--Originally published at Mr. Robot's Imaginary Friend

A network has been defined as any set of interlinks lines resembling a net, a network of roads an interconnected system, a network of alliances. A computer network is simply a system of interconnected computers.

Network Security is an organization’s strategy and provisions for ensuring the security of its assets and of all network traffic. Network security is manifested in an implementation of security hardware and software. There are three things that defines:

• Policy
• Enforcement
• Auditing

The policy is the principal document for network security. Its goal is to outline the rules for ensuring the security of organizational assets. Employees today utilize tools and applications to routines and focuses on the safe enablement of those tools to its employees. The enforcement and auditing procedures for any regulatory compliance an organization is required to meet must be mapped out in the policy as well.

Most definitions of network security are narrowed to the enforcement mechanism. Enforcement concerns analyzing all the network traffic flows and should aim to preserve the confidentiality, integrity and availability of all systems and information on the network. These three principles compose the CIA triad that I talked about in previous post.

Strong enforcement strives to provide CIA to network traffic flows. This begins with a classification of traffic flows by application, user, content. All applications must be first identified by the firewall regardless of port, protocol, evasive tactic or SSL. Proper application identification allows for full visibility of the content it carries. Policy management can be simplified by identifying and mapping their use to a user identity while inspecting the content at all times.

The concept of defense in depth is observed as a best practice in network security, prescribing for the network to be secured in layers. These layers apply an assortment of security controls to

Continue reading "Making network security great again" →

--Originally published at Fer secure

Alguna vez te has preguntado si cuando te conectas a la red wifi estás seguro? Pues el día de hoy te hablaremos de cómo saber si una red es segura o algunas recomendaciones la momento de conectarte.

Evita las “free – wifi”

Todas las personas sabemos que una red wifi libre es un sueño hecho realidad, esto porque en otros países usar los servicios de internet es muy caro, es por eso que muchos hackers o personas con malas intensiones se aprovechan de esta necesidad y ponen redes fantasmas en donde el usuario se conecta y realmente goza de los servicios pero al mismo tiempo está poniendo en peligro a su equipo al entrar a este tipo de conexiones.

No password

Así mismo hay redes de internet las cuales no tienen password pero tienen un tipo de autenticación que es en linea, esto quiere decir que al conectarte te pide un password y no te deja de mostrar el mensaje hasta que lo ingresas, de igual forma esta red está comprometida debido a que la conexión es libre quieras o no, solamente que al final de la meta te impide llegar porque te pide clave.

Usa VPN

Cuando estés conectada a una red que no conoces o no te encuentras seguro de que sea confiable usa una VPN o red virtual, esta misma te servirá de seguridad ya que encripta todo el tráfico que estás generando haciendo así más confiable todas las transacciones que haces vía internet.

Usar filtros MAC

Si tu eres el que se encuentra configurando la red y sabes que existen direcciones mac las cuales normalmente están haciendo acciones sospechosas, te recomendamos que generes una tabla para hacer un filtro de las direcciones MAC o físicas del dispositivo, esto con el fin de que cuando quieran conectarse

Continue reading "Conéctate a la red gratis" →

--Originally published at Seguridad informática

El Internet se a vuelto una herramienta indispensable en nuestras vidas, lo utilizamos casi diario. Pero así como tiene su infinidad de ventajas, también tiene una parte oscura y riesgosa la cual puede reducirse en mucho si seguimos las recomendaciones:

1. Evitar los enlaces sospechosos: uno de los medios más utilizados para direccionar a las víctimas a sitios maliciosos son los hipervínculos o enlaces. Evitar hacer clic en éstos previene el acceso a páginas web que posean amenazas capaces de infectar al usuario. Los enlaces pueden estar presentes en un correo electrónico, una ventana de chat o un mensaje en una red social.
2. No acceder a sitios web de dudosa reputación: a través de técnicas de Ingeniería Social, muchos sitios web suelen promocionarse con datos que pueden llamar la atención del usuario. Es recomendable para una navegación segura que el usuario esté atento a estos mensajes y evite acceder a páginas web con estas características.
3. Actualizar el sistema operativo y aplicaciones:  se debe mantener actualizados con los últimos parches de seguridad no sólo el sistema operativo, sino también el software instalado en el sistema a fin de evitar la propagación de amenazas a través de las vulnerabilidades que posea el sistema.
4. Descargar aplicaciones desde sitios web oficiales: muchos sitios simulan ofrecer programas populares que son alterados, modificados o suplantados por versiones que contienen algún tipo de malware y descargan el código malicioso al momento que el usuario lo instala en el sistema.
5. Utilizar tecnologías de seguridad: antivirus, firewall y antispam representan las aplicaciones más importantes para la protección del equipo ante la principales amenazas que se propagan por Internet. Utilizar estas tecnologías disminuye el riesgo y exposición ante amenazas.
6. Evitar el ingreso de información personal en formularios dudosos: cuando se enfrente a un formulario web que contenga campos con información sensible
   
   
   Continue reading "Navegando en aguas misteriosas" →

--Originally published at Mr. Robot's Imaginary Friend

I have talk a lot in previous post about the importance of the information that it’s on the internet and who have access to this information, this is why the authentication and access control is really important.

