Tech Support For Dummies

Wednesday, 13 November 2013

Reaver Pro: a simple tool for cracking WPA on a LOT of wireless networks

Posted on 13:47 by Unknown

If wireless security testing is on your radar, you need to get Reaver Pro. As I outlined in this Hacking For Dummies, 4th edition chapter, Reaver Pro is a great tool for cracking the WPA pre-shared key on all those consumer-grade wireless APs/routers that everyone installs in the enterprise.

The latest version of Reaver Pro is very simple to use. No live CDs or VMs to boot. You simply connect the device into your test system's Ethernet port, connect the power adapter, browse to 10.9.8.1, login, and you're ready to roll. Here is a quick video overview and here is a screenshot showing its interface:

Terry Dunlap with Tactical Network Solutions (the company that created and sells Reaver Pro) has a great team of sharp guys...and they've been very responsive when prompted with my mostly dumb questions.

If anything let Reaver Pro be a reminder of two things:

WPA is a proven wireless security control that's only as good as the weakest link on your network
Consumer grade wireless APs and routers don't have a place in a business setting - although on practically every network I see.

It seems to me that with the advent of WPA, WPA2, and enterprise-grade wireless security controls that people have let their guard down a bit with wireless security.

Don't be that guy.

As I like to say, you can't secure what you don't acknowledge! WPS is enabled by default in most situations. It's broken. Even if you have the option to throttle PIN requests, you need to find WPS and disable it (even on your home wireless). The convenience factor it provides is just not worth the risk of someone gaining full access to your wireless (and likely wired) network.

Posted in cool products, encrypting data in transit, Kevin's books, penetration testing, security testing tools, vulnerability assessments, wireless security | No comments

Tuesday, 12 November 2013

Low information users and the challenges they create

Posted on 08:25 by Unknown

Thanks to the political elite and the dumb masses they inspire, you've probably heard the term low information voter…In a nutshell, this term refers to people making a critical decision without knowing all the facts. As Winston Churchill once said “The best case against Democracy is a five minute conversation with the average voter.”

Interestingly, this concept and quote make me think of information security and why we need to prepare ourselves for today’s threats. Have a five minute conversation with an average user on your network. Talk to them about what they do and don’t do, the decisions that they’re making regarding their computer usage, and so on and it will likely become clear that we have a problem that we must solve.

If you're looking for answers to this human psychology challenge, here is a piece I wrote with tips for getting (and keeping) users on your side with IT and security.

Check out a related piece I wrote for Rapid7's blog:
Why business execs know more about security than you do

Best of luck! Keep in mind that sticktuitiveness is the key to all of this.

Posted in careers, scary stuff, security leadership, selling security, stupid security, thinking long term | No comments

Monday, 11 November 2013

My latest security content (lots of stuff on application security)

Posted on 14:02 by Unknown

I thought you might be interested in my latest articles/tips on web and mobile application security:

Why you need to pay attention to the slow HTTP attack

Lessons learned from a web security breach

Application security calls for a proactive approach

Understanding the value of the OWASP Top 10 2013

The Role Of An Automated Web Vulnerability Scanner In A Holistic Web Security Audit

Are Obamacare’s health insurance exchanges secured? Likely not.

Can software quality pros shore up network security threats?

How do software quality pros navigate cloud computing security issues?

What are the hidden mobile app security threats to look out for?

Also, be sure to check out principlelogic.com/resources for links to hundreds of additional security resources I've written and developed over the past 12 years.

Posted in cloud computing, data breaches, DoS attacks, incident response, Kevin's security content, mobile apps, security standards, software development, vulnerability assessments, web application security | No comments

Friday, 18 October 2013

What you need to know about security vulnerability assessments (that no one is willing to share)

Posted on 07:37 by Unknown

I'd love it if you'd join me over at SearchSecurity.com next week where I'll be talking about the rest of the story regarding security assessments...

You know the tools and you're probably familiar with the methodologies...that's why I'm going to share with you many other important aspects of security assessments that, unless someone tells you, you'll likely only learn the hard way. And that's no fun.

In my webcast What you need to know about security vulnerability assessments (that no one is willing to share), I'll outline what to do, what not to do, and what you can expect to get out of your vulnerability assessments (or pen tests, or audits, or whatever you call them).

These are things that I've learned in over a decade and a half performing security assessments for hundreds of organizations, thousands of websites/applications/mobile apps, and tens of thousands of network hosts. And there's no cost to you.

Areas I'll cover are the essence of my book Hacking For Dummies including:

Glaring flaws you’re overlooking today
Mistakes you're making...and cannot afford
Approaches that are guaranteed to help you find the most holes
Scoping your next round of testing to maximize its value and minimize your effort

Attendees will be included in a drawing for one of several signed copies of the new 2013 (4th) edition of Hacking For Dummies.

