Articles

Archived Posts from this Category

Security Paranoia Scale

By Samir on Feb 3 2009 [Tue] | EMail This Post | 14,026 Views No Comments

Have you ever wondered, where you stand in scale of "Security Paranoia" ?

I found this nice article on http://www.ladadadada.net/articles/security_paranoia_scale

It will be useful to measure where you stand. If you are below "4", I think that you got a very good reason to worry about LOT of security aspects.

I will suggest that you go through this scale exercise and find out where you are.

To give historical aspect, In the 17th century, a wind scale was devised and standardized on so that naval officers writing the wind speeds in their ship’s logs could accurately describe the weather. The problem at the time was that what one man would call "calm", another man might call "windy". Until the scale was developed, there was no way of comparing the logs of two different captains.

Security Paranoia Number	Name	Description
0	Free and easy	Leaves door to house open. Writes PIN on credit card. Doesn’t believe in having computer passwords. When forced to choose a password, chooses ‘12345′. Double clicks all attachments in email. Clicks on "Hundreds of new Smileys!" ads. Installs Bonsai Buddy.
1	Trusting	Locks front door of house. Memorises PIN but keeps original letter in filing cabinet ‘just in case’. Usual password is ‘password’. When IT enforce a more complex. password, writes it on a sticky note and sticks it to monitor. Never changes default password on any device.
2	Average Joe	Locks every door of house. Memorises PIN and throws away original letter. Every user account has admin privileges. Uses the same password for every login, for every system. Usual password is dog’s name.
3	Mildly Suspicious	Locks windows of house too. Memorises PIN and eats original letter. Only one user on computer has admin privileges. Uses two different passwords; one for safe places and one for everywhere else. Usual password is a dictionary word. Knows that pictures of locks on web sites mean that the site is secure.
4	Suspicious	Hasn’t logged in as admin since the initial install. Issues admin commands using sudo or run as. Uses open source software because he understands it has a good security record but still uses proprietary software when needed. Has three different levels of passwords; low, medium and high security. Usual password is a dictionary word with a number. Knows what each web browser’s lock symbols for SSL look like.
5	Mildly paranoid	Exclusively uses open source software because it can be verified by the community to not contain backdoor code and security flaws. Encrypts and signs sensitive emails. Won’t submit a password to any web site unless it is using SSL. Uses sudo but it requires a password every time it is used. Usual password is at least 6 random letters and numbers.
6	Paranoid	Checks MD5 sums of downloaded software to make sure it hasn’t been tampered with. Only uses two different password security levels but uses a different password for everything in high security level. Requires a password to unlock screen saver. Encrypts and signs all emails. Actually reads SSL certificate information in web browser before accepting certificate. Usual password is at least 8 random letters and numbers.
7	Quite paranoid	Compiles own open source software and checks MD5 sums of the downloaded source files. Screen saver activates after 5 minutes of inactivity. Encrypts entire home directory. Has a hardware-based random number generator based on radioactive decay attached to computer. Phones web site owners to verify signature on SSL certificate verbally. Usual password is at least 10 random letters, symbols and numbers.
8	Extremely Paranoid	Compiles own open source software but only after doing a complete security audit on every line of code. Invents own encryption algorithm because existing ones aren’t good enough. Uses a different password for every authentication. Screen saver activates after 30 seconds of inactivity. Usual password is at least 30 random letters, symbols and numbers.
9	I have no name.	Lives in abandoned security bunker from World War II in remote desert. Must authenticate before using toaster. All passwords require modification from a randomly changing security device that updates every 30 seconds. Every authentication requires three-factor authentication from a dongle plugged into the computer, a password and a biometric scan. Never removes sunglasses or gloves outside bunker to keep biometric information secret. Computer requires re-authentication every 30 seconds, regardless of activity. Encrypts home directory with a one-time pad… that only ever existed inside his brain. Has a self destruct button installed in underground lair.

Filed under General, Articles

Ethical hacking ? What ? Why ?

By Samir on Oct 1 2006 [Sun] | EMail This Post | 2,484 Views No Comments

The term “hacker” has a dual usage in the computer industry today. Originally, the term was defined as:

HACKER noun 1. A person who enjoys learning the details of computer systems and how to stretch their capabilities—as opposed to most users of computers, who prefer to learn only the minimum amount necessary. 2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.¹

This complimentary description was often extended to the verb form “hacking,” which was used to describe the rapid crafting of a new program or the making of changes to existing, usually complicated software.

As computers became increasingly available at universities, user communities began to extend beyond researchers in engineering or computer science to other individuals who viewed the computer as a curiously flexible tool. Whether they programmed the computers to play games, draw pictures, or to help them with the more mundane aspects of their daily work, once computers were available for use, there was never a lack of individuals wanting to use them.

Because of this increasing popularity of computers and their continued high cost, access to them was usually restricted. When refused access to the computers, some users would challenge the access controls that had been put in place. They would steal passwords or account numbers by looking over someone’s shoulder, explore the system for bugs that might get them past the rules, or even take control of the whole system. They would do these things in order to be able to run the programs of their choice, or just to change the limitations under which their programs were running.

