How To Stop Becoming a Bait (A Cyber Security Methodology)

-

INTRODUCTION

The expanding Cyber dangers suggest that people, little businesses, huge organizations, and government organizations are progressively concentrating on securing their frameworks against all shapes of cyber dangers. In layman terms, Cybersecurity is the act of securing standalone computers an arrangement of interconnected computers, person, organizational, and profoundly touchy government and national security information from harming Cyber assaults. This handle includes receiving an assortment of Cybersecurity concepts to suit wants of the clients. For a fledgling, the Cyber Security nuts and bolts and ideas incorporate knowing around keeping secure from mail tricks, malware, infection, wi-fi security, budgetary tricks, phishing tricks, secure utilize of web devices like social media, and more. Indeed smartphones are progressively getting to be an indispensably portion of our day by day lives and require some basic security. Apprentices need to get it a few essential concepts of Cybersecurity and subscribe to anti-virus program for individual computers and systems in little businesses to secure themselves.

BASICS OF CYBER SECURITY COMPONENTS

The key areas of Cybersecurity known as the CIA triad comprise of confidentiality, information, and availability. Data is the key to everything.[1] The secrecy of data related to an organization is indispensably to all this. Each individual needs get to a certain sort and level of data as it were and this sum of data open increments as one goes up the organizational stepping stool. Each individual is prepared fittingly to secure and keep up the privacy of all data accessible to him through a secret word and other security apparatuses. The in general organizational Cybersecurity is taken care of by a devoted office through a suitable firewall.



Availability: The ability of a system to ensure that an asset can be used by any authorized parties

Integrity: The ability of a system to ensure that an asset is modified only by authorized parties

Confidentiality: The ability of a system to ensure that an asset is viewed only by authorized parties

Two more properties are also hidden in CIA Triad,

Authentication: The ability of a system to confirm the identity of a sender

Non-Repudiation or Accountability: The ability of a system to confirm that a sender cannot convincingly deny having sent something  

SECUREING THE COMPUTER IN DIFFERENT WAYS

Nowadays we utilize internet-connected gadgets in all angles of our lives. We go online to seek for data, shop, bank, do homework, play recreations, and remain in touch with family and companions through social organizing. As a result, our gadgets contain a riches of individual data almost us. This may incorporate keeping money and other money related records, and therapeutic information—information that we need to ensure. In case your gadgets are not protected, identity hoodlums and other fraudsters may be able to induce get to and take your individual data. Spammers might utilize your computer as a "zombie ramble" to send spam that looks like it came from you. Noxious infections or spyware can be stored on your computer, abating it down or pulverizing records. By utilizing security measures and great hones to secure your gadgets, you'll secure your protection and your family. The taking after tips are advertised to assist you lower your chance whereas you're online [1].

There are different topologies that we need to protect yourself from becoming a bait. They are [2].

v Operating System Security

v Web Security

v Application/Firewall Security

v Network Security

 

OPERATING SYSTEM SECURITY

OS security (Working framework security) is the method of guaranteeing OS astuteness, secrecy and accessibility. OS security alludes to indicated steps or measures utilized to ensure the OS from dangers, infections, worms, malware or inaccessible programmer interruptions. OS security envelops all preventive-control procedures, which defend any computer resources competent of being stolen, altered or erased on the off chance that OS security is compromised. [3] It may be drawn closer in numerous ways, counting adherence to the following:

Ø  Performing standard OS fix updates

Ø  Installing upgraded antivirus and software

Ø  Scrutinizing all approaching and active organize activity through a firewall

Ø  Creating secure accounts with required benefits as it were (i.e., client-server administration)

SECURED OPERATING SYSTEMS

There are few top secured OS’s, most of them are Linux based operating systems[3]

A.     Qubes Operating System

Qubes OS is a surprisingly stable open-supply OS that runs on single-person devices. It makes use of the Xen-primarily based totally virtualization to represent laptop packages into remoted digital machines referred to as qubes (think about it as keeping apart a set of comparable packages right into a wonderful unit of cubes)

Features of Qubes OS

ü  Strong isolation feature: Cubes isolate installed software, making it look like it is installed on a separate computing entity.

ü  Template system: Qubes OS share root files with isolated virtual machines (qubes) without compromising system security

ü  Multiple Operating Systems: Qubes can run simultaneously on multiple OS, including Windows, Fedora, or Debian.

