Authentication

--Originally published at Computer and Information Security

Each day, we log into many different webpages, they ask for authentication. We need to prove that we are us, but why is it so important? Also, how does it works? Authentication is needed to access to personal information, social media, at work, unlocking the phone, anywhere. It is almost a requisite to join every webpage to access to certain content. Regarding security, it is the way to block your information for the resto of the world. There are many different ways to prove that you are really you. Commonly, sites ask for a password, but they aren’t the only option. The next video uses interesting examples to explain the importance of authentication.

Knowledge factors: sometimes, the service that is asking for authentication can ask for names, specific questions, PIN numbers, or the password itself. Those are known as knowledge factors.
Possession factors: these are the ones that the user has in possession, such as ID cards, one-time password tokens, specific codes, or any artifact that can prove your authentication.
Inherence factors: this authentication factor covers the biometrics of the user, such as fingerprint scans, facial recognition, voice recognition, retina scans, iris scans, between others.

A modern way to authenticate the user is its location depending on the cellphone. This also has to do within its device activity and many other complex factors. Nowadays, it is recommended to use at least two factor authentications at the time per each account. For example, it is possible to activate an account with password and with a pin provided by the service company via cellphone.

There are may authentication tools in the market. It is important to be secure and also to protect your personal information. It can be annoying to unlock the accounts with more than 1-factor-authentication, but sometimes it is necessary Continue reading "Authentication" →

CIA triad

--Originally published at Computer and Information Security

Confidentiality, integrity and availability is also known as the CIA triad. CIA triad is a model that establishes some principles for information security, it can be seen as an organizer. These three principles are considered as the most importan principles for security. They aren’t the only ones, but they can be seen as the three pillars of security. The following video explains very well these three principles:

Confidentiality

Confidentiality can be defined as a series of rules that are responsible for preventing information from reaching the wrong hands. That is, confidentiality is in charge of the access. This access must be restricted for those that don’t have the authorization to see the information. One way to prevent a leakage is to create levels. Most of the time, information is categorized depending on the impact it would have if the specific information was stolen.

Integrity

Integrity is an important pillar to security, it is in charge of the accuracy, consistency and trustworthiness of the information all the time. It is crucial the security of the data. Information can’t be corrupted or edited by a third-party without the autorizaron. Also, while sending data, it must be delivered and received without any modification in between. Software can be involved in order to check the integrity of data that is traveling from one place to another.

Availability

Availability is mainly in charge of the hardware. If there are complications between services or any damage, there must be a resource in charge of fixing it. Also, it needs to be updated all the time and there has to be one that establishes de communication between the different services. There must be an adaptive recovery if it is necessary. It is important to have a way out of problems, even without a person in charge for it.

In Continue reading "CIA triad" →

DNS Spoofing con el WiFi Pineapple

--Originally published at Toledo

¿Qué es el DNS?

Por sus siglas en inglés DNS, Domain Name System, es un sistema en internet que funciona como directorio. Cuando intentas acceder a alguna página, digamos google.com, lo que sucede por abajo del agua es que la computadora va y pregunta la dirección IP en la que se encuentra el servicio de google.com, ir a consultar dicha dirección. La cual en mi caso es 172.217.9.14.

¿Qué es el DNS Spoofing?

Tambien conocido como DNS Poisoning. Es un tipo de ataque que se aprovecha de las vulnerabilidades de DNS. Con la configuración correcta, quizá un ataque de man-in-the-middle de por medio, es posible personificar servicios conocidos. Puedes direccionar a tu víctima a un servidor de DNS del que tu tengas control, y podrías modificar las direcciones IP de los dominios que consulte.

WiFi Pineapple: DNS Spoofing

Antes que nada es necesario terminar la configuración del WiFi Pineapple. En éste blog doy una breve introducción al WiFi Pineapple y explico cómo setearlo.

Lo siguiente es tener un sitio de pruebas fake. Como demostración, voy a utilizar el paquete de http.server de python 3 para levantar una paqueña página.

