Wireshark 2.0.5 Released — World’s Most Popular Network Traffic Analyzer

 Wireshark is widely used as the primary network protocol analyzer by security researchers all across the world. Wireshark 2.0.5, the latest maintenance update, is now available for download with various security fixes and updated network protocols.


If you are into analyzing different network protocols and studying the data packets, then you must have heard about Wireshark. Unlike the other hard-to-operate command line network analyzers, Wireshark comes with a simple graphical interface.
Using Wireshark, one can easily take a look at both wired and wireless network to view the live information. This free and open source tool is available for multiple platforms, including Windows, Linux, and OS X.

Wireshark 2.0.5 released with multiple improvements!

The fifth maintenance update to Wireshark 2.0 series has just been released as the most advanced and stable version of this network protocol analyzer.

The Wireshark 2.0.5 release marks the resolution of more than 20 issues that were reported by the users since the last maintenance release 2.0.4.

Long look problems with RLC and OpenFlow were also fixed along with the infinite problem with WAP, WSP, MMSE, and WBXML.

This release also fixes 9 security flaws and updates the protocol and capture file support. It updates the inbuilt protocol support for 802.11 Radiotap, BGP, CAN, CANopen, H.248 Q.1950, IPv4, IPv6, LANforge, LDSS, MPTCP, OSPF, PacketBB, PRP, RLC, RMT-FEC, RSVP, RTP MIDI, T.30, TDS, USB, WAP, WBXML, WiMax RNG-RSP, and WSP.

It should be noted that the latest release doesn’t bring any new features, protocols, or file format supports.

If you wish to read the complete Wireshark 2.0.5 changelog, you can read the release notes released by this open source project.

Wireshark source code and latest stable release can be downloaded from their website.
Saturday, 30 July 2016
Posted by Sivapriya
1 Comment
Tag : , ,

How to Start Your Security Specialist Career

Struggles and challenges becomes more difficult if you don’t know where to start. If you graduated from a very promising school, but don’t have the required experience and skills need to land the job, the chances of your resume being viewed by prospective employers might be slim. Information from this article is based from my personal experience and from experiences shared by mentors.


TIME. Time is the most valuable asset you need to spend in order to acquire the necessary learning and skill-sets. Most people I know who got a job spent more than 3 years working in various cyber sectors, which lead them to have the expertise.

MONEY. Yes, money, money and money. Now that you have allotted enough time to learn what it takes, you need decent amount of money to attend a review class then buy your voucher to get certificated.

CERTIFICATION. Why do you need certifications? Your skills will be validated by an institution to accredit your knowledge, experience and expertise.

Below are areas you can start to study and work in/with:
  • CompTIA A+
  • CompTIA Network +
  • MCSA
  • MOUS
  • Python, Java, html, sql, C, C#
  • Linux
Our Institute Location:  
Redback IT Solutions Private Limited,  
#AL 24 TNHB PHASE III, 
Sathuvacheri,( Near Vallalar Water Tank)  
Vellore. 632602 

Contact :  
Training Coordinator  
+91 8189985551 

Wednesday, 20 July 2016
Posted by Sivapriya
0 Comments
Tag : , , , ,

How Do Hackers Easily Crack Your Strongest Passwords — Explained

Apart from knowing the best methods to create a strong password, one should also be aware of the techniques used by hackers to crack them. The recent torrent of massive data breaches has made the jobs of hackers even easier as they are able to access the dumped data easily. In an explainer video, YouTube channel Computerphile explains the process of password cracking and the mistakes one commits while creating a new password.

Password storage and its encryption is a common question that’s often discussed in the cyber security world. At many occasions, when people mention encrypted passwords, they really mean hashed passwords. Unlike encryption, a password that’s undergone the hashing process, can’t be reversed using the same key.

However, thanks to the leaked password hashes on the file-sharing websites and dark web, our passwords are less secure than ever. Some of the latest data breaches affected millions of LinkedIn and TalkTalk users.

For a hacker, getting access to these password hashes, extracting real passwords and using them to compromise the online accounts isn’t a tough task. Using the same technique, the hackers are now increasingly targeting the social media accounts of technology CEOs–Mark Zuckerberg, Jack Dorsey, Marissa Mayer–and Hollywood celebrities.

