--Originally published at The Hitchhiker's Guide to information security… according to me!

Do you know why people are afraid of anything? It sums up to a one and only fear, the fear to die. Everything comes back to that, even if you are afraid of talking in public, if you fail that makes you think that people will isolate you, meaning that your chances of survival will decrease, hence fear of dying. But sometimes there are things that we should be afraid of and we aren’t, and it’s mostly because we don’t know the dangers behind them. There are many dangerous things in the world and one of them is the WIFI connection. (sounds of thunders and creepy music)

Unintentionally wifi connections may be unsecured because of a wrong configuration that allows unencrypted messages to be send or not allowed users to connect to it and it’s even worse when we are talking about open networks that allows access to any user. This exploits are used by hackers to steel information, use your computer for malicious purposes or distribute malware to all the users in the network.

A few attacks you can suffer on a wireless network are the next:

• Accidental association
• Malicious association
• Ad hoc networks
• Identity theft
• Man in the middle
• Network injection

There are some security measures that are used to protect this networks but sadly some are not secure enough and many people are not aware of it. For example:

WEP (Wired Equivalent Privacy): this was the first standardized way of securing a network. Many old routers still use it. It’s unsecure because it allows easy key decryption and network eavesdropping. Because the initialization vector (a constant use to start encrypting a message) is really short, it will repeat eventually, and when that happens the hacker can use it to find your encryption key and decrypt all

Continue reading "Fear the unknown" →

--Originally published at The Hitchhiker's Guide to information security… according to me!

We all know one of the 7 wonders of the new world: the Great Wall of China. This series of brick fortifications help the country to not only defend against foreign invasions, but also to have better controls on the trading goods and visitors that came from the west. This extra layer of security helped China feel safer and to protect the towns near the border from invasion. Even if it doesn’t look like it, this is very similar to what operating system security is about. You need to protect your system from external threats and also be able to provide correct access to the users of your organization.

So what is this all about? Operating system security refers to the actions or activities that ensure the confidentiality, availability and integrity of all the data and services provided by an operating system. This means that you need to ensure that your users have the permissions they require to do their job (no more and no less) and also keep away access to malicious users or programs that can misuse your data or the services provided by the OS like the network.

Program threats

Refers external programs that run within the system that make OS do malicious task. For example:

• Trojan horse: A program that seems to do a certain thing and does another like storing login credentials.
• Virus: a program that duplicates itself when it is executed and can delete files, crash the system or modify the user session.
• Logic Bomb: refers to a malicious program that executes only when certain conditions are met, otherwise it behaves like a normal program.

System threats

Refers to the misuse of system services or network connection.

• DOS: repeatedly requesting the system services in order to clog them up and render
  
  
  Continue reading "The great wall" →

--Originally published at Computer and Information Security

There exist some security issues that technology cannot stop. For example: An antivirus program is not able to prevent an user from opening a link and releasing a virus or corporative networks are vulnerable if former employees have working passwords. Technology alone is not enough so policies are used to guide the implementation and management of security.

A security policy is a document that defines how an organization will deal with some aspect of security. Security policies can also deal with regulatory requirements or policies can simply be advisory.

There is one rule to follow while defining policies: There should be a policy for every possible situation. If there is no a policy for a given problem, this may be aggravated. A policy needs to be very clear and specific to be effective.

Policies can be divided into user and administration policies.

The areas covered by the user policies are:

• Passwords
• Internet use
• Email attachments
• Installing/uninstalling software
• Instant messaging
• Desktop configuration

The administration policies should be a guide for the following scenarios:

• New employees
• Departing employees
• Change requests
• Security breaches
• Virus infections
• Denial of service attacks

This post was created with the collaboration of Salvador.

--Originally published at CRACK THE NETWORK

First of all we need to install Apache in our Linux server with the following commands:

wget http://www-eu.apache.org/dist//httpd/httpd-2.4.23.tar.gz
gzip -d httpd-2.4.23.tar.gz
tar xvf httpd-2.4.23.tar
cd httpd-2.4.23
./configure --prefix=/home/a01225953/apache2
make
make install
nano /home/a01225953/apache2/conf/httpd.conf

We configure the Apache server with the following port:

/home/a01225953/apache2/bin/apachectl -k start

And finally we can see that our Apache server is running using netstat command:

--Originally published at CRACK THE NETWORK

To crack passwords using John the Ripper first we need to install it with the following script:

#/bin/bash
# Centos 7 John the Ripper Installation
yum -y install wget gpgme
yum -y group install "Development Tools"
cd
wget http://www.openwall.com/john/j/john-1.8.0.tar.xz
wget http://www.openwall.com/john/j/john-1.8.0.tar.xz.sign
wget http://www.openwall.com/signatures/openwall-signatures.asc
gpg --import openwall-signatures.asc
gpg --verify john-1.8.0.tar.xz.sign
tar xvfJ john-1.8.0.tar.xz
cd john-1.8.0/src
make clean linux-x86-64
cd ../run/
./john --test
#password dictionnary download
wget -O - http://mirrors.kernel.org/openwall/wordlists/all.gz | gunzip -c > openwall.dico

Then we execute ./john-1.8.0/run/john -wordlist:openwall.dico passfile.txt

And we wait for the passwords to be cracked.