Creamos un archivo llamdo index.html en un directorio nuevo con el contenido:

<head>
<\head>
<body>
 <h1>Fake Page</h1>
 <p>WiFi Pineapple rocks!</p>
<\body>

Con la terminal en dicho directorio. Ejecutamos el servidor con python3:

python3 -m http.server 8080

Con ésto deberíamos poder ver nuestra página si utilizamos nuestro navegador para ir a la dirección http://localhost:8080/

Consultamos nuestra IP y le guardamos para utilizarla en los siguientes pasos. Tambien podemos acceder a nuestra página a tráves de ella.

Ingresamos a la interface web del WiFi Pineapple. Por suerte para nosotros, ya hay software desarrollado para el Pineapple para todo tipo de ataques. El DNS Spoofing

Continue reading →

Denial-of-service attacks

--Originally published at Computer and Information Security

Have you ever feel that a webpage is loading too slow compared to other times, a poor network performance while trying to retrieve s file from a cloud server, an increasing amount of time in order to reach an specific service from the internet? It’s obvious that there are many factors that can influence the weak performance from the network, but it is important to take into account that it could be a denial-of-service attack. It’s not that easy to spot the problem, but first, what is a denial-of-service attack?

We can define a a DoS attack as a planned attack to a server in order to disrupt an organization’s network to complicate the entry of their user to their services. The attack can limit the access to the network or even to deny the access. The main point is to prevent any online activity through the servers that are being attacked.

There is also a Distributed Denial-of-Service attack, where the attacker also infects the computers that get connected to the infected servers and now these new computers are used to infect more users. These new infected computers are known as zombies. Zombies are the computers that are controlled by the attacker. With the control of all of the computers, the attacker can use their power to overload the services, such as mail, internet, and network services.

Also, there are three specific categories in which the hackers focus their attacks:

Networks
Systems
Applications

Mainly, all of them create requests to overload the servers until there is no response or until they create an error on the system. One of the main goals is to consume as much bandwidth as possible in order to create slowdowns in networks. Hackers also focus on hardware, such as routers and devices that need network Continue reading "Denial-of-service attacks" →

Redes domésticas

--Originally published at Computer and Information Security

Es muy útil saber cómo modificar los ajustes de un módem. Cambiarle la contraseña a la red de la casa o incluso cambiarle el nombre puede llegar a ser muy sencillo y puede a llegar a incrementar un poco la seguridad de la red. Sin embargo, hay más opciones en los ajustes de un módem y éstas pueden llegar a ser implementadas de una manera muy sencilla. Una de las ventajas de acceder a los ajustes de éste es que puedes crear redes locales dentro de la casa o la oficia. La división de la red puede llegar a ser útil para conectar ciertos dispositivos a una de ellas y los otros a la otra, se puede crear una red para invitados, o incluso redes privadas para intentar mantener más segura cierta información que se comparte cuando alguien se encuentra en la misma red. A continuación, se mostrará un pequeño tutorial para crear una nueva red doméstica.

1 – Entrar a la página web del módem

Normalmente, para poder acceder a la configuración del router se tiene que ingresar a la dirección 192.168.X.X. En este caso para ingresar a la configuración del módem de Telmex, se ingresa a 192.168.1.254. El usuario puede variar (TELMEX en este caso) y la contraseña es la clave que viene en el modem.

2 – Ir a Red

Al entrar a la configuración del módem, una ventana parecida aparecerá en la pantalla. Hay que seleccionar la opción de “Red” que se encuentra en la columna izquierda.

3 – Inalámbrico (2.4GHz o 5GHz)

Una vez adentro de la opción de Red, se selecciona el tipo de red inalámbrica que se desea crear el la columna izquierda. En este caso, se seleccionará la red 5GHz.

4 – Seleccionar SSID

Continue reading →

Privacy? Yes, please

--Originally published at Computer and Information Security

With all the attention that Facebook ir receiving, what are you doing to protect your information? Not just your Facebook’s personal info, but also your internet traffic is somewhere in a server, without even your consent. Facebook isn’t just the only one that retrieves your traffic information, also Google and many other companies, even with a VPN. Nowadays, it is difficult to hide your information from these companies, but there is always a solution, or at least to protect a little more your information.