Well, even if you are using a super safe password that has been created using some advanced techniques, these massive breaches have made them unsafe.

This process has been explained in an exceptional manner by the YouTube channel Computerphile.

https://www.youtube.com/watch?v=7U-RbOKanYs&feature=youtu.be

This cracking video shows a deep learning beast that uses 4 NVIDIA GPUs and a password cracking tool called Hashcat. Hashcat lets you do different types of password cracking. Thanks to these GPUs, Hashcat takes billions of plain-text passwords and hashes them using MD5 at a rate of 40 billion per second.


The presenter explains the process in detail and tells you the best practices that should be adopted while creating a new password. It’s always good to avoid small combinations and dictionary words in your password. I’ll also suggest you to keep changing your passwords from time-to-time.

Tuesday, 19 July 2016
Posted by Sivapriya
0 Comments

Ethical Hacking Course in Vellore

Ethical Hacking Course in Vellore | Kanchipuram | Gudiyatham


hacking course in Chennai
Ethical Hacking! An action performed by a hacker to malfunction a system or an entire network with an intention to interrupt or crash the framework bypassing all the security issues such as a strong password set by the owner of the Network. Whereas a company look into this technique in a different way i.e; the companies uses these strategies in order to increase their security in a hacker point of view. This is what you will be learning at our ethical hacking course in Vellore. The training offered here will make you face the obstacles that are posted in the real time hacking industries.
According to an old saying “Be a roman, when you are in roman”, to become an ethical hacker you should turn in to one. The demand for ethical hacker is increasing worldwide, though it is the highest paid job in India as well as abroad. Unhappily there are less number of ethical hackers are available to fill out the opened positions in leading companies in the world. Our ethical hacking course would act as a gateway for you to enter in to a reputed concern. For this all you have to do is to join Redback Academy and pursue your ethical hacking training.
Our procedure lies in training our students in all the perspective that a professional hacker would thick. Since our trainers are present employees of foremost hacking companies, they would give you real time training on how to hack tiny network. Through which you will be gaining the knowledge of how to face an actual work environment. This includes, understanding the tools required for hacking and pace of environment where all the action will be held. These are our talent that we are implementing in teaching hacking course in Vellore for a long time.
Our teaching would be completely a practical one, with minimal number of theory classes. Students are allowed to take advantage of our Lab facility at the time we are opened. We do provide an International certification to our students on successful completion of the training and that would be from EC council. You can contact us at any time for a free demo class to get an in depth knowledge about the course that you are about to learn. We are ready to help you with all our effort to make you a ethical hacker as soon as possible. Don’t just wait anymore, call us now to enroll for the course.
Ethical Hacking Course Syllabus:
  • Introduction to Ethical Hacking
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Sniffers
  • Social Engineering
  • Denial of Service
  • Session Hijacking
  • Hacking Webservers
  • Hacking Web Applications
  • SQL Injection
  • Hacking Wireless Networks
  • Hacking Mobile Platforms
  • Evading IDS, Firewalls, and Honeypots
  • Buffer Overflow
  • Cryptography
  • Penetration Testing
Why Ethical Hacking Course in Vellore at Redbakacademy?
  • We provide innovative and practical teaching methods in attempt to make learning more interactive.
  • We are open 7 days a week. You can enjoy the flexibility of weekday and weekend schedules based on your convenience.
  • At the end of the course, each student will be assigned with mini project. In addition, we also give the opportunity of working in real time projects based on their ability.
  • Our training institute is facilitated with high-end infrastructure and lab facility.
  • Intensive training through certified by ethical hackers working in leading MNCs
  • In depth subject coverage and excellent training
  • We also offer 100% placement assistance to our students to make impressive presence in reputed web design industries.
Looking for best Ethical Hacking Training Course in Chennai? Enroll in FITA. Get Trained by Certified Ethical Hacker and become one!
Related search terms: Ethical hacking course in Vellore, kanchipuram, Chittor, Gudiyatham, Chennai, Ethical hacking course, Hacking course in Vellore, kanchipuram, Chittor, Gudiyatham, Chennai, Ethical hacker course in Vellore, kanchipuram, Chittor, Gudiyatham,Chennai, Ethical hacking training in Chennai, Ethical hacker training in Chennai, Ethical hacking course in Vellore, kanchipuram, Chittor, Gudiyatham,Chennai, Best ethical hacking institute in Vellore,kanchipuram, Chittor, Gudiyatham,Chennai, Ethical hacking training center in Vellore, kanchipuram,Chittor, Gudiyatham,Chennai, Ethical hacking training institutes in Vellore,kanchipuram,Chittor,Gudiyatham,Chennai, Ethical Hacking Course in Vellore,kanchipuram,Chittor,Gudiyatham,Chennai, Ethical Hacking Course in Chennai, Ethical Hacking Course in vellore.
Saturday, 16 July 2016
Posted by Sivapriya
1 Comment

