The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Category: Security Page 72 of 79

What is a Sniffer Attack?

By

On May 18, 2015

In Security

May 18, 2015

A sniffer attack involves capturing, inspecting, decoding and interpreting the network packets and information exchanges on a TCP/IP network. It aims at stealing unencrypted information, such as user IDs, passwords, email text, transferred files, credit card numbers, network details etc. It is also referred as a passive cyber-threat as the attacker is usually invisible and difficult to detect on the network.

Types Of Sniffer Attacks

  • LAN Sniffing: In this, the sniffer software is installed on the internal LAN to scan the entire network exhaustively. This helps to provide further information such as server inventory, live hosts, open ports etc. Once all the details are gathered, the hacker may launch a port-specific attack.
  • Protocol Sniffing: This method involves creating separate sniffers to carry out attacks on different network protocols. For instance, if a hacker sees UDP packets in a network, a separate sniffer is started to capture information.
  • ARP Sniffing: The hackers steal all the important information related to the IP addresses and its associated MAC addresses. This data is further used to initiate packet spoofing attacks, ARP poisoning attacks or exploit vulnerabilities in the network router.
  • TCP Session Sniffing: This is a basic sniffer attack in which the hackers get hold of the traffic between the source and destination IP address. They target details like service types, port numbers and TCP sequence numbers to create and control a fabricated TCP session.
  • Web Password Sniffing: In these sniffer attacks, the hackers penetrate the HTTP sessions that do not use secure encryption. Following this, the user IDs and passwords can be stolen and used for malicious purposes.

Tips To Protect Against Sniffer Attacks

  • Enable a WPA or WPA2 encryption for your router. Also, make sure you change its default password to limit access to your network. Use a long and secure password consisting of numbers, uppercase letters, lowercase letters and symbols.
  • Use MAC filtering on your network. You must allow only trusted MAC addresses to access your private VPN, thus, reducing the chances of a sniffer spying on the network.
  • Ensure that the important sites you use, particularly those that involve making financial transactions, have SSL (Secure Socket Layer) encryption. If a site is SSL enabled, it will have a URL beginning with HTTPS instead of HTTP.

We, at Centex Technologies, can assess and implement advanced cybersecurity measures in your organization. For more information, you can call us at (855) 375 – 9654.

What Are Web App Attacks?

By

On April 29, 2015

In Security

April 29, 2015

Web app attacks are among the most common types of data breaches posing serious threat to a business’ cyber security. These attacks can jeopardize the functioning of your website, inhibit its performance and in most cases, crash the website completely. As most web applications run in the browser, any potential security flaw can permit hackers to exploit the vulnerabilities in the apps and damage the business website.

Common Web App Attacks:

  • Cross-Site Scripting (XSS): These attacks use a vulnerable web application to send malicious client side code to be executed by the end user. Once this is done, the hacker can have access to browser’s session tokens, cookies and other sensitive data.
  • SQL Injections: This type of attack manipulates the vulnerabilities in the web apps in order to gain access to the databases and other information that they hold. These may include things such as email addresses, names, telephone numbers, postal addresses, bank account information, credit card details etc.
  • Cookie Poisoning/Hijacking: A number of web applications use cookies to save and retrieve user information like login id, password and email address. Cookie poisoning allows the hacker to access unauthorized information about the user to create new accounts or penetrate the existing account.
  • Directory Traversal: It is a form of HTTP attack in which the cybercriminal installs malicious software on the web server. If the attempt is successful, the hacker can have access to the restricted directories and execute commands that are outside of the server’s root directory.
  • Remote Command Execution: This allows the hacker to execute remote and random commands on the host computer through a vulnerable web application. These attacks are largely possible due to insufficient input validation.

Counter Measures Against Web App Attacks

  • Set Safe Permissions: Most often, the web apps are attacked due to the preventable vulnerabilities present in them. Make sure you set safe permissions for your files so that they can be written or executed only by the web server.
  • Scan For Vulnerabilities: This is extremely important to identify the potential vulnerabilities in your application that may make it open to cyber-attacks.
  • Use Application Firewall: Installing and regularly updating firewall can also provide an added layer of defense against web app attacks.
  • Restrict Unauthorized Users: Make sure that the write access to your files should be given to a limited number of users. This is applicable both for the server side and web app backend.

We, at Centex Technologies can help you evaluate and implement web app security measures in your organization. For more information, you can call us at (855) 375 – 9654.

What Is Network Traveling Worm Attack?

By

On April 18, 2015

In Security

April 18, 2015

Network traveling worms are specifically encoded programs that are able to transfer from a computer to other through various ways. These worms are automated hackers that transfer important information to impair the entire network once they gain access into it. Worms are quite similar to viruses except that they spread in a slightly different way. When a worm infects a computer, it searches for another system connected through the same local area network (LAN). Once it is found, the worm facsimiles itself to the new computer and continues with its search for more machines to replicate further. Due to its nature of traveling through the network, a worm is able to consume most of the bandwidth, causing the servers to stop responding.