You can register here. Hope to see you next week!

Posted in Kevin's books, Kevin's security content, message from Kevin, penetration testing, security assessments, security audits, vulnerability assessments, webcasts | No comments

Tuesday, 8 October 2013

Windows 8.1 changes/enhancements, BitLocker's improvements, and related Windows mobile/security tips

Posted on 02:27 by Unknown

In addition to my independent information security assessments through my consultancy Principle Logic, I've been writing a ton...including a lot on Windows 8 and 8.1. Check out these new pieces published by my friends at TechTarget:

What's old, what's new for the enterprise with Windows 8.1

Understanding why Windows 8 for mobile is perfectly viable for enterprise use

Don’t forget enterprise password protection in a merger or acquisition

Three ways Sysinternals Process Explorer reveals system usage

Ease Windows 8 frustration by focusing on what the OS actually does

Looking at Windows 8 BitLocker full-disk encryption and alternatives

You know the deal...check out principlelogic.com/resources for links to hundreds of additional security resources I've written and developed over the past 12 years.

s always, check out principlelogic.com/resources for links to all of my information security whitepapers, podcasts, webcasts, books, and more. - See more at: http://securityonwheels.blogspot.com/search?updated-max=2013-04-23T21:07:00-04:00#sthash.YSHM1H2R.dpuf

Posted in bitlocker, Kevin's security content, mobile security, passwords, risk management, security management, security testing tools, windows 8, windows 8.1, Windows Mobile | No comments

Monday, 7 October 2013

Experiencing problems with authenticated web vulnerability scans? Try NTOSpider.

Posted on 11:38 by Unknown

You're performing authenticated web vulnerability scans, right? If you're not, you're missing out...big time.

When performing authenticated scans, you'll find a whole different set of security flaws likely consisting of session fixation, SQL injection (that often differs among user role levels), weak passwords, login mechanism flaws, and perhaps...just maybe that beloved cross-site request forgery flaw that may or may not be exploitable or even matter in the context of what you're doing.

Bottom line: you need to be testing for flaws behind your web login prompts.

The thing is, though, authenticated web vulnerability scanning can extremely painful and inaccurate at best. If you're not paying attention, your web vulnerability scanner is not going to authenticate properly, it's not going to stay logged in, it's going to continually lock the user account (a major annoyance), or it's not going to properly crawl the entire application. Many of these pains are doubly true if your web applications are using Web 2.0 technologies (can we still call them that?).

Web vulnerability scanners are getting better and better, but the problems with authenticated web vulnerability scans still exist with most scanners I've tried - at least some of the time. Except one...NTObjectives' NTOSpider.

I've written about NTOSpider before (here and here) and in the interest of helping out my fellow IT/security professionals who are performing authenticated web vulnerability scans and experiencing these same pains, I feel I have to say something about NTOSpider again...

Check it out. It works extremely well with authenticated scans. Whatever Dan Kuykendall and his guys are doing to get the tool to establish and maintain state - for the entire scan, without locking up, or taking two weeks to run - it's working. Kudos.

One of the neatest things about NTOSpider is that it will tell you whether or not the scanner is logged in as you can see in the screenshot below:

It's a brilliant feature - something I haven't yet seen on any other web vulnerability scanner. I'm sure some people don't value such a feature (think: "Let's just get this scan done, check our box, and move on!") but it's very useful if you want to make sure your authenticated scans are running properly.

NTOSpider definitely won't find every web security flaw. I haven't yet found a scanner that will. With enough experience, you'll see that this is one of the fundamental problems we have with web vulnerability testing. Relying on a single web vulnerability scanner to find all the flaws is like relying on a single firewall to keep every threat out of your network. It's not going to happen.

NTOSpider is not perfect either. It has several quirks - some of which have been resolved in the latest version 6 (which is much improved). But, again, I haven't yet found a scanner that is perfect.

The only thing that matters is that NTOSpider feels perfect when it ends up getting you out of a bind like it has for me several times now in my web security vulnerability assessment work. Add it to your arsenal of multiple web vulnerability scanners. You won't regret it.

Posted in cool products, penetration testing, security testing tools, vulnerability assessments, web 2.0, web application security | No comments

Friday, 6 September 2013

Sprechen Sie Deutsch? Hacking For Dummies now in German!

Posted on 11:41 by Unknown

Check out the latest foreign-language edition of my book Hacking For Dummies:

Hacking For Dummies is now in 6 languages: English, Estonian, German, Italian, Portuguese, and Simplified Chinese.Very cool.

If you're like me and English is pretty much your only language, you can see more about that version here.

Prost!

Posted in hacking, Kevin's books, message from Kevin | No comments