Saturday, 8 August 2015

Cyber Security Tools



Wireshark
Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source multi-platform network protocol analyzer. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tshark is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).

Metasploit
Metasploit took the security world by storm when it was released in 2004. It is an advanced open-source platform for developing, testing, and using exploit code. The extensible model through which payloads, encoders, no-op generators, and exploits can be integrated has made it possible to use the Metasploit Framework as an outlet for cutting-edge exploitation research. It ships with hundreds of exploits, as you can see in their list of modules. This makes writing your own exploits easier, and it certainly beats scouring the darkest corners of the Internet for illicit shellcode of dubious quality. One free extra is Metasploitable, an intentionally insecure Linux virtual machine you can use for testing Metasploit and other exploitation tools without hitting live servers.

Metasploit was completely free, but the project was acquired by Rapid7 in 2009 and it soon sprouted commercial variants. The Framework itself is still free and open source, but they now also offer a free-but-limited Community edition, a more advanced Express edition ($3,000 per year per user), and a full-featured Pro edition ($15,000 per user per year). Other paid exploitation tools to consider are Core Impact (more expensive) and Canvas (less).

The Metasploit Framework now includes an official Java-based GUI and also Raphael Mudge's excellent Armitage. The Community, Express, and Pro editions have web-based GUIs.

Nessus
Nessus is one of the most popular and capable vulnerability scanners, particularly for UNIX systems. It was initially free and open source, but they closed the source code in 2005 and removed the free "Registered Feed" version in 2008. It now costs $2,190 per year, which still beats many of its competitors. A free “Nessus Home” version is also available, though it is limited and only licensed for home network use.

Nessus is constantly updated, with more than 70,000 plugins. Key features include remote and local (authenticated) security checks, a client/server architecture with a web-based interface, and an embedded scripting language for writing your own plugins or understanding the existing ones.

tcpdump
Tcpdump is the network sniffer we all used before (Wireshark) came on the scene, and many of us continue to use it frequently. It may not have the bells and whistles (such as a pretty GUI and parsing logic for hundreds of application protocols) that Wireshark has, but it does the job well and with less security risk. It also requires fewer system resources. While Tcpdump doesn't receive new features often, it is actively maintained to fix bugs and portability problems. It is great for tracking down network problems or monitoring activity. There is a separate Windows port named WinDump. tcpdump is the source of the Libpcap/WinPcap packet capture library, which is used by Nmap and many other tools.

OpenSSH/PuTTY/SSH
SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network, replacing the hideously insecure telnet/rlogin/rsh alternatives. Most UNIX users run the open source OpenSSH server and client. Windows users often prefer the free PuTTY client, which is also available for many mobile devices, and WinSCP. Other Windows users prefer the nice terminal-based port of OpenSSH that comes with Cygwin. There are dozens of other free and proprietary clients to consider as well.

Ping/telnet/dig/traceroute/whois/netstat
While there are many advanced high-tech tools out there to assist in security auditing, don't forget about the basics! Everyone should be very familiar with these tools as they come with most operating systems (except that Windows omits whois and uses the name tracert). They can be very handy in a pinch, although more advanced functionality is available from Hping and Netcat.

========================================================================
Top 10 Tools

  1. Nessus (vulnerability scanners)
  2. Wireshark (packet sniffers- previously known as Ethereal)
  3. Snort (IDS - intrusion detection system)
  4. Netcat (Netcat)
  5. Metasploit Framework (vulnerability exploitation tools)
  6. HPing2 (packet crafting tools)
  7. Kismet (wireless tools or packet sniffers)
  8. TCPDump {packet sniffers)
  9. Cain and Abel (password crackers or packet sniffers)
  10. John The Ripper (password crackers)

New Tools

  • Metasploit Framework
  • Paros Proxy
  • Aircrack
  • Sysinternals
  • Scapy
  • BackTrack
  • P0f
  • Google
  • WebScarab
  • WebInspect
  • Core Impact
  • IDA Pro
  • Rainbow Crack
  • AngryIP Scanner
  • RKHunter
  • Ike-scan
  • KisMAC
  • OSSEC HIDS
  • Tor
  • Knoppix
  • chrootkit
  • Yersinia
  • Nagios
  • X-scan
  • Socat
  • QualysGuard
  • ClamAV
  • BurpSuite
  • Unicornscan
  • BASE
  • Argus
  • Wikto
  • SGuil
  • IP Filter
  • Canvas
  • VMware
  • OpenVPN
  • OllyDbg
  • Helix
  • Acunetix Web Vulnerability Scanner
  • TrueCrypt
  • Watchfire AppScan


References:

