Messages

16

Tools for Cyber Security / The Future of Digital Forensics and Investigations

« on: September 18, 2016, 01:36:35 PM »

Recently, Apple announced that it has taken new and significant measures to strengthen privacy on mobile devices, which will ensure that it is no longer possible for Apple or law enforcement to unlock encrypted devices. The news quickly triggered a reaction from FBI Director James Comey who stated that he was “very concerned” about these new steps and then went on to say that “What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.”

The FBI’s concern is fully justified; computer crime has become an extremely sophisticated, global and lucrative business that continues to grow in its prevalence and frequency. According to a recent study from the security company McAfee, the annual cost to the global economy from cyber crime is now more than $400 billion.

New and powerful technologies adopted by consumers and business offer the same advantages to criminals, potentially hampering forensic investigations and rendering many traditional tools and techniques obsolete. Ironically, the powerful encryption necessary to protect our data has become an important part of the modern criminal’s toolbox.

To further complicate matters, there is a deep shortage of forensic experts. In addition, the sheer volume of complex data generated and stored in the cloud, on social media platforms and on mobile devices is allowing criminals to better cover their tracks — making the workload for investigators even greater.

While complex, these challenges are not insurmountable. However, they do present a series of long-term issues and questions, which must be addressed.

Four key areas of immediate concern include the needs:

For business and government leaders to better understand the importance of digital forensics and the cyber crime risks facing their organizations?
To strengthen the relationship between law enforcement and private enterprise and to promote best practices for conducting joint cyber crime investigations.
To inspire appropriate individuals to enter the cyber security field and to use their skills to improve investigation and support methods.
To keep pace with technology and to move toward a 24/7 “Forensics as a Service” model that uses the cloud’s powerful processing power to facilitate complex investigations.

Source : http://www.edelman.com/post/future-digital-forensics-investigations/

17

Tools for Cyber Security / computer forensics and Uses of computer forensics

« on: September 18, 2016, 01:32:52 PM »

Computer forensics is the practice of collecting, analysing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally. Computer forensics follows a similar process to other forensic disciplines, and faces similar issues.

There are few areas of crime or dispute where computer forensics cannot be applied. Law enforcement agencies have been among the earliest and heaviest users of computer forensics and consequently have often been at the forefront of developments in the field.

Computers may constitute a ‘scene of a crime’, for example with hacking [1] or denial of service attacks [2] or they may hold evidence in the form of emails, internet history, documents or other files relevant to crimes such as murder, kidnap, fraud and drug trafficking.

It is not just the content of emails, documents and other files which may be of interest to investigators but also the ‘metadata’ [3] associated with those files. A computer forensic examination may reveal when a document first appeared on a computer, when it was last edited, when it was last saved or printed and which user carried out these actions.

More recently, commercial organisations have used computer forensics to their benefit in a variety of cases such as;

* Intellectual Property theft
* Industrial espionage
* Employment disputes
* Fraud investigations
* Forgeries
* Bankruptcy investigations
* Inappropriate email and internet use in the work place
* Regulatory compliance

18

IT Forum / Certified Information Systems Security Professional

« on: September 18, 2016, 01:24:06 PM »

The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.

Backed by (ISC)², the globally recognized, nonprofit organization dedicated to advancing the information security field, the CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024. Not only is the CISSP an objective measure of excellence, but also a globally recognized standard of achievement.

Who should obtain the CISSP certification?
The CISSP is ideal for those working in positions such as, but not limited to:

Security Consultant
Security Manager
IT Director/Manager
Security Auditor
Security Architect
 Security Analyst
Security Systems Engineer
Chief Information Security Officer
Director of Security
Network Architect

19

Internet / Attack of the Blue Screen of Death

« on: July 30, 2016, 01:19:12 PM »

Rewski13 asked the Desktops forum for the best way to diagnose and repair a recurring Blue Screen of Death.
You're working on an important project, and suddenly your screen is filled with seemingly incoherent white text against a blue background. There's nothing you can do but reboot your PC and hope that everything important was saved to your hard drive.