Personally, I do think that ads are necessary when the content is free because it’s work that it given for free. The problem is when the pages that are publishing those ads are also giving your personal info and internet traffic to a third-party company without even saying it to you and that’s the point that isn’t fair or correct. With all of the privacy movement, I just decide to look for an AdBlocker to my MacBook Pro. Not just to hide those invasive ads, but also to protect a little more my information. While making a little research through Reddit, I found a thread asking for some AdBlockers (link: https://www.reddit.com/r/apple/comments/7o7zw9/your_favorite_adblocker_for_safari_macos_with/). Thanks to the comments, I opted for AdGuard. My experience was incredible.

AdGuard isn’t my first ad blocker, but it was completely different from the others. Starting with its interface, it is really easy to use. It has interesting options, a menu appears when a page has ads and it gives you options for the page, such as: Block Element, Add Exception, or do not block the page for 30 seconds. For experience, some ad blockers doesn’t work with some pages becase devs are implementing a way to find out when you have an ad blocker, but the cases with AdGuard were

Screen Shot 2018-04-30 at 11.08.12 AM.png

Screen Shot 2018-04-30 at 12.04.19 PM.png

Screen Shot 2018-04-30 at 11.17.13 AM.png

Continue reading →

Configurando el WiFi Pineapple

--Originally published at Toledo

En éste blog hablaré de cómo configurar y empezar a utilizar el Pineapple. Para éste caso, estaré utilizando la versión Tetra del dispositivo. Y para configurarlo desde cero, estaré utilizando mi celular con Android.

Hack5 tiene documentado en su página los pasos a seguir para configurar el Pineapple. Las instrucciones en éste blog están basadas en dichos videos. Pueden revisar el video en inglés aquí.

Viene con un pequeño manual, con el dispositivo. Éste contiene contenido en inglés de todas las capacidades que tiene el WiFi Pineapple, cubre conceptos básicos relacionado con WiFi y documentación de uso.

Lo primero para empezar a utilizar el Pineapple es conectarlo y esperar a que la luz acul se quede estable.

Conectar las antenas es totalmente innecesario, al menos para hacer pruebas locales y jugar con el Pineapple. Pero debemos reconcer que se ve 10 veces más intimidante con ellas puestas.

Después sigue instalar la applicación de Android para conectarnos al Pineapple utilizando nuestro celular. La applicación se llama WiFi Pineapple Conector. Es necesario que el celular soporte USB Thetering, ésto es una funcionalidad que le permite al celular compartir internet a través de USB.

Conectamos el Pineapple a nuestro celular, y abrimos la aplicación. Vamos a necesitar activar el USB thethering, una ves lo hemos hecho. La app nos va a preguntar si está activado. Simplemente decimos que sí.

El Pineapple de fabrica viene sin los firmwares necesario instalados. En dado caso, va a ser necesario descargarlos desde https://www.wifipineapple.com/downloads/tetra/latest e instalarlos manualmente.

Vamos a ver por primera vez la interface del Pineapple. Simplemente damos clic en Get Started. Nos va a pedir que desactivemos el WiFi desde el Pineapple. Un simple clic al botón que está en la parte trasera del Pineapple hace el truco. Es el único botón que tiene

Continue reading →

¿Qué es el WiFi Pineapple?

--Originally published at Toledo

El WiFi Pineapple es un dispositivo desarrollado por Hack5, que actúa como un Access Point, o modem Le permite a quien lo controla monitorear, scannear o interceptar la comunicación de quienes utilizan la red abierta que el dispositivo genera.

No con la intención de causar daño. La inspiración de su creación es para servir como herramienta de auditoría de seguridad para expertos en el área. Tiene en el mercado alrededor de 10 años, y al momento la empresa ha sacado seis generaciones.

