Tag Archives: data

Awesome DDoS Lookup tool

In my day to day Job, I have been responsible for mitigating DDoS attacks and making sure that they are detected in a timely manner.

The company I work for has an awesome platform to mitigate DDoS attacks which have an alert system and analytics but I came across a public tool that you can enter an IP or domain into and check if there has been a DDoS against that target.

Check out https://ddosmon.net/

ddosmon front page

 

DDoS Mon gets data from telecoms and other sources around the world to compile a list of DDoS attacks. I have personally used this tool and compared it to known real attacks and let me tell you this tool is very accurate. It’s great to be able to quickly search for attacks also it’s easy to use the URL to search for an attack

For example, you can use https://ddosmon.net/explore/4.2.2.2 to search for attacks against 4.2.2.2(level 3 DNS servers)

There is also an API that requests some JSON data so you can parse the data and you need to create an account to get API access.

When searching for attacks against this IP we see the below result

ddos mon attack view

 

 

The latest attack was a UDP style attack against this IP

The site also provides valuable insights into DDoS traffic on a global scale check out https://ddosmon.net/insight/

Here is a snippet of some interesting data there is much more on the site

                                                                             ddos insights

 

In conclusion this tool is very useful and can be incorporated as another tool in a SOC environment or for any business who suspects they may have experienced attacks but don’t have the resources to check.

This tool is also great for research purposes.

I would like to know what you think about this tool !  send me a email with you thoughts or leave a comment !

Have a good day !

Sean

 

Encrypting your data with Truecrypt

Hello All,

In this post I will show you how you can protect yourself against data theft using free open source software

You have heard it on the news someone working for some company was taking an usbstick/portable hard drive from one place to another and lost it and now there are thousands of people’s personal data going around and on some cases not even encrypted! So anyone can simply take that usb stick plug it into a computer and now have all those people’s personal data!

As a company what a pr disaster
As a customer your thinking how did this happen? Is my data safe?

the above scenario isn’t just for business think of how many regular people have personal information on these devices that are lost on a daily basis think of it your personal information,pictures,tax returns,emails,documents,resume

These are not out of the ordinary to find on an usb stick
a piece of data as simple as a resume carries a significant amount of information about you that you may not want a stranger knowing such as your email address/phone number /address etc.

So let’s dig in

First what is encryption?

The best way to put encryption into general terms is you have a secret message for example
Hello everybody
Now you don’t want anyone but the person you or someone you want to see your message
So you create a special code to make the text look like gibberish
For example @^&@^#**#*( *#&(*#& << this would be an example of an encrypted message Now with every encryption you need two sets of encryption keys your public key which everyone can see And you’re private key this key only you know the public key is your garbled text and your private key Makes sense of that garbled text to generate an encryption key you need a cipher a cipher depending on the strength can make a longer stronger this is done by the creating the key using the random number generator to generate the keys the whole point about the length of the key is to make a brute force attack against the encryption key not feasible depending on the size and complexity of the key it can takes decades before you would come close to breaking the encryption Now there are also 2 types of encryption the one above I have explained is call public key encryption where you need 2 sets of keys to decrypt the information or this is also known as asymmetrical encryption The other type is symmetrical where two people or computers have the same key on either end to decrypt the information For more information and a complete rundown on how encryption works True crypts documentation has A lot of technical information on how this all works if interested I highly suggest reading it Now let’s install and use this awesome software The software we are going to use to encrypt our flash drives/portable hard drive is called True Crypt available @ http://www.truecrypt.org

I personally use this software and its great not only is it free and open source which I am all for
It supports many industry standard encryptions and is super easy to use which is always nice
The software also gives you an option to encrypt your system drive but for that I would follow the
Manual available on the site

To use the software first we download the software
Now install the software the process in windows is basically next
for Ubuntu/debian sudo apt-get update && sudo apt-get install truecrypt

Once the software is installed you will get to the main screen see below

xp_main-v7.0

Now from this screen you will choose the option “Create volume”

xps_wizard-v6.1a

Select “Encrypt a non-system partition/drive”

Now choose your flash drive click next

You will now be able to choose the encryption type you want

I recommend SHA-512 algorithm with AES-twofish

xps_wizardciphers

Now click next

You will now create your passphrase

please remember your encryption is only as powerful as your password if you use a simple dictionary based password your encryption is useless as someone will be able to guess your passphrase and unencrypt your data I suggest 10 character password with uppercase and lowercase letters and numbers and a special character this type of password would take years to crack with a password brute force attack

You will now format your drive I recommend the slow way (Not the quick format) as a next layer of protection as your drive is now filled with zeros even though its slower quick works well too it depends on how paranoid you are

And voila you have a fully encrypted flash disk now remember you will need the truecrypt portable version with you possibly on another stick or you can get creative and make a second partition on your stick with only the executable on it to mount the drive

And now with all that you now can carry your flash drives and harddrives with confidence that if lost or stolen your information is safe

if you have any questions/comments/suggestions please let me know

Till Next time stay secure !!!!