CyberSecurity

As a former owner of a cyber security firm, I feel it’s my duty to keep my friends abreast of current cyber threats. I am a member of Infragard (https://www.infragard.org/), a venture between the FBI, State, Local law enforcement and Utility Companies to protect our infrastructure.

I’ll put this latest scam in as simple terms as I can. You know how you can convert a MS Word Document to PDF or visa versa? Or you can extract sound (mp3) from a movie (mp4), or an image format .jpg to .png…etc? If you know what you’re doing, you can do this with tools and apps that come with MS Office and Windows.

Else you can ask google. How to convert…? There are thousands of legitimate sites that’ll do it for you for free. And of late, there are hundreds of sites that’ll do it for free, BUT, they’ll install Malware or Ransomware on your system that’ll steel your cookies…etc. to gain access to your online banking info and shit.

I get my hands on your cookies, I don’t need to run phishing attacks to get you to give me your CC and SS #'s. I OWN YOU! And your identity! There are actually programs that’ll parse that info from your cookies.

L0ftcrack is an app that’ll get your password, even if it takes weeks or more. Change your passwords to everything, quarterly. If the site allows you to generate an encrypted password automatically, USE it. Your computer will remember it. You can always use “Forgot password”.

The following are options for checking to see if you data has been breached. In other words, is your SS# or address available on the web.

Am I on the web?

PLEASE, if you, or someone you know, falls for some scam, let us all know. It’s called social engineering. These people are smarter than the lot of us together. They’re predators and they have nothing to lose but time.

My oldest son, knowing who and what I was/am, called me one day in a panic because he thought he might have made a mistake. Phishing attack. I was like, the F you talking to me for? Call your bank and cancel that debit card!

If you have ANY questions, comments or concerns regarding online security, hit me up!!!

Hell, got a question as simple as a great backup solution? Hit me up! I’m retired and bored. I’ll set you up with an enterprise backup/restore solution that’ll cost you next to nothing.

Yeah, “Free” programs and apps, are always popular for sure, but as you said, free, isn’t always free.

i think you bring up some good points, because people don’t always understand how much they can be at risk. Keloggers, root kits, sniffters, etc. can very often times go undetected, or at least, until it’s too late.

Hell, check your emails while you’re at it LOL.

Before I went there, I went here:

Trustpilot

Oddly, I just checked an app that I used at my firm called Maltego. @ maltego.com. It hasn’t been reviewed on Trustpilot! Last time I used it was in '08.

I’d enter the email addresses of key employees at businesses I was testing and it would pull up all their social media, porn, church accounts…etc. No wonder that directors’ door is always closed

I once found a web app upper management was using. HTTP://wtf.cn. Gosh, what’s missing? Little packet sniffing with my leetle friend Wireshark, and got my contact’s login ID and clear text password.

Tell ya what… As much as I love being a geek (I am NOT a nerd) and playing with 1’s and 0’s, social engineering is the best!

Hello, I’m new at the company and my boss said I have to make some changes to your computers’ setting. I need your VNC ID and password. This, AFTER management warned them about it.

What’s your backup scheme?

I hate cookies, but then again I love them!..

Companies are supposed to give you the option to accept cookies or set preferences, but many don’t. Me? I click that little black X and close the dialogue.

Man, nothing is safe anymore.

how does that work?
i guess they buy this info from websites and data brokers?

asking for a friend

@warkwarth Tell your friend they use a serious series of algorithms to crawl the internet using the search term “youremailaddress.”

Mind you I haven’t used the app in 14 years, so I don’t recognize it anymore.

Example of Maltego in action

I’m still bored so, here’s an (as brief as I can make it) idea of how security worked in the 2000’s.

Everything on the internet uses “ports”. (Your PC does too.) port 80 if for web browsing, 443 is for secure browsing. http:// vs https://. Ports 587, 465 and a bunch more depending on the service being provided. (Web mail, company server’s like Exchange…) Pretty complicated actually. Online games use ports. Can you access your company from home (work from home)? Another port. Note that there is a default port for that which should be changed because every hacker knows what ports are used.

Your modem/router/wifi has a LAME ass firewall. Businesses should be using a real firewall. (My description here will be out dated, but you’ll get a rough idea.) A real firewall blocks ALL ports until they’re opened. If you want to have a mail server you must open those ports. It examines the actual packets of a conversation. (More details below.)

All computers have a numerical internet protocol address. IP address. Again, I’ll talk about IP v.4, not v.6 to keep it simple. There are public and private addresses. One simply CANNOT talk to the other. It’s written into the protocol. Microsoft’s “public” address is: 13.107.246.59. I have no way of finding their private ip’s. Private ip’s will be something like 192.168.1.1, or 10.10.10.1

Man, I’m having a devil of a time keeping this down to less that 100 pages!

Data sent between computers are in the form of “packets” containing routing (Think post office) and the payload, data. Pictures, videos, email… Kinda…

Not relevant to hacking as far as this article goes, but just interesting. On November 25th, 2019, the world ran out of IPv4 addresses. IPv6 was implemented on July 14th 2017. Close call, eh?

