Month: May 2015

Cybersecurity “Exploitation” using Kali Linux

/ Miguel Bigueur / Leave a comment

nextgov-medium

The purpose of this document is to perform a penetration test using two different methodologies to exploit and gain unauthorized access to vulnerable computer systems using a set of penetration testing tools including, Nexpose, Kali Linux, and Metasploitable. These tools are designed to demonstrate common vulnerabilities and subsequently exploit them, which allows security administrators to formulate a plan in regards to remediation and prevention of an actual attack. The purpose of penetration testing is to attempt to access resources without knowing usernames, passwords, and/or any other means of authorized security authentication procedures that may exist for a particular organization or individual. An important thing to consider is the only thing differentiating a penetration tester (White Hat Hacker) from an attacker (Black Hat Hacker) is permission from the attacked to allow it to happen.

Continue reading

How to Spoof a MAC

/ Miguel Bigueur / Leave a comment
What is a MAC Address?

A MAC address is a unique identifier that’s associated to an individual network interface card (NIC). I like to think of them like a Social Security Number for a computer i.e. they are unique and only exist for that particular computer. MACs are what allows the Internet to work, for without them, there would be no Internet.

MAC addresses are also referred to as Hardware Addresses or Physical Addresses that uniquely identify network interface cards on a Local Area Network (LAN). MAC addresses are 12-digit hexadecimal numbers equaling 48 bits or 6 bytes in length. As illustrated in figure 1 below, the first 3 bytes are referred to as the Organizational Unique Identifier or (OUI). This essentially identifies the manufacturer or vender of the physical network card. The last set of 3 bytes represents the specific ID assigned by the manufacturer to that particular network adapter.

Continue reading

Wi-Fi Analysis

/ Miguel Bigueur / Leave a comment

 

wifi

Wireless Network WiFi

I will examine Wi-Fi networks and explore the reasoning behind why certain features and options are used or not and how they affect the operation as well as the security of the network. The 802.11 suites of protocols define standards that are drafted and managed by the Institute of Electrical and Electronics Engineers (IEEE). Although most people believe that Wi-Fi and 802.11 are synonymous with each other, the fact is that Wi-Fi is actually a subset of the 802.11 protocols, which is managed by the Wi-Fi Alliance, who were formed in 1999 by several visionary companies. This paper will examine the 802.11n and 802.11ac protocols in particular.

Continue reading

“Cybersecurity” Secured Network Proposal by, Miguel Bigueur

/ Miguel Bigueur / Leave a comment

Cyber-Security-(2)

Abstract

            Computer networks are more advanced today than ever. More and more users are demanding greater access to these systems and as a result administrators are tasked with the dilemma of securing these highly complex networks. Many systems at one time had the luxury of relying on basic firewall implementations, which consisted of IP filtering and port blocking. In todays society this is no longer an option. As today’s computer network systems advance, so do the intruder’s methods who wish to wreak havoc upon them. One such advancement in network security is the implementation of an IDS/IPS (Intrusion Detection System/Intrusion Prevention system). An IDS/IPS is a great addition to any unified threat management system, which can help thwart off an attacker’s advance or slow them down long enough to initiate alternative security measures. This paper will also explore the costs savings of outsourcing computing resources in conjunction with the security benefits and/or security vulnerabilities associated with doing so. Continue reading