Modern computer systems provide services to multiple users and require the ability to accurately identify the user making the user making request. In traditional systems, the user’s identity is verified by checking a password typed during the login, the system record the identity and use it to determine what operations may be performed.

The process of verifying the user’s identity is called authentication. Password-based authentication is not suitable for use on computer networks. Passwords send across the networks can be intercepted and subsequently used by someone else to impersonate the user. In addition to the security concern, password based authentication is inconvenient, user doesn’t want to enter password each time they access the network service, this lead to use of even weaker authentication.

An authentication factor is a category of credential used for identity verficatiion. The three most common categories are often described as something you know, something you have and something you are.

• Knowledge factors: Category of authentication credentials consisting of information that user possesses, such as personal identification number, a username, a password or the answer to a secret question
• Possession factors: Category of credentials based on items that the user has with them, typically a hardware device such as a security token or a mobile phone used in conjunction with software token.
• Inherence factors: Category of user authentication credentials consisting of elements that are integral to individuals in question, in the form of biometric data.

Strong authentication is a commonly used term that is largely without a standardized definition, for general purposes, any method of verifying the identity of a

Continue reading "Let me in, I swear it’s me!" →

--Originally published at Tech and no-tech

It is normal, knowing the threats that exist in Computer systems and on the Internet, that we could be scared of surfing the web. It is valid to be scared of web sites and to doubt about their security and their countermeasures. Any web site or web page can be a target for people to  attack or can have an unintentional threat within it. What are we supposed to do? Do not use the Internet?

As I already wrote, there are always potential vulnerabilities and threats when visiting a web page or site. When? For example, in these cases:

• Loading a new page with dynamic content
• Making a search (product, location, price)
• Filling out a form
• Searching the site’s content
• Using a shopping cart
• Creating an account
• Logging in

Every time there is interaction between the user and the web site, that might involve server or external communication, is a potential threat. And let’s just remember that we trust some pages with very confidential or crucial information about us.

Businesses have, normally, two ways to choose from, to address the security of their site. The first one involves having very professional guys working on the code of the page, which know about security and that can apply patches or updates at once when needed. And having security experts checking their job. It is like a double-check. O yes, and do not forget they will have a tight firewall, antivirus protection and will run IPS/IDS.

The second option is to run a web scanning solution to test existing equipment, applications, and web site code. They will also have a tight firewall, antivirus and run IPS/IDS, but they will also lock their front door. Why? Well, it is easier to fix the actual bugs they have, than just keep building higher walls

Continue reading "Am I secure visiting a web site?" →

--Originally published at Seguridad informática

La política de seguridad es una definición de lo que significa ser seguro para un sistema, organización u otra entidad. Para una organización, aborda las limitaciones en el comportamiento de sus miembros, así como las restricciones impuestas a los adversarios por mecanismos tales como puertas, cerraduras, llaves y paredes. Para los sistemas, la política de seguridad aborda las restricciones sobre las funciones y el flujo entre ellos, las restricciones sobre el acceso de los sistemas externos y los adversarios, incluidos los programas y el acceso a los datos por parte de las personas.

Si es importante estar seguro, entonces es importante asegurarse de que toda la política de seguridad es aplicada por mecanismos que son lo suficientemente fuertes. Existen muchas metodologías organizadas y estrategias de evaluación de riesgos para asegurar la integridad de las políticas de seguridad y asegurar que se cumplan completamente. En sistemas complejos, como los sistemas de información, las políticas pueden descomponerse en sub-políticas para facilitar la asignación de mecanismos de seguridad para hacer cumplir las sub-políticas. Es demasiado fácil ir directamente a las sub-políticas, que son esencialmente las reglas de operación y prescindir de la política de nivel superior.

En resumen las políticas de seguridad son una series de reglas que declaramos para un sistema para que pueda ser lo más seguro posible.

--Originally published at lazynesstothemax

There are many risks in our imperfect Cyber Security world. The fact that technology only moves forwards and hackers innovate in the ways that they operate is good enough for us to know that our systems, our networks will never be absolutely safe. We need to innovate in our ways of protecting our systems too, but that will obviously take sometime. For the meantime we need to also prepare in case of an attack or a security leak. We need to be on a watch 24/7 for the integrity of our systems to be safe. That’s why we will talk about risk assessment and how can we prepare for the worst.

