"A Walk to Secure Future"

A Walk to Secure Future

"When the world is changing so fast and technical awareness about computers and other advanced stuff being projected now and then, an average person surely has a dream of possessing a 'Iron Man suit' for himself or a 'BatMobile', but will that suit be really secure with him??? Even if a multi-billion dollar Corporation commercialized it for some punks with nasty pockets, would they be able to handle them. At the current security levels, of course NOT. At present the level of security in reach of common people or so-called "Technically Aware" people is so primitive that it is a matter of about 10-15 mins to get into anybody's email or Facebook, to hack into his computer using Botnet spyware or even throw him off the records using a simple "Penetration HarMone". So the question remains, is he really ready, the common man for the next generation of intelligence, automation and technology. Corporations are focusing today on better and better products everyday, increase profits or so-called level of human civilization but they should also think is he ready for this??

Let me introduce you to a series of articles I will be posting here, "A Walk to Secure Future".It will be based on how to be safe on the Internet.

Part 1

"Let us discuss about the basic concept of hacking and general notions and knowledge of people about the current usability of internet and security level. My target is the general audience, normal non CS/IT background people who make casual use of the internet for normal surfing, some videos, Facebook, occasional mails etc.

People surfing on the internet focus on accomplishment of their need. If they need to send an email, they log on to their service provider, enter credentials, use their mail services and generally FORGET to "log out". Mistake number one! They feel free to log in from any device/system that comes in handy when they need. What they feel is, "nothing as such classified information is stored in my mail account, why bother so much into securing it". But they fail to understand that their id, can always be used to HACK into other account by a smart hacker. So taking steps to secure your account means taking equal steps to helping others secure their account. Their emails can be used to spoof other ids and send mass spam messages over the internet by SCAMMERS, Black-hat Marketing people. This is a violation of the cyber law. On websites like Facebook, fake profiles, stalking on others ids, sexual material exploit are done if you fail to secure your account. General audience or users never bother about security, they think WHY will someone try to Hack them. The answer to this is: They do not want to hack you/ they want to harm some other guy and you just gave him one of the many keys used to bother him. Blackmailing, Cyber Sexual-Abuse, Unlawful Pornography, Crimes, thefts are the combinations of a Smart Hacker, Excellent knowledge of the field, Harmful Intentions, dumb victims.

Let us talk about app log in. For e.g. whenever a new user tries to register with our forum, he sees an easy profiling method, "Facebook/twitter" log in. Most of them 'do not know' how does that work. Simply they login. Luckily our host is much secure, but same does not apply to other websites or forums. This App-Verification method of various internet giants can become cause of hefty crimes. This doesn't mean this method should be stopped but it poses a great threat for cyber security. Maybe as I said in earlier post, "the user is not yet ready for this".

Basic concept of hacking does not start with learning smart languages, scripts, codes, infrastructure etc. but it starts with the need, the intention, the application and the personality of the hacker. This is the Live ware background which is the cradle of every cyber operation taking place every day at least a million times.

Security over the internet has become a very important issue to tackle with. The program to train more and more security people through ethical hacking programs are in turn giving fruits of ASPIRING RED HAT HACKERS who think hacking into some one's Facebook and posting ugly pictures is Funny! This has made the job of security consultants more difficult. The aim was to train the users on securing themselves from known threats on the internet but guess what, Most of such missiles backfire. The people who train them in such workshops provide basic knowledge which is exactly necessary to protect yourself but also they leave a curiosity among the students to learn more and more and guess what!! Google finishes the task. There is almost nothing you cannot find on Google! You just need to look for the correct things.

You have always read do not click on unknown links and Blah! Blah! Blah! But hackers are also smart. They know their victim and they know how to target him. Dumb Victims fall for clicking absurd links and smart ones don't even need to. They get hacked by their over smartness. Applying 2-step verification in Google is smart way of securing, but Back-linking every website he surfs on back to his Google or Facebook account is over smartness and guess what "BUSTED!”

The audience needs to be answer the question WHY?? Before asking HOW??

General audience today does not bother about all these things, but if they want to enjoy the marvellous perks the future-Tech is going to present them, they have to be ready for it. What we call as Coming Future is already on the street. Touch Screen which was considered extremely royal born is now in hands of a Rickshaw-wala in just a time span of five years.

Part 2

“On our journey to a secure future, we must first understand the potential threats. We know that we need to be safe but safe from what?? A hacker can have countless approaches. There are almost a hundred techniques to hack someone, maybe his account, website etc. So in this post we will talk about the points of attack and some common basic methods of hacking which the non-potential threats might know about. Let us think about how any connection occurs. Starting with a simple example of a Facebook example. Attack Points: (Personal Level)

Right at the source:

You know the password to your Facebook account. The password itself might get leaked at the source which is you. A number of possibilities, you told your password to your mom/dad (generally kids in India are supposed to so that the parents can check their activity :P)à She/he noted it down on some piece of paper and bad luck strikes, drops somewhere, gets into hands of someone. (Ignore the story try to see the point).

