Security Awareness Roles

Information security has tremendous importance in preventing any kind of unauthorized inspection, use, modification, disclosure, access, destruction, disruption, or recording of information. In general, it is used regardless of the type of information in question.

» Read more

Implementing Public Key Infrastructure Using Microsoft Windows Certificate Services

By Michael Naish

Public Key Infrastructure (PKI) can be distilled into two critical parts: a public and a private key. Keys use asymmetric encryption algorithms to ensure that the encryption only works ‘one way’ (Hirsch). Each key in a public/private pair can be used to encrypt (or decrypt) data that only the corresponding key in the pair can decrypt (or encrypt) (Hirsch). Asymmetric encryption is considered to be slower than symmetric encryption, but it is more secure (Microsoft, 2007). The same key cannot be used to reverse the encryption (Hirsch). By contrast, asymmetrical encryption is often used in the exchange of symmetrical keys (The SANS Institute, 2013).
» Read more

Laptop Security

By Ramanujam Narasimman

As the price of computing technology is steadily decreasing, devices like the laptops and mobile phones have become more common in use. Although these devices enhance the business functions due to their mobile access to information anytime and anywhere, they also pose a large threat as they are mobile and small. Wireless capability in these devices has also raised security concerns due to the information being transmitted over ether, which makes it hard to detect. This paper discusses about the various threats to laptops with respect to physical security, information security and wireless security domains. The threats are followed by suggested countermeasures which would help in reducing laptop security compromise. The suggestions made in this paper have been researched from various valid resources and security reports. Towards the end of this paper, we have included an example of organizational security policy for laptops used in an organization.

The paper has been written for common audiences and hence involves less of technical details. For more detailed technical information on these solutions and threats, please do refer to the List of references and bibliography available towards the end of this paper.

» Read more

Achieving Wireless Security with Interoperability

By Ryon Coleman

Though the concept of an ultra-high level of wireless networking security and information assurance is somewhat opposed to the concept of open interoperability with a wide spectrum of 3rd party vendors’ wireless equipment, this paper is intended to show that 3eTI FIPS 140-2 validated and Common Criteria certified wireless equipment are interoperable with multiple vendors’ IEEE 802.11-compliant equipment, and that 3eTI solutions are non-proprietary. 3eTI has blazed the trail in marrying the IEEE 802.11i commercial standard for enhanced wireless security with FIPS 140-2 validation requirements per the NIST Cryptographic Module Validation Program (CMVP). 3eTI wireless equipment will meet the IEEE 802.11i specification, WiFi certification requirements, as well as the stringent security requirements for U.S. Federal Agencies specified by FIPS 140-2 Level 2 and Common Criteria EAL2+ and EAL4+ assurance levels. 3eTI, working together with Cisco and Intel, has developed an IETF RFC draft to further standardize the key exchange technique employed between an Authentication Server (AS) and Wireless Access Point (WAP), that was left outside the scope of IEEE 802.11i. 3eTI continually leads the industry in standardizing proven techniques and algorithms through the IEEE and the IETF, in order to provide the best value and choice of vendors to the U.S. Department of Defense, other Federal Agencies, and security-mindful enterprises.

» Read more

Wifite Walkthrough part 1

By Prateek Gianchandani

In this article series, we will look at a tool named Wifite suitable for automated auditing of wireless networks. Most of you who have experience in wireless pentesting would use tools like airmon-ng, aireplay-ng, airodump-ng, aircrack-ng to crack wireless networks. This would involve a sequence of steps, like capturing a specific numbers of IV’s in case of WEP, capturing the WPA handshake in case of WPA etc, and then subsequently using aircrack-ng to crack the password required for authentication to the network. Wifite aims to ease this process by using a wrapper over all these tools and thus making it super easy to crack Wifi networks Here is a list of features of Wifite as per its official homepage. sorts targets by signal strength (in dB); cracks closest access points first automatically de-authenticates clients of hidden networks to reveal SSIDs numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc) cus…

