URL scanning for new age security measures

Posted by Eric Parker on Oct 21, 2020 8:00:00 AM

It’s the URL, stupid (me)!


Consider a scenario. You are in a miserable situation where you accidentally clicked on some phishing link or scam URL. A long time ago, when the web was safe, and viruses, trojans, and worms were transmitted only by EXE or BIN files, we could rest assured that the virus scanner protected us.

Now, the web is the purveyor of all things good and evil. Smartphones have become the norm rather than the exception. The individual security measures (windows, IOS, etc.) are only as useful as there latest update, and maintaining the amount of tech we each possess up to date is difficult. But the most common denominator is the URL centric web. All devices have Internet access and thus are vulnerable to the latest threats.

Think of the email before spam abuse. There used to be open relays everywhere, and anyone could send emails using a 10 line shell script using SMTP command verbs. Today that is impossible since email abuse has turned people away from everyday email. Even when you need to use email for work, most of one's inbox is someone trying to sell you something or market something. Every piece of traffic that humans originated on the Internet has a URL, so let's look at new-age security measures to help protect you.

Read More

Topics: Cyber Security, Network Scanning, Network Security, url scanning

How to Get Started With Tcpdump

Posted by Craig Jorgensen on Oct 7, 2020 8:00:00 AM

Introduction


We have all have heard of network analyzers or packet sniffers, Wireshark with its command-line counterpart Tshark, or tcpdump.

This article explores how Linux's command-line power, combined with the tcpdump lexical parser's filter expressions, can be used for some complex networking debugging. If you are bored at home in these COVID times, how about extracting the video of a video conference capture? (On a serious note, only do this for your video with the participants' permission.)

Read More

Topics: Cyber Security, cybersecurity, Network Security, tcpdump

Creating a Secure Encrypted Channel with Socat

Posted by Dhiraj Sharan on Sep 16, 2020 8:00:00 AM

Socat - the tool of choice for proxies and networking pipes

In prior blogs, our team has written about tools like netcat, Nmap, and Zeek that network security engineers widely use. Security analysts and threat hunters use these tools to help with their daily tasks. So this time let's talk about socat. Socat is the tool of choice if you are creating your own proxies or networking pipes.

Read More

Topics: Network Security, Socat