35 posts categorized "Cyber Crime" Feed

A Closer Look at UDP Sessions (by Dr. Jin Qian)

A Closer Look at UDP (User Datagram Protocol) Sessions

For many network and security professionals, analyzing network packets for trouble-shooting and security investigation is a daily routine.  One of the most common actions in the analysis is to “follow” a TCP session: display all the packets belonging to a TCP session.

It's well known that a TCP session consists of all the TCP packets that have the same tuple:  from a client IP and port  to a server IP and port or, conversely, from a server IP and port to a client IP and port.   For a UDP session, many professionals will likely think that the same principle will work for UDP, just as in the case of TCP, but unfortunately, that is not the case.  A UDP session is only defined by the client IP and port.  As a result, packets from the same UDP session can be to/from different server IP and port pairs.

 Super graphic and discussion from https://elguber.wordpress.com/

Some readers may wonder why this communication method for UDP sessions is the way it is. The answer lies in the network programming: when an application needs to communicate using UDP, it will bind to a local IP and port. After the binding, this socket can send to and receive from any server and port pair. In other words, all the packets from/to the local IP and port will be relevant to the same UDP-based application.

With this understanding, let's look at two network scenarios.

 

Continue reading "A Closer Look at UDP Sessions (by Dr. Jin Qian)" »


LMTV HomeLAN Alerts | IRS & NSA: Are You Scared Enough? (by the Oldcommguy)



Youtube Live: Wednesday, August 17, 2016 - 9:30 AM PST


LMTV HomeLAN BannerThis week's LMTV is returning to our HomeLAN Security theme. Our Oldcommguy and his friends will be talking about the following and other other generalized HomeLAN safety issues.

  • The ongoing IRS phone Scam
  • The latest NSA Breach worth 545M$
  • More Windows 10 personal security issues
  • Intel’s Advance Management issues


Click to read other LMTV posts by contributors of LoveMyTool »


LMTV LIVE | Cyber Security for SCADA Networks (with David Thomason of Thomason Technologies)



Live Event: Wednesday, August 3, 2016 - 9:30 AM PST


416939We will be talking with David Thomason this week, who is the Founder and President of Thomason Technologies, a cyber security company located in San Antonio, TX and since 2007, has been providing solutions for both traditional as well as SCADA (industrial control) networks.

Historically, security products have been viewed as difficult to use and expensive hindrances to workplace productivity. Management cringed at the thought of security products slowing their networks to a crawl and bogging down the flow of information. These limitations are no longer true, as you will learn from David this week.


David-Head-shot-1024x805Prior to founding Thomason Tech, David, was the Senior Director of Security Engineering at Sourcefire, leading a team of over 25 security engineers and consultants. David started his career in computer security in 1986, working in the United States Air Force, serving Electronic Security Command, the Air Intelligence Agency, the Air Force Information Warfare Center (AFIWC) and the Air Force Computer Emergency Response Team (AFCERT).

While working as an incident response team lead for the AFCERT, David was the first person to have three hackers apprehended in separate security incidents. Since then, David has provided security services including security deployments, incident response, risk assessments, penetration tests, and vulnerability assessments for well over 100 companies.


Optimizing Network Security with Packet Intelligence (by Tom Rowley)

Optimizing Network Security with Packet Intelligence !

Enterprise security teams devote an incredible amount of resources to monitoring and defending their networks. Everyone knows there are professional grade tools that can monitor networks 24x7 providing detailed information about usage as well as enabling the in-depth examination of captured traffic once an Intrusion Detection System (IDS) has identified an activity that needs to be investigated.

Given the amount of success that attackers are having in penetrating network defenses and the deluge of alerts and alarms network teams deal with from IDS on a daily basis, enterprises are in need of better tools and training to go beyond the typical prevention, detection and response security protocols to effectively deal with incident response.

In today’s world, intelligent packet capture is the answer. Most modern forensic investigation solutions (FI) enable network security teams to capture and save a historical record of network activities that occur from the moment an attack is detected. But, one common weakness in existing forensic investigation solutions is that they don’t provide critical packet-level data from the period of time immediately BEFORE attacks are detected.

Is your network locked or not

Consider this example:

Continue reading "Optimizing Network Security with Packet Intelligence (by Tom Rowley)" »


Apple, Apple, Apple! Apple versus the United States FBI! (by The Oldcommguy®)

Apple, Apple, Apple!

The silly battle of Apple versus the United States Courts and the FBI!

In my humble opinion this has turned out to be one of Apple’s greatest marketing events in years, maybe forever.

Apple is trying to tell its users that Apple will protect their privacy from the big bad FBI and other Governmental access!

The reality is that all this should never have gotten into the news world. Apple is a U.S. company and should have been a good citizen and quietly told the FBI to send the phone and they would quietly get the information for them. This is NOT just any person’s phone – first it is the phone of a dead individual and secondly it is the phone of a terrorist and third it is the phone of a murderer that could be filled with intelligence that may help stop the next deadly attack!

This big media event is nothing but a big market show from Apple and it is getting a lot of silly attention, what for? I wonder how many people will now decide to buy Apple products, I am sure the terrorists will, but is that a good market? Apple enjoys the freedom to make billions as a U.S. company but when it came time to be a good citizen they decided to be a bunch of hypocrites and actors in a fictitious marketing event!

Bad worm w pointerApple do not be a bad worm with a Great Technology!

 

Continue reading "Apple, Apple, Apple! Apple versus the United States FBI! (by The Oldcommguy®)" »