I bumped into this site - https://www.cybrary.it/ and just discovered a treasure trove of cybersecurity knowledge and a lot of other cool IT and management stuff too.
After I tried out a bunch of courses, I found them to be very satisfactory. The level of detail needed are quite adequate and I picked up lot materials even more so than paid courses.
I would definitely recommend this site to anyone willing to learn cybersecurity and IT in general.
Cyber Security Reviews
As this is actually a journal on my learnings on cyber security, you will find tips and reviews on using antivirus, firewalls, basic server configurations, WordPress security, privacy, encryption, anonymity, hacking, and penetration testing. I will also include book reviews and other cyber security topics that I could get my hands on. Hope you'll learn a thing or two.
Friday, January 8, 2016
Monday, January 6, 2014
Protect Yourself from Rogue Software, Spyware and Malware - Use Sandboxie
Sandboxie employs sandboxing technology. Similar to a normal sandbox in a playground, sandboxing technology lets you play (with programs) in a safe area. Sandboxie can run programs in a virtual isolated space or container in your hard drive thereby preventing these programs from making permanent changes to other programs and data in your computer. Think of this virtual isolated space a copy of your computer or a part of your computer that a program can use. It will appear as a real resource (hard drive, etc...) to the program, but it actually just a copy. If a malicious program runs in the sandbox, it can't do anything to your computer, only to the copy of the components of your computer. Afterwards, one can easily delete the contents of the sandbox and come out unharmed even if you run the malicious program. However, just take note that this applies to any program: be it good or bad.
The sad thing is that Sandboxie only runs on the Windows OS.
Sandboxie gives a list of the following benefits on its website at http://www.sandboxie.com/.
- Secure Web Browsing: Malicious software picked up by the browser (intentional or unintentional download) is trapped in the sandbox and can be deleted trivially. This is my main use for Sanboxie. So whenever I visit an unknown website, I use a sandboxed web browser.
- Enhanced Privacy: Browsing history, cookies, and cached temporary files collected while Web browsing stay in the sandbox and don't leak into Windows.
- Secure E-mail: Viruses and other malicious software that might be hiding in your email can't break out of the sandbox and can't infect your real system.
- Windows Stays Lean: Prevent wear-and-tear in Windows by installing software into an isolated sandbox.
Seems good? =) It's because it is. Sandboxie rocks! The same sandboxing technology is used in the Comodo Internet Security Premium, Avast, and many other defensive and anti-malware programs.
Tuesday, October 23, 2012
Gain Anonymity by Learning How to Use TOR
Do you always feel that you're being watched by prying eyes as you visit your favorite websites? Are you someone on the run, and need to be untraceable online? Do you feel the need to cover your tracks when you do your online activities? Are you paranoid that someone can just look up your IP address then trace your ISP account? If you are, then look no more. There are a few tools out there that can help you become harder to trace online.
But it's really possible to trace you. Have you seen one of those movies where hackers get caught exactly where they live? That part is no fiction. It's really possible to trace you. Every time you visit a website, you live some traces on the web server's logs. One of these things that you leave behind is called an IP address. Even devices which pass your traffic across the Internet can see some details about you by looking at your traffic's IP headers.
Once people can get a hold of this... BAM!!! They'll know where you live, and if they can some more information from the ISP, they'll get your name and so on...
There are many other ways to get your identity. But let's start with that.
One of the things tech people do to gain anonymity online is a tool called the TOR proxy. TOR works through a series of relays that keep changing paths. That way, it would be difficult to trace you back and even see where your traffic is heading.
To those who are intersted on how this works, more details can be found here - https://www.torproject.org/about/overview.html.en.
To prove that it's easy to get your IP address, go to this site (Figure A) - http://www.whatismyip.com/. Or just type "what is my ip" in Google (Figure B) and it will spit out Your public IP address is xxx.xxx.xxx.xxx. It's that easy.
Now, let's use TOR.
The easiest way to do it would be to use the TOR Browser Bundle. You can find your corresponding OS in the TOR site - https://www.torproject.org/projects/torbrowser.html.en/. Then just download your respective version (like Windows or Linux or Mac).
After downloading it, extract the compressed file to a directory of your choosing (like your desktop) using our favorite tool like Winzip, Winrar, or 7zip.