IPv4 allows for 4,162,314,256 addresses. These are “public” addresses only. Not those private addresses used inside homes and offices. They are 8 bit. 1.1.1.1.1.1.1.1 X 4 octets. All those 1 add up to a computer, to 255. But only 254 can be used. Why? If you wanna know, I’ll explain, but it’s another book. Hence 254254254*254 = that 4+ billion.

IPV6 uses 128 bit resulting in an 340 undecillion! Have you ever even heard of that? Not me. We should know by the end of the decade. I’m sure the US will be at least in 1 undecillion in debt.

An undecillion contains 1000 billion billion. Hada ask google.

Okay, back to killing time.

There’s an app called zennmap. Enter the addresses of a business, and it scans to see what ports are open on the entire network. There’s a way to enter a bunch of addresses in a “group” but then we’d have to get into sub-netting and that’s another book.

It’ll also produce a diagram, like this one of my home network.

nmap graphic1261×514 105 KB

Here’s what it found open on my amplifier:

nmap amp646×655 59.4 KB

But wait, there’s more! WAY cooler!

Remember I mentioned a “real” firewall? They do something called stateful packet inspection. Not just blocking ports. They open a packet, see where the request came from, what was requested, it see’s the request to send, the acknowledgement that it received the request, a response and a TON of other shit.

Wifi routers do too but not the extent. Well, maybe they do now… I just know that when I go into my router, the “firewall” is set to low. Set it to at least medium. I tried setting it to high, but my ring doorbells and thermostats didn’t work. Until I opened the ports.

There’s an app called Wireshark. It can open and read packets too. Here’s an example of what ONE packet looks like and how much info a packet inspector has to examine before allowing or denying. The top is “Supposed to be” human readable, the bottom is what a computer see’s. Kinda.

Wireshark622×556 109 KB

This is 10 seconds. 1,130 packets. Fast, eh?

Here I can see my wife is watching TV via Roku. Probably Bobby Flay on the food channel. I think she has a crush on him. That’s all I ever see.

ships1327×682 280 KB

There are dozens of apps that’ll now do all this for you. Plus they can see what versions of security protocols, recommend you upgrade them, warn you of vulnerabilities, what to do about them and a LOT more.

Here’s an example of an exploited vulnerability

© SANS Institute 2000 - 2005 Author retains full rights. (Where I got my training) Here is an explanation of the SSH1 Man-in-the-Middle attack to show the ingenuity of the
programmers. First one must poison the cache to have the traffic routed through the attacker’s
machine. Once the client requests an SSH1 session from the server, the attacker intercepts the
key generated by the host and forwards its own key to the client. The client, thinking they are
communicating with the secure server, now sends authentication and session information to the
server.

The attacker decrypts this information and encrypts it using the server’s original key and
passes it to the server. Once in the middle, the attacker has access to all traffic. It’s easy to see
that this software can be used anywhere on the LAN.

Well, there’s a 1 undecillion mile overview.

Let’s see, I started writing this at about 10:30 am, went to see an orthopedic surgeon between 2:00 and 3:30. continues the, put food on the oven at 6:00 pm, and at 7:00 pm I continued. Now, at 7:13 pm. I’m done!

I don’t care if you read it. I just killed some time!!!

yea I have messed around with wireshark because im paranoid
i have a pretty good understanding of packet sniffing and spoofing, MIM attacks etc
i was curious how maltego operated specifically, is it LAN only or could you do this to
anyone on the planet - in which case they need a data broker

these days even if you block scripts, cookies, supercookies, LSO’s use a vpn etc
they can still identify you rather easily. everything from your desktop resolution, audio speakers, browser settings that are on
or off, motherboard, cpu, gpu etc etc is used to fingerprint you
the amount of software and hardware fingerprinting is absurd

I recommend people test their own fingerprint at

if yours is unique thats bad, you actually want to blend in

Not paranoid, just sniffing packets. And, on another note I might be the only person here with 3 dedicated hex editors.

I’m not one of them.

I use Brave. I’m randomized!

I see. No, it’s not LAN only. Works everywhere, but I don’t “think” it’s from brokers. I guess it could… Data brokerage really came to light in the mid 2000’s. Maltego was released in 2007.

Wait. I don’t think so is like saying I don’t think so. It’s like saying, I don’t think. So. I’m not going to do anything about it.

Download the community Edition of Maltego graph, here.

Once the app is installed, scroll down to the video and follow along. I’ma do it now! Hate for the wife to find this app.

yea i’ve got at least 3 hex editors, likely a different use case
these can be used for all kinds of things and some are specialiZed for specific tasks or compatabilitiy

Well, that didn’t take long. To uninstall. This antique can’t understand a lick of that and I read a bunch of FAQ’s, followed the tutorial…

It says to enter “Search Profiles” and run with it. I enter search and nothing is found. Was nice knowing you brain!