Networking
Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library
libdnet: low-level networking routines, including interface lookup and Ethernet frame transmission
Dropdown Menu
Wednesday, December 12, 2018
Saturday, December 8, 2018
Expose your local service to public: Ngrok, FRP, localtunnel
For many IT workers remotely involved with networking, it is quite common to need to expose your Intranet application to the outside world in a secured manner. Unfortunately, we work most of the time from private IP networks, be that at the workplace, at home or at the coffee shop. The router(s) or firewall (s) that stands between our workstation and the internet makes it harder to expose a local socket to the outside. Most of the time, this is preferable for security.
A couple of solutions you can choose now:
1. Change your router / firewall configuration to do port forwarding or NAT from public to your application. But in many cases, you wont be able to make that changes or you even do not have that options.
2. Tunneling services : either self hosting or cloud services such as:
Ngrok
Setup & Installation
1. Download ngrok
ngrok is easy to install. Download a single binary with zero run-time dependencies. There are following versions available to download : Winodws, Mac OS X Linux Mac (32-bit) Windows (32-bit)Linux (ARM) Linux (32-bit) FreeBSD (64-Bit)FreeBSD (32-bit)
A couple of solutions you can choose now:
1. Change your router / firewall configuration to do port forwarding or NAT from public to your application. But in many cases, you wont be able to make that changes or you even do not have that options.
2. Tunneling services : either self hosting or cloud services such as:
- Ngrok
- FRP
- Localtunnel
NgrokSetup & Installation
1. Download ngrok
ngrok is easy to install. Download a single binary with zero run-time dependencies. There are following versions available to download : Winodws, Mac OS X Linux Mac (32-bit) Windows (32-bit)Linux (ARM) Linux (32-bit) FreeBSD (64-Bit)FreeBSD (32-bit)
Free Network Performance Test tool - Iperf
According to wikipedia Iperf "is a commonly used network testing tool that can create TCP and UDP data streams and measure the throughput of a network that is carrying them. Iperf is a modern tool for network performance measurement written in C++."This tool has to configure server side and client side to complete a test. It can test from client side to server side , also can test from both direction.
1. Download iperf 3
The main download site is from https://iperf.fr/iperf-download.php.
2. Start it as server
Running command 'iperf -s' from command line as iperf server (ip address 100.99.136.66).C:\Tools>iperf -s
------------------------------------------------------------Server listening on TCP port 5001TCP window size: 8.00 KByte (default)------------------------------------------------------------[188] local 100.99.136.66 port 5001 connected with 100.94.200.14 port 48410[ ID] Interval Transfer Bandwidth[188] 0.0-10.0 sec 121 MBytes 101 Mbits/sec
Friday, December 7, 2018
Understanding GDPR from Security Professional's Perspective
One of the most recent and wide-ranging laws impacting the security profession globally is the European Union's General Data Protection Regulation, or GDPR. As of May 25, 2018, the GDPR is a legal and enforceable act of the European Union.
In this post, we will detail the key findings as a security professional how to work to satisfy the requirements of GDPR.
In this post, we will detail the key findings as a security professional how to work to satisfy the requirements of GDPR.
General Data Protection RegulationGDPR
| Chapter 1 | – | 1 2 3 4 |
| Chapter 2 | – | 5 6 7 8 9 10 11 |
| Chapter 3 | – | 12 13 14 15 16 17 18 19 20 21 22 23 |
| Chapter 4 | – | 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
| Chapter 5 | – | 44 45 46 47 48 49 50 |
| Chapter 6 | – | 51 52 53 54 55 56 57 58 59 |
| Chapter 7 | – | 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
| Chapter 8 | – | 77 78 79 80 81 82 83 84 |
| Chapter 9 | – | 85 86 87 88 89 90 91 |
| Chapter 10 | – | 92 93 |
| Chapter 11 | – | 94 95 96 97 98 99 |
Gartner Magic Quadrant for Identity Governance and Administration (2018,2017,2016,2015,2013)
IGA (Identify Governance and Administration) is a central component of Identity and Access Management (IAM) designed to “manage digital identity and access rights across multiple systems and applications.” Identity Governance and Administration solutions achieve this by aggregating and correlating identity and permissions data found throughout an enterprise’s digital ecosystem, and then utilizing that data to perform its core functions.
