HAKIN9 07/2012: GREENSQL

RIEF
By Armando Romeo, eLearnSecurity and ID Theft Protect
As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself.

There’s Nothing But Data Out There
By Craig S Wright

In all of this, we have a society that is reliant on systems and data. Here, we see a new need to be even more vigilant than we have been in the past. When food systems are based on SCADA style controls, there is far less room for allowing rouge access to the databases
and systems that run the controls that enable this future? Security has always been important, but as a future career, it is one that is not going to disappear. We may see automated systems replace even skilled jobs (such as a pilot), but it will be a long time before we start to have secure systems that do not involve people. Now personally… with qualifications in Statistics, Finance and Economics, do you wonder why I have chosen to work in Information Security and big data analysis?

GreenSQL
By Stavros N. Shiaeles and Vasilios Katos

We will test its behavior and capabilities. For our experiment we setup a joomla 1.5.0 website which we confirmed to be vulnerable against sql injection. In order to protect our joomla site with GreenSQL we have to configure it not to connect directly to the database but through the greensql proxy listening on port 3305. This is done by editing joomla’s configuration. php file. More specifically, from the application perspective, the database used is not the actual one, but the GreenSQL proxy. That is, Joomla is agnostic of the fact that the database it connects to is in fact the GreenSQL proxy, whereas the latter connects to the real MySql database.

If the answer to the question is wrong, change the question to fit the answer

By Elizabeth Shaw

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites. It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn, etc. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network names, Shared resources, etc (see Listing 1). metagoofil will continue to search Google for the required documents. In this example all found .doc files would be downloaded and placed inside the folder called results location /root/Desktop/results/. And on the Desktop you would find a html report that can be opened in your browser. This is a great way to find data. Now time to read all goodies found!

Evolution of security risk in centralized computing
By Wong Chon Kit

By issuing the script that have been shown above, you have successfully caused a denial of service in the active directory and this will impact all the objects in the active directory. As on Figure 2, this is what you will see when you try to login to the machine with the domain crendential. The way in which we created the number of groups, caused a successful denial of service. The reason why this happened is because the LSA which is also known as local security authority which is responsible for authentication, authorization as well as to process the authentication request was unable to create an access token.

Implementing IPsec Framework
By Abdy Martínez

In general, IKE (Internet Key Exchange) negotiation can be separated in two phases: a) IKE Phase 1 defines the key exchange method used to pass and validate IKE policies between peers, b) in IKE Phase 2, the peers exchange and match IPsec policies for the encryption and authentication of data traffic. Remember that to allow IKE Phase 1 negotiation, you must create an ISAKMP (Internet Security Association and Key Management Protocol) policy and configure a peer association involving that ISAKMP policy. But, what does defining an ISAKMP policy do? It defines the authentication and encryption algorithms and hash functions used to send control traffic between the two VPN endpoints. In the next section we are going to review moe deeply some concepts of VPNs.

Bond to the Subject
by Marcelo Carvalho

Unlike other digital identifications, digital certificates once issued can’t be modified. This presents an optimal scenario bonding personal, professional, social, biometrical or other characteristics to subjects and preventing from tampering during ID life and use cycles. Digital certificates thru X.509 format standard can address the need for holder identification using an Object Identifier (OID) which can be multiple in a single certificate file. These objects can store our real life identifications numbers and allow for automatic checking via network queries. Several levels of entities issuing their own scope identifications can tie themselves in a trust chain via Public Key infrastructure (PKI), keeping the idea of related IDs appended into underlying issued documents. An idealistic scenario where all network connections would be mutual peer authenticated could be achieved if the actual corporate initiatives for digital identification using certificates became a government level project.
This topics places the mentioned distance from person to digital credentials in terms of accountability.

Hb4most
By Mervyn Heng

Scalpel and Foremost are the De facto tools harnessed to recover deleted files as evidence during Digital Forensic investigations.