Teardrop Attack : What Is It And How Does It Work?

Teardrop attack is a type of Denial of Service (DoS) attack which exploits the fragment offset field in the IP header to produce buggy fragments which are then delivered to the target machine. Unable to rearrange the fragments, the victim keeps on accumulating the fragments until it crashes.


As the name suggests, the Teardrop Attack works gradually by sending the fragmented packets to a target machine. It’s a type of a denial-of-service (DoS) attack which overwhelms the target machine with the incomplete data so that the victim crashes down.

In Teardrop Attack, fragmented packets that are sent in the to the target machine, are buggy in nature and the victim’s machine is unable to reassemble those packets due to the bug in the TCP/IP fragmentation.

In this way, the packets keep on getting accumulated over the victim’s machine and finally due to the buffer overflow, the target machine crashes down.
How Teardrop Attack works?
Here, I am taking a reference from the Juniper’s technical publication to illustrate how does it work —

As you can see in the above figure of IP header, which operates at the network layer, there is a field called fragment offset field.

Teardrop Attack and Fragment Offset:

Understand it like this — When a large amount of data is sent across the internet, the data is broken into the smaller fragments. Each of these fragments is assigned a number. When they reach the receiving end, these fragments are rearranged to reproduce the original data or message.
To identify the sequencing of the fragments, the fragment offset field holds the necessary information using which the target machine rearranges the sequence.
However, in the Teardrop Attack, the fragment offset field is made buggy by the hacker so the victim’s machine is unable to find the relative fragments.
So, as the name suggests, the buggy packets keep on accumulating at the victim’s side like teardrops and ultimately it leads to the machine crash.
However, modern networking devices can detect this discrepancy in a fragmented packet. Once they detect the problem, they simply drop the packet.

For More Details Contact :   
Redback IT Academy
#AL 24 , TNHB Phase III,
Sathuvacheri
Vellore.
Contact : +91 8189985559
Tuesday, 28 June 2016
Posted by Sivapriya
0 Comments
Tag : ,

Top 10 Common Hacking Techniques You Should Know About

Using simple hacks, a hacker can know about your personal unauthorized information which you might not want to reveal. Knowing about these common hacking techniques like phishing, DDoS, clickjacking etc. could come handy for your personal safety.


Unethical hacking can be called an illegal activity to get unauthorized information by modifying a system’s features and exploiting its loopholes. In this world where most of the things happen online, hacking provides wider opportunities for the hackers to gain unauthorized access to the unclassified information like credit card details, email account details, and other personal information.

So, it is also important to know some of the hacking techniques that are commonly used to get your personal information in an unauthorized way.

1. Keylogger
Keylogger is a simple software that records the key sequence and strokes of your keyboard into a log file on your machine. These log files might even contain your personal email IDs and passwords.

Keylogger is one of the main reasons why online banking sites give you an option to use their virtual keyboards.

2. Denial of Service (DoS\DDoS)
A Denial of Service attack is a hacking technique to take down a site or server by flooding that site or server with a lot of traffic that the server is unable to process all the requests in the real time and finally crashes down.

For DDoS attacks, hackers often deploy botnets or zombie computers which have got the only work to flood your system with request packets.

3. Waterhole attacks
If you are a big fan of Discovery or National Geographic channels, you could relate easily with the waterhole attacks. To poison a place, in this case, the hacker hits the most accessible physical point of the victim.

For example, if the source of a river is poisoned, it will hit the entire stretch of animals during summer. In the same way, hackers target the most accessed physical location to attack the victim. That point could be a coffee shop, a cafeteria etc.

