Tool Sharpening

As honest Abe Lincoln said, “Give me six hours to chop down a tree and I will spend the first four sharpening the axe.”

For the last six months, I have been playing the part of Hey Blinkin, getting the tools in my toolbox sharpened, honed, configured, and ready as I am inches away from starting the PWK/OSCP course. As soon as some paperwork clears, I’ll be signing up, hopefully to start in mid-July. You may have seen me posting things I’ve learned so far here on my blog. I intend to keep it up, as finding other OSCP adventurer blogs, tips, and tools along my journey has been invaluable. I hope to pay it forward here.

That said, here are a few very sharp tools I’ve come to love (as recently as this evening):

iTerm 2 – http://iterm2.com/ – a better Terminal app for Mac. Highly configurable, integrative, and versatile. Not exactly a pentesting tool, but something anyone doing command line work on a Mac should check out.

Sn1per – https://github.com/1N3/Sn1per – a super-thorough and invasive reconnaissance tool. It is very noisy and not recommended for actual pentesting, but it is great for working on CTF and Vulnhub VMs.

OSINT Framework – http://osintframework.com/ – a hefty, well-organized set of free tools for gathering all kinds of information. Originally geared towards security, it includes a lot of other fields as well. Follow it on GitHub here.

 

Microsoft Windows has Free Virtual Machines

Wish I had know about these earlier. Microsoft offers free Windows virtual machines for VirtualBox, VMWare, and others. You can choose from Windows 7, Windows 8, or Windows 10 (a few different flavors of each). They last 90 days before expiring, but you can snapshot them right after you install them to make it easy to reset that 90 days by rolling back to the snapshot.

Officially, these are for testing out the Edge browser, but you can also use them for whatever else 😉

Check them out here:

https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

 

 

Get With The Program: Learning To Code

As computers become more omnipresent in our lives, coding knowledge is becoming more and more in demand. With enough programming knowledge you can create your own website, build your own app, develop your own software and even engineer your own hardware. If you’re considering learning to code from scratch, here are the steps you should take.

Choose your language

First you will need to choose your programming language. Different languages are better suited to different applications – for example C++ is good for creating games, Java is good for mobile apps and PHP is specific for web programming. Some languages such as Python are more versatile. Most programmers learn multiple languages – once you know one, the others come more naturally as they rely of the same basic principles.

Take a course

Self-teaching yourself code is possible, although you’ll probably still want a few tips and pointers. Books, blogs, video tutorials and online training courses can be good for learning at home. If you work better with other people, a coding workshop or a short course may be more suitable. You can even hire private tuition.

Experiment

Once you’ve got to grips with the basics, it’s time to start experimenting. From here you can start to build your own code and better understand how to enable certain functions. Use open-source software to research other codes that people have discovered and shared. Try writing your own basic processes from scratch. Soon you will be able to start a full project of your own.

Build your own program

Eventually you will be ready to build your own program. You should start with something basic and work your way up to building a professional program – one that you may or may not wish to commercially sell.

Building something complex may require assembling a team, largely because it will be time-consuming and allocating tasks could speed up the whole process. Before building a program, you should lay out a design document to follow. From here you can start developing until you have a working prototype. This prototype will then need to be tested for bugs. You can get friends and family to test it, or – if you are creating a commercial product – you can hire a test group of professionals and download a test management solution to record any bugs they find. Learning to deal with bugs is a frustrating but essential part of programming.

Eventually, once you have ironed out bugs, you will have a fully-working computer program, which you can try and sell or use as a personal project to put in a portfolio.

Getting paid to code

There are all kinds of avenues you can take from here. You can develop your own software based on your own idea, work freelance turning other people’s ideas into realities or work for a software development company following set projects and a set wage. There are all kinds of areas that you can specify in from web design to PPC marketing to video games development to mobile app development to business software development to creating digital security and protecting against hacks. The world is your oyster.

Read Now If Your Employees Are Using 123RandomWord As Their Password

Ever since the internet rose up from the mists of nowhere, security breaches have been a source of big news, terrifying news. Whether it is the likes of Yahoo being hacked, or Election Results being tampered with, hacking scandals seem to be rearing their ugly heads more often than not. We read story after story about security leaks and each one ends with the same paragraph, the same foregone conclusion; businesses and business leaders need to up their game when it comes to protecting the sensitive data they hold. That is the common message from security experts, and yet so many businesses still don’t prepare themselves properly. Because they have been targeted and affected, they don’t take it seriously enough to seek out the weak links in their business, research the most recent trend in threats, and thus fail to protect themselves and their clients/customers from any breach.

