“Statistical computing is the interface between
It’s the URL, stupid (me)!
Consider a scenario. You are in a miserable situation where you accidentally clicked on some phishing link or scam URL. A long time ago, when the web was safe, and viruses, trojans, and worms were transmitted only by EXE or BIN files, we could rest assured that the virus scanner protected us.
Now, the web is the purveyor of all things good and evil. Smartphones have become the norm rather than the exception. The individual security measures (windows, IOS, etc.) are only as useful as there latest update, and maintaining the amount of tech we each possess up to date is difficult. But the most common denominator is the URL centric web. All devices have Internet access and thus are vulnerable to the latest threats.
Think of the email before spam abuse. There used to be open relays everywhere, and anyone could send emails using a 10 line shell script using SMTP command verbs. Today that is impossible since email abuse has turned people away from everyday email. Even when you need to use email for work, most of one's inbox is someone trying to sell you something or market something. Every piece of traffic that humans originated on the Internet has a URL, so let's look at new-age security measures to help protect you.
In the last article, Understanding the Elastic Stack, I broke down the various Elastic components (check it out for a quick refresher). Now we will use the REST API provided by Elasticsearch as the back-end for a simple project. But before, let us discuss why we want to use Elasticsearch REST API as back-end.
The functionality of the back-end:
We have all have heard of network analyzers or packet sniffers, Wireshark with its command-line counterpart Tshark, or tcpdump.
This article explores how Linux's command-line power, combined with the tcpdump lexical parser's filter expressions, can be used for some complex networking debugging. If you are bored at home in these COVID times, how about extracting the video of a video conference capture? (On a serious note, only do this for your video with the participants' permission.)
We talked about introductory OpenSSL in a previous blog Dipping Our Toes into OpenSSL, that covered how it supports rich cryptographic-centric operations, which are needed for all sorts of things in the security domain and even outside of it. Today, let's take the next step and understand some of the crypto arithmetic behind it, without making the topic too complicated.
Photo by Vanna Phon on Unsplash
DNS - Do Not think it's Simple
In our recent series of articles, we talked about network security-related tools and techniques one needs to be aware of to build a cybersecurity career. Next, we will cover DNS and its related security implications!
DNS, or Domain Name System, translates domain names to IP addresses, so your browser/s can find what you searched. DNS resolvers are usually stub resolvers, which means that the full DNS records lie elsewhere.
Socat - the tool of choice for proxies and networking pipes
In prior blogs, our team has written about tools like netcat, Nmap, and Zeek that network security engineers widely use. Security analysts and threat hunters use these tools to help with their daily tasks. So this time let's talk about socat. Socat is the tool of choice if you are creating your own proxies or networking pipes.
This is a quick introduction on popular Supervised Learning Algorithms.
As we may recall, Supervised Learning refers to the set of algorithms that uses training data comprising both of inputs and corresponding output to build a model that subsequently predicts the best output for future inputs.
As a cybersecurity professional, knowledge of network and security tools is critically important. To help jumpstart this knowledge, we will focus on Nmap and introduce you to beginner's content.
Nmap has always been the security engineer's tool of choice for a wide variety of tasks. You can use it to see which machines are up, if a machine has blocked pings, or if the firewall blocks ICMP packets. It also helps determine if a machine is switched on and connected to the network through performance scans. In the previous article: How to Use Netcat for Cybersecurity, we had covered netcat, also used for connectivity testing.
If your organization is running a web application, you are likely to use EC2. Further, there is a high likelihood your instances are all Linux. Linux systems are robust and a suitable first choice for server applications like a MEAN stack express.js web server, an application built using open source LAMP stack, commercial proprietary software, or basic server using Apache or Nginx. Linux is also very widely used for both SQL and NoSQL database applications like Redis, Mongo, or Postgres or MySQL.