Tuesday, 24 October 2017

Configuring Port Security

Cisco switches offer a tool called port security using it we can :
  • Limit who connects 
  • Control how many can connect to a port
  • Set an action when a violation occurs

Port security is used to mitigate MAC Flooding Attacks and can prevent rogue devices from connecting to your Network.

Before we can configure it we should take a look on the modes available , and note before the actual configuration what we want to achieve :
  1. Note the ports that will get configured , usually we use port security to the ports that connect end devices .
  2. What violation mode is appropriate for your network policy ? 
  3. How many devices are allowed on a given port ? Be EXTRA CAREFUL when you are on this step , you could deny access to a legitimate device if you allow fewer but you can have a security hole if they are more. 

Port security has 3 violation modes
  • Shutdown (default) : when used the port shuts down, it can sent an  SNMP trap , creates a syslog message and increments the violation counter.
  • Restrict : The port ignores any packets from the rogue device , stays up  , creates a syslog message and increments the violation counter.
  • Protect : This mode is similar with Restrict but it just wont do anything to let you know if there is a violation , the port stays up and ignores the offending device packets.


Configuring Port security

First you have to enable port security on the ports you want to protect :
---------------------------------------------------------------
switch# configure terminal
switch(config)# interface fa0/1
switch(config-if)# switchport mode access \\ port security needs the port to be in access mode to function
switch(config-if)# switchport port-security    \\ this enables the feature
switch(config-if)#switchport port-security maximum 1  \\ it configures the port to allow for 1 device.
 switch(config-if)#switchport port-security violation shutdown \\ it configures the violation mode to shutdown
------------------------------------------------------------------

What happened in the previous commands :  

  • We go to interface configuration
  • Enable access mode as it is required for port security to function
  • Enable the port security feature
  • Set the number of devices that can connect
  • Configure the access mode
 Note that you can hard code the MAC Address of the devices you want to allow with the following command:
  switch(config-if)#switchport port-security mac-address 1a2a.1ba1.a111
// the 1a2a.1ba1.a111 is an example how to correctly write the mac address .

Personally i believe it is better to hard code the devices if they are not changing places on your network .

Always be careful with this feature ! You can cause a Denial Of Service if configured poorly!
 

 

Monday, 23 October 2017

Boosting performance using an SSD

What is this about

 

While it's no big news you can use an SSD to boost the performance of any system , by usually cloning the Drive where Windows are installed , or by just installing the OS in the SSD...
Surely the Internet is full of those tutorials , here i would like to show you a different way to do things , a more low cost way :)

SSDs became cheaper but if we have an old system (has SATA) we might don't want to spend too much to upgrade it

The aim of this hack is to give a new life to our junk making it less painful to use or just to have some fun doing random hacks :D


Before we start just to make sure we are on the same page:

  •   DO IT AT YOUR OWN RISK : I assume you are a person who can install an SSD and has some good knowledge about Windows and of course can format a drive without blowing out the planet. If you don't , i advise you to QUIT NOW (saving the planet)  this is not for beginners.
  • This tutorial is using a CHEAP low storage SSD to BOOST a given system , you can use a 16GB or a 32GB one .
  • Now lets Start 



How this hack works / Expectations

  • We install the SSD to our system and we keep the old one as well
  • This hack uses the fast READ-WRITE and access times of  SSDs to boost our system:
    1. We move the TEMP folders for Windows and Programs to the SSD
    2. To have better performance when RAM runs out,  you can use Ready-boost on the SSD
  • This hack won't make our junk a rocket , but it will make it using it a more humane experience 
  • The cost of this hack is less than 20 EUR , you can find cheap low storage SSD drives on the Internet



Preparation

Install and format the SSD to NTFS format

  
After you have installed the SSD drive , if it is new it's unformatted and you can't see it under "My Computer".
That's Okay ,  now you need to format the drive .

While you can use external tools , i find using Windows tools instead more convenient for our purpose.


On Windows 7:
  1. Right click on My Computer
  2. Click on Manage
  3. Under Storage , click on Disk Manager
  4. After a while you will see all the Disks installed on your System
  5. Right click on the SSD (the unformatted one)
  6. Click on format
  7. Select NTFS and format the drive
  8. Optional but nice to have set the label to SSD to be easier for next steps
Now you can see your brand new SSD Under My Computer ! Congrats!




