Jump to content

Dec100

Active Members
  • Posts

    62
  • Joined

  • Last visited

  • Days Won

    3

Recent Profile Visitors

1,383 profile views

Dec100's Achievements

Newbie

Newbie (1/14)

  1. I totally agree that bio-metrics should be for identification only, but, unfortunately, that's not what businesses want to hear when they raise it. They want to replace passwords. Incidentally, I recently saw a presentation from a company that is looking to replace passwords with a "profile" of user traits built up by many different aspects. For example, your phone's ID, fingerprint, how you swipe, how you hold it, where you are in the world, what time it is, etc, etc. The idea is that it takes all this input to give you a risk score, and if you don't make the set grade, you are prompted for a password or directed to call support (or whatever you choose based on the data you are protecting). It looked interesting, though we only saw controlled demos.
  2. There are pros and cons, same as everything. One thing to consider is the moral aspect. For example, what if a retina scan detected signs of disease? Should the company check for things like that and warn people, or is that a breach of privacy? Also, what if the data is compromised? You can change a password or token easily enough, but you can't change your fingerprint.
  3. Yeah, the CEH will take you through discovery and mapping of the externally exposed parts of a company's network. You are on the right track - it will be things like WHOIS, DNS checks, Google searches, IP/port scans, software version checks, default set-up checks - then looking through all the information to find a vulnerability to exploit to reach internal systems. The problem you have is that home users are usually set-up differently to companies. Home users (and companies for that matter) are usually compromised these days via social engineering rather than through the front door. For example, tricking the Android user to visit a malicious website that exploits the vulnerable version, or tricking them into opening a malicious email attachment. Then they connect out to the attacker. The exception is the recent spate of hacking badly configured (or badly designed) home routers, but you don't really want to purposely make your own router vulnerable or someone else will hack it too. For your studying, don't worry too much about testing on an internal LAN. The principals and tools are still all the same.
  4. The short answer is that it depends on how you are set-up. In very general terms: 1) You could compromise the router (e.g. old buggy firmware or exposed admin logon) and use it as a step to pivot onto the internal network. 2) If you are using port forwarding - say to expose your internal email server on port 25 - you could compromise any bugs on that to get onto the email server to pivot on the LAN from. 3) I don't know what your set-up is, but with the right kit and ISP deal you could set-up static NAT and corresponding firewall rules to separately expose any device on your LAN over any ports you like. In very simplified terms, that's how most companies will be set-up. As a home user, normal port forwarding is probably more realistic, but consider the "dummy Internet" VLAN I mentioned. 4) You could compromise the Android or internal device via social engineering and malware. Then make it initiate a connection out to you. Most home routers block nothing outgoing. Why the fixation with scanning from external? Be careful not to leave holes open in your router for others to exploit.
  5. Why are you expecting to see details of devices connected to the inside of your router (laptop, phone, etc.) via the router’s external IP? Are you port forwarding services through to them or something? By default, the router should not allow you to see devices on the inside of your LAN via the outside interface (due to NAT, firewall, etc.). If you are port forwarding, then you will still only see 1 host when scanning 1 IP, but you would see more services open. Virgin may be using another step, but I don’t see anything in the above to suggest that. The external IP is probably just resolving to Virgin as they own it (and the ptr records). Also, make sure you have permission to scan Virgin’s IP or they might get annoyed. Business accounts are usually allowed to do vulnerability scanning (get it in writing) but they might take issue with home users doing it. Does your router have extra ports and VLAN support? If so, for learning purposes, you could create yourself a “dummy external Internet” on a separate internal VLAN and test from there without touching Virgin’s stuff (which sounds ruder than I meant it - !).
  6. Yeah, a lot of companies seem to frequently mess about with or hide the free offerings these days. I guess it's to maximise their sales and cut down on commercial companies using them, but it gets frustrating. Presumably, the whole point of free offerings is to give something back to the community and build a fan base among future professionals, so there's an important ease-of-use balance there somewhere. Anyway, I know nothing of CUJO so I'll second Nessus and shut up.
  7. I think there is still a free home version of Nessus (limited to scanning 16 IPs), but I have no idea what features it still allows. https://www.tenable.com/products/nessus-home
  8. I think Digininja has it. The free version is throttled, I believe.
  9. This is old enough that the issue has probably passed, but Cooper is right. Ask them what evidence they are expecting. No-one is going to expect you to release potentially sensitive information about the company (that is up to them to release or not) so your evidence will likely be in the form of a signature or confirmation of test on letter header paper.
  10. Yep, Oculus had a chance to get in on the ground floor, but I think they have overpriced, so I'll wait and make a decision when the others come out.
  11. Yeah, too expensive in Europe. £350 and it would be worth a try, but way too much on a whim at the current price. Isn't there a (vive?) competitor coming out in April too?
  12. What about a nodding bird toy like Homer uses to cover for him in The Simpsons? E.g. https://www.youtube.com/watch?v=iapECJKx4k0
  13. Probably worth looking into the future stocking of modifiable routers in the Euro Hak Shop, Rkiver. :)
  14. It does sound cool - I can see uses as a password/data manager or a portable pen-test/troubleshooting kit. Definitely interested to hear what people do with them.
  15. I'm interested to hear what you do with it too, though I think it's a lot of work just to hide your Justin Bieber music collection from your wife. Incidentally, is the storage on-board flash, or does it have to use a microSD card? I'm thinking about your comments on the Raspberry Pi cards getting corrupted.
×
×
  • Create New...