Posts Tagged Network
Protect your Holiday! (part 3)
Posted by Mourad Ben Lakhoua in Pentesting, Tools on July 13, 2009
The idea of working with a wireless network is always risky unless you make sure of the WLAN security, as we talked in the last post of protect your holiday we will add some tools that can helps in pentesting your wireless network.
Unfortunately not everyone aware of the risk in using such a wireless network, let’s start here by Void11. Void11 is used to Deautheticate clients on the WLAN, or in our way ignoring a client from accessing the wireless network, after disabling the client from the network he will start to try acceding the WLAN, so you have to ignore him one more time. In each time the victim will try to connect he will send traffic with the authentication keys. While exchanging the keys the attacker can take the victims place on the network using his Mac address and by pass the Mac restriction. Unfortunately, this tool works well only under Linux system.
The next tool for this add is WIFIZOO, this tool demonstrate how it’s easy to detect different information in open WI-FI networks. Application objective is to get info from the whole network passively. The tool has a beautiful interface but not only gathers SSID data. It also adds client info like, IP addresses, and passwords of some protocols (Pop3/ftp/telnet). Mail traffic, Http traffic. As a result you can listen to the whole traffic in the wireless interface. But the disadvantage of using WIFIZOO that it has no channel hopping but you can configure Kismet to do this.
The last tool for this series is WIRELESSKEYVIEW, in some cases we forget our keys for the AP, and this tool is the perfect fit for this situation, in which it recovers system WEP/WPA keys. So this works like wireless zero configuration in windows XP and WLAN AutoConfig for Vista.
So think about securing your wireless network try these tools to check the security level of your network and it is always recommended to monitor all your event logs.
make sure you subscribe to my RSS feed!
Honeynet Project Discovered a hole in Conficker
Posted by Mourad Ben Lakhoua in News on March 31, 2009
Researchers at The Honeynet Project has discovered a vulnerability in the Conficker that makes it easy to detect,The Conficker adds changes in Windows that can be detected remotely by using a various scanning methods which is already integrated into different popular scanning tools.
Members of the Honeynet Project founded that conficker infected host’s respond with error code for some specially crafted RPC messages, now you can find the detection methods that can be used to contain Conficker’s impact in the update and modified version of the scanners (Nessus, ncircle, Qualys and Nmap).
“Know your enemy and know yourself and you can fight a hundred battles without disaster” (Sun Tzu) .So go a head and check your networks against Conficker.
Computing in the Cloud Models- Right Now
Posted by Mourad Ben Lakhoua in Cloud Computing Security on February 1, 2009
In the last months there has been a rapid increase in investment in the Cloud Computing and related areas. This growth is due to the demand for virtual “cloud” resources, the Idea of Cloud Computing is near another approach called utility computing, where computing resources are treated as a service and takes into account the amount consumption like the usual public services (electricity or water).
Cloud Computing provides a numerous benefits from cutting coast, saving time ,held to high standards, must offer a proof of security certifications, and are subject to examinations by auditors, Making them under much higher analysis than typical in-house security teams.
So by looking to all these points it is clear that the Solution is in the Clouds.
SUBSCRIBE