Microsoft calls these stop errors, but everyone else prefers a more descriptive label: The Blue Screen of Death (BSoD).

They're not as common as they used to be, but BSoDs still happen (I experienced one two days ago as I write this). If you get one, curse, reboot, and hope for the best. But if you're getting them frequently, you've got a problem that needs fixing.

The trick is to find information about your particular BSoD, and then--since that information usually comes in an obtuse form--search the Internet for more practical advice.
Link : http://www.pcworld.com/article/258876/attack_of_the_blue_screen_of_death.html

20

Internet / Multiprotocol Label Switching (MPLS)

« on: May 16, 2016, 11:02:44 AM »

Multiprotocol Label Switching (MPLS) is a protocol for speeding up and shaping network traffic flows. 
MPLS allows most packets to be forwarded at Layer 2 (the switching level) rather than having to be passed up to Layer 3 (the routing level). Each packet gets labeled on entry into the service provider's network by the ingress router. All the subsequent routing switches perform packet forwarding based only on those labels—they never look as far as the IP header. Finally, the egress router removes the label(s) and forwards the original IP packet toward its final destination.

21

Internet / Top Five VPN Advantages And Benefits

« on: May 16, 2016, 11:01:30 AM »

VPN is a technology which creates a virtual private network to which end users are connected via an encrypted channel.

VPN is popular both among home and corporate users. Its popularity is due to the fact that it brings unmatched benefits in an interconnected world full of challenges to information security and privacy.

VPN has unique advantages from which the top ones are improved security, privacy protection, access to restricted resources and better connectivity.

Security
Security is one of the biggest challengers in today’s interconnected world. As soon as your PC and mobile phone are connected to the Internet, you are being targeted by unlimited number of malicious programs, viruses, hackers and other unknown new threats appearing every day. Not only this but also the information you send and received might be intercepted, read and even altered.

Local security solutions such as antivirus, firewall, etc., are not sufficient to protect you unfortunately. A separate, external solution is needed to protect the communication from you to the outside world.

That’s where VPN comes to play. VPNs secure the otherwise insecure connection between you and remote resources. VPNs should be used especially in public networks such as WiFis. In any case, as a general rule no network should be considered secure because the communication flow passes through numerous points (routers) and for an attacker is sufficient to compromise any one of these points in order to compromise the communication channel and its information flow.

However, even if the communication channel is compromised, you cannot be harmed or the harm will be minimal if you are connected to a VPN. This is because the VPN connection is encrypted and cannot be decrypted and thus read. When an attacker captures VPN traffic he will be able to see only incomprehensible characters going from you to a VPN server. Thus, the attacker is not even able to see to what remote resources you are connected (sites, chats, etc).

Privacy protection
Nowadays privacy is another serious challenge because you can be easily identified when you are online. This means that anyone from curious people and aggressive marketing company representatives to government officials can find your name, address and location with little difficulty.

As soon as you are connected online with your pc or mobile phone you are leaving traces such as your IP address and Internet service provider. This ultimately reveals essential personal information. To protect yourself from such highly undesired disclose you cannot count on any official regulations or Internet service providers.

Instead, to protect your privacy you should use VPN again. Thus, with VPN whenever you visit web sites, listen to radio, chat, etc. you will be identified with the VPN provider, i.e. his IP address, location etc. Essentially, your own IP address and personal details will remain hidden.

Using VPN for privacy protection is more than just recommended because of the frequent abuses with personal information. Furthermore, VPN is absolutely a must for any political activist or other people who have reasons to avoid disclosing their identity.

Even though there are other solutions such as web proxies to protect your identity they are not as efficient as the VPN technology. Proxies, for example, usually send information about the original IP of the client which makes them useless in regards to privacy protection.