Don’t believe us? Well, the recent State of Risk report concluded that a majority of businesses – big and small – have not invested in a system that will protect, control and track the sensitive data they have been entrusted with. The majority have no or only a partial, system in place. Trust us, if Yahoo is struggling to hold their defensive line against hackers then, chances are, you are going to struggle too. That’s why it is imperative to invest in security. Put it this way, the average cost incurred by a cyber breach on a small or medium sized business is £325,000.

I thought that would grab your attention.

So what preventative measures can you take? How do you best protect yourself and your customers? How do you make sure you are doing all you can to prevents a security breach? How do you stop your sensitive data getting into the wrong hands? Well, we have conducted thorough interviews with security experts to hear what they say, and have compiled a list of the most common areas of weakness in most businesses.

  1. On The Go Tech

In the early 90s and before, a data hack would mean someone would have to hack into your servers or break into your premises in order to access your sensitive data. But these days are gone, and data theft has been made so much simpler by the rise in mobile technology. Simply put, mobile devices increase your vulnerability and thus increase the risk. Of course, mobile devices are a must-have for all employees these days because it increases flexibility and productivity, and reduces the issue of wasted time and resource. However, the more your employees use these devices to share data and access your servers or fail to change their passwords, the more risk you are at. In fact, mobile breaches account for almost three-quarters of all breaches, a rise that mimics the rise of the bring your device to work policy that so many companies are embracing.

As such, it is imperative that you renew your BYOD policy so that it carefully spells out certain rules and expectations. This will better educate your workforce on the risks. A great way to make this more effective is to relate security breaches at work to the risks they face at home; make it relatable to personal risks like using ATM machines. You should also ensure that you have the capabilities to better monitor mobile devices. This way you will be able to quickly pinpoint any breach or any weakness.

  1. Uneducated Employees

We don’t mean uneducated in terms of schooling, we mean uneducated regarding security, and that means your training program is letting them down. But, yes, all too often your employees are a security risk. It could be that employee leaves their laptop on a table in Costa as they nip to the bathroom, or a smartphone gets left on the subway, or in a taxi. All of these pose serious threats to your security. But it is not just about exposure outside the office. Too many employees are not educated on the importance of a strong password, what constitutes a strong password or how often they should change their password. This leaves you exposed on the inside. The same goes for training on what to look out for when it comes to suspicious emails.

Cyber attacks have got more and more sophisticated. The phishing techniques have improved, spear fishing is now called upon, unauthorized websites are now able to install malware without the user knowing, and all of these pose a serious threat to both your systems and your data. That is why training is so important, and regular training too, as this will allow you to renew their understanding as different trends arise. A great way to do this is to approach digital learning companies who have experience in this kind of training. This will offer you a cost-effective means of training that is not just interactive and engaging but offers an audit trail too. They will know how to teach your employees about passwords, phishing, keylogging and much more.

  1. Inside Jobs

It is hard to say exactly where an internal attack originates, but it is typically unhappy or disgruntled employees. What’s more, these account for a seriously high number of breaches. Of course, any inside attack will require in-depth knowledge of your IT systems and will require someone to have access to all areas of your network, which is why most inside attacks come from within the IT Department. A disgruntled employee working within IT support can create a huge amount of problems.

How you can prevent this weakness is a challenge, but it requires mitigating any chance of employees in this sector becoming disgruntled. This is not always possible, so it is crucial you identify all those that have access to all areas of the server, this way you will be able to act quickly should an event happen. Another step should be to terminate access to anyone that no longer works within this capacity as soon as possible.

  1. The Cloud

The most effective way to protect all data that is stored in the cloud is to encrypt any access at ground level. Different experts suggest different encryption software, but all suggestions usually represent the gold standard in this field. We can’t stress enough the importance of investing in this kind of security. Since the cloud first originated, a high proportion of cyber attacks have been made possible by companies not using data level encryption devices to protect data stored up high, so make sure you invest well and invest fast.

  1. Third Parties

There are a few reasons why outsourcing has become more and more attractive. It is cost-effective, it frees up resource time, it allows experts to address what is becoming a more and more complex area. It could be you outsource the maintenance of your server, or your point of sale system, or a myriad of other things. However, while they may be experts in protecting you, third-party providers sometimes don’t follow best-practices themselves. It may be they use one password to connect to all of their clients, for example, which poses a threat should that password be hacked.
As such, you should always ask as many questions as you possibly can. Make sure they follow the best practices of remote access security, and enforce stringent policies for their workforce to uphold, and use sophisticated authentication techniques to ensure there are unique credentials required for each user. The other step you must take is to know which third parties you are using and then terminate their access as soon as their contract runs out or as soon as they no longer require access.

Let’s Encrypt The World

lets-encrypt-logoI have been a big fan of free SSL certificate authority LetsEncrypt.org since it was in Private Beta. Now in Public Beta, and now being a Certificate Authority recognized by every major web browser, it’s time for you to start using it on your website!

