Sunday, August 11, 2013
Write protect USB flash drive in order
to protect it from viruses and other malware programs.Because USB drives
are widely used to move data between computers, these drives are the
target for attackers to transfer virus etc from one computer to other.
Data inside USB can easily be modified or deleted by malware programs. To
write protect it, follow these steps:
Step 1: Open the Registry Editor by opening the “Run” dialog box, type regedit and hit “Enter”).
Step 2.Go to Registry key:
Step3: Right-click on Control, click on New->Key and name it as StorageDevicePolicies. Now a New Key named as StorageDevicePolicies is created.
Step 4. Right-click on StorageDevicePolicies and create a New->DWORD (32-bit) Value and name it as WriteProtect.
Step 5: By double clicking on WriteProtect, set value 1 from 0.
Now the right-protection for USB drives
is enabled on your computer thus it would not be possible for anyone or
any program to add/delete the contents from your USB flash drive. Any
attempt to copy or download the files onto the USB drive will result
following error message:
"Remove the Write Protection or Use another Disk"
Action to Revert Back
To revert and remove the write-protection, all you need to do is just change the Value data for WriteProtect (Step-5) from 1 back to 0. Now write access to all the USB devices is re-enabled.
Monday, August 5, 2013
Computer Protection Steps which can be implemented by a non -IT person/ How to avoid intrusion in a computer
Earlier when technology
was not advanced, human beings used to work in paper files and those documents used to
be kept safely in almirah and if document was of utmost important that time there
used to be a strong lock in order to have more protection and at times
protection of room was also required. Whenever some mischievous people intended
to steal the documents, they used to scan the building, room etc, purpose was to
find out weakness in the building, room and almirah. Or we can understand it
like if you do not lock your vehicle, it is insecure. Now we are living in a
era of technology so things have changed a lot. Presently we use computer to
store our documents, files and important conversation etc. So we need to
protect our computer likewise, hackers try to find out loopholes in the
computer and technology. Therefore you need to maintain your computer security
in order to block all vulnerabilities.
Here are few suggestions for best computer protection which can be implemented to avoid intrusion into the computer:
Here are few suggestions for best computer protection which can be implemented to avoid intrusion into the computer:
Make sure that firewall is turned on. It is very vital tool to stop a cracker from gaining access to your computer. If it is home computer then single firewall is sufficient but in case of a organization's computer where data is more crucial, some hardware tools ie router which also comes with firewalls.
Install a legal and antivirus software, avoid using pirated one. Pirated antivirus program is not able to provide required protection. Do not forget to upgrade anti viruse or you can configure those for auto upgrade option. New viruses also come on daily basis, so regularly check the antivirus manufacturer's website for updates. Most antivirus programs are sold with annual subscriptions, which can be renewed as needed
A computer virus is the common problem. Computer virus gets install into your computer system and as you run a program to which virus is already attached itself. Virus reproduces multiple copies of itself from your computer only.
One good example can be of "Trojan horse" programs. Trojan horse programs are similar to viruses, but these do not reproduce their multiple copies. Normally Trojan horses tries to install a malicious program into your computer. Sometimes due to malicious program into your computer, it may start doing some very funny activities like auto booting itself. If it is your home computer the you may try some freely available anti virus programs like AVG, avast etc for best computer protection. Well established companies do offer free antivirus programs for best computer protection specially for home users.
Install anti spyware software, it stops a malicious user from peering into your computer. Malicious users quietly send spyware program to your computer so that without your consent they can theft the data or can produce advertisement popup whenever you browse internet or access social networking websites. Nowadays most of the operating system comes with inbuilt anti spyware programs but should be keep on upgrading your operating system in order to upgrade anti spyware.
Attentively download anything from internet or do not open an attachment which comes via email as it may contain some harmful exe (executable) files. As you click on those, they install malicious code in to your computer.
Upgrade operating system on regular basis because manufacturer periodically fix the security holes.
For emails try to use Microsoft outlook or windows email as they are quite capable to restrict the virus entry.