 

B.     Kali Linux

Kali Linux is an open-source OS developed by Offensive Security for testing Linux distribution, penetration testing, network security assessments, and ethical hacking. This makes it one of the most secure OS available today.

Features of Kali Linux

ü  Full live-build integration: Kali Linux integrates a live-build that allows users to customize and create unique Kali Linux ISO images.

ü  LUKS encryption: Kali Linux supports full disk encryption, which gives users the ability to encrypt penetration testing USB drives.

ü  Kali Linux Metapackages: Kali Linux is integrated with a metapackage - a collection of toolsets for easy customization, and a minimized virtual environment setup.

 

C.     Tails  OS

The TAILS OS is a secure and portable OS that uses the Tor network to protect users’ privacy online and also helps users to bypass internet censorship. Its mobile compatibility makes it one of the most secure operating systems for mobile devices. The TAILS OS was initially developed for the Project Protect whistleblowers to protect the identity of whistleblowers. However, regular users who want to protect their privacy and data traffic can download and use the TAIL OS for free.

Features of the TAIL OS

ü  Installable on temporary storage devices: TAILS installs and runs independently on USB storage devices without requiring a third-party OS

ü  Amnesia: TAILS wipes off all traces of your activities when shutting down the system.

ü  A security toolbox: TAILS has a secure set of programs for communicating securely, and working on sensitive documents.

ü  It is a minimal OS that takes up little space; hence a user can download and run the OS from an SD card, or other temporary storage devices

ü  Activities on the TAIL OS is secured and protected from hackers and other forms of cyberattacks

ü  TAIL OS is noted for its robust data and identity protection; hence, it does not leave any trace of users’ activities online

ü  Reliable encryption protocol which encrypts users incoming and outgoing data traffic

ü  Access to restricted and censored contents online

ü  Compatibility with all types of systems and OS; hence, the TAIL OS can serve as an alternative to your system’s primary OS. Therefore, it can be a perfect complement to the most popular Windows OS.

WEB SECURITY

Websites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised [4]

There are a part of variables that go into web security and web assurance. Any site or application that's secure is unquestionably sponsored by diverse sorts of checkpoints and procedures for keeping it safe. There are a assortment of security benchmarks that must be taken after at all times, and these guidelines are executed and highlighted by the OWASP. Most experienced web designers from best cybersecurity companies will take after the measures of the OWASP as well as keep a close eye on the Net Hacking Occurrence Database to see when, how, and why distinctive individuals are hacking diverse websites and administrations. There are many threats which are causing the web security, there are few been mentioned here. [5]

Ø  SQL injection

Ø  Password breach

Ø  Cross-site scripting

Ø  Data breach

Ø  Remote file inclusion

Ø  Code injection

There are few mitigations to reduce the web security vulnerability [6]

·       Keep Web computer program fixed and updated.

·        Disable client-side scripting.

·       Block unsigned applets.

·       Disable cookies.

·       Use an intermediary server (proxy) with filtering.

·       Don’t introduce scripting dialects on Web servers.

·       Inspect all scripts before uploading them.

·       Audit and log activity.

·       Deny get to from known malevolent domains.

·       Disable hurtful or abused URL developments such as registry traversals (..), backslashes, or different CGI forms in a single URL. Restrict non-Web record sorts from being referenced in a URL. Disable unused script expansion mappings. Redirect malevolent demands to pages with lawful notices.[6]

APPLICATION SECURITY

Application security is the method of making apps more secure by finding, settling, and upgrading the security of apps. Much of this happens amid the improvement stage, but it incorporates devices and strategies to ensure apps once they are sent. This can be getting to be more imperative as programmers progressively target applications with their assaults. [7]

Application Security Challenges

One of the sad angles of computer program application security is that it must continuously be advancing. Innovation is continuously progressing, which suggests not as it were are cybercriminals creating modern strategies to break ancient security, but coding your computer program is bound to alter as well. Both of these require modern advancements in security and application security. The great news is that there are individuals driving the development of security systems, but that will cruel you've got to keep up to date.[8]

Application Security Tools

There are few application security tools which are used for web based application security testing as well as regular security cases.

A.     Burp Suite from PortSwigger

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective, and more fun

B.     Codenomicon - Defensics security testing solutions

Codenomicon develops proactive security testing and real-time situation awareness solutions. Experience cyber security beyond traditional signature-based defenses and improve your defenses against advanced persistent threats (APTs). Codenomicon’s fully automated solutions enable you to stay ahead of attacks. Use Defensics testing solutions to discover unknown, zero-day vulnerabilities proactively. Detect suspicious traffic, internet abuse and network incidents at the earliest possible moment with clarified situation awareness solutions.

