web-archive-net.com » NET » S » SHORTINFOSEC.NET

Total: 241

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Information Security Short Takes: Protecting Yourself From Firesheep with Strict Transport Security
    in outsourcing telco services Engaging a team for a security analysis Hacking Virtual Machines Part 1 Sniffing Mac Antivirus Staying careful and safer Steganography Passing through the defenses Choosing a Disaster Recovery Center Location Avoiding security complications when servicing desktop equpment Fuzzing with OWASP s JBroFuzz Mitigating Risks of the IT Disaster Recovery Test Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Protecting Yourself From Firesheep with Strict Transport Security Strict Transport Security is a great solution to protecting against Firesheep Now ultimately the vulnerable website is supposed to fix this issue on their side But let s not wait around for them Let s fix it on our side and protect our traffic now Step 1 Grab a browser that supports Strict Transport Security Firefox 4 Google Chrome both support STS Step 2 Install an addon that lets you add specific STS settings STS UI Step 3 Configure STS UI for the sites you re concerned about Step 4 Be happy your data is more secure However securely transmitting data is only one piece of the security pie But at least you re good in that department Configuring STS UI Go to tools Manager Strict Transport Security Enter the domain name of each site you wish to protect e g force Strict Transport Security upon the site For example enter facebook

    Original URL path: http://www.shortinfosec.net/2010/12/protecting-yourself-from-firesheep-with.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Stealing Twitter and Facebook Account - a Video Example
    2 November 7 October 8 September 6 June 1 May 1 April 2 March 13 February 1 January 6 2009 70 December 13 November 17 October 4 July 1 June 2 April 6 March 8 February 9 January 10 2008 130 December 5 November 4 October 3 September 2 August 20 July 27 June 25 May 15 April 18 March 1 February 4 January 6 Alexa Rank Follow me on Twitter Recent Posts Maintaining quality in outsourcing telco services Engaging a team for a security analysis Hacking Virtual Machines Part 1 Sniffing Mac Antivirus Staying careful and safer Steganography Passing through the defenses Choosing a Disaster Recovery Center Location Avoiding security complications when servicing desktop equpment Fuzzing with OWASP s JBroFuzz Mitigating Risks of the IT Disaster Recovery Test Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Stealing Twitter and Facebook Account a Video Example WiFi security is looking grimmer then ever Shortinfosec has discussed that guest or free WiFi is very open for collecting of interesting information But you still needed to capture raw IP traffic and sift through it in order to gain access to useful information From a couple of months ago things became even easier Eric Butler created the firesheep extension for Firefox The extension was created as a demonstration of the security risk to users of web

    Original URL path: http://www.shortinfosec.net/2010/12/stealing-twitter-and-facebook-account.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Corporate Guest WLAN - The best place for Eavesdropping to Interesting Traffic
    through the defenses Choosing a Disaster Recovery Center Location Avoiding security complications when servicing desktop equpment Fuzzing with OWASP s JBroFuzz Mitigating Risks of the IT Disaster Recovery Test Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Corporate Guest WLAN The best place for Eavesdropping to Interesting Traffic When pen testing a corporation always look for the Guest WLAN If there is one and you manage to get on it you are in luck Corporate Guest WLANs are a great place to get a lot of interesting and possibly confidential information without much effort And this is simply because there are a lot of corporate laptops on the same WLAN Ofcourse you ll discuss that the corporate devices have wired access to the internet which is much more reliable and faster But also the wired infrastructure is fully controlled by IT with web filters content filters etc So on the guest WLAN you can easily find the following high profile targets related to the corporation corporate laptop holders usually employees higher in the hierarchy who just got bored from the restrictions of the corporate Internet filters can easily turn on their wi fi and check the private e mail or just download something corporate guests most visitors to corporations have WLAN enabled devices ranging from mobile phones pda over netbooks to full

