The Spark

--Originally published at TC2027 – Blog will Tear us Apart

First of all, sorry for taking so long on this post. Writing something personal has always been quite difficult for me, but actually that’s what this is about.

This past semester I enrolled in a course about digital security and privacy, a pretty different and unique course. I knew already who was teaching it, so I enrolled well informed of the teacher’s perspective to teaching: Flipped Classrooms.

My experiences with open and flipped classrooms are always fruitful, maybe my habits, personality and mentality fits this style. Being able to discover by my own (with proper guidance) and learn from things in a way that costed me not only reading and search skills, but also the skill to craft and find the right questions, it’s incomparable.

I know school is finite. My days soon will be over, and the skill I value the most is the one I learned from this kind of courses, being autodidact. Sure, the teacher is there, and hell, he was always, always, ALWAYS, watching. But the freedom was there too, we were told to select from a list of topics and investigate, discuss, ask on twitter, go into the darkest subreddits, and things of such. This allowed me to enjoy and focus on the process and experience of learning, rather than the topic itself.

Sure, I learned about the topic, and I learned a lot. But that depended on me and my own effort. I saw many classmates having trouble deciding what to do without a list of little weekly tasks, and they complained, quite a lot. But let me tell you guys something, the world will never give you a list of activities to do. In a job, they will give you a problem to solve, and your boss will expect you to solve

Continue reading "The Spark"

#TC2720 Review

--Originally published at Mental Droppings of a Tired Student

I took this course as part of my optional courses, I was always interested in computing from a security standpoint. I was not disappointed by the format of this class, I felt comfortable blogging right away, however I was approached by a couple of my classmates who asked me for advice on blogging. I am aware that not everyone was comfortable with this style of learning which is why I have a couple of suggestions.

  1. Some of the blog posts I made were really “researchey” because the topic is quite technical. Perhaps to avoid these from being too formal or a mere copy paste of information sources, we could have activities on which a student documents what he or she did and writes a couple of notes/opinions/questions about the activity.I think having activities will make the people who don’t like blogging get into it by sharing what they’ve done or their code.
  2. I think open source should be a mastery topic
  3. Perhaps having the first two classes an introduction to blogging for those who are less than thrilled to write posts. Maybe have a look at examples to get them inspired.
  4. Ethics in computing security should be a mastery topic (Uncle Bob’s talk sparked some debate action in class)
  5. We shouldn’t be able to have our laptops open in class unless we’re doing an activity. Each class could be dedicated to looking at material related to the next mastery topic so that the students know where to look/ find good resources /maybe even get inspired.
  6. I think the activities should be included in the rubric

 


Open Source

--Originally published at Mental Droppings of a Tired Student

When I started this blog I was wondering if I actually understood the concept of open source. That’s the beauty of crippling self doubt, ir forces you to research before even getting into a topic.

I usually start off with a dummy proof simple explanation. The following video provided this insight beautifully, using the metaphor of a cookie recipe.

As a student within the technology spectrum, I’ve used various open source programs. Here is a list of some of the ones I remember using at some point:

  • Mozilla Thunderbird – email client
  • Apache — the most popular web server
  • Moodle — a free and open-source learning management system
  • PuTTY — terminal (ssh, telnet, serial)
  • OpenOffice-Replaces Microsoft Excel and Microsoft PowerPoint
  • VLC Media Player
  • Audacity

 


Network Security (Mastery 17)

--Originally published at Mental Droppings of a Tired Student

This semester I took a Wireless Network class, I learned about security within a network and common attacks.

MITM

A Man-In-The-Middle (MITM) attack is achieved when an attacker poisons the ARP cache of two devices with the (48-bit) MAC address of their Ethernet NIC (Network Interface Card). Once the ARP cache has been successfully poisoned, each of the victim devices send all their packets to the attacker when communicating to the other device. This puts the attacker in the middle of the communications path between the two victim devices; hence the name Man-In-The-Middle (MITM) attack. It allows an attacker to easily monitor all communication between victim devices.

The objective of this MITM attack is to take over a session. The intent is to intercept and view the information being passed between the two victim devices.

Three (3) scenarios were used for the MITM attack. They were as follows:

mitm

ARP (Address Resolution Protocol) Poisoning, A.K.A. Man-In-The-Middle (MITM), is a very effective attack if proper mitigation techniques have not been implemented. As the MITM attack requires the attacker to be on the same network as the intended victims, an attack would need to be initiated from the inside of the network. With the Ettercap tool being publicly available, and versions that run on both Windows and Linux based operating systems, most network could be susceptible to this attack if mitigation techniques were not in place.