I choose 7zip because it's free and can open all formats whether it's a .zip file, .rar file, etc...
After extracting the .exe file will create a folder, which is aptly named Tor Browser. Just click on that folder, and look for the Start Tor Browser.exe file. Click on that. Just sit back and relax as the program will connect you to the TOR network and bring up the TOR browser. See Figure C below.
I also made a short video on the entire installation on youtube which you can find below.
But it's really possible to trace you. Have you seen one of those movies where hackers get caught exactly where they live? That part is no fiction. It's really possible to trace you. Every time you visit a website, you live some traces on the web server's logs. One of these things that you leave behind is called an IP address. Even devices which pass your traffic across the Internet can see some details about you by looking at your traffic's IP headers.
Once people can get a hold of this... BAM!!! They'll know where you live, and if they can some more information from the ISP, they'll get your name and so on...
There are many other ways to get your identity. But let's start with that.
One of the things tech people do to gain anonymity online is a tool called the TOR proxy. TOR works through a series of relays that keep changing paths. That way, it would be difficult to trace you back and even see where your traffic is heading.
To those who are intersted on how this works, more details can be found here - https://www.torproject.org/about/overview.html.en.
To prove that it's easy to get your IP address, go to this site (Figure A) - http://www.whatismyip.com/. Or just type "what is my ip" in Google (Figure B) and it will spit out Your public IP address is xxx.xxx.xxx.xxx. It's that easy.
Figure A |
Figure B |
Now, let's use TOR.
The easiest way to do it would be to use the TOR Browser Bundle. You can find your corresponding OS in the TOR site - https://www.torproject.org/projects/torbrowser.html.en/. Then just download your respective version (like Windows or Linux or Mac).
After downloading it, extract the compressed file to a directory of your choosing (like your desktop) using our favorite tool like Winzip, Winrar, or 7zip.
I choose 7zip because it's free and can open all formats whether it's a .zip file, .rar file, etc...
After extracting the .exe file will create a folder, which is aptly named Tor Browser. Just click on that folder, and look for the Start Tor Browser.exe file. Click on that. Just sit back and relax as the program will connect you to the TOR network and bring up the TOR browser. See Figure C below.
Figure C |
I also made a short video on the entire installation on youtube which you can find below.
Thursday, October 11, 2012
Best Anti-Malware Defense for your PC? - A Review of Comodo Internet Security Complete 2012
After being plunged into the world of information security, I became more serious about my choice of free anti-malware programs. Yes, I am kinda thrifty (or cheap if you want to call me that).
Of course, I began by searching the web. I searched far and wide. I looked at the forums, reviews, and even studies by experts. As an effect, I learned that I needed a good combination of antivirus, firewall, and host intrusion prevention system. As long as one doesn't conflict with the other, than all will be good.
Based on experience (and you can verify this by researching the web), some anti-malware programs don't work well with each other. And this normally happens when you have more than one of the same type installed on your PC. For example, you might have both AVG and Avast installed on your laptop. Most of the time, this combination leads both programs to eat away at your computer's resources (CPU and RAM) and this, most often than not, leads to a crash. Of course, a computer crash leads to a lot of user frustration. Some anti-malware programs, even if different from the other (a firewall and an antivirus), still don't work harmoniously with each other. For lack of thorough testing and investigation, I can't exactly say which work well or badly with each other. But this can happen. Of course, it is also highly plausible to use a combination of a firewall from one vendor and an antivirus from another without encountering any major disasters.
A good compromise would be to have all three anti-malware programs (antivirus, firewall, and HIPS) provided by one vendor. This would have the highest chance of avoiding any of the conflicts I mentioned earlier.
Limiting my search to this scenario, led me to a wonderful website called Matousec.com. First of all, they are vendor neutral. They specialize in testing security software on Microsoft Windows systems. This is where I found one of their projects called the Security Software Testing Suite. Where they tested commercial and free anti-malware suites against a battery/barrage of different attacks - a leaktest, autorun test, spying test, self-defense test, etc... The latest project is called Proactive Security Challenge 64, which is updated to incorporate the latest possible attacks on your computer. The vendors of the anti-malware programs are then free to contest and comment on their findings. Details can be found on their website.