Implementation

  • Create Folders to use as TEMPs
  • Update System and User Variables
Go to the SSD drive and Create a folder , name it Windows, inside it Create two folders : USER_TEMP and TEMP.
Now lets update the System and User variables:
On Windows 7:
  • Right Click on My Computer
  • Click Properties
  • Click on Advanced System Settings
  • Click on Environment Variables
  • On System Variables scroll and edit the paths TEMP and TMP as shown below , note that D:\ should be replaced with the actual drive letter of the SSD!!!

edit TEMP and TMP keys to D:\Windows\TEMP 







  • On User Variables find and edit TEMP and TMP  like following:
edit TEMP and TMP keys to D:\Windows\USER_TEMP





 Click OK and you are done

Now our System stores temp data on the SSD making our programs faster and more responsive , restart the Computer and now you are good to go.

Pro Tips :
  1. Our System is faster but it can be even faster: Defrag the System drive (where Windows lives) to boost it more.
  2. The SSD can be used to boost your RAM as well ! On My Computer find the SSD : right click it , select properties , select the ReadyBoost tab and set it to use some of the disk space for RAM , if you have a 16GB disk more than 4096 is overkill
  3. If you have space on the SSD , you can install inside it some programs you use very often : an Internet Browser  for example , and you can have even better results.
Share it with friends that might find it interesting !!!

Thursday, 29 September 2016

Network Foundation Protection

Nowadays even people with no hacking skills can be a threat for our networks , thanks to automated tools almost anybody can launch an attack causing damage and loss of revenue to a company.

Common Threats
  • Denial Of Service and Distributed Denial Of Service Attacks (DOS , DDOS) 
  • Session Hijacking , Unauthorized Access , Privilege Escalation
  • Man In The Middle attacks (MiTM) 
  • Botnets
  • Routing Protocol attacks
  • Spanning Tree attacks
  • Layer 2 attacks : MAC Flooding, ARP Spoofing 

To be able to secure our network we can use the Network Foundation Protection (NFP).

 The NFP is a framework designed to help us manage by breaking down the functions in a network environment allowing us to focus on the specific security measures to better protect it.


In Cisco IOS Routers and Switches the NFP is comprised by :

  • Management Plane
 Here we have the protocols and traffic used to manage the network by the administrator .ex SNMP , SSH etc..
Note that a failure / compromise on management plane can cause the administrator to lose the ability to manage a device !


  • Control Plane
In this plane belong all the protocols and traffic used by the network devices to communicate between them without the direct interaction of a human. Routing protocols for example .
 
  • Data Plane
Here we have the Transit traffic the data that users and their applications are using. E-mails , VoIP etc..
 Important Note:
Each plane can impact other planes , if for example Control Plane fails or gets compromised Data Plane and Management Plane also fail as you will probably lose control if a routing protocol fails or even route the traffic in a malicious way causing MiTM attacks etc...
You can learn more about NFP here


Now we have an idea about the NFP Planes we can start by using some best practices to secure our infrastructure



Basic Security Guidelines

  • Ports: Limit who can access the available network ports , if you don't need them make sure you assign them to a blackhole lan, Turn off the negotiation Feature using the nonegotiate command under interface configuration and disable them. Ports should be configured with port security to allow only the devices required to access your network were possible.
  • Passwords: Enable automatic password encryption using the service password-encryption global command to ensure passwords are encrypted.
  • Use a  AAA protocol  (TACACS+ is preferred as it supports command authorization) where possible to enforce Authentication, Authorization and Accounting.
  • Use SSH instead of telnet , use a modulus of at least 1024 bit
  • Use SNMP v3 if possible as it is more secure than previous versions
  • Restrict unnecessary traffic to your network  : Allow only the minimum protocols that are required for your network to function and provide end users access to legitimated services only , this greatly increases the security as it restricts the attack surface also protects your network from bogus traffic.
  • Use a different VLAN for managing your network     
  •  Mitigating Common attacks : 
      • Use DAI (Dynamic ARP Inspection) in switches to protect from ARP Spoofing 
      • Use DHCP Snooping in switches to protect from rogue DHCP servers
      • Port Security prevents MAC Flooding attacks





Thursday, 14 January 2016

Η αλήθεια πίσω από τις πιστοποίησεις



Η αλήθεια πίσω από τις πιστοποιήσεις

Καθώς παρατηρείται αύξηση των απαιτήσεων στον εργασιακό τομέα σε συνδυασμό με την αύξηση της ανεργίας  , είναι επόμενο να περιμένουμε αναλογικά και αύξηση των απαιτούμενων προσόντων.

Πως όμως μπορούμε να αποκτήσουμε αυτά τα προσόντα ?










