Zenmap – Neat GUI for nmap Scanner

 Security  Comments Off on Zenmap – Neat GUI for nmap Scanner
May 212015
 

Let’s admit the truth, shall we.

Even the best of us command line gurus (and only few of us are really gurus) prefer the simplicity and ease of a GUI frontend to our favorite command line tools.

Zenmap is a neat GUI tool for the nmap command line scanning utility found in the Kali Linux penetration test distribution.

Zenmap - Convenient GUI for nmap

For sure, nmap is a great scanning tool but newbies may find it intimidating considering the hundreds of options the command line utility has.

That’s where Zenmap comes in.

For newcomers to nmap who can’t be bothered to learn the command line syntax or beginners struggling with the nmap syntax, Zenmap is like unexpectedly finding a pot of gold.

Life can’t get better! 😉

As far as I can tell, Zenmap comes along with nmap in Kali Linux.

But when I installed nmap on an Ubunutu/LinuxMint desktop and later on a CentOS 7 system, I noticed that Zenmap did not accompany nmap in both instances. I had to do a separate install on the LinuxMint system.

$ apt-get install zenmap

I was surprised to not find Zenmap in the base CentOS repositories (but nmap is there).

How to Use Zenmap

The great beauty of Zenmap is that it lets you hit the ground running.

All it takes is a few seconds to get the program up, pick your options and get going.

Type zenmap on the command line and the GUI frontend opens up.

Enter the host name (a domain or IP address) you wish to scan and in the drop-down box to the right, select the type of scan you want to run.

That’s all you need to do to scan for vulnerabilities on a host.

A huge plus is that the tool displays the command line syntax for the profile you pick. I consider it a nice way to let beginners pick up the command line syntax for nmap.

Different Zenmap Scans

There are scans of various degrees of complexity and duration that you can run on Zenmap.

You can pick from ping, quick scan, ping scan, intense scan, quick scan plus, slow comprehensive scan and more types. Continue reading »

Dmitry – Basic Scan Tool Does the Job

 Security  Comments Off on Dmitry – Basic Scan Tool Does the Job
May 212015
 

Dmitry (Deepmagic Information Gathering Tool) is a basic scanning tool found in the Kali Linux penetration testing distribution.

Written in C, Dmitry is the creation of James Greig.

You can access the tool by typing dmitry on the command line.

When you run the base tool on a host (a web site or ip address) without any options, you get a bunch of information like IP number of the host, sub-domains, e-mail addresses (if available on google), whois details and open ports.

The tool comes with multiple options including one (-o option) that lets you save the output to a text file for later study.

Here are a couple of examples where we use dmitry with some options.

dmitry -p example-test.com
HostIP:83.2xx.1xx.xx
HostName: example-test.com
Gathered TCP Port information for 83.2xx.1xx.xx
---------------------------------
 Port		State
21/tcp		open
80/tcp		open
110/tcp		open
143/tcp		open
Portscan Finished: Scanned 150 ports, 143 ports were in state closed

Let’s now try dmitry with the -pf option. Continue reading »

Android Apps Rife with Malware

 Security  Comments Off on Android Apps Rife with Malware
May 112015
 

Malware Epedmic on Android
Malware creators unleashing destructive apps on unsuspecting victims’ PCs and mobile devices have developed a bizarre fixation on Google’s Android platform that power millions of smartphones and tablets from dozens of vendors.

Security experts at antivirus company Symantec say in a new report that nearly a million Android apps are really malware.

Malware is said to account for 17% of all Android apps.

Symantec’s conclusions detailed in volume 20 of its Internet Security Threat Report were driven by a study of 6.3 million Android apps.

Ransomware Targets Mobil Devices

In the study, Symantec also discovered the first instance of mobile crypto-ransomware for Android devices.

Traditionally targeted at desktop computers, ransomware are malware that encrypt users data and hold it hostage until a ransom is paid.

Ransomware attacks grew 113% in 2014. Continue reading »

Say Bye Bye to Tor Cloud

 Security  Comments Off on Say Bye Bye to Tor Cloud
May 092015
 

Anonymous browsing service TOR has shut down its Tor Cloud program after failing to find a maintainer for the project’s software.

Tor Cloud Project Shut Down

Based on our quick research, it does not seem like Tor Cloud had a huge number of bridges (essentially Tor relays).

The few bridges on Tor Cloud may be attributed to the several bugs in its underlying software.

A Tor representative wrote in a blog post:

There is at least one major bug in the Tor Cloud image that makes it completely dysfunctional (meaning that users could not use this particular service to access the Internet), and there are over a dozen other bugs, at least one of them of highest priority. Probably as a result of these bugs, the number of Tor Cloud bridges has steadily declined since early 2014.

What is Tor Cloud?