El dispositivo tiene dos modelos principales:

WiFi Pineapple Tetra

Siendo éste el modelo con la version completa y con todo el poder de un WiFi Pineapple. Según la página web, cuenta con las siguientes especificaciones:

PineAP software, con interface web y modulos disponibles
(2x) Dual-Band (2.4/5 GHz) 802.11 a/b/g/n radios
(4x) Amplificadores Skybridge con 800 mW por radio
Puerto USB Ethernet (Realtek RTL8152B chipset)
Puerto USB Serial (FTDI D2XX chipset)
533 MHz MIPS 74K Atheros AR9344 SoC
2 GB NAND Flash
USB 2.0 Host Port
RJ45 Fast Ethernet LAN Port

WiFi Pineapple Nano

Es una versión compacta del WiFi Pineapple, su diseño está enfocado en la portabilidad para fácil acceso en cualquier ambiente donde se vaya a utilizar. Con el trade-off de que el poder que tiene disponible es ligeramente menor a la versón Tetra. De acuerdo a Hack5, sus caracteristicas son:

PineAP software, con interface web y modulos disponibles
2 antenas 2.4 GHz b/g/n Atheros radios
400 mW por radio
Puerto USB Ethernet Plug
Capacidad de memoria con Micro SD (hasta 128 GB)
EDC Tactical case y bateria opcionales
Puerto USB 2.0

Ambos modelos tienen capacidaded para auditoría de seguridad impresionantes. Elegir uno o el otro depende de las necesidades que se tenga en cuanto a portabilidad y poder requerido.

Threats for online gamers

--Originally published at Information Security A01229898

Hi everyone, While I was searching about video games I found about this threats that could happen for gamers, I took this information from a post of we live security esset, so let’s start this.

The first popular threat is TeslaCrypt:

it was designed to encrypt game-play data for dozens of video games, prompting the user to pay a ransom to decrypt those files. Targeting some well-known games including Call of Duty and Minecraft, Teslacrypt blocks access to saved game files, configuration files or game items.

Second one is Password Stealers:

Just as there are types of spyware called keyloggers, which capture keyboard events and try to steal access credentials, there are also pieces of malicious code that attempt to steal access credentials for online games or platforms, such as Steam or Origin. This type of malware is heavily based on social engineering or deceit in order to infect its victims. One of the most popular scams is when a player – the victim – receives a chat message from another player offering him to join his team. This unknown player is usually very friendly and praises the victim for his gaming skills, telling him that he should join this team of great players.

At some point, the victim is prompted to download and install an application – for example, a voice communication program. The attacker will be very insistent on the fact that the victim cannot become part of the team if he does not have that application. And of course, the downloaded executable is not really a chat client, but a malicious software capable of stealing account credentials.

The third one is Fake Game Cracks

This is another social engineering technique, regardless of the kind of threat installed in the end. The deceit in this case has to do Continue reading "Threats for online gamers" →

Security and Videogames

--Originally published at Information Security A01229898

Hi everyone, On this post I will talk about Security and videogames, yes, finally something about software, so let’s start this.

On this post as I mention I will talk about videogames, I was searching on internet and I found a post from welivesecurity esset and they talk about this topic, they interview Andres Rossi the CEO of an Argentine company that develops videogames for social networks, so I grab some information of that post so you can know a little of what they talk and at the end of the post I will put the link so you can check all the post of esset

Andres told that with his experience he has seen a lot of incidents related with security like payment-card frauds, cyberattacks targeting gamers and the subsequent claim of prizes, to exploitation of servers just for the sake of playing, but he says that the most common problem is that players leave their accounts open in machines that do not belong to them. He said that there is a lot of ignorance among video games developers regarding security implementation and one example is that the online Playstation platform was compromised a few years ago, the problem is that there are so many games that, as is to be expected, the challenge is still only focused on the largest and most famous game companies.

At last, I want to say that the security problems that the video game industry it’s because on the past, the industry didn’t need to take care for security, because all games were offline, so, it was not possible to extract information of other players, but with the online games the problem started but is difficult to try to secure all games.

Link of the interview: https://www.welivesecurity.com/2016/08/16/security-transversal-issue-video-games-development/