Αγορά εργασίας και πιστοποιήσεις



 Ανεργία 


Το σύνολο των εγγεγραμμένων ανέργων με κριτήριο την αναζήτηση εργασίας (αναζητούντων εργασία) για τον μήνα Φεβρουάριο 2015 ανήλθε σε 864.512 άτομα. Από αυτά 461.000 (ποσοστό 53,32%) είναι εγγεγραμμένα στο μητρώο του ΟΑΕΔ για χρονικό διάστημα ίσο ή και περισσότερο των 12 μηνών, και 403.512 (ποσοστό 46,68%) είναι εγγεγραμμένα στο μητρώο του ΟΑΕΔ για χρονικό διάστημα μικρότερο των 12 μηνών.

Από το σύνολο των εγγεγραμμένων ανέργων οι είναι <άνδρες> (ποσοστό 40,12%) και οι 517.636 είναι <γυναίκες> (ποσοστό 59,88%). 




  Πηγή¨:http://www.isotita.gr/index.php/news/2135
 

Τάσεις στην αγορά εργασίας 



Συμφώνα με Μελέτες του Ευρωπαϊκού Κέντρου για την Ανάπτυξη της Επαγγελματικής Κατάρτισης CEDEFOP , προβλέπεται σταδιακή αύξηση των θέσεων εργασίας  , αλλά με αυξημένα προσόντα .

Η ζήτηση για δεξιότητες υψηλού επιπέδου αυξάνεται με ταχύτερους ρυθμούς σε σχέση με τη συνολική

ζήτηση. Οι περισσότερες θέσεις εργασίας προβλέπεται να δημιουργηθούν στην κατηγορία των

τεχνικών και των ασκούντων συναφή επαγγέλματα. 





Οπωσδήποτε, η αναλογία των ατόμων που εργάζονται σε θέσεις εργασίας υψηλής εξειδίκευσης θα αυξηθεί. Το 2025, το 44,1% των απασχολουμένων θα εργάζεται σε θέσεις εργασίας υψηλής εξειδίκευσης, έναντι 41,9% το 2010 και 36,5% το 2000. Αντίστοιχα, η απασχόληση στα επαγγέλματα που δεν απαιτούν εξειδίκευση θα συνεχίσει και αυτή να αυξάνεται σταδιακά από 9,8%

το 2000 και 10,2% το 2010 σε 11,2% το 2025.

Ωστόσο, αναμένεται να αυξηθεί η πολυπλοκότητα ακόμη και των θέσεων εργασίας για τις οποίες

παραδοσιακά απαιτούνται χαμηλά ή καθόλου προσόντα . Η τεχνολογία θα παίξει κυρίαρχο ρόλο στην αύξηση των απαιτήσεων.




 Ξεχωρίζοντας στην σύγχρονη αγορά εργασίας


Προσανατολισμός στα προσόντα που κάνουν την διαφορά


Ανάλογα με τον κλάδο που επιθυμούμε να εργαστούμε οι απαιτήσεις διαφέρουν.

Μπορούμε να πάρουμε μια ιδέα με μια απλή αναζήτηση για τις θέσεις εργασίας που μας ενδιαφέρουν σημειώνοντας: 


·        Επίπεδο εκπαίδευσης και ειδικότητα

·        Πρόσθετες απαραίτητες δεξιότητες

·        Επιθυμητές δεξιότητες




 Ο ρόλος των πιστοποιήσεων


Οι πιστοποιήσεις προσθέτουν κύρος στο βιογραφικό ενός υποψηφίου είτε για εύρεση εργασίας η και για προαγωγή , μέσα από ένα πρόγραμμα εκπαίδευσης προσφέρουν εξειδικευμένες γνώσεις σε ένα αντικείμενο.

Ο υποψήφιος εξετάζεται και πιστοποιείται εάν κριθεί ότι οι γνώσεις του είναι σε ικανοποιητικό επίπεδο. 


Οι οργανισμοί που παρέχουν προγράμματα πιστοποίησης:

·        Πανεπιστήμια και λοιπά εκπαιδευτικά ιδρύματα

·        Εταιρείες που προσφέρουν εκπαίδευση στα προϊόντα  / υπηρεσίες τους.

·        Κρατικοί οργανισμοί



 Αξίζει να πιστοποιηθώ?



Οι πιστοποιήσεις είναι ένας παράγοντας που μπορεί να κάνει την διαφορά , όμως είναι καλό να γνωρίζουμε :


·        Δεν αναγνωρίζονται όλες οι πιστοποιήσεις παντού

·        Κάποιες πιστοποιήσεις χρειάζονται ανανέωση μετά από κάποιο χρονικό διάστημα.  

