Home Blog

Enterprise Network Security Controls

By
Michael
-
0

Installation guide for SinFP3 under Debian/Ubuntu

By
Michael
-
0

Installation of SinFP3 under Debian/Ubuntu may be a bit tricky. They decided to rename one of the best low-level-hiding-thingy library initially called libdnet. Under these Linux distributions, the new name is libdumbnet. We will explain in this guide how to install SinFP3 on a fresh Debian/Ubuntu installation.

Installing required C libraries and development headers

First things first, you have to install libpcap and libdnet libraries and headers. Other libraries and headers are also required, like libexpat.

# aptitude install libdumbnet1 libdumbnet-dev libpcap-dev libexpat-dev

Installing Net::Pcap and Net::Libdnet

Net::Pcap should be straightforward to install. For later use, you must also install Class::Gomor:

# aptitude install libnet-pcap-perl libclass-gomor-perl

For Net::Libdnet, you have to do it manually:

# cd /tmp
# wget http://search.cpan.org/CPAN/authors/id/G/GO/GOMOR/Net-Libdnet-0.97.tar.gz
# tar zxvf Net-Libdnet-0.97.tar.gz
# cd Net-Libdnet-0.97
# patch -p0 < ubuntu-new.patch
# perl Makefile.PL && make && make test && make install
[..]
Installing /usr/local/bin/dnet.pl
Appending installation info to /usr/local/lib/perl/5.14.2/perllocal.pod

You should have a working installation of Net::Pcap and Net::Libdnet, the base tools on which SinFP3 relies on.

Finalizing the installation

You did the hard part, to finish it is just a matter on launching a single `cpan’ command. You can answer all prompts with the default value.

# cpan Net::SinFP3
[..]
Installing /usr/local/bin/sinfp3.pl
Installing /usr/local/bin/sinfp3.db
Appending installation info to /usr/local/lib/perl/5.14.2/perllocal.pod
  GOMOR/Net-SinFP3-X.YZ.tar.gz
  /usr/bin/make install  -- OK

You can now fire SinFP3 by using `sinfp3.pl’ command. Happy fingerprinting to you. Ah, don’t forget to update the database:

# sinfp3.pl -db-update -verbose 1

Networking and Cyber Security

By
Michael
-
0
Cyber Security

Cyber security is necessary to protect our private information, economy, and businesses. Highly classified military information, bank accounts, and corporate websites are prone to Cyber Attack. There is a critical shortage of trained experts capable of defending Cyber Attacks and data breach in the U.S. Developing and securing networking framework and protection of digital data became a top priority for organizations. As more and more industries, government authorities, and societies come to depend on digital networks and technology in day-to-day operations, the networking, cyber security, and administration become more complex.

Cyber Security

Network Security:

In this digital world, the crucial difference between network security and cyber security must be made aware. If a company or an organization relies on networking, network security is concerned about protecting the data within the walls of the organization. It also acts as reinforcement for security breaches from outside, but the prime purpose of is to guard against problems within the network. To protect the company’s internal information the following features and activities are applied.

  • IDs and passwords- Making sure they are efficient and updated regularly
  • Internet access- Observing the websites employees visit on the organization’s computers
  • Firewalls- Protecting the network from outside threats
  • Scans- Regular scans to detect virus and malware infection
  • Encryption- Ensuring the company’s data cannot be decrypted by outsiders.

Cyber Security:

Cyber security is concerned about threats from outside the organization’s walls. Cyber security keeps a watch on threats and attacks from outside the network. Though, network security and cyber security are similar in protecting the network their primary area of concern are different. The cyber security generally offers,

  • Network protection- Detecting and protecting against threats from outside attempting to breach the network
  • Applications- Observing the use of applications to bypass unwanted entries.
  • Intelligence- Analyzing the source of threats and breaches and providing protection.
  • Up-to-date information- staying updated on the efforts of hackers and attackers.

