EC Council Academy Part II
In May 14- 18 2012, de sheep was attending another courses offered by EC Council Academy (ECSA) – Certified Security Analyst, with the road to Penetration Testing which trying to achieve L|PT from EC Council.
From the standard set by EC Council, CEH + ECSA could be granted the L|PT license provided with terms and conditions apply.
After attending the 2 courses which covered more on attacking and analysis, i would said it still back to the fundamentals of how well do you understand an operating system, knowledge of networking and network protocols. The course represent very well in terms of knowledge in ethical hacking, tools and infosec information, but the small pieces of understand on each and every aspect of the internet and how the process goes is still play a major role. Let’s start with a very basic part with TCP/IP ,differences of TCP and UDP, routing:describe how a packet gets from one place to another, ARP, DNS, DHCP and many more….
To make things work, you must have the desire and drive to learn new stuff, willing to interact and share knowledge with like minded professionals and other smart people and the curiosity on “how does it works”???
In short , if you don’t even know how the process works or exists, how can you violate or manipulate a process…
As a matter of fact you must have the willingness in putting your own time (which are not getting paid) in researching and stay up to date. I do this strictly because I love what I am doing and also enjoy the excitement of sharing with what I have learned with people who actually care to listen and are interested in the same….
~Welcome to the world of INFOSEC~
EC-Council Academy Part I
Back to May 2011, de Sheep was attending a course offer by EC Council Academy (CEHv7). Certified Ethical Hacker. The purpose of the course is to equip myself with the latest knowledge, technique and tools in cybersecurity. The ideal of an ethical hacker, is to perform hacking in an ethic way, as a security analyst, the knowledge is actually driven to a better understanding in varies aspect on an attempt in the cyber world.
We have seven layers in an OSI reference model, attempt can be various way, defending is challenging and it need the process of people + technology + awareness.
A very dynamic and fun classes……
MS-SQL Worm propagation attempt 124.239.195.131
Kaspersky has been actively detected such attempt. It’s being reported 31 complaints about this ip address 124.239.195.131 in this attempt. Most of the ip is from china:
IP Address: 124.239.195.131
IP Address Country: China (CN)
IP Address Region: 22 Beijing
IP Address City: Beijing
IP Postal Code
IP Address Area Code 0
IP Metro Code 0
IP Address Latitude: 39.9289016724
IP Address Longitude: 116.388298035
IP Address ISP: CHINANET hebei province network
Organisation: CHINANET hebei province network
IP Address Proxy:
IP Address Host: 124.239.195.131
~Network attacks are detected by Kaspersky Lab”
Base on the attempt, it is clarify as worms propagation with intrusion.win.mssql.worm.helkern. For information, the misbehaving of an intrusion could leads to engaging in spam, brute-force, DOS attacks, phishing or other fraud.
~~Reported there’s few more ip is performing same attempt~~
Beware of the attempt and make sure antivirus is up-to-date and performing a full scan to avoid any hidden trojan or worms are running at the back-end.
Symantec pcAnywhere Has Multiple Unspecified Vulnerabilities
Multiple vulnerabilities were reported in Symantec pcAnywhere:
Overview
Symantec pcAnywhere is susceptible to local file tampering elevation of privilege attempts and remote code execution attempts. It is possible to run arbitrary code on a targeted system in the context of the application which is normally System.
Symantec Response
Symantec engineers verified these issues on the supported versions identified above. Product updates are available to address these issues. Symantec engineers continue to review all functionality to further enhance the overall security of Symantec pcAnywhere.
Upgrading to pcAnywhere 12.5
For information and instructions on upgrading to pcAnywhere 12.5, see the guide at the following location:www.symantec.com/docs/DOC4529
~~Symantec Security Breach~
URL redirection Vulnerability in Google & Facebook
Vulnerability is a security breach.URL redirection is kind of fishy
An open redirect is a vulnerability that exists when a script allows redirectionto an external site by directly calling a specific URL in an unfiltered,unmanaged fashion, which could be used to redirect victims to unintended,malicious web sites. A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect.
Vulnerability in Google: – reported in Google by “Ucha Gobejishvili ( longrifle0x )“
https://accounts.google.com/o/oauth2/auth?redirect_uri=http://www.something.com
Vulnerability in Facebook: – Discovered by ZeRtOx from Devitel group
http://www.facebook.com/l.php?h=5AQH8ROsPAQEOTSTw7sgoW1LhviRUBr6iFCcj4C8YmUcC8A&u=www.something.com
Impact:
- The user may be redirected to an untrusted page that contains malware which may then compromise the user’s machine.
- The user may be subjected to phishing attacks by being redirected to an untrusted page.
~~Information shared for awareness purpose~~
Apple iPad 2 and iPhone 4S finally fall to jailbreakers
NAKED SECURITY by SOPHOS
Apple’s most hacker-resistant hardware to date – the iPad 2 and the iPhone 4S, which are built around the Apple A5 chip – can now be jailbroken.
Jailbreaking an iPhone or iPad offers numerous benefits:
- You can copy files of your choice to and from the device without limitation, and without agreeing to the iTunes licence agreement.
- You can build and run software – a lot of it free – from alternative sources, not just from Apple’s own App Store.
- You can install useful network services that Apple won’t allow, such as sshd (secure remote login) and a VNC server (screen sharing).
- If you’re a techie, you can have a lot more fun with, and learn a lot more about, your own device.
Everything comes with ~~Pro & Cons~~
Jailbreaking brings a whole slew of risks:
- Make it much easier for hackers to break into your device whilst it’s turned on. (Apple ships every iPhone and iPad with two accounts, root and mobile, which share the password alpine. You’ll want to change these if you jailbreak.)
- You might install software which makes the device unusable. This could reduce or even eliminate Apple’s liability to repair your device under warranty.
- You’re more likely to come across malicious, experimental or just-plain-insecure software by mistake.
- Critics of jailbreaking point out that the only iPhone viruses ever seen in the wild (Ikee and Duh) were for jailbroken phones.
- Indeed, if you’re an IT manager or in organization security perspective it is recommended to have Device policy allowing users to access company data from their own iPads and iPhones,recommend a “no jailbreaking” clause.
–BUT–
But jailbreaking is, and ought to be, a right (At your own risk, of course.)
~~Couldn’t see the risk doesn’t means does not exist~~
sharing by "desheep" 