The great thing about Let’s Encrypt is that it is free. Why? Because the sponsors behind it believe encryption is for the public good. And they are correct. No more do you need to pay $80/year or more for an SSL certificate through some company like GoDaddy. This all may sound too good to be true, but it isn’t.

Wait, what?

In case you are unfamiliar with what I’m talking about here, LetsEncrypt.org offers you free SSL (Secure Socket Layer) certificates for your website. This make your website secure and encrypted for your visitors, just like your bank does, by changing your site’s address from using http://  to https://.

Being a user of the WHM/CPanel web hosting tools for the handful of websites I run, I found a great set of instructions and scripts you can use to get this set up and running in that environment. Just follow the instructions in the WHM forum here. Be sure to set up the cron job so that your cert(s) get renewed automatically. If you forget, it’s very easy to do it by hand from the command line, but the cron job makes it so that you don’t need to remember.

Encrypt WordPress

If you are a WordPress website owner, you can configure it to use the SSL certificate by editing your site’s URL in Settings > General. I especially recommend this for WordPress admin area logins, but there’s not reason you shouldn’t be using SSL on your whole site anymore. This is especially true considering Google favoring SSL-enabled sites over non-SSL sites.

Redirect Traffic to HTTPS

Using an .htaccess file, you can set it up so that any traffic going to your http:// website is automatically redirected to your https:// version. This is the snippet I use in my .htaccess file for that:

RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

Go forth and encrypt all the things!

We Cut The Cord!

cable tv photoAbout 3 weeks ago, we decided we were done paying Charter $120/month for the highest level TV package they had. When Rachael and I sat down to think about it, we realized that we really only care about a few things:

  1. College basketball (well, for me, anyway).
  2. HBO shows we like
  3. Jeopardy!

Everything else was peripheral, and we felt like we could live without it. We imagined more free time, more book reading, and more chances to talk to each other and interact amongst the family.

The New Way

I set out to find out the best way to go about this. After quickly discovering the Cord Cutters sub-Reddit, I was pretty well set. Here’s what we ended up with:

  • SlingTV account for $25/month (base package + extra sports channels). This covered most all of my college basketball needs, live CNN, and some other channels we don’t really care about.
  • HBONow through SlingTV for $15/month. While I signed up for this for one month, I think we may go to the HBONow version available through iTunes. That way, we can watch it on either of our AppleTV’s, of which we have two: one in the living room and one in the bedroom. The SlingTV app doesn’t provide for this. Either way, it’s $15/mo., and we can cancel it during the dry months when our favorite shows aren’t on.

That’s it for paid TV. We are at $40/month, and we will cancel Sling once college basketball season is over. That puts us at $15/mo for HBO.

What Else We Are Using

In order to use SlingTV decently, I hooked up my old Mac Mini to our main TV in the living room. I just launch the SlingTV app and we can browse through it with a wireless keyboard and mouse. This comes with the added bonus of doing whatever else we might do on a computer with the TV as the monitor.

I also found a website called USTVNOW.com that gives you all the broadcast networks for free. The local news is based in Philadelphia, but you get all the programming of ABC, CBS, NBC, Fox, and a few others. So we get Jeopardy!

USTVNOW.com does require you to be in another country, as it was geared towards US military and government people overseas to be able to get TV from the States. All I had to do was log in once from another country (thank you Tunnel Bear) and now it lets me in every time, at least until the browser cookie expires, but that is easily resolved.

We also have a Chromecast and the two AppleTV’s I mentioned before. The Chromecast makes it easy to watch Youtube or whatever we might have from another computer or a phone. The AppleTV’s let us watch Netflix ($9/mo) and we might sign up for Hulu ($8/mo).

Lastly, I found an AppleTV remote app, a remote mouse app, and a custom remote app for my phone that let me control my TV, AppleTV, and the Mac Mini, all from my phone.

Getting Used To It

The only qualms about all this have been some moments where the streams were jittery (especially USTVNOW during NFL playoffs), and not being able to channel surf the way we used to. However, we still get to watch the shows we like, I have yet to miss a Louisville basketball game, and the other benefits I mentioned have been working their way into our lives.

There have been some moments of frustration while we try to get used to this new way of life, especially during those “just want to veg out and channel surf” moments, but we are adapting, and realizing that there are better uses of our time.

Summary

We reduced our Charter bill significantly by going down to internet-only and ditching cable TV. It is 2/3 cheaper now!

Even if we pay for SlingTV, Hulu, Netflix. and HBONow all at the same time, we are still looking at less than half the cost of what we were paying to Charter.

This is an endeavor I highly recommend!

Photo by Mike Licht, NotionsCapital.com