Told the password to friends to play some scrap games, collect game energy points (happening a lot these days) and that friend comes up with some nasty idea.

Highly improbable case but worth mentioning, some bully or mafia extracts it from you at gunpoint.

Point of Input:

Someone managed to plant a key logger into your system.

You logged in from some friends pc and he saw your keys while you were entering your password. Or you somehow saved your password there and he later looked it in the browser auto fill settings.

Transmission Way: (Technical Stuff) ( not a job of skids)

If anyone tried to plant any physical receptor in your network router/ on your server (in case of shared connection) and he can look at the captured packets later on.

Anyone got access to master logs of the server. (A lot of ways to do that and very imminent threat)

Access into main server of provider/website. (We will talk about it in later posts)

These are some common points of attack. Some others are like:

Scripted links

Back linking

A hacker has to first target as to where she/he is going to strike. Is he somehow going to try extract it from you? Best possible way to get through anyone’s account. Let us elaborate it. You don’t really think that he is going to ask you your password and you are going to say it straight away. Well that never happens (assuming the person is not totally dumb). He is trying to get your password some way or the other. How??? Phishing Technique is one most common answer. He will modify a login page which looks exactly like the original Facebook page with some tweaks on it. Means the details you enter there instead of going directly to the Facebook server is now in the hands of the hacker. This is a very wide-spread technique since it is easy to make such pages. Of course with coding knowledge. Second most commonly used way is “cookie-grabbing”. Let me explain this. Any website which allows you login needs to know that every query coming from your end is authorized. Now in some extremely important events, they directly ask you to enter your password to authorize it but in rest of the events, they don’t bother you with entering your password again and again. Instead they store a cookie on your system. A cookie is an authentication script which is attached with every query you send to a server which makes it understand that the coming query is authorized and should be given a progressing response. Now a hacker can code a script which can duplicate your cookies and send it to him wherever he wants and later he can use them. Now generally these cookies have a time limit after which they are useless but using that cookies and some tweaking he can keep using it forever or even change your password using it. Moral of this is: “Never ever click on random links. Unless you are completely sure of it.” There are a lot more ways to get your login credentials from you. Let us not focus on that for now. I will explain it in next parts. There are various ways to hack into the transmission way and the point of input targets. I will explain many of them in my upcoming posts about ways to hack and to get secured. Working on it :P Ok. So back to topic about Recon on Hackers. Reconnaissance is an art. It deals with identification of the target, getting all necessary details about the target which includes his IP address, username of the id targeted etc. Now this is something you cannot prevent. A smart hacker always knows his way around. He can later identify you easily, come in contact etc. Then comes the art of social engineering. He will scavenge through all your available pics, friends, identify trusted people, know your real interests etc. In this way he can somehow guess answer to your security question. A quick tip: If your security question is you mother’s maiden name, put her cell no. instead of real name, or something like that. It will prevent anyone from guessing your answers. Ok so, after he has gathered information about you, he might start talking to you, eventually slip out a link you might not be able to resist and eventually click it and there you are, one mistake and you are BUSTED!! Manage your information. Avoid sharing too much on websites which you cannot completely trust. There are ways you can avoid getting scammed like that. The first step being identification of the threat. You should be able to identify people whom you do not trust but you know might come back on you when time permits. A person slipping in too many links and forcing you to see something is a threat. A very important thing is to keep managing your friend list, do not add people you don’t know and this will solve a lot of your problems. Identifying such people who pose a threat to you or others in some other way and you can take another step towards being safe.

