Transparent firewalls are definitely a great enhancement to traditional firewall arena, for the very reason that the presence is not revealed.
A simple article on what are the advantages of having one in such a mode is described … Read More…
One of the other reasons why I like Juniper Netscreen firewalls is the same again. All of the models can work as Transparent mode firewalls (it doesn’t mean the drawback is like you can’t have VPN on it, even I thought so but these firewalls also allow you to build a VPN while in Xparent mode.
Browsing speed, Multitabs, RSS integration, add-on support are some of the usability considerations in the browser world today.
So I’ll share my experience about 3 browsers.
I’ve been using 3 browsers (Well, I don’t like Internet Explorer 
)
I liked all the three of them for the normal day to day operations I do, but however the way things work, I love Opera the best.
The aspects that got me into it and conclude to it is the speed of launching pages using Opera, it supports the multiple tabs, an RSS aggregation facility as well as the add-on support. While firefox is fast enough, one thing I’ve noticed is that the more and more plugins/extensions you add, the more it becomes slow. As well, at one point (may be even now), the only browser that had ZERO bugs was Opera.
Now you also need to consider the fact that I am an avid lover of Windows Operating System and do not have much experience with Linux. So these products how do they perform while on Linux is something I do not know.
What is so great about it? Well, heard about OS fingerprinting / “Tcp/IP” Stack fingerprinting. Those who practice security couldn’t imagine a life without nmap ?, yeah that line is familiar…
So many of these tools do this by the changes in tcp/ip stacks. The RFC for tcp/ip defines value types for TTL, Window Size, MTU etc but do not mandate a default value hence different OS implementations have adopted it to have different values. What does it make it easy? Recon… Just a ping packet would let one know the TTL value, so similar correlations for many parameters would yield the OS in place without much trouble.
Operating System Obfuscation is a method, using which you could change those parameters on the OS so that it looks like a totally different Operating System!
If you do not want much of technical details on how you do it, (although I must tell it is a piece of cake) you could use a tool to configure it.
{Sec_Cloak}
Test it out yourselves;
1. First do an nmap scan [ nmap -O2 <target_ip> ] => See the OS guesses.
2. Run Sec_Cloak on the machine and set it to appear as some linux flavor.
3. Repeat the first step again and watch for the OS guess.
You’d get it by then….
Is Application availability better than Ownership of the application ? Good Question. With the Web 2.0 changes, now google is providing free online document editing solutions. So want to create a word document/save as PDF or RTF ? or create a spreadsheet for your personal finance?
No hazzle using applications for the purpose, no worry buying expensive application packages or download and fiddle with freeware/open source stuff.
Checkout docs.google.com
Last day of the training, winded with RootKits and Revealers…
So altogether for the money that is paid in India for SANS 504 course if worth spending on!
Sometimes we do require a training, may it be you know it or have seen it before. BackDoors starting from Tini/nc/Back Orifice is where we landed today. Was very interesting and kinda astonished as well how well these guys think about it!
Creativity and Insanity has a very thin line between and that can be seen throughout…
DNS poisoning & XSS scripting was the hit today… Otherwise all the usual password cracking stuff which is old and quite old as well.
Did like the Netcat ’chat’ :-)
Today was the most impressive for the training I loved the theory and the tools that lets us do Arp Spoofing, TCP Session Hijacking and IP Spoofing… Was very effective and really enjoyed doing that.
It is inevitable that you put yourselves in a cracker’s shoes to understand exactly what would
he try or get into and the methods…
One of the basics I understood today was for every attack, a strong Layer2 hack is required or rather
more effective if one has it! So for the hacker / cracker, the lower the OSI layer, the effective the attack…
Today we had some pretty appealing sessions – Google Hacking (Don’t go by the name, it is not about *how to hack google*, it is about how guys can misuse the information derived from google search).
As a matter of fact, till today I wasn’t aware of the special search syntax’ that google supports (Well, nobody reads the documentation, I’m not an exception either )
To put it simple, if I want to get all the *pdf* files that a particular site www.xxx.com hosts, I could do that with simple google search. Similary, if I want to know who/which are all the companies that are running Microsoft Terminal Services over web – It is possible, again just a simple search in google. The only catch is that your search string has to be formatted so google knows what you’re asking for. Amazing indexing is what I would call ‘em.
Though I can’t put most of the contents over here, I’m sure I would like to share the basic fundamentals about this in coming days…
Transparent firewalls are definitely a great enhancement to traditional firewall arena, for the very reason that the presence is not revealed.
Recent Comments