    Original URL path: http://www.shortinfosec.net/2009/12/corporate-guest-wlan-best-place-for.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Hacking Virtual Machines Part 4 - Knowing That the Target is a Virtual Machine
    business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Hacking Virtual Machines Part 4 Knowing That the Target is a Virtual Machine Virtualization is considered to be the new renaissance in computing Suddenly all those over sized servers are put to great use by putting multiple Guest OS s on them But running IT services in a virtualized environment brings a whole host of new opportunities for hackers In this article we ll review the ways an attacker will know that the target is a Virtual Machine When attacking a virtual machine it is very useful to know that your target is a virtual machine This is important for the following reasons Isolation once you gain access to a virtual machine there are a number of isolation vulnerabilities that can be attempted Sphere of trust all virtual machines on the same Host are part of the same sphere of trust Impersonation in most implementations virtual machines on the same host communicate with the rest of the network via the same physical NIC Therefore it is extremely simple to modify the MAC address of the compromised host and attempt to impersonate another host on the network The network defenses will have a difficult time locating who is the impersonator since there are multiple virtual machines on the same host Nobody looks at a screen of a VM Virtual Machines do not have a console screen So tools that throw feedback on the console like VNC do not appear anywhere Identifying that you are attacking a virtual machine can happen in two phases Before you penetrate the target identification of a VM can happen if the attacker is on the same LAN and can therefore investigate the characteristics of the target You can easily locate a Virtual Machine through the MAC address You can check a MAC address for it s decriptive name here Here is the list of MAC addresses that get assigned to Microsoft and VMware Virtual Machines 00 15 05 xx xx xx Microsoft Corporation MAC Address 00 0C 29 xx xx xx VMware Inc 00 50 56 xx xx xx VMware Inc This approach can fail if the VM Engine has a method of changing it s MAC address to seem like a real host Most often Realtek MAC addresses are used for this change but this leads to an inconclusive check After you penetrate the target This is a bit like a Catch 22 Once you penetrate the target you have a lot more options but all these require that you penetrate the target And these are your options MAC Address just

    Original URL path: http://www.shortinfosec.net/2010/11/hacking-virtual-machines-part-4-knowing.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Hacking Virtual Machines Part 2 - Environments Where Virtualization Lives
    14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Hacking Virtual Machines Part 2 Environments Where Virtualization Lives Virtualization is considered to be the new renaissance in computing Suddenly all those over sized servers are put to great use by putting multiple Guest OS s on them But running IT services in a virtualized environment brings a whole host of new opportunities for hackers In this article we ll review the environment in which Virtualization lives and which targets will yield most benefits for an attacker The environment Virtualization for production use is not a home tool Virtualization is usually used by organizations of 500 employees or more Smaller organizations also use it to create multiple environments on single hardware platforms But smaller organizations are prone to make the classic mistake of mixing development and production platforms on same hardware Virtualization platforms can be under scrutiny of several security sensors Corporations as common users of virtualization also use a whole bunch of security devices It is very common that the attack on virtual servers will be or at least logged by Intrusion Detection Systems pattern matching logic on firewalls and log analysis systems It is rarely possible to initially plan for an attack on virtualization In the information gathering and reconnaissance phase it is quite difficult to detect that some systems are virtualization platforms or virtual machines You can confirm that there is virtualization only after you penetrate the perimeter and are able to scan for MAC addresses or specific signatures on the virtual hosts Targets of choice The best virtualization attack targets in order of preference are Training platforms These platforms are created by the Let s see if I can do this philosophy They are notoriously unpatched since nobody bothers to patch them they are expendable These platforms have a tendency of urgently becoming production platforms in times of need resources are needed and these are available But then they remain unpatched for quite some time Test and development platforms These platforms have a much better security posture then training platforms But still they are usually lagging behind production on patch levels Also test and development platforms are very good targets because they are full of production grade or near production grade of data Mixed test and production platforms Both production and test versions of applications with lower processing requirements can be placed on the same VM Host But unless they are isolated to different VLANS or on separate physical network adapters the test platform can be exploited and used to attack the production Proof of concept platforms These platforms are usually outward facing platforms like web servers that contain demo code or proof of concept code used for customer evaluations or marketing purposes These platforms are usually compromised by a flaw in the web applications and in a well maintained environment should be in an untrusted DMZ Attack guidelines With this description of the environment an attacker

    Original URL path: http://www.shortinfosec.net/2010/10/hacking-virtual-machines-part-2.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Hacking Virtual Machines Part 3 - Crashing unpatched Hyper-V hosts
    6 2009 70 December 13 November 17 October 4 July 1 June 2 April 6 March 8 February 9 January 10 2008 130 December 5 November 4 October 3 September 2 August 20 July 27 June 25 May 15 April 18 March 1 February 4 January 6 Alexa Rank Follow me on Twitter Recent Posts Maintaining quality in outsourcing telco services Engaging a team for a security analysis Hacking Virtual Machines Part 1 Sniffing Mac Antivirus Staying careful and safer Steganography Passing through the defenses Choosing a Disaster Recovery Center Location Avoiding security complications when servicing desktop equpment Fuzzing with OWASP s JBroFuzz Mitigating Risks of the IT Disaster Recovery Test Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Hacking Virtual Machines Part 3 Crashing unpatched Hyper V hosts Virtualization is considered to be the new renaissance in computing Suddenly all those over sized servers are put to great use by putting multiple Guest OS s on them But running IT services in a virtualized environment brings a whole host of new opportunities for hackers In this article we ll review the issue of Denial Of Service to a Virtualization enviroment One of the most important element of a Virtualization environment is the isolation Since the host OS and the Guest OS machines run on the same hardware and none should access

