What Is Packet Sniffing?

Information is often broken into smaller units when it is transmitted over the computer network. These small units known as data packets are fragmented at the sender’s node and are reassembled in their original format at the receiver’s node.

Every data packet has to cross a number of traffic control devices such as routers & switches. However, the data packet is susceptible to the risk of being captured each time it crosses these control devices. This act of collecting data packets illegally by hackers is known as packet sniffing. Hackers often use specialized devices
known as packet sniffers to do so.

How Does A Packet Sniffer Work?
A packet sniffer can exist in the form of software or hardware specifically designed to collect the data being transmitted over the network. They intercept & log network traffic with the help of wired or wireless network interface it has an access to. Hackers might use it to capture:

  • User names
  • Passwords
  • Downloaded files
  • Emails
  • Audio & video activity
  • Other sensitive information

An illegal packet sniffer is installed somewhere on the network without the knowledge of an IT administrator to gain unauthorized access to confidential information. Hackers also use sniffers to eavesdrop on unencrypted data to spy and checkout information being exchanged between the two parties and use it for their benefit.

Types Of Packet Sniffing

There are 3 types of packet sniffing, let us understand how they work:

  • IP Sniffing – It uses the network card to sniff all information packets that correspond with the IP address filter. These information packets are all used for analysis and examination.
  • MAC Sniffing – It also works through a network card and sniffs away the information packets that correspond to MAC address filter.
  • ARP Sniffing – In this type of sniffing, information packets are sent to the administrator through the ARP cache of both network hosts. The traffic is forwarded to the administrator directly instead of sending it to the hosts.

How To Protect Yourself From Packet Sniffing?

  • Use VPN – VPN (Virtual Private Network) connections provide complete privacy and secure your computer’s internet connection. It makes sure that all the data you are sending and receiving is encrypted & secured.
  • Always Check the HTTPS – Make sure that the websites that you visit have an HTTPS in its URL. Having it in the URL ensures that the website is safe to use.
  • Be Cautious – The risk of packet sniffing rises when a device is connected to a public Wi-Fi network. So be highly cautious of the websites you visit when you are on that network. Avoid doing financial transactions, entering sensitive information etc.

Other Ways

  • Scan your network
  • Use the Antisniff tool
  • Log out when you are done

For more information about IT Security, call Centex Technologies at (254) 213-4740.

,

Ticket & Travel Scams

It often seems easy and convenient to make ticket bookings and hotel reservations online. However one has to be highly cautious while doing so to avoid falling prey to a cyber fraud. Since ticket & travel scams are quite common these days, it is important to be vigilant in order to stay protected from numerous travel websites which are tricking people by selling fake tickets.

Here are some most common ways in which a ticket and travel scam is done:

  • Free Or Discounted Vacation – The victim is often sent an email with a congratulatory message that they have won a vacation travel & stay for free or at a discounted rate but they will be required to pay a small fee or provide their credit card details in order to claim the offer.
  • Vacation Ticket Re-Sell Scam – Sometimes the victim falls prey to an ad posted by someone who claims to have purchased a ticket but wishes to re-sell it due to inability to go for the trip because of some personal reasons. Thus, the victim is fooled by an offer of getting tickets at a much lower fare.
  • Location Scam – Fraudsters post an ad of a vacation rental or hotel and when an interested person clicks on it to make the bookings, they are often asked for some security deposit or sometimes even the full amount. However, all their excitement and zeal to spend a perfect vacation goes off when they reach the booked destination and find that no such place exists and that they have been scammed.

Tips To Avoid The Scam:

  • Be Cautious – Look out for hints while scrolling through a website. Most likely a website that does not have an about and contact page would be a scam site. Also check that the URL has ‘https’ to make sure that it is a secure website.
  • Check Reviews Online – To know if the website is safe to use or not, make sure that you check their social media profiles, reviews, blog posts etc. because it is highly unlikely for a fake website to put in efforts for building up all fake reviews and social media handles.
  • Use A Credit Card – Credit cards are more secure than debit cards as they do not allow direct access to your bank account and are at a better position when it comes to protection from fraudulent activities.

For more information about IT Security, call Centex Technologies at (254) 213-4740.

, ,

Gandcrab Ransomware

Generally distributed using RigEK toolkit, Gandcrab ransomware demands payment in DASH cryptocurrency. It utilizes “.bit” top level domain and when once it is injected into your computer system it encrypts the data & adds “.GDCB” extension to all the compromised files. For example, imagesample123.jpg (the original file) changes to imagesample123.jpg.GDCB (the infected file).  After encryption, the ransomware generates a “GDCB-DECRYPY.txt” file and places a copy in each existing folder and when the victim tries to open a file it shows up a message that contains information regarding their files being encrypted and instructs what needs to be done next.