Part 3

“First of all, let us understand what actually is meant by safe-browsing. When you install any antivirus like quick heal, it installs an extra feature called safe-browsing. You click on that and a browser window opens with a fancy green border. What actually it is? We have seen in our earlier post that a person trying to harm you will generally target you with a cookie grabbing script or phishing page, or a malware. But what this safe browsing does is, it scans the pages thoroughly before loading. It checks the certificate licences, action links and authentication etc. before loading the page. This involves a series of steps. The target page is first loaded in the temporary mode, access by super user. Then it looks up all the action buttons on the page, all the scripts. The incoming and outgoing data – local as well as terminal. The links are then matched with those in the signature. If any redirections are found, they are scanned too. Then a final cross check is done with the main server of the provider, in this case Quick heal, for any threats reported in that website. Then a malware search is done. This part is tricky where the crawlers scan through all the scripts running on the page, may it be php or Java or any other. The actions are thoroughly scanned. During this complete process if anything unwanted is found, the user is prompted and action is requested otherwise. This is a general functioning of any safe browsing service provider. But is this really necessary? Do you actually need such tools to stay safe? Of course you cannot manually do all these checks but there are some things you can take care of which can protect you from a lot of threats. The first is all but same: Do not click on unwanted links. This never changes as anyone trying to harm you, just needs one opportunity, one chance to strike. Once you give it, you are at his mercy. Secondly you should use only those add ons for your browser (if you use) if they are taken from a trusted source, like the chrome web store or the Firefox official store. Or other browser portals. This will make sure a lot of things. Some scripts can be made such that they only come in action only when triggered by certain service running on your computer. And this is the foundation of a botnet network which will see in future posts. Next you should know how to investigate links sent by anyone. How to check if there is actually any embedded script running behind it. For this, I will show you a simple way. If you come across any such link, don’t click it. Instead copy the address and open any advanced text editor like MS Word. Then right-click on that link and there must be a hyperlink option. Click on that and you can see the visible text, background text there. If you see any background text, it means you were in trouble but you just avoided it. Congratulations! If not then it means the link is safe to use LOCALLY. You never know what data is hidden inside the page which will be loaded when you click it. Next thing you can keep in mind is to avoid as many integrated apps as you can. Integrated apps means those which allow you access using credentials from other websites. Like Facebook browser games, untrusted forums etc. they actually do not get your password from Facebook but there are other ways in which they can harm you. Limit your auto-posting. Means posts made on your name by many applications, games you play on different websites. You never know what actually they are posting. These websites are marketing under your name. In many cases, you surf pictures on other websites/apps and they get posted under your name on all social networking websites you have integrated. This is highly unsafe. Safe browsing means the art of surfing the internet without disclosing private information that is supposed to be hidden. Technically when you surf, only the RETR and STOR requests should be transmitted. This concept dates back to the days when internet was invented. But the changing user group, market, needs and demands, this has changed a lot overtime. Nowadays, any smart person can retrieve as much information as he wants about you from the internet. This means it is now at the personal level about how to secure yourself. One thing you should always remember, “Anything once stored on internet, remains PERMANENT. It is never lost.” This includes any photos, videos, emails, messages etc. The only difference that it makes is, once must know to look at the right place. Stay hidden and anonymous. It doesn’t mean you should avoid social networking. But it means you should know what you are doing. Nothing which can be used to harm you should ever be put on the internet. Let us see on the technical side of it.Whenever you put on a query to traverse a webpage, you allow the webpage to get access to certain services on your computer. This includes your network transfer, editor, video/audio plugins etc. All of them can be easily used to damage your system critically. One simple script can induce so many malware into your system that it makes it actually too difficult to restore. Many a times, hackers own bot-net networks. What actually is botnet is will explain in future posts but let me spoiler some information. A botnet is his private collection of systems that he can use anytime as his hosts, clients, victims, or launch pads for other projects. Make sure you don’t become a Launchpad for anybody. A webpage is a combination of a series of embedded applications, working at the command of one server. Your machine is at the server’s mercy when you browse it. Make sure you keep up the “status quo”. You can use some add-ons in your browser to keep you safe. They are trusted and handy. You can always look them up in your browser web store. You should have an anti-phisher, no-script, http-header, cookie editor (with locking features), master auto fill app, password manager, anti-malware, a good antivirus, anonymous proxy/vpns provider etc. These are some useful add-ons, names might differ from browser to browser but their task is similar. Having them handy can save you from many threats. Lastly I would like to tell you that when you are surfing on the internet, you are connected to infinite number of people with infinite ideas in their minds. You never know their intentions. And when you surf, you are open to all of their thoughts. Most hacking is result of unsafe browsing. One mistake is all that is needed. ALSO if in any case you fall victim to a trouble, pray that the person abusing you is a HACKER with BRAINS. So he knows what he is doing. If it a work of a NOOB SKID, you are literally finished. He never knows what he is doing and he can actually do serious harm unintentionally. And you know that strikes worse.