Gartner considers IGA’s core functions to include access requests, access certification, auditing, reporting and analytics, workflow management, entitlement management, and identity life cycle management. Gartner evaluates IGA (Identity Governance and Administration) vendors based on the completeness of their vision and their ability to execute on their vision and roadmap.
2018
Comparing to 2017, both One Identity and Saviynt come into Leaders quadrant from Challengers. Six vendors are in Leaders quadrant:
Gartner considers IGA’s core functions to include access requests, access certification, auditing, reporting and analytics, workflow management, entitlement management, and identity life cycle management. Gartner evaluates IGA (Identity Governance and Administration) vendors based on the completeness of their vision and their ability to execute on their vision and roadmap.
2018
Comparing to 2017, both One Identity and Saviynt come into Leaders quadrant from Challengers. Six vendors are in Leaders quadrant:
- Oracle since 2013
- IBM since 2014
- SailPoint since 2013
- One Identity
- CA Technologies
- Saviynt
Gartner Magic Quadrant for Access Management (2018, 2017, 2016, 2015 )
Today’s businesses require secure 24/7 access to their cloud applications and data, and require more than Web Single Sign-On to propel their business forward. The world has changed, allowing an almost infinite number of identities and accounts on different platforms and devices including cloud, mobile, social, and personal networks. Having an identity and access management strategy in place is more important than ever.
2018 (Second Year)
CA becomes into Visionaries from Leaders. Micro Focus falls into Visionaries from Challengers. Five Leaders in 2018:
- Microsoft
- OKTA
- IBM
- Oracle
- Ping Identity
Tuesday, December 4, 2018
Cyber Security Frameworks and Integrated with TOGAF
When cyber security professionals talking about related frameworks, it always comes to two which is ISO and NIST. There are lots of confusions between them and also between Frameworks and Security architecture methodology. Here is some discussion for those topics I collected from online which I believe at certain points, it clarified some of my confusions.
======================================================================
A Cyber Security Framework is a risk-based compilation of guidelines designed to help organizations assess current capabilities and draft a prioritized road map toward improved cyber security practices. (From Arnab Chattopadhaya 's Enterprise Security Architecture)
Well Known Cyber Security Frameworks
• Sherwood Applied Business Security Architecture (SABSA)
• ISO/IEC 27001 & 27002 (formerly ISO 17799)
• ISO/IEC 31000
• NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-39: Risk Management Framework
Other standards / frameworks related to Cyber Security Frameworks
• COBIT
• ITIL
• COSO
• Other Major IT Cyber Security Frameworks
-O-ESA
-O-ISM3
-Open Fair
======================================================================
A Cyber Security Framework is a risk-based compilation of guidelines designed to help organizations assess current capabilities and draft a prioritized road map toward improved cyber security practices. (From Arnab Chattopadhaya 's Enterprise Security Architecture)
Well Known Cyber Security Frameworks
• Sherwood Applied Business Security Architecture (SABSA)
• ISO/IEC 27001 & 27002 (formerly ISO 17799)
• ISO/IEC 31000
• NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-39: Risk Management Framework
 |
| Essential security and risk concepts and their position in the TOGAF ADM (Source: TOGAF Security Guide) |
• COBIT
• ITIL
• COSO
• Other Major IT Cyber Security Frameworks
-O-ESA
-O-ISM3
-Open Fair
From DevOps to DevSecOps
What is DevOps:
DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market. (from AWS)
Prior to 2010,
- Structured Development methodologies
- Clent-server
- Waterfall Model
Now,
- Moved from structured development methodologies to object-oriented paradigm
- Moved from client-server to service-oriented architecture
- Moved from the waterfall model to agile methods
Continuous Integration and Continuous Delivery (CI/CD) relies on the automation of routine work.
Agile and DevOps
Subscribe to:
Posts (Atom)