How to protect your network

By using the DHCP Snooping and Dynamic ARP Inspection (DAI) features, multiple types of Layer 2 attacks, including the ARP Poisoning (MITM) attack can be stopped.

DHCP Snooping is a security feature capable of intercepting DHCP messages crossing a switch and blocking bogus DHCP offers. DHCP Snooping uses the concept of trusted and untrusted ports. Typically, the trusted ports are

mac
Continue reading "Network Security (Mastery 17)"

Is not my fault!

--Originally published at The shield of the world

So we all know that friend who have been so closed to kill his PC, without even knowing. And this is the topic for today, unintentional security issues. This is so common that you probably have already thought about some examples of yourself.

This is one of the most common causes of lost of information in enterprises so we are going to talk about how to prevent them.

  1. Control applications.- If we control the applications that the users can download and use in the working laptop, we are reducing the probability of an unintentional issue by a really big amount. But is not that easy, because the web browsers and email clients, are the most common points of entry for malware. A good solution for that software that is dangerous is to run it un isolated virtual machines. If the app is malicious, any infections would occur only in the VM and there is no harm to the host operative system.200w
  2. Filtering content.- Another solution and kinda related to what Adblock can offer, is filtering bad content. Strategically blocking only a small subset of harmful activity can have positive impact on minimizing the damage from an adversary.
  3. Limit executable content.- Blocking all files of a certain type, while effective, is not always feasible if the files are needed by the user. Effective technology exists that can take an attachment, perform analysis of the content, and even run it in a sandbox to examine the behavior; if it is malicious, it would be blocked, and if it is legitimate, it is allowed through. This gives a lot of flexibility, but limits the impact of stopping normal activities.giphy-1
  4. Control executable.- Compromising an accidental insider is usually done by tricking the user into running an executable that they believe
    giphy
    Continue reading "Is not my fault!"

User is no joke! User is important!

--Originally published at The shield of the world

So imagine your connection to your bank is not assured… I will be pretty mad and you? Hope you too, but there are some things web pages could do to help us trust in their web site. You may hear the phrase “Is like taking a candy from a baby” or something like that… I know the phrase in Spanish. But we are the baby in this big world called Internet. And we need some protection dude!

So, how is the Internet helping us to keep the candy and not help others to rob us? One of the measures that are being implemented are the HTTPS connections to the web pages. When you enter Facebook and your bank page, you will see a green lock aside from the address. This mean the page is secure and that your connection is private. You can even see the certificate that proves that the page is secure.

captura

And also, you can check the valid dates of the certificate and who emitted it.

Captura1.PNG

So, this is a good start for looking for our own security. Another good way to protect ourselves is with a publicity blocker. Like Adblock, some curious users may clic every link they see. This is one of the first reason why they are full of Malware and with a slow equipment.

When people think about web security, all of us think about how to protect a website. But is important to remember ourselves, how do we protect ourselves in this cold cold world. Using protected WiFi networks is another good example of how an User can improve his own security.

2001

Most of the advice we have already talked about them in another posts, you may be careful about the links you clic, about the emails you open, about where do

Continue reading "User is no joke! User is important!"

TC2027 Class Review

--Originally published at TC2027 – Will It Blog?

I think the method intended to use in the course was good but it has also room for improvement. Through the semester, I did the effort to keep it up with it and learned stuff but I’m not quite convinced yet if it was the best choice to learn this kind of subject.

Here are the things that I perceived from this class that could help improve it.

  • Discussions on class: I think they fell short because there was a lack of organization, we can have discussions where everyone could participate if we first preestablish the topics to be discussed on class and ask for a blog post related to certain topic before, having everyone write from different sources but also coming to the class to centralize the knowledge, learn what others wrote about and from that coming to a conclusion would have been more effective to me.
  • Writing blog posts: It was ok to me, but I have to admit that after writing that many (20 in total throughout the course) it becomes a bit monotonous, similar to writing an essay.
  • Lab practices: I think some of them were not that well landed in accordance with the course topics. Also I would have appreciated a bit more problem-solving-challenging style kind of practices, because I think some of them just limited to just install things but not see their actual application on real scenarios. Preparing some dynamic activity/lab practice that required us to use those tools would have been a much better approach.

Leaving aside my personal opinions from this method and class I have to admit that great blog posts (related and unrelated to the course) from great classmates came out as a result from it. The thinks I liked where: using twitter and the freedom in general to

Continue reading "TC2027 Class Review"

Let me in! I´m nice dressed

--Originally published at The shield of the world

So in one of the first post we talked about WiFi and the magic sensation when the WiFi is open! And I hope you remember we said that was one of the more easiest way to lose your information. Well, technically you exchange your data for free WiFi.