Established in November 2011, the Tor Cloud mission enabled members to deploy bridges on Amazon’s EC2 cloud platform. Continue reading »

Strong Passwords – First Line of Defense

 Security  Comments Off on Strong Passwords – First Line of Defense
Apr 232015
 

In the current dangerous era of relentless hacking, the first line of defense for any computer or network is the password.

You just can’t afford to make a mistake with password management.

If you mess up on using a strong password, all is lost.

Passwords to Avoid

Here are some tips on how to avoid making some common mistakes when it comes to the password.

1. Never use a password of less than 12 characters.

The shorter the password the easier it is to crack.

2. Avoid a single dictionary term for password creation even if they are complicated words like prestidigitator.

The single word rule applies to both English and foreign terms.

As a native English speaker, you may think foreign words like leibchen, dummkopf or dilwale sound cute and unique.

But don’t forget your “cute and unique” words are familiar to millions of Germans (the first two words) and hundreds of millions of Indians (last word).

3. Do not use even the reverse of dictionary words.

Password cracking tools like John the Ripper will make mincemeat of dictionary passwords or its reverse in a matter of seconds.

4. Never ever use personal information like Social Security Numbers, TAX ID numbers, birthdays, names, anniversaries, family members’ names, pet names, names of famous personalities like Angelina Jolie, George Clooney or George Washington or a school name.

Don’t even think of using Julia Roberts or Amitabh Bachchan in reverse.

5. Refrain from using sequence of keys on the PC’s keyboard layout.

If your password is asdfghjkl;’ or qwertyuiop[], change it immediately and then call your health insurance company to check if your policy covers psychiatric treatment. 😉

6. Never use the same password on multiple machines.

By using different passwords, even if one of your servers or computers is compromised the other machines are still secure.

7. And above all, do not fall prey to the temptation of writing down passwords.

You’ll invariably lose it and the piece of paper will fall into the hands of nasty elements.

What is a Strong Password?

Ideally, a strong password will be a combination of uppercase and lowercase letters, digits and special characters.

Security experts recommend a high entropy value for passwords.

So what the heck is entropy?

Represented in bits, entropy is the uncertainty level associated with a random variable. Higher the entropy of your password, the stronger it will be.

So a password with an entropy value of 128 will be more secure than one with a value of 56.

A password of less than 10 bits of entropy is not advisable.

Those who spend considerable time on security matters say a good idea for a password is to use a passphrase (a combination of multiple words that you can remember).

So 2%Kennedy 36DMonroe MafiaY? Bobby2? might not be a bad passphrase/password.

Use Password Generator

If for some reason you can’t come up with a strong enough password, use the password generator in your Linux system.

I occasionally use the command line utility pwmake, which comes with CentOS 7, RedHat 7 and Fedora 21.

If you’re using Ubuntu or Linux Mint, you can get pwmake by installing libqualitytools.

A big plus with pwmake is that you can specify the desired entropy.

For a home computer, an entropy of 12 is not a bad deal.

$ pwmake 12
amEf)oKguLHU

But in businesses or government organizations, you definitely want a tougher password and must therefore opt for higher entropy of at least 56.

$ pwmake 56
4lHonUlF3w-e

I’d recommend an entropy of 128 for large commercial establishments and government agencies.

$ pwmake 128
4z4LaqAkuwSOg#4c=4q@PquB=yR

RedHat 7 and CentOS 7 use the pam_pwquality module to check a password’s strength against a set of rules.

Also, use the pmquality.conf module in the etc/security folder to configure password requirements. Continue reading »

Where do Online Attacks Come From?

 Security  Comments Off on Where do Online Attacks Come From?
Apr 072015
 

Major Culprits of Online AttakcsThese days online attacks on your server and/or your web site can come from any corner of the world.

Every Tom, Mikhail, Mohammed and Ramesh with a penetration testing Linux distribution and a toolkit of free automated hacking scripts is on testosterone overdrive and out to wreak havoc online.

A lot of the online attacks are from bored youngsters looking for macho ego thrills.

But the more damaging attacks coming from sophisticated non-state actors (often Russian, Turkish and Ukrainian mercenaries) and state actors (frequently the Chinese Military, Iranian military, NYPD, NSA and FBI) are more complex, more relentless and harder to thwart.

As an administrator for a Linux server, I’ve endured and suffered considerable attacks including some that have been relentless and of long-standing nature.

Major Culprits

Let’s be clear that there’s nothing you can do to stop the hail of online attacks.

You can only manage them.

It’s not as if the world went to dogs after the arrival of the Internet. Humanity has always been the dregs. The Internet is merely a new arena for humans to attack each other.

One key way to control the magnitude of external attacks on your server, blog or web site is geo-blocking.

In other words, focus your attention on some countries.

Because online attacks from some countries are more common and more intensive than attacks from other countries.

As a Linux server administrator regularly analyzing log files, I see the following 15 countries leading both in the number of attacks and their severity: Continue reading »

 Older Entries  Newer Entries