Hacks/Malware
Anonymous Fox Hack
security
Initialization vector
In cryptography , an initialization vector (IV) or starting variable (SV) is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique. Randomization is crucial for some encryption schemes to achieve semantic security, a property whereby repeated usage of the scheme under the same key does not allow an attacker to infer relationships between (potentially similar) segments of the encrypted message. ...
IPsec
Internet Protocol Security An authentication and encryption protocol suite that works at the Internet/Netwrok layer. Transport mode Only the actual payload of the IP packet is encrypted: the destination and source IP addresses and other IP header information are still readable. Tunnel mode The entire IP packet is encrypted and then placed into an IPsec endpoint where it is encapsulated inside another IP packet. Won’t be widely utilized until IPv6 is in more widespread use. ...
Lightweight Directory Access Protocol
LDAP # Lightweight Directory Access Protocol (LDAP) Used to query and change a database used by the network. Protocol: TCP, UDP Port: 389 Windows Active Directory is a common implementation of LDAP. Every Windows domain controller stores a copy of the Active Directory database. LDAP is used to keep all the databases synchronized. LDAPS # LDAP over SSL Port: 636 Resources # Wikipedia - LDAP Wikipedia - List of LDAP software
Mandatory Access Control
Mandatory Access Control # Mandatory access control (MAC) is the most secure form of access control . Secures information and resources by assigning sensitivity labels or attributes to objects and users. Enforced by an administrator on a system
Modsecurity
How to whitelist an IP address in ModSecurity ModSecurity Reference Manual - ipMatch
Multifactor Authentication
Multifactor Authentication # Basically having 2 or more access methods as part of the authentication process. 5 MFA Factors # Something you know, password or PIN Something you have, smartcard, token, or identification device Something you are, fingerprints or retinal pattern (biometrics) Somewhere you are, location or geolocation Something you do, action you must take to complete authentication
Network Access Control
Network Access Control # Network Access Control is a policy-based access management solution for endpoint security. Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology… Such as: Antivirus Host intrusion prevention Vulnerability assessment … user or system authentication and network security enforcement. Source: https://en.wikipedia.org/wiki/Network_Access_Control
Network Security
Network Security # Wikipedia - Network Security The CIA Triad # The CIA Triad Access Restriction # Access Control 3 Access Restriction Concepts # Principle of Least Privilege Role-Based Access Control (RBAC) Zero Trust Defense in Depth # Defense in Depth
OSSEC
Whitelisting IPs in OSSEC Usage # [root@cc5739 etc]# /var/ossec/bin/ossec-control --version Usage: /var/ossec/bin/ossec-control {start|stop|restart|status|enable|disable} [root@cc5739 etc]# /var/ossec/bin/manage_agents **************************************** * OSSEC HIDS v2.8 Agent manager. * * The following options are available: * **************************************** (A)dd an agent (A). (E)xtract key for an agent (E). (L)ist already added agents (L). (R)emove an agent (R). (Q)uit. Choose your action: A,E,L,R or Q: Conf # /var/ossec/etc/ossec.conf