Here we are going to talk about the importance of the security in Wireless networks. Wireless security is about prevent unauthorized access to the computers using wireless networks. Let´s talk about WEP (Wired equivalent privacy) and WPA (WiFi protected access). WEP is a weak security standard and nobody should be using it in this moment. The password it uses can often be cracked in a few minutes with a basic laptop and available software tools. You probably have done this when you use the “WiFi Hacker” App from the Android store. Was outdated in 2003 by WPA, which was a quick alternative to improve security over WEP.

The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP.

200

The hackers (black hat) have found the wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks. As as result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources. Wireless intrusion prevention systems and wireless intrusion detection systems are commonly used to enforce wireless security.

So a good way for enterprises to actually protect themselves even with WPA2 is to use the Enterprise version of WPA, which requires a RADIUS server, that can be a local server of can be on the internet, I used IronWifi for my final project of “Wireless

giphy-1
Continue reading "Let me in! I´m nice dressed"

¡Gracias por ser cómo eres!

--Originally published at The shield of the world

Este es el post acerca de mi opinión sobre la clase. La verdad, el buscar que los alumnos aprendan investigando es algo que aprecio mucho a causa de que en el ámbito laboral si no sabes algo, posiblemente acabes preguntando inicialmente al internet.

Ken, se define como un facilitador de conocimiento y si lo es, pero no se queda en temas de clase, aborda temas de la vida cotidiana y el ambiente de seguridad que hay en la clase dónde todos pueden opinar me ha parecido excelente. Más que nada porque en clases convencionales, todos tienen miedo de preguntar o participar, pero al volverlo un flip classroom, hay más libertad.

Otra de las cosas que me parecen excelente, es el visitar a Ken, parte de la calificación era hacer visitas al profesor para compartir temas asociados a la clase, pero la verdad es que puedes ir a platicar sobre cualquier cosa. Parte importante de la educación y del ambiente de confianza es que el alumno tenga la seguridad de que puede acercarse a su profesor a preguntar sobre la clase, un tema que no entendió, a sugerir actividades, pero también a platicar sobre consejos en la vida profesional o personal, en caso de que llegue a existir tal confianza. Y esa parte de relacionarse con los alumnos y aprender es algo que pocos profesores se atreven a hacer, pero es parte de mis mejores experiencias durante mi carrera. Genera esa confianza de poder preguntar y pedir consejos, pero logra mantener un respeto hacia aquellos profesores que lo merecen por su esfuerzo.

Muchas gracias, Ken.

Dejo un audio, porque no me gustan los videos, ni me siento cómodo haciendo uno.

https://www.dropbox.com/s/cxyc4o5yhifou50/TC2027_Feedback_Review.m4a?dl=0


El enemigo en casa

--Originally published at Héctor H.F. Blog

Hola a todos, voy a redactar un poco sobre los problemas de seguridad que se pueden presentar por accidente. Así es, en la mayoría de los casos hablamos de hackers que intencionalmente entran a nuestro sistema a destruir todo lo que hay en su camino. Pero a veces sucede que nosotros mismos o alguien en quien confiamos nos está infectando uno o varios sistemas. De hecho, hay más ataques a las empresas por accidentes que por ataques intencionados. Vamos a ver cómo sucede esto.

Resultado de imagen para seguridad informatica

Antes que nada, hay que aclarar que esto se supone que pasa por accidente. Cosas de traición en las empresas y demás no hablaré. Vamos a enfocarnos un poco en las empresas. Una persona que es enemiga de la seguridad informática por accidente es alguien, por lo general, que cree que está haciendo su trabajo bien, pero de alguna forma está siendo manipulado para permitir a alguien no autorizado entrar a dañar los sistemas.

¿Cómo se manipula a una persona para que nos deje entrar a todo el sistema de una compañía? Como he dicho antes: a través de algún tipo de virus o de phishing. No se necesita mucha ciencia.

¿Cómo prevenirnos de estas personas? Preparándolas, hablarles de la importancia de la seguridad informática (más para una empresa). La mayoría de las veces es simple ignorancia de la persona culpable por lo que ocurren estos accidentes. Pero también, a veces hasta alguien muy experto puede ser engañado por un phishing muy bueno. Vamos a ver algunas recomendaciones que las empresas deberían seguir para evitar daños a un sistema.

Si se recibe un archivo sospechoso o de procedencia dudosa, una buena opción es abrirlo en una máquina virtual. Así, si es un troyano o algo parecido, solo se infectará esta máquina.

Se pueden activar también filtros de

Continue reading "El enemigo en casa"