Access to restricted resources
Sometimes service providers such as online radios, TVs, etc restrict access only to clients within certain geographical areas or Internet service providers. Other times company policies prevent employees to connect to generally available sites or resources such as Facebook. Such not always reasonable restrictions leave you with no option but to use VPN.

VPNs have multiple points of presence in different geographic regions. The fact that you are identified only with the VPN provider allows you to circumvent any geographical restrictions.

VPNs are especially popular in countries such as China where access to sites / resources is heavily restricted. In such countries you can access anything online as long as you are connected to a VPN.

VPNs also work the other way around in access restrictions. You or your organization may wish to limit the access to certain private resources such as file shares only to a certain network segment. This is essential from security point of view because authentication is rarely enough to protect the security of sensitive information.

Here again VPNs can be used and you can allow only the VPN network to connect to such private sensitive resources.

Better connectivity
Sometimes your Internet routes may not be optimal or your bandwidth may be limited especially towards International online resources. This leads to poor web experience and slow browsing especially for certain resources which are distant from your physical location.

In such cases you can connect to a local VPN point of presence which further routes your traffic. This will allow you to have a bandwidth to distant destinations similar to the bandwidth available between you and your local VPN server.

Such better connectivity can be observed especially in users whose ISPs differentiate local (usually country-wide) resources and international such. These providers will enforce bandwidth limits on access to International resources and you can avoid these resources only by using VPN.

Other benefits
VPNs have also other benefits depending on the VPN service provider you are using. For example, some VPN service providers allow their users to share more easily and faster information between themselves, play games and perform any other activity as if they are within a local area network (LAN).

Another benefit may include port forwarding. This means that if you have a resource, e.g. web server, IP camera, etc, you wish to share to the world or access remotely you may use the VPN for this purpose. This is especially useful if your resource is located inside a local network and has an internal IP address. In such cases this resource can be configured to connect to the VPN and thus receive an external IP at which it can be accessed

22

Internet / Re: ফিরিয়ে নিন ভুল করে পাঠানো ই-মেইল

« on: May 16, 2016, 10:59:53 AM »

Informative Post

23

Internet / Virtual private network (VPN)

« on: May 16, 2016, 10:58:28 AM »

A virtual private network (VPN) is a technology that creates an encrypted connection over a less secure network. The benefit of using a VPN is that it ensures the appropriate level of security to the connected systems when the underlying network infrastructure alone cannot provide it. The justification for using a VPN instead of a private network usually boils down to cost and feasibility: It is either not feasible to have a private network (e.g., for a traveling sales rep) or it is too costly to do so. The most common types of VPNs are remote-access VPNs and site-to-site VPNs.

24

Control Cyber security Risks / Computer Forensics & Uses of computer forensics

« on: May 08, 2016, 11:20:54 AM »

Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.

Uses of computer forensics

There are few areas of crime or dispute where computer forensics cannot be applied. Law enforcement agencies have been among the earliest and heaviest users of computer forensics and consequently have often been at the forefront of developments in the field.

Computers may constitute a ‘scene of a crime’, for example with hacking [1] or denial of service attacks [2] or they may hold evidence in the form of emails, internet history, documents or other files relevant to crimes such as murder, kidnap, fraud and drug trafficking.

It is not just the content of emails, documents and other files which may be of interest to investigators but also the ‘metadata’ [3] associated with those files. A computer forensic examination may reveal when a document first appeared on a computer, when it was last edited, when it was last saved or printed and which user carried out these actions.

More recently, commercial organisations have used computer forensics to their benefit in a variety of cases such as;

* Intellectual Property theft
* Industrial espionage
* Employment disputes
* Fraud investigations
* Forgeries
* Bankruptcy investigations
* Inappropriate email and internet use in the work place
* Regulatory compliance

25

Internet Risk / How to safe your Facebook Account?