C.     Arxan Application Protection

Arxan's products are based on patented security techniques for code hardening, tamper-proofing, key security and node locking. The core technology consists of a multi-layered, interconnected network of Guards that each perform a specific security function and are embedded into application binaries to make programs tamper-aware, tamper-resistant, and self-healing. It claims a three-layer protection paradigm of defend, detect and react as a differentiating approach. By detecting when an attack is being attempted and responding to detected attacks with alerts and repairs, this protection helps secure software against hacking attacks

Some other application securities are: Black Duck from Synopsys, CA/Veracode App Security Platform, Checkmarx, Fortify from MicroFocus, IBM Security AppScan, Klocwork from Rogue Wave, Qualys Web App Scanning, Prevoty from Imperva, Selenium, WebGoat from OWASP, Zed Attack Proxy from OWASP.

 

NETWORK SECURITY

Network security is crucial to keeping up the astuteness of your information and the protection of your organization and representatives. It includes everything from the foremost essential hones, such making solid passwords and completely logging out of community computers, to the foremost complex, high-level forms that keep networks, devices and their clients secure. Increasingly delicate data is put away online and in these different gadgets, and in the event that an unauthorized client picks up get to to that information, it seem lead to sad comes about.[9]

Some common network security vulnerability are,

ü  Malware, short for malicious software, such as Trojans, viruses, and worms that are installed on a user’s machine or a host server.

ü  Social engineering attacks that fool users into giving up personal information such as a username or password.

ü  Outdated or unpatched software that exposes the systems running the application and potentially the entire network.

ü  Misconfigured security systems that allow or have default policies enabled.

And some common type of malware includes are Viruses, Keyloggers, Worms, Trojans, Ransomware, Logic Bombs, Bots/Botnets, Adware/Spyware, Rootkits

Types of Network Security Solutions [10]

v Antivirus Software: Antivirus software can be installed on all network devices to scan them for malicious programs. It should be updated regularly to fix any issues or vulnerabilities.

v Encryption: Encryption is the process of scrambling data to the point of unintelligibility and providing only authorized parties the key (usually a decryption key or password) to decode it. This way, even if data is intercepted or seen by an unauthorized user, they are unable to read it.

v Firewalls: Firewalls are a software program, hardware device or combination of both that blocks unsolicited traffic from entering a network. They can be configured to only block suspicious or unauthorized traffic, while still allowing access to legitimate requests.

v Multi-Factor Authentication: Multi-factor authentication is simple: users must provide two separate methods of identification to log into an account (for instance, typing in a password and then typing in a numeric code that was sent to another device). Users should present unique credentials from two out of three categories — something you know, something you have and something you are — for multi-factor authentication to be fully effective.

v Network Segmentation: Network segmentation involves breaking down a larger network into various subnetworks or segments. If any of the subnetworks are infiltrated or compromised, the others are left untouched because they exist independently of each other.

Network Troubleshooting Applications

NMAP

Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection. These features are extensible by scripts that provide more advanced service detection, vulnerability detection, and other features. Nmap can adapt to network conditions including latency and congestion during a scan

NESSUS

Nessus scans cover a wide range of technologies including operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure. The results of the scan can be reported in various formats, such as plain text, XML, HTML and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners.

OpUtilis

OpUtilis provides a comprehensive set of networking tools which includes Ping, Trace Route, System Details Update, DNS Resolver, and MIB Browser. Being an advanced and reliable replacement for native commands which works with syntax and are of limited capacity, OpUtils' network tools sport a code-free intuitive UI that can scan and troubleshoot your network within seconds.

 

CONCLUSION

Secure your System, There are basic three methods to secure the system from outsider threat and attack.

Prevention: If you were to secure your network, prevention would be using the firewall, security software and end user use the antivirus software. You are doing everything possible to keep the threat out.

Detection: You want to be sure you detect when such failures happen. Everyday update the security software as well as hardware.

Reaction: Detecting the failure has little value if you do not have the ability to respond. If anything it’s happen so your security software warn.

