ETHICAL HACKING NET-185-001N Week 11

This week, I learned about tools like Metasploit, which can be used to develop and deploy malware for testing, as well as find vulnerable systems.  I had some difficulties installing Metasploit in virtual machines.  First, it turns out that turning off Windows defender doesn't really turn it off completely on Windows 10, so installing Metasploit on it was not feasible due to all the detected malware signatures.  I had some unrelated problems with upgrading a GNU/Linux virtual machine so that I could install Metasploit, so I wound up opting to install Kali Linux in a virtual machine which now is supposed to include Metasploit, since I had been planning to do so at some point anyway.  I found the guides at https://jonathansblog.co.uk/how-to-use-metasploit-to-scan-for-vulnerabilities, https://computingforgeeks.com/how-to-install-metasploit-framework-on-ubuntu-18-04-debian-9/, and for nmap https://www.cyberciti.biz/faq/install-nmap-debian-ubuntu-server-desktop-system/ to be helpful for working with Metasploit and nmap.  I also researched some vulnerabilities in various systems.  I wrote about how D-Link continues to have a poor security track record with their routers, this time they were exploited for DNS hijacking to steal bank account information and other private data, as well as serve ads to users.  (https://arstechnica.com/information-technology/2019/04/ongoing-dns-hijackings-target-unpatched-consumer-routers/)
I also reviewed information on the infamous Meltdown and Spectre vulnerabilities (https://meltdownattack.com), which are harder to guard against than regular malware, but also somewhat harder to exploit, since they require getting code onto the system first, although they can potentially be exploited with JavaScript.
Heartbleed is another notorious vulnerability that is worth mentioning, even though it has since been fixed, because it illustrates the danger of not contributing to open source projects.  The OpenSSL project being widely used but dangerously underfunded led to the vulnerability being a widespread problem that wasn't immediately fixed.  Fortunately, OpenSSL is better funded today, although you can donate here, https://www.openssl.org/support/, if you wish to support the project.  You can read more about Heartbleed here:  http://heartbleed.com

Comments

Post a Comment

Popular posts from this blog

ETHICAL HACKING NET-185-001N Week 13

HP's new security controller ( https://www.anandtech.com/show/14225/hps-security-push-sure-sense-endpoint-security-controller ) sounds interesting, but it definitely needs to be sufficiently hardened to make it worthwhile.  The idea is to use AI to detect malware based on behavior, to protect against zero-day exploits and such. A disturbing development that I just read about is the 'Land Lordz' scam using other domains to get people to make cash deposits for listings on AirBNB that are not legitimate.  ( ‘Land Lordz’ Service Powers Airbnb Scams ) One of the stranger recent security occurrences was that a poorly documented security feature in Microsoft Edge breaks another security feature (marking a file as from the web) that causes a certain type of file, the MHT file, to be opened without a sandbox using Internet Explorer, since it is the default to open that type of file.  ( https://arstechnica.com/information-technology/2019/04/unexpected-security-feature-in-micros...
Read more

ETHICAL HACKING NET-185-001N Week 14

This week, I've learned about a variety of things. I learned more about the QUIC protocol, which came from 'Quick UDP Internet Connections' (which is an accurate and concise description of it), although it is merely used as a name now.  It was created by Google, which has created a lot of innovative web technologies.  Ars Technica has an article on it a while back.  ' The next version of HTTP won't be using TCP | Ars Technica ' I also learned of Google Gruyere, which is named for a type of cheese from the Franco-Swiss border regions.   https://google-gruyere.appspot.com . It is a website designed to be used for learning about attacks on websites, including through manipulating the website in ways that wouldn't be legally allowed without permission. I was aware of traversing different parts of websites through manipulating the URLs ( http://www.homestarrunner.com/sbemail100.html  is a clever example of a joke, the real content is at  http://www.h...
Read more

ETHICAL HACKING NET-185-001N Week 9

This week, I learned more about social engineering.  I learned more about some of the ways that it occurs, and some techniques to guard against it. Some of the ways to avoid malware or phishing websites include Google Safe Browsing ( safebrowsing.google.com ), which is a service provided by Google and used by several browsers including the popular Google Chrome (naturally) Safari, and Firefox to block known phishing and malware web pages.  It is also used by Vivaldi, since it is based on Chromium (which consists of all the open-source parts of Chrome that are not separate projects) and GNOME Web.  A related project is stopbadware.org which is an organization campaigning against malware, and includes due process provisions so that legitimate sites are not blocked by mistake or due to bad faith actors.  As an additional precaution against phishing (besides a high quality spam filter, which Gmail has) is to use digital signatures for your own e-mail, such as with http...
Read more