Conclusion:

The constant increase in the dependency on the internet and social media made cyber security a top priority. Increasing cyber threats such as data theft, identity theft, and other cyber exposures made the users remain more vigilant about data protection. It is fundamental to understand the different types of risks and threats in networking. Yet various government authorities find it difficult in protecting data because of scarcely secured infrastructure, lack of awareness, and inadequate funds. Theft of classified data from government organizations can lead to crucial threats on a country. Hence, cyber security is of dominant importance for government authorities. An individual dependent on networking must be aware on how to defend personal data from being hacked and cyber threats. Users should also consider the safety factor before sharing information with anonymous internet users.

SinFP3 Operating System Fingerprinting Tool

By
Michael
-
0

SinFP3 is now available (mass press coverage wanted).

You can download latest version from CPAN:

Net-SinFP3

Slides will follow in next days.

Like most pen testing tools, it takes a little effort to get up and running. We have documented the instructions below, stp-by-step. The first step is installing some Perl modules available on CPAN. Type the following as root, or use your system’s package manager.

# cpan Class::Gomor
# cpan DBD::SQLite
# cpan Digest::MD5
# cpan Net::Frame
# cpan Net::Frame::Device
# cpan Net::Frame::Dump
# cpan Net::Frame::Layer::IPv6
# cpan Net::Frame::Simple
# cpan Net::Libdnet
# cpan Net::Netmask
# cpan Net::Write
# cpan Net::Write::Fast
# cpan Parallel::ForkManager

Then, if all goes well, install Net::SinFP3:

# tar zxvf Net-SinFP3-X.YZ.tar.gz
# cd Net-SinFP3-X.YZ
# perl Makefile.PL
# make
# make test
# make install

You can find some support for our open source penetration testing tools on our mailing list.

Networking Tips

By
Michael
-
0

Developing and maintaining a well-organized network has become a top priority in today’s tech dependent world. A network can be crucial to the professional success of an individual or an organization. Here are some tips for successful computer networking.

Networking

Updated Operating System:

The older version of windows operating system doesn’t provide much security to the network. The security provided by older operating systems can be easily breached and information can be retrieved by any anonymous attacker using proper hacking techniques. Updating the operating system to the latest version provides increased protection on network security. The Windows XP is a decade old now. August 24th, 2011 marked the 10th anniversary of Windows XP. When upgrading to latest windows operating system, make sure to opt for the 64 bit OS rather than the 32-bit OS, as it is harder for the hackers to compromise the security.

Minimize the administrator accounts usage:

The first account set up on the Windows operated computer has system administrator rights, the account must not be named “administrator”. The frequent usage of this account for day-to-day computing activities leads to multiple threats encountered when browsing the internet or accessing the e-mail. The counter-measure is to create a user account for everyday work use. Use the administrator account when an absolute need exists- such as installing hardware or any software, configuration changes.

Use FDE on laptops:

Full Disk Protection abbreviated as FDE provides you with added security not just for some specific files and folders but to the entire computer, including the operating system. Laptops can easily be stolen or lost, in cases like that, a standard password protection might not be sufficient to protect the data from the thief from gaining access.

Get rid of Office 2003:

Microsoft office 2003 uses a binary file format that executes possibly malicious code when opened. The newer Office 2007 and Office 2008 versions use the XML format incredibly reduce this issue. Office 2010 has a much-advanced feature that includes a read-only mode that views potentially harmful files in a protected view.

Use Strong Passwords:

A strong and secure password makes it highly difficult for hackers to breach into the network and will force them to search for other easier targets. All networking devices, from printers to routers should be configured with secure passwords. A strong password comprises of at least eight characters, mixed case letters, symbols, and numbers.

Keep the programs updated:

Make sure that the third-party programs on your computer are updated to the latest versions. The newer versions usually include new features that may provide improved service to the user. If the programs are not automatically updated, check for programs and software that need an update and manually update them to the latest versions.

The aim of the Networecon project is to provide tools to help you explore networks.
Contact us: [email protected]
Copyright © 2017 - 2021 networecon.com . All rights reserved.