Cyber security occurrences including assaults, inquire about underpins the foremost effective defense could be a computer literate client. To consider is those most powerless which are recognized in this inquire about as new employees inside an organization, as particularly, with the aggressor looking for individual identifiable information from those locked in. Advance upheld in this investigate are the mental variables that contribute to client and arrange powerlessness. This paper concludes that whereas innovation has a role to play in decreasing the affect of cyber assaults, risk and powerlessness dwells with human behaviour, human driving forces and mental inclinations that can be affected through education. cyber assaults can be diminished, but an outright solution to overcome such cyber security threats has however to be put-forward. Within the future work of the cyber assault, danger and helplessness reduce in the organize actualize the cyber security show.

REFERENCE

 

  1. 1)     Razzaq, Abdul, et al. "Cyber security: Threats, reasons, challenges, methodologies and state of theart solutions for industrial applications. “Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on. IEEE, 2013.
  2. “Cyber security: risks, vulnerabilities and countermeasures to prevent social Engineering attacks” International Journal of Advanced Computer Research, Vol 6(23) ISSN (Print): 2249-7277 ISSN (Online): 2277-7970 http://dx.doi.org/10.19101/IJACR.2016.623006

3)     Radu CO, Daniel ZR. “Issues of Operating Systems Security”.

(https://www.researchgate.net/profile/Razvan-Daniel Zota/publication/228409741_Issues_of_Operating_Systems_Security/links/540da9e60cf2d8daaacc6a65/Issues-of-Operating-Systems-Security.pdf)

4)     Garfinkel, Simson, and Gene Spafford. Web security, privacy & commerce. " O'Reilly Media, Inc.", 2001.

5)     Vieira, Marco, Nuno Antunes, and Henrique Madeira. "Using web security scanners to detect vulnerabilities in web services." 2009 IEEE/IFIP International Conference on Dependable Systems & Networks. IEEE, 2009.

6)     Canfora, Gerardo, and Corrado Aaron Visaggio. "A set of features to detect web security threats." Journal of Computer Virology and Hacking Techniques 12.4 (2016): 243-261.

7)     Zeldovich, Nickolai, et al. "Hardware Enforcement of Application Security Policies Using Tagged Memory." OSDI. Vol. 8. 2008.

8)     Choubey, Rajnish, Rajshree Dubey, and Joy Bhattacharjee. "A survey on cloud computing security, challenges and threats." International Journal on Computer Science and Engineering (IJCSE) 3.3 (2011): 1227-1231.

9)     Marin, Gerald A. "Network security basics." IEEE security & privacy 3.6 (2005): 68-72.

10)  McClure, Stuart, et al. "Hacking exposed: network security secrets and solutions." (2009).


Comments

Post a Comment

Popular posts from this blog

Using Kali Linux: Perform Website Cloning via SET toolkit

-
Image
First open the Terminal in Kali Linux, Before initiating the SET, there are some other things which you need to know...those are, Step 1: check your IP address(Kali Linux) Step 2: check all the machines inside the network Command: Netdiscover –r 192.168.243.0/24 Then we got the network IP Default gateway Broadcast ip Ping the IP (unknown )to check whether host is live or not: Command: Ping 192.168.243.129 Now open social engineering framework in kali Linux Command: Setoolkit Click the First Option : 1- social engineering attacks Now since we have to perform the website cloning so we have to chose the option 2- Website Attack Vectors Then click on 5- Web Jacking Attack Method Then on Then choose the 2- Site Cloner After this it will ask you for an IP address (put your kali linux machine IP address) After this it will ask you to enter the URL of the website you want to clone. In this let's clone the Facebook  website Paste the URL in
Read more

What is Log4j Vulnerability ?

-
Image
Log4j also know as Log4Shell is one of the recent type of hac*ing methology which is initiated by Apache. What is Log4J attack? This is an open-source logging library, which is used by almost all major Java-based enterprise apps and servers across the industry. A logging library is used to keep track of all the activity inside an application. The flaw allows any hacker or cyber-criminal to control and execute ‘arbitrary code’ and gain access to a computer system by inputting a string of code into the library. This attack exploits the Log4j vulnerability to download a Trojan malware, which triggers a download of an .exe file, which in turn installs a crypto-miner. Once the crypto-miner is installed, it starts using the victim’s resources in order to mine for cryptocurrency for the attackers’ profit, all without the victim knowing they have been compromised The vulnerability is also dubbed as Log4Shell and was first highlighted by researchers at LunaSec. The issue was discovered in Micro
Read more