Do not forget to turn off your computer once you finish your work. Sometimes crime could take place just because the computer, built-in camera or printer etc was on. Sometimes crackers use your computer resources without your knowledge and they may indulge in some illegal activity.
Take regular backup, anytime anything may happen so better to be alert than sorry.
Nowadays almost everyone is on internet, visually roaming here and there, downloading and uploading files, If you are not careful then crackers may crash your computer, can send pop ups of bizarre messages.
Delete unknown emails; never click on advertisements links, or any link which directs you to some other website.
Computer must be password protected and password should be toughest so that it will be hard to crack.
Friday, August 2, 2013
Penetration testing attempts to exploit any one of the
vulnerabilities, weakness, technical flaws to gain unauthorized access.
It is a method of evaluating the security of a computer system or
network by simulating an attack by a malicious hacker. There are two
types of penetration services:
Network Penetration Testing:
Network Penetration Testing attempts to break into a system’s network
or servers. It involves use of tools, grab bags of tricks &
exploits, network scanning, social engineering, port scanning etc.
Application Penetration Testing:
Application Penetration Testing does not involve network or servers.
Its purpose is to find out the vulnerabilities in a software
application using automated tools along with manual analysis. Usually a
set of accounts is given to an auditor with varying level of privilege
on the application, and is tasked to find OWASP-type vulnerabilities
in the application.
It helps in identifying vulnerabilities and risks in web applications.
It helps in finding the vulnerabilities in URL manipulation, SQL
injection, cross site scripting, back-end authentication, password in
memory, session hijacking, buffer overflow, web server configuration,
unauthorized logins, personal information modification, breach of
customer trust etc
Execution aspects of Web Application Pen Testing
It is a common myth that all security flaws can be detected by merely running automated tools.
Understanding the web application architecture and its
business logic is the first and critical step in the security testing
life cycle of web applications. Understanding of architecture,
application functionality, interaction among various components of the
application, data handled by the application, data flow, and the
underlying technology is gained by browsing the application and
detailed discussions with the system architects / developers of the
Automated tools attempt to discover the structure of the application in one of the following two ways: In Spider mode
the tool is given an initial starting URL of the application to be
tested along with some information necessary to traverse through the
application (e.g. credentials required for accessing the application). The second way
is Manual recording mode where the security engineer browses through
the application just as a typical user of the application would in the
course of his normal interaction with the application. While this is
going on, the tool captures and records information about pages visited
as well as the data submitted. Automated tools cannot understand how
data flows in the application, nor can they identify critical data in
the application. Automated tools treat all portions of the application
the same way because of this limitation. As a result, these tools
cannot differentiate between critical and non-critical assets of the
business application during the simulation of attacks. In order to
overcome the deficiencies of these automated tools, human intervention
and intelligent analysis is required. That is why assessing the
security preparedness of the application is essential. Auditing an
application for security involves interacting with the application
designers and developers to discover the security mechanisms
implemented within the application. For Example, the response of the
software developers to an auditing question “Does any part of the
application use dynamic SQL? If yes, how do you prevent SQL injection?”
These type of questions help in determining whether SQL Injection is
possible. The Analysis of business processes and data is also a
crucial part. This analysis is helpful in determining the application
portions to be tested and vulnerabilities to be exploited. In an
e-commerce application, critical business scenarios would be the login,
shopping cart process etc
Understanding the attacker's view, characterizing the
security of the system, and determining threats is not possible with
automated tools. Automated tools cannot identify threats for a given
application on their own. The Security Engineer needs to key in the
threats into these tools. These tools are essentially helpful in
storing the information about threats in a structured fashion. There
are models like STRIDE and DREAD to categorize and rate the identified
threats. These models are platform-and technology-neutral and can be
used for threat modelling of most genres of applications.
Web applications have a number of well-known
vulnerabilities like XSS, insecure session management. During the
attack simulation the automated tool modifies the originally recorded
requests and resubmits them using test data i.e. the injections
database. Automated tools do these simulation attacks blindly without
identifying the vulnerable fields or without understanding the
underlying business logic. These attacks need to be supported by
activities like threat modeling and test data creation to make them more
For example, a securely designed application may respond
to a simulated injection attack from a tool with a session logout. Since
the tool has no way of detecting that it has been logged out, it
continues to carry out its injections, unaware that the application is
refusing to respond to these requests as these requests are from an
expired session. As a result, the application is never really subjected
to the number of attacks that the tool claims to have executed.