Initially these computer intrusions were fairly benign, with the most damage being the theft of computer time. Other times, these recreations would take the form of practical jokes. However, these intrusions did not stay benign for long. Occasionally the less talented, or less careful, intruders would accidentally bring down a system or damage its files, and the system administrators would have to restart it or make repairs. Other times, when these intruders were again denied access once their activities were discovered, they would react with purposefully destructive actions. When the number of these destructive computer intrusions became noticeable, due to the visibility of the system or the extent of the damage inflicted, it became “news” and the news media picked up on the story. Instead of using the more accurate term of “computer criminal,” the media began using the term “hacker” to describe individuals who break into computers for fun, revenge, or profit. Since calling someone a “hacker” was originally meant as a compliment, computer security professionals prefer to use the term “cracker” or “intruder” for those hackers who turn to the dark side of hacking. For clarity, we will use the explicit terms “ethical hacker” and “criminal hacker” for the rest of this paper.

What is ethical hacking?

With the growth of the Internet, computer security has become a major concern for businesses and governments. They want to be able to take advantage of the Internet for electronic commerce, advertising, information distribution and access, and other pursuits, but they are worried about the possibility of being “hacked.” At the same time, the potential customers of these services are worried about maintaining control of personal information that varies from credit card numbers to social security numbers and home addresses.²

In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems. This scheme is similar to having independent auditors come into an organization to verify its bookkeeping records. In the case of computer security, these “tiger teams” or “ethical hackers”³ would employ the same tools and techniques as the intruders, but they would neither damage the target systems nor steal information. Instead, they would evaluate the target systems’ security and report back to the owners with the vulnerabilities they found and instructions for how to remedy them.

This is derived article: Read more of this aritcle at http://www.research.ibm.com/journal/sj/403/palmer….

Filed under General, Digital crime, LeaningZone, Articles

What hackers do ?

By Samir on Sep 28 2006 [Thu] | EMail This Post | 1,431 Views No Comments

Here is some insight into how hackers operate. I Did some research and gathered following information.

What’s so important inside that network?

Unauthorized access is age old. It began with the Romans and their poor, landless citizens attempting to infiltrate colossal Roman castles. The concept within Internet hacking is relatively similar, all based around a single theme: information. Those with information, therefore, have access and power, even if it is confined to one particular network, for a short amount of time. The importance, then, of hacking, can be said to include information and power. Gravy…
This begs the question of how these hackers gain access to networks. Some common tricks include password deciphering, buffer overflows, scripts and DoS attacks. The purpose of this article is to introduce you to what exactly hackers do to gain access, and to quench the steadfast intrigue of these concepts.

What are hackers? What are crackers?
Definitions for these two terms vary, but suffice it to say that hackers are those exceptionally knowledgeable computer users, often skilled in programming languages and Internet logic. The term hacker, then, can conceivably be used with either a positive or negative connotation. Throughout the years, this term has gained much momentum to the negative. Now, the term often means to gain access to a network, after hacking their way in.
The term crack means to break into a computer system. Hackers wish to differentiate the two terms, as hackers are said to strive towards information for the purposes of pranks, or web site ‘modification’. Crackers, on the other hand, have a specific purpose to break into secure systems, capture the password(s) and wreak havoc on the machine.
Since these two terms are often used reciprocally, this article will exercise the terms hacker and hack, opposed to cracker and crack.

Efforts to gain passwords

SIMPLE INVESTIGATION
Let’s get into the meat and potatoes of what hacking is all about: capturing the often illusive password. By their nature, passwords should be illusive, but hackers contrive methods and techniques to gather them, and use them for their own purposes within a network. The password is the lowest, but ultimately the most important, step in the hacking totem pole. Once a password is compromised (or seized), hackers use it to realize additional rights and privileges within the system.
So, how are passwords seized? Regardless of how secure the network itself is, there are always insecurities, and that includes the actual users of the network (or, Mr. Do Mas). Sure, hackers can use sophisticated password utilities to guess passwords on a system, but oftentimes a little investigation provides what the hacker is looking for.
Believe it or not, a major source of password compromise is the simple laziness of users. Users write the passwords down on little Post-It notes and place them within their desk. Users give their passwords to others. Passwords are printed out on pieces of paper that are often thrown out whole. A little rummaging through an office and its waste can surface more information than you might imagine.
Hackers also use a technique known as social engineering. They may call up a network administrator, pose as a confused network user and claim that they lost his or her password. This works way too often and many times is the first thing that hackers try.

TROJAN HORSES

The war between the Achaeans and the Trojans continued for 10 long years. After the death of Achilles (known as the greatest warrior among the Greeks), the Achaeans constructed a wooden horse and filled it with warriors and brought it into the city of Troy. Once inside, the warriors exploded from the wooden horse and destroyed the city; or so the legend goes.
A trojan horse in computer terms means essentially the same thing, a seemingly harmless computer program infiltrates the computer system, while malicious routines are being executed behind the scenes. One of the first trojan horses was a program that impersonated a login box. Once the user enters his or her password, they are saved in a location that the hacker has access to. This type of trojan horse is commonly installed on library computers, or an otherwise public computing environment.
Trojan horses are often more disguised than a simple login prompt. Windows and Linux system commands, for example, are susceptible to manipulation. Without getting into technicalities, the windows command edit can be compromised and instructed to launch a malignant batch file behind the scenes, deleting or even adding user accounts with administrator privileges.
Remember that a trojan horse is an executable file, which can be recognized with the .exe, .vbs, .com, etc extensions. A trojan horse sent through e-mail can often be found by noticing an extension like .txt.vbs.

