Posts

Showing posts from July, 2016

Beginner’s guide: OSSIM Part 2

Image
Hope all of you are keeping well. Thank you all for the overwhelming support you people are giving me. So today we’ll deal with everything from basic OSSIM configuration to integrating different types of assets. Before we jump in to all of that I hope all of you are ready with installation. If not please visit my previous post, which is actually the first part. Beginner’s guide: OSSIM (Open Source Security Information Management) part 1 Make sure you have an active internet connection for your OSSIM. As you all know the Alienvault platform has five modules in it, which are the Asset discovery, vulnerability assessment, threat detection, behavioural monitoring and security intelligence. In simple words we add assets first, and then we’ll configure all those assets under each and every module of Alienvault respectively. If you're ready with everything mentioned in part 1, we can now move forward with the configurations. Here we’re just considering only OSSIM not USM.

How to virtualize using vmware

Image
Today we’ll build or technically speaking “virtualize” our demo labs. Most of the intentionally vulnerable applications which we see in internet are in a specific format known as “ ova (open virtualization archive)” or “ ov f (open virtualization format)”, which you can directly import without any issues. Before we start building a virtual machine we need to know some essential basics. The real machine in which you’ve have installed virtualization software is called as host / physical machine. And the virtual machine running inside host machine is known as guest / virtual machines

Pentest Lab

Image
  I hear lots of queries regarding how to set up a Pentest lab .  There are two ways in which you can set up private testing labs. Use physical hardware to build Use one physical hardware and virtualize everything in it   fig1

Phases of hacking

Image

Elements of Information Security

Image

Penetration testing

Image
Penetration testing is just like hacking in an ethical way. We follow the same procedures, tools and tricks to mock a hacker’s attempt to take over an enterprise networks/systems. The one who execute penetration testing is known as a ” P en-tester” . The pentester first do a vulnerability assessment, in which he list out known vulnerabilities in existing in network. With respect to vulnerabilities received he tries to exploit them, which is known as " P entesting" . He records the maximum level/depth he could reach. The pen tester then creates a detailed report about vulnerabilities and their impact on the network. These reports will have recommendation to fix these vulnerabilities or to mitigate them.

Common networking devices and concepts

Image
Hub Hub is a network hardware device for connecting multiple Ethernet devices together and making them act as a single network segment and handles a data type known as frames. It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming. When a frame is received, it is amplified and then transmitted on to the port of the destination PC.A frame is passed along or "broadcast" to every one of its ports. A hub works at the physical layer (layer 1) of the OSI model.  

Basic networking terminologies

Image
Networking Terminologies Open System Interconnection (OSI) The OSI model takes the task of inter-networking and divides that up into what is referred to as a vertical stack that consists of 7 layers. The Open Systems Interconnection model (OSI model) is a conceptual model, in fact, it's not even tangible. It doesn't perform any functions in the networking process. It is a conceptual framework so we can better understand complex interactions that are happening.

Basic info-sec Terminology

Info-sec Terminologies.  For being a good pentester, you must know what exactly a word means, whenever you cross it. So I'm adding few words and its description below. I've only added a few to start with, we'll learn more on the way.

Hello World!

Hello all, Just like you, I'm also a Information security enthusiast . The biggest challenge in infosec is that, when we are stuck, we have a very limited resources to look on, and have no idea which one to trust.In this blog I will be publishing all those stuff in detail, which I've learned from my past experience. This reminds me a quote which I've read.   "Mistakes are the best lessons, while experience is the best teacher" I have been working on both cyber security and information security for past few ye ars .This blog is intended to help security admins in identifying and managing their current security issues . We'll start from the scratch, from the very basics, build our own test environment, play around, break things, and we'll have lots and lots of adventures and fun, in the areas of Vulnerability Assessment , Penetration testing, Security Information and Event Management, PT standards .   Thanks & Regards Jenson Ja