» Read more

Backtrack 5 R3 Walkthrough part 2

By Prateek Gianchandani

This article is in continuation to part 1 of the Backtrack Walkthrough Series. In the previous articles we discussed some of the most important new tools that were added in the most recent revision of Backtrack 5 like Dnmap, Fern-Wifi-Cracker etc. In this article we will look at some of the other main tools added in Backtrack 5 R3. HTExploit HTExploit was released at Blackhat 2012 by Matias KATZ and Maximiliano SOLER. HTExploit (HiperText access Exploit) is a tool that is used to bypass authentication mechanisms which is deployed on websites using .htaccess files. The tool is written in Python. Once the restriction is bypassed, it will be possible to figure out the contents of a directory and even download those files. The tool works in a recursive manner,i.e once it downloads the first chunk of files, it looks for links inside those files and downloads those files as well. This process keeps on going until it has downloaded the entire content of the directory. It then generates a…

» Read more

TP Link Archer C5 Router Hacking

Today we got our hands on a brand new TP Link Archer C5 router which we will be testing for known vulnerabilities such as hidden backdoors and vulnerabilities, brute force default passwords and WPS vulnerabilities. In this new WiFi hacking tutorial we will be using different tools on Kali Linux 2.0 like Reaver, pixiewps and the Aircrack-ng suite to exploit possible vulnerabilities. TP Link is known to use easy to break default passwords such as the WPS PIN as default wireless password or a password which is derived directly from the MAC address. Especially the last one would make it very easy to retrieve the password because the MAC address is not meant to be secret and is actually send with every single wireless packet send from the router. With a packet analyser like Wireshark it is very easy to retrieve MAC addresses from sending and receiving devices, including the router. In this tutorial we’ll be using airodump-ng for this purpose.

» Read more

The Big Chill: Legal Landmines that Stifle Research and How to Disarm them

By Trey Ford, Marcia Hofmann, Kevin Bankston

Security research is a dangerous business. The threat of lawsuits or even prosecution hangs heavy over the heads of white hat hackers as well as black hats. From Dmitry Skylarov being prosecuted for cracking ebook crypto back in 2001, to Weev being prosecuted today for exposing flaws in AT&T’s website security, the legal landscape is littered with potential landmines for those trying to improve Internet and software security. When a major company like Google can be sued for billions over its interception of unencrypted WiFi signals, what’s a wireless security researcher to do? When an Internet luminary like Aaron Swartz can be threatened with decades of jail time for his open data activism, what’s your average pen tester supposed to think? How serious are these threats – and what can researchers do to avoid them, and maybe even fix the law?

» Read more

Alternative Wi-Fi Cracking

By Warlock

“WiFi” is the short form for Wireless Fidelity. It is a high speed internet and network connection without the use of wires or cables. It means a type of wireless networking protocol that allows devices to communicate and transfer data wirelessly without cords or cables. Wi-Fi is the registered trademark of Wi-Fi Alliance organization who own it. It defines any wireless local area network which is based on Institute of Electrical and Electronics Engineers (IEEE) 802.11 standards.Devices like video game consoles, camera, mobile etc. which have Wi-Fi functionality can connect to internet by using any wireless access point. Such an access point has a range of about 20 meters (65 feet) indoors and a greater range outdoors. Below is an example of an outdoor wireless access point.

» Read more

ICSCorsair: How I Will PWN Your ERP Through 4-20 mA Current Loop

By Alexander Bolshev, Gleb Cherbov

ICSCorsair is an open hardware tool for auditing low-level ICS protocols. It can communicate with various systems using HART FSK and P8CSK, Foundation Fieldbus H1, Profibus, and Modbus protocols. You can control ICSCorsair via USB cable or remotely over WiFi, Bluetooth, or other wireless connection. Different software will be presented to work with ICSCorsair: Metasploit modules, apps for iOS, and Android, etc. In this talk, it will be shown how to trigger such vulnerabilities as XXE, DoS, XSS, and others in SCADA, PAS, ERP, and MES systems using only ICSCorsair and the opportunity to connect to low-level ICS protocol line.

» Read more

1 2 3 6