The files can be decrypted using a unique key which is stored on a remote server that is controlled by developers of the ransomware. To get that key the victim is generally required to pay 1.5 Dash cryptocurrency which is equivalent to approximately $1130. However, there is no guarantee that your files will be decrypted even after you pay the ransom amount.

Most Common Ways Through Which The Ransomware Can Infect You

  • It can reach your system when you use third party software download sources.
  • Spam emails or emails sent from untrusted sources often contain malicious attachments which when opened install malware into your system.
  • Sometimes your system can get infected through Peer-to-Peer (P2P) networks which install malicious executables by masquerading them as legitimate software’s.
  • Victim often fall prey of fake software updaters which infiltrate into their system.
  • Trojans are another reason that can cause a ransomware attack. They exploit the system and also allow such malwares to be injected in the system.

How To Protect Yourself Against The Ransomware

  • Make sure that you backup your data on a regular basis because if once your files are decrypted by the ransomware, the chances of recovering your data even after paying the ransom amount are meagre.
  • If you are unsure about an email sent from an untrusted source then it is highly advisable to not download the attachments sent along.
  • Ensure that none of the computers are running remote desktop services and are connected to the internet directly. Instead, make sure that they can only be accessed by logging into a VPN first.
  • Download all the Windows updates as soon as they are launched since older versions might contain certain loopholes which may be exploited by the attackers.
  • Make sure that you do not use weak passwords. Also it is important to note that no matter how easy it might seem to have a single password for multiple logins, it should always be avoided as it opens the doors for such attacks in which your confidential data & files might be compromised.

For more information about Cyber Security, call Centex Technologies at (254) 213-4740

,

Advantages Of Bio-metric Security

PDF Version : Advantages-Of-Bio-metric-Security

,

What Is M2M Communication?

World has become a global village where technology has made communication process more effective & easy. It has brought along a revolution & transformed a lot of things around us. One such thing is M2M communication.

M2M communication refers to Machine-to-Machine communication. It involves a set of machines connected with each other that communicate or exchange information without any human interaction. Such communication between machines has become easier with the rise of wireless technology. As per Strategy Analytics, by 2020 the global M2M industry size will grow to around 200 billion U.S. dollars in revenue.

Examples Of M2M Communications

  • Manufacturers can receive notifications & alerts from devices in operation whenever they need servicing due to M2M tools. The machine itself tells you when it needs repairing.
  • Inventory information sent out by vending machine.
  • ATM machines dispensing cash.
  • The air conditioner automatically switch’s down when the room temperature reaches the set point.
  • Wearable devices that track down the number of steps you take & also monitor your heart beat.

Benefits Of M2M communication

  • Reduced Costs – M2M communication enables automation and allows businesses to reduce operational costs. It helps in saving time & effort resulting in better efficiency.
  • Prompt Action– It is easier to gather data when machines are connected to each other. This enables a prompt action to the request made.
  • Open New Avenues – M2M will open up numerous opportunities. With more machines being connected to each other it is possible to provide new service based offerings.
  • Improved Customer Service

Applications Of M2M Communications

M2M communication is presently being used in the following sectors:

  • Manufacturing
  • Billing
  • Telemedicine
  • Security
  • Robotics
  • Industrial
  • Traffic Control
  • Banking

Security Risks

  • Access Point Attack
  • Denial Of Service Attack
  • External Interface Attack
  • Device Triggering Attack

Difference Between IoT & M2M?

Often used interchangeably, M2M communication & IoT are not the same.

  • M2M communication uses point to point communication between machines, sensors & hardware. While on the other hand, IoT relies on IP based networks and sensors.
  • M2M is deployed in a closed system whereas IoT connects to a larger network.
  • M2M communication does not rely on an internet connection. However, Internet of Things (IoT) as the name suggests requires a strong & active internet connection.
  • Where IoT uses IP protocols, M2M uses non-IP protocols.
  • M2M refers to the communication between machines. IoT on the other hand involves communication of machines with humans as well as machines with machines.
  • M2M communication has a long way to go. With the advancement in technology we will be able to use M2M communication systems in a better and more effective way. That day is not far when every sector of the industry will recognize its importance and leverage more benefit from it.

For more information related to M2M communications & IT security, call Centex Technologies at (254) 213-4740.

, ,