PACKET SNIFFERS

Network data travels through network media in variable sized packets. These packets, of course, are never seen in their raw form, as a series of network protocol rules convert such packets to data that applications can interpret and display. However, before data packet arrives at the recipient’s computer, the packet can be snatched out of the media by packet sniffing software.
Because such utilities, like Telnet or SNMP, were designed to send passwords over network media in plaintext, or unencrypted form, passwords can be easily compromised using this method. Note that packet sniffers are capturing utilities, and cannot be used to actually modify any of the seized data packets. Sniffers can capture data within multiple protocols, like IP (Internet Protocol), UDP (User Datagram Protocol) and TCP (Transmission Control Protocol), allowing a single application to function well within a wide array of computing environments.
Passwords are not the only way hackers gain access to networks. Next, we will take a look at buffer overflows, and what it provides to hackers.

Buffer overflow

When data is sent over networks, the receiving computer must allocate enough memory to handle the incoming data packets. The space that incoming packets are stored in is called the buffer. If the operating system does a poor job of managing the buffer, or if the buffer overflows, problems occur. Because applications now check the size of the receiving data before placed within the buffer, poorly designed applications often fall prey to this type of attack.
The Unix program Sendmail, used on the Internet for sending mail from a form to an e-mail address, has a widely known vulnerability to buffer overflows and is often attacked. If packets are sent to the destination at a high rate of speed, the computer or program can be rendered useless. This leads us to DoS attacks, which is extremely similar to the logic behind buffer overflows.

DoS (Denial of Service) attacks

Lately, Denial of Service attacks have become a popular method to overflow the destination computer system with packets of information. The purpose of a DoS attack is to utilize as many system resources as possible, disabling the system from performing any other task. This, essentially, is denying service to legitimate users.
DoS attacks are usually performed from a very high-speed network to a network of the same speed, or slower. If the initiating network, or the network the hacker is on, is fast enough, the hacker can instruct his or her computer to flood the destination network with packets of information. This type of attack, however, gets especially hairy when we talk about distributed DoS attacks.
A distributed attack, as you might have guessed, consists of more than one initiating network and, therefore, more than one hacker working together. A group of hackers will, at the same time and from different, high-speed networks, flood the destination system with data packets. In extreme circumstances, thousands of hackers on thousands of networks can send data to a single machine, clearly rendering it useless. These types of attacks are almost impossible to stop after it starts, as eBay and Yahoo found out a couple years ago.

One way to gain access to more computers and, therefore, more data packets, is to send a ping request to all computers on a network. A ping is simply an electronic pulse whose sole purpose is to detect the presense of a machine by IP address. Once the destination machine receives the ping, it sends a response back to the originating system that sent the ping. That said, the hacker simply forges the initiation computer’s address to the victim’s IP address, sends pings out to large networks, and each computer system will send a response back to the victim’s system instead of the actual sending (the hacker’s) machine. This is known as a smurf attack.

Wrapping it up
This article examined what hackers are, why they hack and how they hack. Hacks can be as informal as a little investigation around the office to a sophisticated trojan horse program, disguised as a useful application. Hackers often do a little packet sniffing on networks in an attempt to grab passwords and other sensitive information from traveling across the network media. We then took a stab at buffer overflows, what they are and, lastly, the popular DoS attack. When performed correctly, hackers can utilize these effective techniques to both disrupt network traffic and also gain entry to restricted systems.

Filed under General, LeaningZone, Articles

User Login

Username:
Password :

Subscribe

Subscribe to email notification for posts and get newsletter

Name: First
Last

Email:

Categories

Articles (3)

Digital crime (1)

EduZone (1)

Email Security (3)

General (12)

LeaningZone (3)

News (3)

Password theft (4)

Reviews (3)

Security News (1)

Security Warnings (2)

Spyware & Malware (1)

TechZone (4)

Tips (2)

Virus protection (2)

Recent Posts

Security Paranoia Scale

Cyber attacks disrupt Kyrgyzstan’s networks

IT Security — Limitless

Hacking 101 - Part 1

No IM is safe - New IM Worm tagets SKype

Ethical hacking ? What ? Why ?

What hackers do ?

Is AJAX and cross-site scripting safe ?

Example of Phishing emails

Is computer password cracking tough ?

Polls

Are you concerned about password theft ?

Not at all

Somewhat

Don't know

Concerned

Paranoid

View Results

Loading ...

Archives

February 2009 (3)

September 2007 (1)

April 2007 (1)

October 2006 (1)

September 2006 (13)

RSS Feeds

Entries RSS

Comments RSS

Secured Browsing?

About| Terms of Use| Privacy Policy| Contact Us
Security Paranoia