Tag: Software

C C C Combo breaker!

--Originally published at The shield of the world

As you can imagine we are talking something related to computer security. This time is countermeasures, which is an action, device, procedure, technique or anything that can reduce a thread, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting so a corrective action can be taken.

So a threat is a possible violation of security, which exist when there is a circumstance, capability, action or event that could breach security and causa harm. A threat is a possible danger that might exploit a vulnerability. A threat can be either intentional or accidental, so you have to be prepared for both of them.

200w2

So if we know the anatomy of an attack is easier for us to defend ourselves from an attack. So let’s see the anatomy:

  • Survey and assess
  • Exploit and penetrate
  • Escalate privileges
  • Maintain access
  • Deny service

ic871

We were talking with our professor and then he says something special for this topic “In the moment you tell me which OS and version are you using, you are really exposed” or something like that, the main point is that when someone knows which software are you using, is way easier for them to attack you. So, explicit countermeasure number 1…don’t share your software information.

Survey and assess

But, why is so important for the attackers to know which software are we using? Because, they can know the supported services, protocols, ports, vulnerabilities and entry points…a whole bunch of information.

Exploit and penetrate

And just to share something with you, if you actually have a good protection in the network and host, the next gate is your application. For an attacker, the easiest way into application is though the same entrance that legitimate users use.

Escalate privileges

In

2007
2008
200w
Continue reading "C C C Combo breaker!"

We don’t need no network control!

--Originally published at The shield of the world

So, today we are going to talk about Network Security. Network security is the process of taking the physical and software preventive measures to protect the networking infrastructure from unauthorized access, malfunction, modification, destruction or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions in a safe environment.

Which involves the authorization of access to data in a network, which is controlled by the network administrator. Here is were the users choose or are assigned an ID and password or other authentication information that allows them to access to information and program within their authority. Like the accounts in school or work. Here is were you pray for the network admin to be a master in passwords creation, to help you and the network not get unauthorized access. You can see You shall not pass! to know more about.

2004

So why is important to have a secure network? Well that’s quite easy, because you want to avoid:

  • Viruses, worms, Trojan horses… MALWARE (we already talked about that ¡Un pejelagarto se metió a la cocina!)
  • Spyware and adware…which we can considere that Malware too
  • Zero-day attacks, also called zero-hour attacks
  • Hacker attacks (vulnerabilities)
  • Denial of service, YOU ARE THE 1 MILLION VISITOR!
  • Data interception and theft
  • Identity theft

2005

And how do the network admin protector of the planet will fight against that? Easy question too, with some of this tools:

  • Anti-virus and anti-spyware
  • Firewall, to block unauthorized access to your network
  • Intrusion prevention systems (IPS), to identify fast-spreading threats
  • Virtual Private Networks (VPN), to improve secure remote access

200w1

But this are not all the tools used to maintain and protect the data and information of a company. A security policy is something really useful for a company and we will talk

Continue reading "We don’t need no network control!"