:::: MENU ::::

Blog

  • Aug 10 / 2015
  • Comments Off
Categories, Database Security, Miscellaneous, Network Security, Security Fundamentals, Security Review

MongoDB Security Review Document

We are happy to announce Security Review guidelines for MongoDB. CIS guidelines are not available for Mongo DB and we thought this might be helpful for you.

Content has been reference from MongoDB Original Website.

I have create a sample command which will help you to extract the exact details required for performing security review. Along with Recommended setting suggested by MongoDB.
Please note that this Document will only highlight the point related to MongoDB not the underlying OS Security.

Intended Audience
This benchmark is intended for Security specialists, auditors who are planning to review the security of MongoDB Server. Please find below attached link for the same
Continue Reading

  • Jul 06 / 2015
  • 0
Categories, Miscellaneous, Network Security, Security Fundamentals

Security Review of Microsoft DirectAccess Implementation

This article presents the key risks with DirectAccess and how to audit them.

Let’s begin by first understanding the DirectAccess technology

Introduction of DirectAccess

From the Wikipedia definition

DirectAccess, also known as Unified Remote Access, is a VPN-like technology that provides intranet connectivity to client computers when they are connected to the Internet.

Direct Access overcomes the limitations of VPNs by automatically establishing a bi-directional connection from client computers to the corporate network so users never have to think about connecting to the enterprise network and IT administrators can manage remote computers outside the office, even when the computers are not connected to the VPN.

When a DirectAccess client is outside of the corporate network and has an active Internet connection, the client will attempt to establish connectivity with the DirectAccess gateway by creating IPsec tunnels defined by the connection security rules in the Windows Firewall on the client.
Continue Reading

  • Jun 17 / 2015
  • 0
Categories, Miscellaneous, Web Application Security

Decrypting Password Encryption -HP ALM Product 11

Hi All,

It’s been long time haven’t write any security post but i have come up with security issue on HP ALM Product 11.
While testing HP ALM Product latest version I have found that the password encryption used by the Web Application was weak. I was able to break the Password encryption logic.

What is Encryption ?
In cryptographyencryption is the process of encrypting messages or information in such a way that only authorized parties can read it.
Continue Reading

  • Apr 20 / 2015
  • 0
Categories, Security News

Google plans to speed up the Internet

Google today announced plans to formally propose its network protocol Quick UDP Internet Connections (QUIC) to the Internet Engineering Task Force (IETF). In other words, the company wants to make QUIC, which it describes as a UDP-based transport protocol for the modern Internet, an Internet standard.

What is QUIC?
QUIC is a UDP-based transport protocol for the modern Internet. It is a low-latency protocol often used for streaming media, gaming and VoIP services.

Google first unveiled QUIC and added it to Chrome Canary in June 2013. Then still an experimental protocol, QUIC already included a variety of new features, but the main point hasn’t changed since: run a stream multiplexing protocol on top of UDP instead of TCP.
Continue Reading

  • Mar 09 / 2015
  • 0
Categories, Web Application Security

AT&T Arbitrary Code Execution Vulnerability

Recently, I found an interesting issue Remote Code Execution for AT&T  bug bounty program.

But before going into this let’s understand Arbitrary Code Execution -

Arbitrary Code Execution also know as command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands. Any web interface that is not properly sanitized is subject to this exploit. With the ability to execute OS commands, the user can upload malicious programs or even obtain passwords. OS command injection is preventable when security is emphasized during the design and development of applications.

Issue was reported on October 21, 2014 to AT&T Security Team.
Resolved on Jan 27, 2015 by AT&T

Continue Reading

  • Sep 30 / 2014
  • 0
Categories

ShellShock Vulnerability (CVE-2014-6271)

Hi All,

Recently A remotely exploitable vulnerability has been discovered by Stephane Chazelas in bash on Linux, and it is unpleasant. The vulnerability has the CVE identifier CVE-2014-6271. This affects Debian as well as other Linux distributions. The major attack vectors that have been identified in this case are HTTP requests and CGI scripts. Another attack surface is OpenSSH through the use of AcceptEnv variables.Also through TERM and SSH_ORIGINAL_COMMAND. An environmental variable with an arbitrary name can carry a nefarious function which can enable network exploitation.

What is Bash?
Bash, or bourne-again shell, is the default shell in Ubuntu. When you are interfacing with the terminal (either through the terminal emulator, over a tty, or ssh), you are generally typing commands that bash will read, and execute. Even if you do not use the terminal at all, you still have Bash.
http://en.wikipedia.org/wiki/Bash_(Unix_shell)

How does the exploit affects me?
Bash and the OS keep track of a set of environment variables that describe the current logged-on user, where to look for programs on the hard disk, and other such functions. By crafting an environment variable with a specific structure, an attacker might be able to execute code next time Bash starts.

Continue Reading

  • Apr 11 / 2014
  • 0
Advanced Hacks, Categories, Network Security, Security News

OpenSSL Heartbleed Vulnerability

Hello Every One,

Recently Web Researcher has  uncovered an extremely critical vulnerability in recent versions of OpenSSL in short this vulnerability allows anyone on the Internet to read the memory of the systems protected by the OpenSSL software.


openssl

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).CVE-2014-0160 is the official reference to this bug.

Continue Reading

  • Feb 14 / 2014
  • 0
Web Application Security

Insufficient Authorization- Yahoo (Bug Bounty)

Hi All,

Recently, I found an interesting issue qualifying for Yahoo bug bounty program.
Yahoo-logo

But before going into this let’s understand -

What Authorization means?
In generic term’s authorization talks about activity or role which he or she can perform. In terms of Information security this means access rights based on this Authorization is classified in to two categories :

  1. Horizontal Privilege -Basically User having same right’s in generic – all Facebook User
  2. Vertical Privilege - User having different right in generic – Admin user & Normal User

Continue Reading

  • Feb 09 / 2014
  • 0
Categories, Miscellaneous, Network Security, Security Fundamentals

Network Security Part 3

Know better Information Security with OSI Model.

This section will demonstrate common information security problems mapped with OSI seven layers and evaluate the same for solutions to secure the organisation’s information resources.

Layer 1 – Physical Layer

  • The physical layer is responsible for the physical communication between end devices .
  • The logical first step in securing our information is to insure that the physical resources are not compromised.
  • Quite often, technologists fail to recognize the importance of the simple measures, like properly locking storage units, server cabinets, equipment rooms and office spaces.
  • Gaining access to resources is the first step in compromising them. Where is the information stored and who might have physical access to it?
  • Typically, efforts to physically secure information are a shared responsibility between technologists and those who manage the facility in which the information resides.
  • In some organizations, you must have a card key, hardware key, biometric access to enter areas where sensitive information can be accessed.
  • Even with the resources physically locked, they are at risk.
  • Social engineering is a form of infiltration that takes advantage of common social interaction to gain physical access.
  • Environmental factors should also be considered.
  • In extreme circumstances, a good disaster recovery plan is essential in the event that information resources are compromised.
  • Off-site data storage, asset inventories and vendor contacts are critical to knowing what to replace, where to get replacements and how to restore access.

Continue Reading

Pages:12
Visit Us On FacebookVisit Us On TwitterVisit Us On YoutubeVisit Us On Google PlusCheck Our Feed