Risk assessment is the determination of quantitative or qualitative estimate of risk that is found in a well-defined situation recognized as a threat. In order to assess quantitatively a risk we are required to do calculations of two main components of said risk: the magnitude of the potential loss and the probability that the loss will occur. An acceptable risk is the risk that is well understood and tolerated. This risk may be allowed to exist because the cost or difficulty of implementing an effective countermeasure for that vulnerability exceeds the expectation of loss.

There are different ways to approach risk assessments and to prepare for these risk to happen. This is a list of steps that one usually takes to confront a risk:

1. Understand what information you need to protect: The first step in assessing an organization’s cyber risk is to understand which of the company assets you are trying to protect and why. Which are the most important assets in the company that need your most attention?
2. Identify the threats that you need to be aware of: When talking about threats, you have to ask yourself some
   
   
   Continue reading "How to detect those risky risks in this risky world!" →

--Originally published at lazynesstothemax

Hey Guys! I worked with Rodolfo Padró for our Information Security course on Ethical Hacking. Check out his blog on that subject on https://rodolfopadro.wordpress.com/2016/11/24/now-lets-talk-about-the-other-kind-of-hackers/

--Originally published at Seguridad informática

En la actualidad el tema de la seguridad informática es un tema muy critico para las empresas y organizaciones. Cada día se crean nuevas herramientas y técnicas utilizadas para entrar a sistemas privados sin su debido permiso. Cada día se se efectúan miles de ataques con fines no éticos. Es por eso que las personas que tienen especialidad en seguridad informática tienen una gran demanda de trabajo.

Una empresa para poder contratar a un profesional en seguridad primero tiene que ver las certificaciones que tengan los candidatos. Las certificaciones son las que avalan la preparación de cada candidato.

Si alguien quiere ser contratado por una buena empresa tiene que tener las certificaciones que la empresa busca. Las certificaciones más populares son:

1. CompTIA Security+ :  CompTIA es una organizacion creada con el objetivo de desarrollar y promover certificaciones IT independientes de los fabricantes.La certificación Security+ está reconocida por el U.S Department of Defend como requisito válido para la certificación Information Assurance (IA). El profesional que obtiene la certificación CompTIA Security+ posee habilidades y conocimientos en las siguientes áreas:
   • Cryptography
   • Identity Management
   • Security Systems
   • Organizational Systems
   • Security Risk Identification and Mitigation
   • Network Access Control
   • Security Infrastructure
2. CEH: Certified Ethical Hacking: La certificación CEH Ethical Hacking prepara al profesional de IT para que piense y actúe como un Hacker, utilizando las mismas herramientas de hacking, mid-set y técnicas que utilizaría un Hacker al momento de violar la seguridad de una red. Esta certificación cumple con la filosofía de “para vencer a tu enemigo debes primero conocerlo”. El profesional que obtiene la certificación CEH Ethical Hacking posee habilidades y conocimientos en las siguientes áreas:
   • Footprinting and Reconnaissance
   • Scanning Networks
   • Enumeration
   • System Hacking
   • Trojans
   • Worms
   • Virus
   • Sniffers
   • Denial of Service Attacks
   • Social Engineering
   • Session Hijacking
   • Hacking Web Servers
   • Wireless Networks
   • Web Spplications
   • SQL Injection
   • 
     
     Continue reading "Seguridad informática 2016-11-24 10:57:27" →

--Originally published at lazynesstothemax

In the world of Information Security, the ways the people with malicious intent operate constantly change as they come with new ways to attack and try to steal information from others. This requires IT experts to update their knowledge and methods to new ones that are able to keep up with the criminals out there lurking and seeking an opportunity to attack.

When it comes for a company to evaluate possible candidates to a Computational Security positions, certificates are an easy way to see if someone is capable of doing the job right. Companies need to protect their information and their system as best as possible and only the best candidate with the best certificates on his/her belt will be offered the position in order to get the job.

There are many certificates out there available and they are provided by universities, organizations like Cisco or Microsoft or by the government. In this post we are going to look at the best five security certifications in 2016 according to tom’sIT PRO website:

1. CompTIA Security +: There are more than 250000 holders of this certification and it is a well-respected credential. This credential is vendor-neutral and those who have it are recognized as “possessing superior technical skill, broad knowledge and expertise in multiple security-related disciplines” (tom’sIT PRO).
2. CEH, Certified Ethical Hacker: This is an intermediate level credential that is given by the International Council of Electronic Commerce Consultants. This credential is all about ethical hacking. Hackers in general are innovators and they’re always looking for new ways to attack networks and systems. Sometimes what a company needs is to use this ability in their advantage. To get a “White hat hacker” that will use the same tools of those of a normal hacker and identify system vulnerabilities and ways of
   
   
   Continue reading "Our Books Cover is very Important too! (Security Certificates)" →