Another example where these tools prove to be inadequate and the human
touch is required is the detection of the stored XSS vulnerability,
which requires some understanding of how data flows through the
Testing business logic is not covered by automated tools.
Most of the security testing efforts are concentrated on testing the
well known vulnerabilities. There are various mechanisms and open
source / commercial tools to test well known vulnerabilities. But
hardly any efforts have been put into developing similar mechanisms and
tools for business logic testing.
In an e-commerce application purchasing an item at $10
price or changing price of an item to $10 are potential threats. In a
Leave Management application, being able to approve one's own leaves,
or changing the leave balance are potential threats. Testing for such
business scenarios using various techniques like escalation of
privileges, session hijacking during the security testing efforts is
Automated tools have a database of SQL constructs which
they simply insert in every application request and the response is
analyzed. These tools report the SQL injection vulnerability as being
exploited incase there is no application error, unexpected input error
This is an example of a false positive as we cannot solely
rely on the vulnerabilities reported by tools. A sanity check and
further analysis might indicate that the injection was not successful
in the real sense i.e. no sensitive data was retrieved or deleted from
Another reason why analysis of results is important is
the multiple occurrences of the same vulnerability.As discussed earlier,
the automated tools simulate attacks blindly and they are not smart
enough to analyze the results in real time. As a result these tools end
up trying the same attack at all possible locations and report the
findings. It is very important to analyze how many threats are actually
For example, while simulating XSS attack, these automated
tools will try to inject scripts in all the fields. These tools will
continue doing these injections even if they find that the application
is vulnerable to XSS. Penetration testing involves exploiting security
threats using both a manual and an automated approach. This uncovers
various threats that can be exploited to harm the users and the
application. The analysis phase now involves figuring out the actual
loopholes which cause the threats. This would help to identify the
vulnerabilities and the impact of those vulnerabilities on the entire
For Example, If we are able to gain administrator account
access by manipulating some parameters, then we have exploited a threat
in which a normal user can perform the functions of the administrator.
Now the analyst knows that the underlying vulnerability is Insecure
Id's and it's his job to find out the impact of this vulnerability on
the entire application. This also helps in suggesting the appropriate
Suggesting mitigation strategies
Assessing web applications for security is not enough.
Carrying out security testing and exploiting vulnerabilities is just
half of the work; suggesting mitigation strategies for exploited
vulnerabilities is also critical. Mitigation strategies help in
preventing attackers from attacking the web application.
Some of the automated tools suggest mitigation strategies. These tools have repositories of
mitigation strategies for common vulnerabilities just
like they have a repository of injections for attacks. Based on the
attacks exploited these tools pick up a mitigation strategy associated
with it and include it in the final report. The problem with these
mitigation strategies is that these mitigation strategies are vanilla
and popular and attackers often know how to bypass those mitigation
The Analysis phase consists of suggesting mitigation
strategies which are application specific on the basis of deep
understanding of the application, underlying technology etc. This
includes suggesting defense in depth kind of strategies i.e. strategies
at different layers in the application which makes the software more
secure. Hence, the mitigation strategies are not limited to the
application but they also cover other components like web servers,
application servers, database servers and so on.
Automated tools like Appscan and WebInspect scan the web
application by crawling all user-visible pages and sending attack
vectors for well-known vulnerabilities such as, cross-site scripting
and SQL injection. Such penetration tests do not enumerate all possible
vulnerabilities present in the application, for reasons discussed
above, but are meant to gain unauthorized access. Vulnerability
assessment, on the other hand, is performed by Test Analysts with the
help of such scanning tools, and is expected to locate as many
potential problems as possible.
With the web platform adding newer technologies all the time, like RIA (Web 2.0 rich Internet
applications), the automated tools end up playing a
catch-up game while a Test Analyst is able to plug such gaping holes in
the tool-based approach. For Ajax in fact, very few of the present-day
tools are able to catch even all of the standard vulnerabilities.