--Originally published at CRACK THE NETWORK

To connect to our server using our public key we do the following in our Linux machine:

First we generate a ssh key with the command ssh-keygen

Then we copy our public key to our Linux server with ssh-copy-id -i ~/.ssh/id_rsa.pub a01225953@10.40.53.3

And that’s all now we can connect to our server ssh a01225953@10.40.53.3

--Originally published at The Hitchhiker's Guide to information security… according to me!

Achilles, the mythical Greek hero, son of a king and a nymph, invulnerable in every part of his body except the heel… Seriously, the lamest part of the body. But Greeks have something very important to teach us and it’s that there’s always a week spot in something. Even though it may seem unbreakable, unstoppable or impenetrable we’re not looking carefully enough. And it’s when we find that weakness that we now have control. As it is, we are as strong as out weakest link. So we need to be harder, better, faster, stronger when it comes to information security and what will be a better place to start than the network of our organization.

DEFINITION I CHOOSE YOU! Network security refers to any activity that will protect the integrity, availability and consistency (CIA coff coff) of the physical and logical assets from any threats or prevent the breach from getting worst. We’ve been talking a lot about threats in information security, and I’m sure that by now you must be as paranoid as I am, so I’m sure there’s not need to discuss threats anymore, but the real question is… what are those activities that will helps us protect our love ones from evil hackers? Well here are some layers of security.

Security Devices: refers to hardware or software devices that help improve security on the networks. For example:

• Firewall: a hardware software based mechanism that helps control incoming and outgoing traffic permitting and denying it depending on a set of rules.
• Honeypot: is a computer system that acts as a decoy to attract hackers into access it in order to gain information about the hackers methods and goals.

Network Isolation: refers to the segmentation of the network in order to create a more secure

Continue reading "We are as strong as our weakest link" →

--Originally published at The Hitchhiker's Guide to information security… according to me!

Many people wish upon a star for a zombie apocalypse. They want to ride on their jeeps while shooting at anything that moves because they just want to watch the world burn. They want to go wild, experience the feeling of anarchism, but mostly they just want to shoot something and prove that they can survive adversity. For some this is just a dream, but for others it is a serious business. They understand that it’s is not only about carrying a gun, but also about searching for food and water; dealing with the lack of electricity, gas and communication and looking for a shelter that can resist the attack of hordes of zombies. This people are prepared for dealing with the situation and all of this are countermeasures that prepares them for this day. But what does all of this have to do with information security you may be wondering. Well, follow me and let’s find out.

In time of war we need a good plan that comes into action, and in information security, in time of threat and vulnerability we need a security countermeasure to help us deal with the risk or at least minimize it. And… BOOM! Now you understand what this zombie thing is all about.

A security countermeasure is a method, action, procedure, system, device or technique that helps eliminate, mitigate or reduce a threat or vulnerability. So if you’ve been reading my blogs, and of course you’ve been this are the security control that come into action when we are facing a threat. Not preventing it or planning what will happen, but dealing with it… like the adults we are.

Like everything in this world they come in different flavor depending on the context and there are a few contexts in the information security

Continue reading "All we need to do is… survive" →

--Originally published at The Hitchhiker's Guide to information security… according to me!

Have you ever had that traumatic childhood experience where you wanted to play with the cool kids of the neighborhood and when you asked them “Can I play with you guys” they will brutally say “No, because you’re not cool like us”. Kids are violent… Well, even though they where assholes, they where actually, and of course subconsciously, applying a security control so that only the right people could play with them. We call that and access control system. Damn you cool kids (*cries in a dark lonely corner).

Access Control is a technique used to restrict the access to a physical place or other non-phsysical resources, and with access we mean entering a facility or being able to view and manipulate data. So yeah, those kids didn’t want you to enter their secret group and to view and manipulate secret cool data from their organization, but less assume for a moment, for a very hypothetical moment that you’re a cool kid. How this group of young delinquents can distinguish between a cool kid and a average one? Well, the access control process consists in the following 3 steps.

Identification: the person that wants access to the system claims to be someone with authorization. This first step consist only on giving an assertion of who you are. If you talk about physical access, you may give your name to the guard or inside an information system you may provide an account.

Authentication: After you gave your name to a guard or your user name to a system, you will need to prove that you really are who you claim to be, to the system satisfaction (it could be more than one authentication phase). For the name and the guard example, you may need to give your driver’s license in order

Continue reading "You shall not pass!" →

--Originally published at Computer and Information Security

Last year our campus acquired Mac pros. They put them together on a classroom (which most of the time is closed because of how expensive the computers are) with thunderbolt displays and with Apple mouses from around 2008.

The funny thing about this is that almost nobody uses them and, for some unknown reason they remain on for several days doing nothing and nobody cares.

Personally there are 3 reasons why I don’t use them:

1. 99.99% of the things I need to do don’t require insane amounts of power the mac pros have.
2. Some of the programs I use are not installed.
3. Until recently the mouses did not have a mousepad so it was very difficult to work on them.