  • http://netsecurity.about.com/od/hackertools/a/top1002006.htm
  • http://sectools.org/
  • http://www.networksasia.net/article/framework-help-make-sense-cybersecurity-tools.1433516707

Sunday, 2 August 2015

Different Technologies & Their Founders

Different Technologies & Their Founders:-

  1. Google: Larry Page & Sergey Brin
  2. Facebook: Mark Zuckerberg
  3. Yahoo: David Filo & Jerry Yang
  4. Twitter: Jack Dorsey & Dick Costolo
  5. Internet: Tim Berners Lee
  6. Linkdin: Reid Hoffman, Allen Blue & Koonstantin Guericke
  7. Email: Shiva Ayyadurai
  8. Gtalk: Richard Wah kan
  9. WhatsApp: Laurel Kirtz
  10. Hotmail: Sabeer Bhatia
  11. Wikipedia: Jimmy Wales
  12. Youtube: Steve Chen, Chad Hurley & Jawed Karim
  13. Rediffmail: Ajit Balakrishnan
  14. Nimbuzz: Martin Smink & EvertJaap Lugt
  15. Myspace: Chris Dewolfe & TomAnderson
  16. Ibibo: Ashish Kashyap
  17. OLX: Alec Oxenford & Fabrice Grinda
  18. Skype: Niklas Zennstrom,JanusFriis­ & Reid Hoffman
  19. Opera: Jon Stephenson von Tetzchner & Geir lvarsoy
  20. Mozilla Firefox: Dave Hyatt & Blake Ross
  21. Blogger: Evan Willams

References:

https://www.facebook.com/parth8641?fref=nf

Thursday, 30 July 2015

Big Data

What is Big Data?

Big data describes a holistic information management strategy that includes and integrates many new types of data and data management alongside traditional data.

Big data is a popular term used to describe the exponential growth and availability of data, both structured and unstructured. And big data may be as important to business – and society – as the Internet has become. Why? More data may lead to more accurate analyses.

Big data is a broad term for data sets so large or complex that traditional data processing applications are inadequate. Challenges include analysis, capture, data curation, search, sharing, storage, transfer, visualization, and information privacy. The term often refers simply to the use of predictive analytics or other certain advanced methods to extract value from data, and seldom to a particular size of data set. Accuracy in big data may lead to more confident decision making. And better decisions can mean greater operational efficiency, cost reductions and reduced risk.

Volume. 

Many factors contribute to the increase in data volume. Transaction-based data stored through the years. Unstructured data streaming in from social media. Increasing amounts of sensor and machine-to-machine data being collected. In the past, excessive data volume was a storage issue. But with decreasing storage costs, other issues emerge, including how to determine relevance within large data volumes and how to use analytics to create value from relevant data.

Velocity.

 Data is streaming in at unprecedented speed and must be dealt with in a timely manner. RFID tags, sensors and smart metering are driving the need to deal with torrents of data in near-real time. Reacting quickly enough to deal with data velocity is a challenge for most organizations.

Variety. 

Data today comes in all types of formats. Structured, numeric data in traditional databases. Information created from line-of-business applications. Unstructured text documents, email, video, audio, stock ticker data and financial transactions. Managing, merging and governing different varieties of data is something many organizations still grapple with.


Characteristics:

Volume

The quantity of generated data is important in this context. The size of the data determines the value and potential of the data under consideration, and whether it can actually be considered big  data or not. The name ‘big data’ itself contains a term related to size, and hence the characteristic.

Variety

This is the category of big data, and an essential fact that data analysts must know. This helps people who analyze the data and are associated with it effectively use the data to their advantage and thus uphold the importance of the big data.

Velocity

‘Velocity’ in this context means how fast the data is generated and processed to meet the demands and the challenges that lie in the path of growth and development.

Variability

This refers to inconsistency the data can show at times—which hampers the process of handling and managing the data effectively.

Veracity

The quality of captured data can vary greatly. Accurate analysis depends on the veracity of source data.

Complexity

Data management can be very complex, especially when large volumes of data come from multiple sources. Data must be linked, connected, and correlated so users can grasp the information the data is supposed to convey.

Applications


  • Government
    •   United States of America
    • India
    • United Kingdom
  • International development
  • Manufacturing
    • Cyber-Physical Models
  • Media
    • Internet of Things (IoT)
    • Technology
  • Private sector
    • Retail
    • Retail Banking
    • Real Estate
  • Science
  • Science and research

Who Uses Big Data:


  • IBM
  • HP
  • EMC
  • Teradata
  • Oracle
  • SAP
  • Microsoft
  • Amazon Web Services
  • VMware
  • Google



Advantages and Disadvantages:

Advantages:

1. Usability: 

All cloud storage services reviewed in this topic have desktop folders for Mac’s and PC’s. This allows users to drag and drop files between the cloud storage and their local storage.