Different types of network traveling worms are:

  • Email Worms: These worms travel by way of attachments in email messages or links to a corrupted website.
  • Instant Messaging Worms: These spread by sending spam links to the contacts in an instant messaging application.
  • Internet Worms: These types of worms scan the internet and other available network resources to search for vulnerable computers. If any such system is found, the worm attempts to connect and infect it.
  • IRC Worms: These worms spread through Internet Relay Chat (IRC) channels and transmit infected links or files to the contacts list.
  • File Sharing Network Worms: These worms replicate itself into a shared folder and spread by way of a peer-to-peer (P2P) network.

How Network Traveling Worm Attack Affects?

  • Exploit Vulnerabilities: The worm begins launching attacks from one computer in your network to other systems that do not have an updated firewall/ patch installed. Using this, the worm implements ‘shellcode’ on the target machine to make it download and set up a similar type of worm.
  • Weak Passwords: The worm tries to initiate a dictionary attack on other computers in the network. Through this, it aims at accessing the credentials required to execute commands on the target system.
  • Insecure Vulnerabilities: The worm can simply recreate itself through openly shared folders on other computers connected through the same LAN.
  • Email: The worm inspects the contacts list and sends well-written emails to make people click on a spam link, install software or download an attachment to their computers.

Tips To Counter Network Traveling Worms Attack

  • Block auto-execution of attachments in email
  • Keep your computer’s firewall and patches  updated
  • Filter traffic on your router and Wi-Fi network
  • Disable auto run capabilities on the computer
  • Use strong passwords

Following these tips can help you protect yourself against network traveling worms attack to a great extent.

What Are Advanced Persistent Threats

By

On April 13, 2015

In Security

April 13, 2015

An advanced persistent threat (APT) is a targeted cyber-attack mostly directed against businesses or political institutions. In this, a hacker gains unauthorized access to a system network and remains undetected for a long duration. The purpose of advanced persistent threat is not to damage the computer or infect the organizations’ network. Rather, it aims at stealing sensitive and high-value information from organizations involved in manufacturing, finance and national defense.

An advanced persistent threat has three main targets:

  • Stealing information from the target
  • Surveilling the target
  • Sabotaging the target

How Does It Work?

An advanced persistent threat usually follows the following four steps to successfully accomplish its purpose:

  • Investigation: This involves a thorough analysis of the weaknesses in the network security system of the organization. It may be done through domain queries, port as well as vulnerability scans.
  • Initial Access: Once the weaknesses are discovered, the hacker tries to exploit them to gain access into the organization’s network. For this, he may use a sophisticated social engineering technique, known as spear fishing.
  • Increase Rights: Following the initial entry, the hacker attempts to gather the necessary user credentials to gain more control over the system. He also creates several back doors to easily access the information while circumventing all the security mechanisms.
  • Exploitation: Once full control has been established, the hacker will be able to constantly detect, steal and exploit all the sensitive data stored in the corporate network.

Counter Measures For Advanced Persistent Threats

In spite of the sneaky nature of the advanced persistent threats, there are many preventive actions taken by most organizations to safeguard their critical information. The most important of them is to recognize what data you need to protect and detect the threat at an early stage to prevent further penetration. You must also install a layered data security protection in your system. This would provide an added protection in case of a potential advanced persistent threat attack.

Another counter measure can be to hold continuous security awareness training sessions for all the employees. This will ensure that they are alert about what and what not to do while using the internet or email.  Other technological defenses against advanced persistent threat attacks may include data encryption, classification, application whitelisting as well as security analytics.

It is also important for the IT security team of the organization to remain proactive to deal with any such unauthorized breaches in the corporate network. We at Centex Technologies evaluate and recommend security measures for your organization. For more information, call us at – (855) 375-9654

Family Internet Safety

By

On March 30, 2015

In Security

March 30, 2015

Internet safety has come up as a major concern for parents. While internet offers so many advantages, there are many threats like identity thefts, credit card frauds, wrong influence through social networks etc. that kids are exposed to.  On one hand, it is essential to introduce them to new technologies and the benefits they offer. On the other hand, it is equally important to keep them secure from the potential threats in the cyberspace.

Given here are some important tips that can help to keep your family safe in the virtual world:

  • Discuss with your family: Be open to discuss matters related to the use of technology and the consequences for its misuse. Develop a certain comfort level with your children so that they do not hesitate to come up to you in case if any guidance. This will help your family feel safe while individually exploring the internet, while knowing whom to turn to if they have any queries.
  • Discuss about websites and online services: Talk to your family members about the kinds of sites each of you likes to visit. Also, let them know if the websites they are browsing is appropriate for them.
  • Use internet together: This is the best way to teach internet safety to the kids. Browsing web pages together and addressing safety issues together will make your kids more capable of keeping themselves secure online.
  • Protect Passwords: Make sure your family is aware of the tips and tricks to create strong passwords. Let them know that they should not use the same password for multiple websites. They should also keep their passwords strictly confidential and not give it out to anyone, except parents. Also, tell them the importance of signing out everytime they access their online accounts, specifically on public computers.
  • Check age requirements: A number of websites require the users to be of certain age to be granted access. For instance, you must be 18 years or older to use some of the Google’s products. Always make sure that you read a website’s terms and conditions before letting your child use it.
  • Safeguard your computer: Install reliable anti-virus software and update it regularly to prevent yourself from online security threats. Discuss with your family about the information that you should or should not share over the internet. Also, make sure that they do not download any files or email attachments from unknown sources.

Following the above given guidelines can ensure a safe and secure online experience for your family.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)