Cryptography – Chapter 12

This chapter is all about cryptography which is the process of converting plaintext (readable) into ciphertext (unreadable). This process has been around for centuries. The text goes through a brief chronological sequence of the high points as it cryptography evolved. It is important to understand Symmetric and Asymmetric algorithms. Symmetric algorithm uses one mathematical key to encrypt and to decrypt, whereas Asymmetric uses two mathematical keys to encrypt and to decrypt. The book has several pages on understanding cryptography attacks and some possible safeguards to help thwart off attackers.

The chapter goes into much detail about protecting data as travels a network. It provides the security professional with many tools as well as areas to be concerned about. I found the chapter to be very informative along with much insight.   

Hacking Wireless Networks – Chapter 11

This chapter is a synopsis of wireless technology and network standards. It also covers some tools attackers use to gain access to wireless networks. The text begins with explaining the fundamentals of wireless technology and its components. As complex as it may seem there are a few basic elements which are:

• Wireless network interface cards (WNIC). Which transmit and receive wireless signals and (Aps) which are the bridge between wired and wireless networks.
• Wireless networking protocols such as Wi-Fi protected access (WPA)
• A portion of the RF spectrum which replaces wire as the connection medium.

The next few sections cover the following wireless network standards:

• 802.11 standard
• Basic architecture of 802.11
• IEEE 802.11 standards
• 802.1x standard
• 802.15 standard
• 802.16

 User authentication is important and usually is used in combination with wireless encryption standards to ensure that access to a wireless local area network (WLAN) is authorized.

Hacking a wireless network isn’t much different from hacking a local area network. Virtually the same port-scanning and enumeration tools can be used on wireless networks that are used on wire line.  

I found this chapter to be a good resource for wireless network connectivity. It walked you through the various parts of the system, how wireless networks work, and even how to safeguard your system. It was also interesting to note the various potential assaults attackers use to gain access to one’s computer. 

Hacking Web Servers – Chapter 10

Web applications are computer programs allowing website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser. The data is then presented to the user within their browser as information is generated dynamically (in a specific format, e.g. in HTML using CSS) by the web application through a web server. Web browsers are software applications that allow users to retrieve data and interact with content located on web pages within a website.

Most importantly, modern web sites allow the capture, processing, storage and transmission of sensitive customer data (e.g., personal details, credit card numbers, social security information, etc.) for immediate and recurrent use. And, this is done through web applications. Such features as webmail, login pages, support and product request forms, shopping carts and content management systems, shape modern websites and provide businesses with the means necessary to communicate with prospects and customers. These are all common examples of web applications.

Common Gateway Interface (CGI) is another standard that handles moving data from a Web server to a Web browser. CGI’s main role is passing data between a Web server and a Web browser. It accomplishes this through scripting languages like Perl or others to creating dynamic web pages.

The critical piece or part is for the security tester to understand the vulnerabilities of Web Application. Security professionals need to access the system and examine potential methods for attacking it. When conducting security tests on Web applications determine whether dynamic web pages were used, whether the web application connects to a back end database, whether a separate sever is used for authenticating users and what platform was used to develop the Web application.

Many tools are available for testing Web application vulnerabilities such as Wfecth and Wapiti. Also Open Web Application Security Project offers open-source software to help security professional learn about Web application vulnerabilities.

Embedded Operating Systems – Chapter 9

What is an Embedded Operating System? It is a special-purpose computer system, which is completely encapsulated by the device it controls. An embedded system has specific requirements and performs pre-defined tasks, unlike a general-purpose personal computer. One type of specialized embedded OS is a real-time operating system. (RTOS) This is typically used in devices such as appliance controls, programmable thermostats, and even in pacemakers.

There are a plethora of other proprietary embedded operating systems such as VxWorks developed by Wind River Systems, Windows from Microsoft, and QNX form QNX. The *NIX embedded operating system is an example of a monolithic OS used in a multitude of industrial, medical, and consumer items.

Today hackers want more than notoriety; they are looking for monetary gain. They are looking for ways to exploit embedded operating systems for personal profit. For reasons of efficiency and economy connecting embedded systems to a network has its advantages. However a security tester will need to address:

• What peripheral component interconnects devices is present?
• Where were they manufactured? Is this supply chain trustworthy?
• Which embedded OS is currently loaded on device?
• Can you make sure the embedded OS hasn’t been corrupted or subverted with malicious code?
• Which devices have embedded OSs stored in rewriteable memory?

 Supervisory Control and Data Acquisitions systems (SCADA) are used for equipment monitoring in large industries, such as public works and utilities, power generators and dams, transportation systems, manufacturing and anywhere automation is critical. The protection of SCADA systems are a life or death proposition. So for this reason SCADA systems are usually separated from the internet by an air gap. This measure helps minimize the potential vulnerabilities.

In an effort to fight off attacks a security professional should be aware of all embedded systems, upgrade or replace embedded systems that can’t be fixed or pose an unacceptable risk, be on top of all patching, and follow the least privileges principle and restrict access to thwart off attackers.