·        Μια πιστοποίηση δεν αντικαθιστά ένα πτυχίο ή μεταπτυχιακό

·        Το κόστος εκπαίδευσης και εξέτασης μπορεί να είναι αρκετά υψηλό και χρονοβόρο.

·        Δεν είναι υποκατάστατο εργασιακής εμπειρίας .

·        Δεν υπάρχουν εγγυήσεις ότι θα βρείτε άμεσα εργασία , οι εργοδότες κοιτάνε την συνολική εικόνα  ενός υποψηφίου και όχι απλά εάν έχει μια πιστοποίηση.



Έχοντας τα παραπάνω κατά νου μην εξαπατάστε από παχιά λόγια του τύπου : 


 «Η πιστοποίηση Χ άλλαξε τις ζωές χιλιάδων ανθρώπων» ,

 «Η Χ πιστοποίηση είναι σίγουρο εφόδιο επιτυχίας»,

 Και άλλες τέτοιες υποσχέσεις…





Ας μην ξεχνάμε ότι οι φορείς – σχολές που προσφέρουν προγράμματα πιστοποιήσεων είναι κατά βάση ΠΩΛΗΤΕΣ και ο στόχος τους είναι απλά να πουλήσουν ένα κομμάτι χαρτί.



Μια πιστοποίηση μπορεί να κάνει την διαφορά ΜΟΝΟ εάν ερευνήσουμε την αγορά εργασίας και συμπεράνουμε ότι πραγματικά αξίζει να διαθέσουμε τον χρόνο και τα χρήματα μας ώστε να πετύχουμε αυτό που ΕΜΕΙΣ θέλουμε.   








Monday, 19 January 2015

Create a Windows 7 system repair usb key

Before we start we need to make a bootable usb , you can download my free application here.

Go to this page and follow the instructions After the title

"Display hidden files and folders" 

Now you are ready !!!


Monday, 28 April 2014

A simple prank written with Autoit

Here i present to you a simple prank , the features :

  1. Random mouse movement and clicking
  2. Annoying beeping 
  3. Minimizes all windows
  4. It can disable keyboard and mouse input for 10 seconds ...
  5. Opens youtube.com , facebook.com , twitter.com or google.com with Internet Explorer....
  6. Ejection of CD trays ... (Old but always fun...)
  7. Displays a message box saying "Dude you are so PWNED..."
How it works ?

1) Get the prank.exe to a location where your friend won't see (C:\Windows\ is a good place)
2) Run the prank.exe like any other application
3) You will not see anything right away that's okay , just wait ..
4) The prank chooses a random amount of time 5 minutes minimum to 1 hour maximum to do any of it's features, that is repeated again and again making the life of your target difficult .

Some Warnings :

1) This is not a VIRUS . It is just a prank 
2) Please do not put it in the Startup folder it is a really annoying prank !!!

To deactivate it kill the prank process in the task manager.
If you reboot the computer the prank stops (unless you been naughty and you placed it in the Startup folder...)




Have fun :)



   Download it here

note : i do not own the icon used in the application.

Friday, 4 April 2014

Why Microsoft products are full of Bugs?


Browsing over the Internet you will find numerous complaints about Microsoft products that are insecure , full of bugs and so on...
Lately many people state that Windows 8 is horrible and difficult to use.

While there is some truth behind those facts , the truth is that every piece of software is prone to flaws and especially the Operating Systems because they are complex and sophisticated software.


But why Microsoft products are so buggy?

The truth is that Microsoft is the Top vendor in the Operating systems market , making it a target for :
  • Malicious Hackers
  • Penetration Testers
  • Vulnerability Researchers
  • Software Pirates (Crackers )
  • Others
Having a large group of talented experts targeting Microsoft products it is only natural to find many bugs and vulnerabilities .

There is also some individuals that state that Mac OS and Linux are safer and have less bugs than Windows , that is an assumption usually made by ignorance , lets assume that Mac OS or Linux is the Most popular OS then just wait a few days (or less) and you will see how many bugs and vulnerabilities are going to get discovered …

Windows is the primal target for many years and that makes it better and more secure , as bugs are discovered solutions are getting implemented resulting to an improved software.

 Is Windows 8 horrible ?

Lets think about the purpose of Windows 8 , it is an OS that is developed to get used by devices with touch screen not Desktops , while you can use it for Desktop use you can experience why people are getting so annoyed by it, another reason is that it is different than Windows 7 and many people just do not want to learn something new and complain instead.

Windows 8 is made for Tablets , Smart phones and PCs with touch screen also the security and performance are greatly improved .

Windows also has the best Hardware support. (try Mac OS or Linux to experience it if you do not believe me )


At the end if you do not like Windows DON'T USE IT !!!