One thing caught my eye, the one anti-malware suite that consistently came out on top on both their old and new projects is Comodo Internet Security Premium, with aproduct score of 94%. This has an antivirus, firewall, and HIPS. It also has a cloud-based scanning, which makes it light on resource consumption.
Below are the main features as mentioned in Comodo's website:
Below are the main features as mentioned in Comodo's website:
- Antivirus: Tracks down and destroy any existing malware hiding in a PC.
- Anti-Spyware: Detects spyware threats and destroys each infection.
- Anti-Rootkit: Scans, detects & removes rootkits on your computer.
- Bot Protection: Prevents malicious software turning your PC into a zombie.
- Defense+: Protects critical system files and blocks malware before it installs.
- Auto Sandbox Technology™: Runs unknown files in an isolated environment where they can cause no damage.
- Memory Firewall: Cutting-edge protection against sophisticated buffer overflow attacks.
- Anti-Malware: Kills malicious processes before they can do harm.
The paid version called the Comodo Internet Security Complete 2012 above has a Live Expert Virus Removal where one of Comodo's experts will clean your PC, uninstall old antivirus, and ensure your PC remains clean. The paid version also has a $500 guarantee which covers your PC for repair costs, should your PC become infected with a virus or malware and if Comodo can't restore it to working condition. It also has TrustConnect Wi-Fi Data Encryption which defends against wireless information theft (useful when using public Wi-Fi) and a 10 gigabyte online storage which backs up your files to a secure online virtual vault.
So the added features in the paid version are:
- Live expert removal - a real person to help you out!
- $500 guarantee against malware
- wireless envryption for safety in public wifi acces
- 10 Gigabyte (GB) of online backup.
With these bonuses, it's very cheap compared to other anti-malware suite programs out there.
I personally use this, but I'll be keeping an eye on the Proactive Security Challenge 64 and see what else will top this one.
Note: I haven't seen any independent tests similar to the Proactive Security Challenge 64 conducted by Matousec. Independent, which means they are vendor neutral and unbiased. If any of you hears of anything, please let me know so I can also investigate.
Book Review: The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
I just read the Dafydd Stuttard's 2nd edition of The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. I've read many book on penetration testing. But this one takes the lead as far as securing your web applications go.
I'm going to start by comparing it to the first. The first book on Web Application hacking, The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard was already on a class of its own. During that time, I was just a real beginner. I still am, there's no doubt about it. But during that time, I didn't know squat about information security. Still, I learned a lot. I grappled a bit with the concepts and searched on Google more than a couple of times. But I realld id learn a lot. I also tried applying the concepts by using virtual machines - I had a vulnerable web application on the Apache web server, which I installed on a Linux virtual machine in VMWare. It was a real struggle. But I made it through the fire.
The second book which has a slightly different title, The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, raised the bar even higher. Having learned my lesson from the first book, I just have to say that this is also really intended for intermediate to advanced practitioners of web application security. If you're a beginner like me, then you will have to undergo the same struggles I took to learn from the first book. It has enough coverage but it also breaks the topics even further down. But you have to know your stuff. The author doesn't just shallowly jump around various topics like other books do.
Below are new topics included in this 2nd edition which differ from the first book (as mentioned in Amazon):
- Discover how cloud architectures and social networking have added exploitable attack surfaces to applications
- Leverage the latest HTML features to deliver powerful cross-site scripting attacks
- Deliver new injection exploits, including XML external entity and HTTP parameter pollution attacks
- Learn how to break encrypted session tokens and other sensitive data found in cloud services
- Discover how technologies like HTML5, REST, CSS and JSON can be exploited to attack applications and compromise users
- Learn new techniques for automating attacks and dealing with CAPTCHAs and cross-site request forgery tokens
- Steal sensitive data across domains using seemingly harmless application functions and new browser features
So if you really want to learn something about web application hacking and if you have the tenacity to research on topics that seem unclear. Then go for The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws. You won't just gain the top-level familiarity often provided by most security books. You will surely learn the skills needed to hack web applications. Guaranteed. That's why even seasoned veterans would even but for this awesome reference.
I would definitely recommend getting this to beef up your knowledge arsenal on web application security.
Subscribe to:
Posts (Atom)