Part 4

“For a long time now, it is often seen that irrespective of an inside source, private data from the organisations have been sold out in black market of marketing agents. Let us understand this. Private information stored on the company servers, whether privately hosted, dedicated hosted or any other way, it gets stolen by hackers, no matter they had any internal help from employees, or not. In the quest to steal data from a server, hackers had some very common weapons in-hand which were very popular by the turn of the century. It was based on an easy concept, send in crawler scripts and extract the data. At that time, around 2001-02, cyber security was not an urgent issue. Companies that stored data on servers were limited due to lack of open technology and that being a costly affair. Such companies hired trained professionals to secure the servers but on the contrary, they neglected that competition in the market would want to steal the data. So the staff appointed basically concentrated on data management rather data security. This made it very easy for the hackers to carry out their missions. The revolution came in when such stolen data gained an enormous buying rate in the market, where the buyers were marketing and other concerned officials of other companies. This gave birth to Black-Marketing. Data robbery became a fashion or rather a flourishing business. The companies then started working on securing the data. It was the same time when dedicated hosting and isolated servers came into existence. Isolated servers are those which have a completed cut off hard-wired line from the source. It means the network which is completely isolated from any other type of network in its vicinity. It means this type of server cannot be accessed from any computer outside its network. Such servers need a physical data receptor to be installed in its root source to be hacked. Or in fancy words, the type of hacking you see in Action Movies. This helps a lot in data security since it is quite difficult to gain access to such machines. The concept of data intercepting was born when hackers found a way to capture the traffic. Let me elaborate. Whenever you send any query from one computer to another, the signal travels in form of data packets. Just like light travels in form of photons, electricity in form of electrons, Data travels in packets. Now think if someone got access to those packets. He might be able to read the data it was carrying. During login authentication, packets carry your password and id to the server for verification. It means the hacker can read it from there. Well how simple it seems, it is not. First of all, the packets are made in a particular framework which cannot be easily read upon. They need decryption, understanding of different protocols, filtering, de-capsulation, but yes, ultimately they can be read. How it is done? And how such captured packets are read? Well these questions borne answers to a lot of things. Let us see how, for this you can download an application called “Wire Shark” or “Network Miner”. Study those applications and I guess that will answer many of your queries. Now how actually it is done is not an information that should be disclosed publicly but it is something you should find out on your own. Once you master the art of packet handling, I can assure you, there is no server in the world you won’t be able to break into. Hackers made this art of security analysis into a deadly weapon. This ruled that era of hacking where the servers and clients were still on hardware mode. Then came the CLOUDS and that completely redefined the techniques of both, Hacking and Security. Cloud computing does not allow you to detect the physical location of data. With self-constructing features, clouds rule our technology today. Varying from one form to another, clouds are not completely integrated in our lives. May it be extensive data storage, or connectivity, clouds have proved efficient in many ways. None of our day passes off without using any cloud network. Since clouds have the ability to self-construct, destruct, traverse, they have helped in data security a lot. But this on the other hand has also encouraged the hackers to develop a more advanced way of infiltrating the system. Unfortunately the infrastructure required to do so is quite expensive but yet nothing is impossible. On simple scale, cloud networks can be made a 100% safe from virtual infiltration like malicious codes, malware and injections etc. They can be hacked with physical receptors which take us back to medieval era of hacking. However some techniques are still available to hack into such cloud networks almost but that still gives you partial access. Full access is quite difficult since the server cannot be easily located. Data interception works like intercepting pigeons in olden days. Kill the pigeon in mid-flight and duplicate the data. Interpret it and here it is. Ready to bombard some other place. For a long time, data interception has been a key aspect of hacking clients as well as servers. But the ways change. The use of obfuscated coding, hacking into codes and scripts has reduced to 10-20%, code breaking is not a simple act of fool now. And for then data interception is the way one can think of hacking easy way. Codes cannot be easily broken, the server cannot be easily broken into by injection and data interception thus gains importance and a major issue worth worrying about by security consultants. Where data protection is greatest priority, millions of dollars are being spent on such programs to secure data and thus it has evolved into a major industry.

Part 5

Let us discuss about injection techniques. Injections are small scripts which tamper with the loops in the security implemented by the administrators and take undue advantage of it. Creating injections require extensive knowledge of the scripting language used. Injections are to be supplemented in background of relevant and accepted data. It may be OBFUSCATED or hidden behind links etc. Common injections used today are made in SQL, PHP, JAVA, PYTHON, ORACLE etc. Depending upon the quality of data to be stolen, the impact level, access point, target field, scripting language of the injection is decided. Servers may be hosted on different operating systems. They may support certain protocols, amends, backgrounds, environments. Thus the injection to be made must be carefully developed.

Let us talk about SQL injections since they are the most used ones in the underworld. SQL is a basically a database monitoring language. In complex websites with multi approach framework, it becomes very important to maintain database in forms of tables and rows and columns. However, it allows you to output values stored in its fields using injection technique. A detailed explanation about this, I have added in the resources.

A Guide to SQL Injections

Talking about securing your codes and their security, I have already started a discussion about obfuscation of codes and will post in related content every now and then. Here is the link to it.

An Introduction to Obfuscated Coding