Once hackers are aware of your timings, they might create a fake Wi-Fi access point and modify your most visited website to redirect them to you to get your personal information.

4. Fake WAP
Even just for fun, a hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected the fake WAP, a hacker can access your data, just like in the above case.

5. Eavesdropping (Passive Attacks)
Unlike other attacks which are active in nature, using a passive attack, a hacker just monitors the computer systems and networks to gain some unwanted information.

The motive behind eavesdropping is not to harm the system but to get some information without being identified.

6. Phishing
Phishing is a hacking technique using which a hacker replicates the most-accessed sites and traps the victim by sending that spoofed link.

Once the victim tries to login or enter some data, the hacker gets that private information of the target victim using the trojan running on the fake site.

7. Virus, Trojan etc.
Virus or trojans are malicious software programs which get installed into the victim’s system and keeps sending the victims data to the hacker.

8. ClickJacking Attacks
ClickJacking is also known by a different name, UI Redress. In this attack, the hacker hides the actual UI where the victim is supposed to click.

In another word, the attacker hijacks the clicks of the victim that aren’t meant for the exact page, but for a page where the hacker wants you to be.

9. Cookie theft
The cookies of a browser keep our personal data such as browsing history, username, and passwords for different sites that we access. Once the hacker gets the access to your cookie, he can even authenticate himself as you on a browser.

10. Bait and switch
Using bait and switch hacking technique, the hacker runs a malicious program which the user believes to be authentic. This way, after installing the malicious program on your computer, the hacker gets unprivileged access to your computer.

To Learn Hacking :
Contact us : Redback IT Solutions Private Limited
                      #AL – 24 TNHB Phase III,
                       Sathuvacheri,
                       Vellore.
Call us : +91 8189985551

Mail us : training@redbacks.in 
Tuesday, 7 June 2016
Posted by Sivapriya
0 Comments
Tag : ,

How to avoid phishing attacks

1. Keep the network out of reach of criminals
According to the Verizon data breach investigation report published last month, phishing remains a major data breach weapon of choice. Trend Micro added that ransomware is expected to be one of the biggest threats in 2016 and that a single ransom demand will go much higher, reaching seven figures.
Remember, cyber criminals are lazy. If your organization is a tough nut to crack, they will move on to find more low hanging fruit.

2.Launch phishing simulations
Running phishing simulations followed by ad hoc, gamified training is a proven tool to increase awareness and reduce risk. Repeat the process at least once every two months - changing behavior is a process. Training is important, but continuous assessment is even better to set the right mindset.

3.Use Gamification as training methodology
Let’s admit it, people hate training. They are sick and tired of videos and training wizards with boring slides and bullets. Meanwhile, for us, the security managers, it’s not really measurable. This is why interactive training or ‘gamification’ is much more engaging. Plus, people love to get high scores to collect awards, so why not? Create fun and interactive games to deliver your messages.

4.Definitely include your senior management
They are main targets, especially for spear and whale phishing. Make no exceptions. Publicly promote their participation. It’s a good example for the rest of the company.

5.Use real-life examples
It’s best to hit your employees with emails they might actually receive. Change difficulty levels and start from the ground up. Don’t expect people to understand advanced phishing examples from day one. Teach them step by step on both phishing scenarios and training modules.

6.Enforce training, and follow employee progress
To make it effective, employees must understand this is serious. They need to be reminded if they ditched the training. It’s your job to make sure they like it. It’s all about the messaging. They need to understand that they have a critical role in protecting the company and its assets.

7.Encourage ongoing phishing reports
Make sure each and every employee knows how to report back to the security team about suspicious emails. Many people tend to believe that the technology on premise will automatically stop all malicious emails and attachments for them. Make sure they understand that they are an active line of defense.

8.Ever vigilant
Phishing is the No.1 vehicle used by cyber criminals to deliver malicious software to your organization. The level of sophistication is increasing dramatically so traditional defenses are lagging behind. Make sure people are aware of the risk and well trained to spot and report it as it happens.

Tuesday, 31 May 2016
Posted by Sivapriya
0 Comments

widget

Pageviews

Cloud Label

Blogumulus by Roy Tanck and Amanda Fazani

- Copyright © 2013 Redback IT Academy -- Powered by Redback - Designed by @ Redback Studio -