’s software to process credit card payments)…
http://www.ehackingnews.com/2015/10/cyber-attack-on-americas-thrift-stores.html
Week 8 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
Regarding maintaining ongoing Social Engineering attacks preparedness for global online organizations, a least common & important approach is to simulate attacks.
- Question to classmates (facilitates discussion) from assigned reading…
What is one excellent way for a global online organization to reduce Social Engineering attacks against “weakest-links”?
*Answer: The organization can provide internal ongoing employee security-culture training as Social Engineering attacks evolve.
*NOTE: Put your phishing (social engineering) knowledge to the test…
https://phishingquiz.mcafee.com
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately (reported by eHackingNews.com back on 10/7/2015)…
Phones on Drones all set to Hack Wireless Printers…
http://www.ehackingnews.com/2015/10/phones-on-drones-all-set-to-hack.html
Week 7 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
Since 1995 “Netcat” from Hobbit is an excellent computer network utility used for testing firewalls, routers, and operating systems via TCP & UDP with in & out-bound connections thru any port. However one should obtain written authority to use on other network systems, and it is best used within test environments.
- Question to classmates (facilitates discussion) from assigned reading…
What is one way a hacker could hide Netcat on Windows OS?
*Answer is the following: a hacker could use port 80 (http Internet network traffic that is usually always open thru a firewall) between two systems.
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately (reported by eHackingNews.com back on 3/14/2012)…
Hacker Th3j35t3r (The Jester) may have broken into many smartphones using such technologies as QR codes, web browser vulnerabilities, Netcat (checking for Twitter accounts info [then sent back to other server]), etc…
http://www.ehackingnews.com/2012/03/hacker-th3j35t3r-threatens-to-expose.html
*NOTE: This MIS-5211 class blog posting for week #7 was not required (testing week) according to our instructor Mr. Mackey, but I posted anyway (since others did too.)
Week 6 Reading Summary, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
Packet sniffing in a switched network environment will usually be implemented by a man-in-the-middle attack (active user data eavesdropping captured by the attacking PC using software such as “Cain.”) Best ways to protect against packet sniffing are the following: high encryption between PCs (SSH client software, IPsec setup within OSes, and logically segmented networks via virtual LAN implementations.
- Question to classmates (facilitates discussion) from assigned reading…
How to best secure Wi-Fi access against packet sniffing by hacker (example: hacker may use Wireshark software [freeware LAN analyzer used to passively capture 802.11 packets transmitted over Wi-Fi])?
*NOTE: Answer is the following: use latest WPA2-AES (at least 256 bit encryption) with excellent passphrase (character length at least 15-characters using combo of lower-case & upper-case letters including other keyboard symbols) to better secure 802.11 based wireless network access.
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately (reported by eHackingNews.com on 3/30/2015)…
Security flaw in hotel Wi-Fi could allow hackers to infect guests systems with malware…
www.ehackingnews.com/2015/03/security-flaw-in-hotel-wi-fi-could.html?m=1
… ANTlabs InnGate Wi-Fi devices used by hotels vulnerability (remote access obtained via unauthorized RSYNC daemon running on TCP-873 port, and then attacker has R+W access within Linux OS [can create root level user, install malware for Wi-Fi hotel victims download, etc.]) How to mitigate this system vulnerability? Block unauthorized RSYNC (TCP-Deny port 873.)
Complete Guide On How To Install Kali Linux In VMware Player/Workstation
Complete Guide On How To Install Kali Linux In VMware Player/Workstation
*NOTE: This “Kali Linux setup info” helped me recently, but also use these following setup settings: Kali Linux (Debian 8.x), used only 3GB RAM (you may want to add more RAM here [make sure you have enough for other VMs too]), selected NAT network setup for more secure setup within VMware. What have others in the MIS-52111 class found during the Kali Linux v2 setup (any different and/or better setup settings within VMware)?
MIS-5211 Week 5 Reading Summary, Question, and recent Cyber Security News…
MIS-5211 Week 5 Readings, Question, and recent Cyber Security News…
- Summarize one key point from each assigned reading…
1A. “System enumeration” (footprinting) – is the process by hackers and/or security administrators of gathering cyber info (profile of computer systems, users, network, etc.) for vulnerability access. The best defense for online businesses is an evolving holistic approach (integrated & layered security protection setup [policy, procedures, awareness, technology, etc.] that changes over time.)
1B. “User enumeration” – regarding enumeration of networked servers (identify user accounts & net resources [shared directories]), one must use different/similar internal & external command utilities & installed apps on Windows & UNIX servers when gathering this information.
Windows system examples: “net user” internal command utility (enumerate users)
UNIX system examples: “finger” internal command utility (enumerate users & hosts)
- Question to classmates (facilitates discussion) from assigned reading…
Regarding online systems enumeration (identify user accounts & net resources [shared directories]) on networked Windows servers, what is the one way to hide shared networked directories?
*Answer is the following: use the “ $ ” keyboard character at end of shared net directory name (example… ftp$ )
- Identify, read, and post to our blog a current event article regarding ethical hacking & penetration testing (follow theme topic of the week, or other interesting related article)…
In the Cyber Security News lately…
Security Bug allows Hackers to take Control of Curiosity Rover’s OS…
http://www.ehackingnews.com/2015/09/security-bug-allows-hackers-to-take.html
… “Serious security flaws has been discovered in VxWorks, a real-time operating system made by Wind River of Alameda, California, US, in 1987. The OS is used from network routers to critical instruments like NASA’s Curiosity Rover on Mars and Boeing 787 Dreamliners.”