How RootKits Works & How To Detect Rootkits?

How RootKits Works & How To Detect Rootkits? – System hooking is a process of changing and replacing the original function pointer with the pointer provided by the rootkit in stealth mode. Inline function hooking is a technique where a rootkit changes some of the bytes of a function inside the core system DLLs (kernel32.dll and ntdll.dll) placing an instruction so that any process calls hit the rootkit first. Direct Kernel Object Manipulation (DKOM) rootkits are able to locate and manipulate the “system” process in kernel memory structures and patch…

Read More

Top 5 Best Vulnerability Scanning Tools

Top 5 Best Vulnerability Scanning Tools – An attacker performs vulnerability scanning in order to identify security loopholes in the target network that he/she can exloit to launch attacks. Security analysts can use vulnerability scanning tools to identify weaknesses present in the organization’s security posture and remediate the identified vulnerabilities before an attacker exploits. Network Vulnerability Scanners help in analyzing and identifying vulnerabilities in the target network or network resources by means of vulnerability scanning and network auditing. These tools also assist in overcoming weaknesses in the network by suggesting…

Read More

Vulnerability Scoring System

Vulnerability Scoring System – Vulnerability scoring systems and vulnerability databases are used by security analysts to rank information system vulnerabilities, and to provide a composite score of the overall severity and risk associated with identified vulnerabilities. Vulnerability databases collect and maintain information about various vulneabilities present in the information systems. This section discusses Common Vulnerability Scoring System (CVSS), and vulnerability databases like Common Vulnerabilities and Exposures (CVE), and National Vulnerability Databases (NVD). Vulnerability Scoring System Common Vulnerability Scoring System (CVSS) Source : First Org CVSS is a published standard that…

Read More

Working of Vulnerability Scanning?

Working of Vulnerability Scanning? – Any organization needs to handle and process large volumes of data in order to carry out business. These large volumes of data contain the information of that particular organization for which access is denied to the unauthorized users. Attackers try to find certain vulnerabilities that they can exploit and use those to gain access to the critical data for illegal purposes. Vulnerability analysis performs a study on the risk-prone area of the organizational network. This analysis is done various tools. the vulnerabilitiy analysis reports on…

Read More

What is Vulnerability Assessment?

What is Vulnerability Assessment? – Vulnerability Assessment is an examination of the ability of a system or application, including current security procedures and controls, to withstand assault. Vulnerability scans networks for known security weaknesses. it recognizes, measures, and classifies security vulnerabilities in a computer system, network, and communication channels. It also assists security professionals in securing the network by determining security loopholes or vulnerabilities in the current security mechanism before the bad guys can exploit them. A vulnerability assessment may be used to: Identify weaknesses that could be exploited Predict…

Read More

Classification of Vulnerability?

Classification of Vulnerability? – In a network there are generally two main causes for systems being vulnerable, software or hardware misconfiguration and poor programming practices. Attackers exploit these vulnerabilities to perform various types of attacks on organizational resource. Classification of Vulnerability? Vulnerability present in a system or network are classified into the following categories: Misconfiguration Misconfiguration is the most common vulnerability that is mainly caused by human error, which allows attackers to gain unauthorized access to the system. This may happen intentionally or unintentionally affecting web servers, application platform, database…

Read More

What is NTP Enumeration?

What is NTP Enumeration? – Network Time Protocol (NTP) is designed to synchronize clocks of networked computers. It uses UDP port 123 as its primary means of communication, NTP can maintain time to within 10 milliseconds(1/100 seconds) over the public Internet. It can achieve accuracies of 200 microseconds or better in local area networks under ideal conditions. Arracker queries NTP server to gather valuable information such as: List of host connected to NTP server Clients IP addresses in a network, their system names and OSs Internal IPs can also be…

Read More

Top Five Footprinting Tool?

Top Five Footprinting Tool? – Attackers are aided in footprinting with the help of various tools. Many organizations offer tools that make information gathering an easy task. This section describes tools intended for obtaining information from various sources. Footprinting tools are used to collect basic information about the target systems in order to exploit them. Information collected by the footprinting tools contain target’s IP location information, routing information, business information, address, phone number and social security number, details about a source of an email and a file, DNS information, domain…

Read More

Competitive Intelligence Gathering

Competitive Intelligence Gathering – Competitive Intelligence gathering is the process of identifying, gathering, analyzing, verifying and using information about your competitores from resources such as the Internet. Competitive Intelligence is non-interfering and subtle in nature. Competitive Intelligence Gathering It is non-interfering and subtle in nature compared to the direct intellectual property theft carried out through hacking or industrial espionage. It cocentrates on the external business enviorment. In this method, professionals gather information ethically and legally instead of gathering it secretly. Competitive intelligence helps in determining: What the competitors are doing.…

Read More

Information Security Threats and Attack Vectors

Information Security Threats and Attack Vectors – There are various categories of information security threats, such as network threats, host threats, and application threats, and various attack vectors, such as viruses, worms, botnets, that might affect an organization’s information security. This section introduces you to the motives, goals, and objectives of information security attacks, top information security attack vectors, information security threat categories, and the types of attacks on a system. Information Security Threats and Attack Vectors Attackers generally have motives (goals), and objectives behind information security attacks. A motive…

Read More