DNS Sinkhole Setup : Your defense against Bot net controllers

According to statistics published in csoonline.com cyber crimes damages will hit 6 trillion by 2021 and 6 billion people target ( 75% of projected 8 billion population).  As the access to network is increasing,  hacking and committing cyber crime has become as easy as sending a email with malware link and its clicking by unsuspecting victims.

A botnet consists of a  number of  compromised hosts  controlled by botnet controller managed by third parties .  Bot net constitutes a major security threat and used to deploy malware, steal sensitive data, orchestrate DDoS attack.  Once systems inside a network are compromised by installing malware it becomes very difficult to detect as the theft of data and sources of DDoS is orchestrated from within the network.

DNS sink hole is a process to identify the bot net master hosting malware software servers and assign the dns record of these hosts to localhost, non-existing or unused ip address . A  valid ip is not returned for these host resolution and the infected host never connects to the bot net master server.

In order to understand how DNS Sink hole work we need to understand the bot net structure and its organization.

 How a bot network is organized and activated ?

The initial part involves getting access to inside corporate network.  This can be achieved in many ways like using brute force method to crack the passwords and encrypted data and other approach is rather simple, involving sending a link in email and betting on the chances that some users will click the link and deploy malware on their computers.

Global Enterprise Mobility Trends

The landscape of enterprise mobility has seen numerous exciting developments that continue to shape the industry towards sustainable growth on a global scale. More and more organizations are viewing enterprise mobility as a priority rather than a mere project. In fact, recent statistics indicate that 71% of enterprise across the world regard mobility as a top priority and the market is anticipated to reach a valuation of US$510.39 billion by the end of 2022.

find command : 14 Ways to find files in Unix and Linux

find command is one of the important command in Unix and Linux used to locate the program, text,  data , log config files for execution, viewing ,  editing  renaming deleting etc. etc.

find command can find files based on many file attributes besides just the file name and here are the fifteen file  attributes which you can use to find a file or files and here are 14 ways to find files in your unix and linux system.

KRACK – Key Reinstallation Attacks on WPA2 Protocol

Introduction

KRACK is a security flaw with WPA2  security and it allows to  compromise wireless WPA security  by forcing nonce reuse .

This is not an issue related to passwords but the protocol used by WPA and impacts pretty much all devices which uses wi-fi connection like phone, computers, wi-fi routers are impacted.

Red Hat 7.x Installation : Step by Step Guide

Installation and Configuration of RHEL 7.x
Learn about Installation and initial configuration of Red Hat Enterprise Linux, RHEL 7.3
For this Linux step by step installation guide we will use RHEL 7.3  64Bit iso image, the installation procedure is same for all RHEL 7.x releases in case you want to use a different RHEL version to install.

Here are the 10 Steps to Install RHEL 7.x distribution.

Linux PIE/stack corruption (CVE-2017-1000253) Bug and Security Vulnerability

About CVE-2017-1000253 Bug:

This issue is related to the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader can allow part of that application’s data segment to map over the memory area reserved for its stack.
It  can cause memory corruption and may allow an unprivileged local user to gain privileged access using Set owner User ID (SUID) or privileged flawed PIE binary.

Ideas for Choosing the Perfect Writer’s Laptop

In the modern era, a computer – especially laptop – is the essential tool for aspiring writers. Indeed,writer with pen you probably don’t lay your hands on a typewriter anymore unless you are a very old school person. The modern laptops are much better tools for those who have something to say and want to put in on paper or Internet. Me, being some kind of a writer as well, have been using ASUS ZenBook for a couple of years. It is a good writer’s notebook however not the only successful choice. In this article, I will point out some things important for a writer on a laptop hunt.

netstat – 10 Most common usage with examples

netstat is a command line utility in Unix, Linux and Unix like systems to show information about

  • network connections,
  • routing tables,
  • interface statistics,
  • mas-querade connections
  • multicast memberships

By default, netstat displays a list of open sockets of all configured address families , tcp , udp etc.
netstat provide very extensive network details and here are the top netstat usage with different options to get you the just the information you need.

How to Build a Winning Business Model in Enterprise Mobility

Strategy, business models, and tactics are often used interchangeably but they differ slightly in their actual meaning. Business model is the means of identifying a solution’s key offerings that will make customers pay for the product/service.

Business model is defined at the outset, when the enterprise mobility solutions are discussing a potential application idea. It is crucial to get all aspects of the business model right, and the ambiguities (if any) listed and categorized as ‘needed to be addressed before development’ or ‘can be expounded on later’.

chmod Quick Referance with Examples

What is chmod ?

chmod ( Change Mode ) is a command line utility in Unix , Linux and other Unix like systems to change the read, write, execute permissions of a file for owner , group and others.

How to use chmod?

Chmod command is used in two ways :
1. Using octal value & position : Sets the permission for owner, group and others with octal values , 4 for read , 2 for write , 1 for execute and any sum of these number to get cumulative permissions.

SHA-1 Collision – Insecurity of SHA-1 exposed by Google

SHA-1 is widely used in applications like SSL, SSH, TLS, IPsec PGP, S/MIME to protect the sensitive information.

Google has demonstrated that SHA-1 Collision is possible and two files can have the same SHA-1 hash. This means that system can be manipulated by presenting it with manipulated data with same hash as good data.

man command in Linux and Unix

man command, short for manual, provides help for the commands, utilities or function in Linux and Unix systems. Learn about usage , related packages, sections and other interesting facts about man pages.

Submit Guest Posts

Great News, adminschoice.com is opening up to allow guest posts from bloggers and technical professionals.

If you are a tech blogger or a technical professional  wishing to share your experience and knowledge with others you can contribute to adminschoice.com and establish yourself as technical expert in your field.

Solaris 11 & Solaris 10 Certification

Learn about the Solaris 10 & 11 certification , price, number of questoons , duration and direct links to official site for exam 1z0-876, 1z0-821 and more.

Solaris Network Configuration

Learn Solaris Network configuration for static , dhcp & wifi in Solaris 11 using netadm and ipadmp. Earlier versions are covered towards the end of this document. Continue reading for Solaris 11 & for prior versions, please turn to Page 5 or click here