    Original URL path: http://www.shortinfosec.net/2010/11/hacking-virtual-machines-part-3.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Internal penetration testing – Why your business needs it
    services Engaging a team for a security analysis Hacking Virtual Machines Part 1 Sniffing Mac Antivirus Staying careful and safer Steganography Passing through the defenses Choosing a Disaster Recovery Center Location Avoiding security complications when servicing desktop equpment Fuzzing with OWASP s JBroFuzz Mitigating Risks of the IT Disaster Recovery Test Internet Security Categories antivirus 2 audit 1 biometrics 1 Blog carnival 8 business continuity 9 competition 2 Computer security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Internal penetration testing Why your business needs it Internal penetration testing is a comprehensive security test of all systems related directly and indirectly to your business This is a particularly thorough form of testing and often goes outside the ambit of what might usually be expected in web application security testing Internal penetration testing explained This type of testing effectively imitates the methods used by hackers when attempting to penetrate your security system There are multiple levels of penetration testing and security consultants need to adapt the tests to match on site technology Internal penetration testing relates to security vulnerabilities within a system As distinct from external penetration testing which probes vulnerabilities in relation to accessibility of sensitive systems from the outside internal penetration testing deals with vulnerabilities between internal systems This is no academic process A weak point in the system can be used to access multiple parts of that system Full system security is supposed to have internal as well as external security safeguards A person accessing your system through an employee interface or similar routine method may be able to access areas which should be off limits Because most systems are typically accessed by a large range of people it is important to ensure that internal security is watertight It is absolutely necessary that your internal security is as good as you can make it because this is a critical security level with direct access to sensitive information Internal penetration testing methods Security testing includes a range of possible forms of internal access to information It may for example be possible to access information directly from the business database including personal information account numbers etc or indirectly using a backdoor approach through another system or application One of the primary problems with internal security is that most companies use off the shelf systems and software many of which have known vulnerabilities These systems are quite easy for hackers to subvert particularly if the software hasn t been upgraded or their security updated Many types of software upgrades are also required patches which may or may not be installed and the un patched software can also involve significant security vulnerability Security

    Original URL path: http://www.shortinfosec.net/2010/11/internal-penetration-testing-why-your.html (2016-04-27)
    Open archived version from archive

  • Information Security Short Takes: Minimize Impact of Online Intelligence Searches
    security 42 Databases 3 disaster recovery 2 encryption 13 forensics 11 fraud 7 GPS 1 How To 29 Incident Management 7 information security 194 information strategy 78 Instant Messaging 2 malware 1 microsoft 9 Network security 22 penetration testing 38 Physical security 4 privacy 21 SLA 6 software development 14 Solution building 34 steganography 2 Templates 2 training and certification 4 trojan 1 windows 6 Site Meter BlogCommunities Minimize Impact of Online Intelligence Searches In our previous article Digging for information with Open Source Intelligence we looked at the generic process of information gathering But what is this process looking for The answer to this question is important to all parties to the investigator for proper focusing of his hers efforts to the possible targets in order to properly defend against Open Source Intelligence So here are the items that the investigator is looking for when employing Open Source Intelligence against a potential target and the methods of minimizing the possibility of someone discovering something The final goal of any intelligence action is to obtain information that can be sold or used as competitive advantage This can be as simple as a password or as complex as plans for a corporate takeover At the information gathering level this translates into Content of files indexed by search engines In the ideal intelligence world everything is contained in a single page document that can be scanned or downloaded from the internet Although such documents won t surface on the internet unless someone is utterly dumb bits and pieces of information can be found from files that have found their way on the web and got indexed by the search engines In order to make such pieces of info useless hire a person to perform regular Google Hacking to find such documents Bear in mind that once documents are on the internet and get indexed you cannot destroy all publicly available copies Instead change the information within your company to render the public information useless or false Operational or Potential Business Relationships web sites news articles corporate newsletters of partners and providers can contain names and sites of the target company even forum and support site posts While these are harmless by themselves using these names the investigator can establish that there is some relationship between them even the nature of the relationship This can be used in a competitive bid in social engineering or simply leaked to the public There is no real protection over such information except of being aware that such information is in the wild Real Person Identities Publicly available names and contact info of any personnel related to the target are a potential gold mine With the advent of social networks once you know some one s name the investigator can proceed with detailed investigation of such persons and attempts at breaching of their credentials by trying common password combinations pet names birthdates phone numbers etc Most companies actually prefer to publish real person s names and contacts

    Original URL path: http://www.shortinfosec.net/2010/03/minimize-impact-of-online-intelligence.html (2016-04-27)
    Open archived version from archive