« on: May 04, 2016, 02:03:10 PM »

Security Tips for Facebook
Here are 6 things you can do to help keep your account safe:
1.   Protect your password:
   Don't use your Facebook password anywhere else online.
   Never share your password. You should be the only one who knows it.
   Avoid including your name or common words. Your password should be difficult to guess.
2.   Use our extra security features.
3.   Make sure your email account(s) are secure.
4.   Log out of Facebook when you use a computer you share with other people. If you forget, you can log out remotely.
5.   Run anti-virus software on your computer:
   For Windows
   For Mac OS
6.   Think before you click or download anything.

26

Cyber Security / Protect Your Passwords

« on: October 08, 2015, 02:01:23 PM »

Here are a few principles for creating strong passwords and keeping them safe:

   The longer the password, the tougher it is to crack.  Use at least 10 characters; 12 is ideal for most home users.
   Mix letters, numbers, and special characters.  Try to be unpredictable – don’t use your name, birthdate, or common words.
   Don’t use the same password for many accounts.  If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts.
   Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.  If you get such a message, it’s probably a scam.
   Keep your passwords in a secure place, out of plain sight.

27

Cyber Security / Computer Security (How to protect your information?)

« on: October 08, 2015, 01:45:10 PM »

Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.

   Use Security Software That Updates Automatically
   Treat Your Personal Information Like Cash
   Check Out Companies to Find Out Who You’re Really Dealing With
   Give Personal Information Over Encrypted Websites Only
   Protect Your Passwords
   Back Up Your Files

28

IT Forum / How to Protect Your Computer

« on: June 24, 2015, 11:19:34 AM »

The same advice parents might deliver to young drivers on their first solo journey applies to everyone who wants to navigate safely online. A special agent in our Cyber Division offered the following:
- “Don’t drive in bad neighborhoods.”
- “If you don’t lock your car, it’s vulnerable; if you don’t secure your computer, it’s vulnerable.”
- “Reduce your vulnerability, and you reduce the threat.”
Below are some key steps to protecting your computer from intrusion:
- Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
- Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
- Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.
- Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
- Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
- Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

29

IT Forum / Need for Network Security and Types of Attack

« on: June 24, 2015, 10:38:51 AM »

Need for Network Security
In the past, hackers were highly skilled programmers who understood the details of computer communications and how to exploit vulnerabilities. Today almost anyone can become a hacker by downloading tools from the Internet. These complicated attack tools and generally open networks have generated an increased need for network security and dynamic security policies.
The easiest way to protect a network from an outside attack is to close it off completely from the outside world. A closed network provides connectivity only to trusted known parties and sites; a closed network does not allow a connection to public networks.
Because they have no Internet connectivity, networks designed in this way can be considered safe from Internet attacks. However, internal threats still exist.
There is a estimates that 60 to 80 percent of network misuse comes from inside the enterprise where the misuse has taken place.
With the development of large open networks, security threats have increased significantly in the past 20 years. Hackers have discovered more network vulnerabilities, and because you can now download applications that require little or no hacking knowledge to implement, applications intended for troubleshooting and maintaining and optimizing networks can, in the wrong hands, be used maliciously and pose severe threats.
Types of attack:
Classes of attack might include passive monitoring of communications, active network attacks, close-in attacks, exploitation by insiders, and attacks through the service provider. Information systems and networks offer attractive targets and should be resistant to attack from the full range of threat agents, from hackers to nation-states. A system must be able to limit damage and recover rapidly when attacks occur.
There are five types of attack:
Passive Attack
A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.
Active Attack
In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.
Distributed Attack
A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a “trusted” component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date.
Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task
Close-in Attack
A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.
One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.
Phishing Attack
In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.
Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.
Spoof attack
Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.
Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand prompt or shell.
Exploit attack
Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.
Password attack
Password attack An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.

30

IT Forum / Re: সার্চ ইঞ্জিন অপটিমাইজেশনের A টু Z শেখার অসাধারণ বই

« on: November 11, 2014, 03:48:38 PM »

Good post