Highly integrated applications are also difficult to scan
using automated scanners. For example, webmail has always been tricky
for the tools. The scanner in some cases has to learn how to send mail
to itself and then analyze them, and in some cases it has to realize
that the XSS filtering system can be used against itself.
Thursday, August 1, 2013
Are you sure that your web application is protected against cyber attacks? Is it possible for an attacker to get unauthorized access of your web application? Here I would like to focus on some of the major issues which need to be fixed while programming. Nowadays lots of automatic security audit tools are available in the market so it is better to use those tools however manual testing is a must for better and improved security.
Here, I am giving the parameters for better security measures:
Encrypted Login Pages:
After user authentication is accomplished, lots of web applications use only Secure Socket Layer as a security measure, which is not a safe practice. After login, “Session Encryption” may be useful but failing to encrypt logins is like leaving the key in the lock when you’re done locking the door. SSL provides no protection beyond the session, and an SSL-enabled Web server cannot protect the text data file stored on the server. SSL provides no protection against Web-based attacks such as exploiting a flaw with a Common Gateway Interface (CGI) script. If your login form POSTs to an encrypted resource, in many cases this security can be bypassed by a malicious security cracker who deploys his own login form to access the same resource and he may get access to sensitive information.
Server Side Data Validation:
Programmers commit a common mistake by using unencrypted connections such as unencrypted FTP or HTTP for Web site or Web server management. Unencrypted or weak connections can make your web application vulnerable via man-in-the-middle attacks and login/password sniffing. Always use encrypted protocols such as Secure Shell ( SSH) to access secure resources, using secure tools such as OpenSSH. It is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Once someone has gained your login and password information, that person can do anything you could have done.
Use strong, cross-platform compatible encryption: For secure data transfer use SSL ( Secure Socket Layer) certificate. Transport Layer Security (TLS) — the successor to Secure Socket Layer encryption can also be used. Make sure any encryption solution you choose doesn’t unnecessarily limit your end user base as this can lead to lesser web traffic.
Connect to a Secure Network:
Avoid connecting with unknown networks or with known poor security network such as open wireless access points in coffee houses etc. This is especially important whenever you log in to the server or Web site for administrative purposes or access secure resources. If it is necessary to access the Web site or Web server using an unsecured network, use a secure proxy so that your connection to the secure resource comes from a proxy on a secured network. You can use a virtual private network (VPN) connection that encrypts all the data between a device and a VPN server on the other end.
Never Share Login Details:
Shared login credentials can cause a number of problems for security. This applies not only to you, Web server administrator, but to people with login credentials for the website as well — even clients should never share login details. The more those are shared, the more difficult it is to establish an audit trail to help track down the source of a security breach or threat.
Prefer Key-based Authentication:
Use cryptographic key-based authentication for password authentication. The distinguishing technique used in public key cryptography is the use of asymmetric key algorithms, where the key used to encrypt a message is not the same as the key used to decrypt it. Each user has a pair of cryptographic keys - a public encryption key and a private decryption key. The publicly available encrypting-key is widely distributed, while the private decrypting-key is known only to the recipient. Messages are encrypted with the recipient's public key and can only be decrypted with the corresponding private key.
Maintain a Secure Workstation:
Work station audit is required in order to be sure that no key-logger or any other malicious software is lying on the computer. Because it can lead to un-authorised access to sensitive information regardless of all the security eg secured networks, encrypted communications, and other networking protections. If you connect to a secure resource from a client system and you are not sure about its security, then how can you be sure that someone isn’t “listening in” on everything that you are doing. So workstation auditing may be the only way to be sure, with any certainty, that your workstation has not been compromised.
For more articles visit www.cybersecuritydelhi.com
Your organization security is at substantial risk if you have not implemented email security policy. Daily we all receive emails which con...
A boarding pass is a document provided by an airline during checkin, giving a passenger permission to enter the restricted area of an ai...
Large number of people specially parents and teachers ask questions on cyber security and cyber crime; moreover they are keen in knowing ...