2. Bandwidth: 

You can avoid emailing files to individuals and instead send a web link to recipients through your email.

3. Accessibility: 

Stored files can be accessed from anywhere via Internet connection.

4. Disaster Recovery:  

It is highly recommended that businesses have an emergency backup plan ready in the case of an emergency. Cloud storage can be used as a back‐up plan by businesses

by providing a second copy of important files. These files are stored at a remote location and can be accessed through an internet connection.

5. Cost Savings: 

Businesses and organizations can often reduce annual operating costs by using cloud storage; cloud storage costs about 3 cents per gigabyte to store data internally. Users can see additional cost savings because it does not require internal power to store information remotely.

Disadvantages:


1. Usability: 

Be careful when using drag/drop to move a document into the cloud storage folder. This will permanently move your document from its original folder to the cloud storage location. Do a copy and paste instead of drag/drop if you want to retain the document’s original location in addition to moving a copy onto the cloud storage folder.

2. Bandwidth: 

Several cloud storage services have a specific bandwidth allowance. If an organization surpasses the given allowance, the additional charges could be significant. However, some providers allow unlimited bandwidth. This is a factor that companies should consider when looking at a cloud storage provider.

3. Accessibility: 

If you have no internet connection, you have no access to your data.

4. Data Security: 

There are concerns with the safety and privacy of important data stored remotely. The possibility of private data commingling with other organizations makes some businesses uneasy.

5. Software:

If you want to be able to manipulate your files locally through multiple devices, you’ll need to download the service on all devices.

Big Data Analytics Tools:

More and more tools offer the possibility of real-time processing of Big Data. As Hadoop at the moment does not offer Real-Time Big Data Analytics, other products should be used. Fortunately, there a quite some (open source) tools that do the job well.

Storm

Storm, which is now owned by Twitter, is a real-time distributed computation system. It works the same way as Hadoop provides batch processing as it uses a set of general primitives for performing real-time analyses. Storm is easy to use and it works with any programming language. It is very scalable and fault-tolerant.

Cloudera

Cloudera offers the Cloudera Enterprise RTQ tools that offers real-time, interactive analytical queries of the data stored in HBase or HDFS. It is an integral part of Cloudera Impala, an open source
tool of Cloudera.

Gridgrain

GridGain is an enterprise open source grid computing made for Java. It is compatible with Hadoop DFS and it offers a substitute to Hadoop’s MapReduce. GridGain offers a distributed, in-memory, real-time and scalable data grid, which is the link between data sources and different applications.

SpaceCurve

The technology that SpaceCurve is developing can discover underlying patterns in multidimensional geodata. Geodata is different data than normal data as mobile devices create new data really fast and not in a way traditional databases are used to. They offer a Big Data platform and their tool set a new world record on February 12, 2013 regarding running complex queries with tens of gigabytes per second.

References:

https://en.wikipedia.org/wiki/Big_data
http://www.sas.com/en_us/insights/big-data/what-is-big-data.html
http://www.datamation.com/applications/30-big-data-companies-leading-the-way-1.html
http://bigdata-madesimple.com/5-advantages-and-disadvantages-of-cloud-storage/
https://datafloq.com/read/the-power-of-real-time-big-data/225

Wednesday, 29 July 2015

Microsoft Holograms/HoloLens with Windows 10

Windows Holographic is a mixed reality computing platform by Microsoft, enabling applications in which the live presentation of physical real-world elements is incorporated with that of virtual elements (referred to as "holograms" by Microsoft) such that they are perceived to exist together in a shared environment. A variant of Windows for augmented reality computers (which augment a real-world physical environment with virtual elements) Windows Holographic features an augmented-reality operating environment in which any Universal Windows App can run. In addition, with Holographic APIs, which are part of the Universal Windows Platform, and supported as standard in Windows 10 (including versions for mobile devices and Xbox One), mixed reality features can be readily implemented in any Universal Windows App, for a wide range of Windows 10-based devices.


Microsoft announced Windows Holographic at its "Windows 10: The Next Chapter" press event on January 21, 2015. It is set to be introduced as part of the general roll-out of Windows 10, and showcased in the smart glasses headset Microsoft HoloLens. The Windows 10 launch begins in summer 2015 with release of the PC version, with HoloLens to be released sometime after.



For More Information you can visit the Following Links: 

Windows Holographic/Hologram (en.wikipedia.org)
Microsoft Hololens (www.microsoft.com)

You can also be watch Microsoft HoloLens video on YouTube.com
Here is the Link: Microsoft HoloLens - Transform your world with holograms