Sunday, December 16, 2018

Expose your local service to public: Ngrok, FRP, localtunnel

For many IT workers remotely involved with networking, it is quite common to need to expose your Intranet application to the outside world in a secured manner. Unfortunately, we work most of the time from private IP networks, be that at the workplace, at home or at the coffee shop. The router(s) or firewall (s) that stands between our workstation and the internet makes it harder to expose a local socket to the outside. Most of the time, this is preferable for security.

A couple of solutions you can choose now:
1. Change your router / firewall configuration to do port forwarding or NAT from public to your application. But in many cases, you wont be able to make that changes or you even do not have that options.
2. Tunneling services : either self hosting or cloud services such as:
  • Ngrok
  • FRP 
  • Localtunnel
This post is going to explore some of tunneling services I am using.


Ngrok

Setup & Installation
1. Download ngrok
ngrok is easy to install. Download a single binary with zero run-time dependencies. There are following versions available to download : WinodwsMac OS X Linux Mac (32-bit) Windows (32-bit)Linux (ARM) Linux (32-bit) FreeBSD (64-Bit)FreeBSD (32-bit)

Wednesday, December 12, 2018

Python Cyber Security Testing Tool Collection

Networking

Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library
pypcapPcapy and pylibpcap: several different Python bindings for libpcap
libdnet: low-level networking routines, including interface lookup and Ethernet frame transmission

Saturday, December 8, 2018

Free Network Performance Test tool - Iperf

According to wikipedia Iperf "is a commonly used network testing tool that can create TCP and UDP data streams and measure the throughput of a network that is carrying them. Iperf is a modern tool for network performance measurement written in C++."

This tool has to configure server side and client side to complete a test. It can test from client side to server side , also can test from both direction.

1. Download iperf 3 

The main download site is from https://iperf.fr/iperf-download.php.

2. Start it as server

Running command 'iperf -s' from command line as iperf server (ip address 100.99.136.66).
C:\Tools>iperf -s
------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 8.00 KByte (default)
------------------------------------------------------------
[188] local 100.99.136.66 port 5001 connected with 100.94.200.14 port 48410
[ ID] Interval       Transfer     Bandwidth
[188]  0.0-10.0 sec   121 MBytes   101 Mbits/sec

Friday, December 7, 2018

Understanding GDPR from Security Professional's Perspective

One of the most recent and wide-ranging laws impacting the security profession globally is the European Union's General Data Protection Regulation, or GDPR. As of May 25, 2018, the GDPR is a legal and enforceable act of the European Union.

In this post, we will detail the key findings as a security professional how to work to satisfy the requirements of GDPR.


General Data Protection RegulationGDPR


Chapter 11  2  3  4
Chapter 25  6  7  8  9  10  11
Chapter 312  13  14  15  16  17  18  19  20  21  22  23
Chapter 424  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43
Chapter 544  45  46  47  48  49  50
Chapter 651  52  53  54  55  56  57  58  59
Chapter 760  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76
Chapter 877  78  79  80  81  82  83  84
Chapter 985  86  87  88  89  90  91
Chapter 1092  93
Chapter 1194  95  96  97  98  99

Gartner Magic Quadrant for Identity Governance and Administration (2018,2017,2016,2015,2013)

IGA (Identify Governance and Administration) is a central component of Identity and Access Management (IAM) designed to “manage digital identity and access rights across multiple systems and applications.”  Identity Governance and Administration solutions achieve this by aggregating and correlating identity and permissions data found throughout an enterprise’s digital ecosystem, and then utilizing that data to perform its core functions.

Gartner considers IGA’s core functions to include access requests, access certification, auditing, reporting and analytics, workflow management, entitlement management, and identity life cycle management.  Gartner evaluates IGA (Identity Governance and Administration) vendors based on the completeness of their vision and their ability to execute on their vision and roadmap.


2018
Comparing to 2017, both One Identity and Saviynt come into Leaders quadrant from Challengers. Six vendors are in Leaders quadrant:
  • Oracle since 2013
  • IBM since 2014
  • SailPoint since 2013
  • One Identity
  • CA Technologies
  • Saviynt


Gartner Magic Quadrant for Access Management (2018, 2017, 2016, 2015 )


Today’s businesses require secure 24/7 access to their cloud applications and data, and require more than Web Single Sign-On to propel their business forward. The world has changed, allowing an almost infinite number of identities and accounts on different platforms and devices including cloud, mobile, social, and personal networks. Having an identity and access management strategy in place is more important than ever.

2018 (Second Year)
CA becomes into Visionaries from Leaders. Micro Focus falls into Visionaries from Challengers. Five Leaders in 2018:
  • Microsoft
  • OKTA
  • IBM
  • Oracle
  • Ping Identity

Tuesday, December 4, 2018

Cyber Security Frameworks and Integrated with TOGAF

When cyber security professionals talking about related frameworks, it always comes to two which is ISO and NIST. There are lots of confusions  between them and also between Frameworks and Security architecture methodology. Here is some discussion for those topics I collected from online which I believe at certain points, it clarified some of my confusions.

======================================================================
A Cyber Security Framework is a risk-based compilation of guidelines designed to help organizations assess current capabilities and draft a prioritized road map toward improved cyber security practices. (From Arnab Chattopadhaya 's Enterprise Security Architecture)

Well Known Cyber Security Frameworks
• Sherwood Applied Business Security Architecture (SABSA)
• ISO/IEC 27001 & 27002 (formerly ISO 17799)
• ISO/IEC 31000
• NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-39: Risk Management Framework


Essential security and risk concepts and their position in the TOGAF ADM (Source: TOGAF Security Guide)
Other standards / frameworks related to Cyber Security Frameworks
• COBIT
• ITIL
• COSO
• Other Major IT Cyber Security Frameworks
     -O-ESA
     -O-ISM3
     -Open Fair

From DevOps to DevSecOps


What is DevOps:
DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market. (from AWS)


Prior to 2010,

  • Structured Development methodologies
  • Clent-server
  • Waterfall Model


Now,

  • Moved from structured development methodologies to object-oriented paradigm
  • Moved from client-server to service-oriented architecture
  • Moved from the waterfall model to agile methods

Continuous Integration and Continuous Delivery (CI/CD) relies on the automation of routine work.

Agile and DevOps