On Hacking and Prevention

This week, one of the things that I learned about was more information on denial of service attacks.   A particularly nasty denial of service vulnerability is found in Intel (formerly Texas Instruments) Puma cable modem chipsets.  All Puma series chipsets will stop passing traffic if they are receiving traffic from too many IP addresses at once, and this is a lower threshold than most other devices due to details of the architecture.  The Puma 6 also has problems with cyclical increases in latency of ~300 milliseconds, which causes performance issues for even normal web browsing, not to mention making any-sort of real-time gaming very difficult.  ( http://badmodems.com ).  I reviewed information about the 'ping of death' that I first learned of in the late 1990's or early 2000's from the film http://Warriorsofthe.net , which is worth watching if you haven't (it also has good music).  I researched SYN and ping floods, and learned about attacks targeting FTP ...

This week, I learned more about social engineering.  I learned more about some of the ways that it occurs, and some techniques to guard against it. Some of the ways to avoid malware or phishing websites include Google Safe Browsing ( safebrowsing.google.com ), which is a service provided by Google and used by several browsers including the popular Google Chrome (naturally) Safari, and Firefox to block known phishing and malware web pages.  It is also used by Vivaldi, since it is based on Chromium (which consists of all the open-source parts of Chrome that are not separate projects) and GNOME Web.  A related project is stopbadware.org which is an organization campaigning against malware, and includes due process provisions so that legitimate sites are not blocked by mistake or due to bad faith actors.  As an additional precaution against phishing (besides a high quality spam filter, which Gmail has) is to use digital signatures for your own e-mail, such as with http...

This week, I learned more about packet sniffing and certain types of attacks that it facilitates, namely Address Resolution Protocol (ARP) Spoofing and Domain Name System (DNS) Poisoning.  I also used Wireshark to get a look at some of my own traffic browsing the web.  I also remembered to use GRC DNS Benchmark ( http://grc.com/dns/benchmark.htm ), which lets you find out which DNS servers are the fastest to respond for your particular location.  It runs on Microsoft Windows or using Wine on macOS or GNU/Linux.  Wine is available from several sources, including a commercial version called CrossOver from CodeWeavers at http://codeweavers.com and free from https://www.winehq.org .  I learned a bit about using Snort ( http://snort.org ), which is useful for avoiding intrusions from individuals attempting to create botnets of internet-of-things devices and such.  If you want to use Snort you should probably look into running pfSense for a router and firewall. ...

I am attending the  Fiber Friends Forum  by the Internet Freedom for McHenry County group.  I will talk more about what I learned when we are finished.  Our main goal is to try to get fiber to the premises to as many people as possible.  We also want to provide a basic 5Mbps service for free, much as Google Fiber did in Kansas City and several other places.  I was already familiar from research inDecember with this map ( https://www.ifmc.co/consortium/mchenry-county-broadband-fiber-network-consortium/ ) of assets belonging to a Consortium of several agencies within the county that can be used as a backbone. Some of the things I learned from class this week:  I reviewed information about malware, specifically trojans, rootkits, viruses/viri, and worms.  I reviewed how they are different (a worm can spread by itself, a virus depends on other programs to get into a system, a rootkit is used to retain root or administrative access to a system after...

This week I learned more about penetration testing.  One of the earlier times I heard about penetration testing of networks and not merely individual devices (such as laptops and cell phones) was an article about the Pwn Plug on Ars Technica ( https://arstechnica.com/information-technology/2012/03/the-pwn-plug-is-a-little-white-box-that-can-hack-your-network/ ).  It is a femto-computer or possibly nano-computer in a small white box that can be used to attempt to gain access to networks (or for other purposes where a small headless computer would be useful, such as a low-end web server) and resembles an air freshener, alarm power supply, or other similar device.  It also can be used for diagnosing problems with network connectivity or to run diagnostics (such as looking for systems running outdated software with vulnerabilities) remotely if it is equipped with a cellular modem.  I was reminded of the XKCD cartoon about one type of physical security vulnerability, nam...