All my learning of these systems was done on my own experimentation on my OWN HARDWARE. My knowledge of these systems is purely for academic interest.
- GnuPG or OpenPGP - secure communication, cryptography.
- Creation of encryption keypairs.
- Forming online "Web of Trust".
- Encrypting/decrypting files and messages.
- Effective security practices such as hidden external storage.
- FreeNAS - storage
- Network Accessed Storage.
- Initial set-up.
- Creation of RAID (Redundant Array of Independent Disks).
- Initializing of central drive pool using ZFS (a disk filesystem designed by Sun Microsystems) which uses a Merkle Tree of checksums to maintain file integrity.
- Set up of Apple Filing Protocol (AFP) to share files over the network and maintain privileges.
- MySQL - information retrieval (my first little nit of naughtiness).
- Basic MySQL injection.
- Database retrieval request structure.
- Website security scoping.
- Metasploit - network penetration and security testing (started to go over to the dark side).
- Installation of the Framework.
- Vulnerability scanning.
- Payload delivery.
- Ethical use of high risk software.
- Bitcoins - Online cryptocurrency
- Block system used to make and validate purchases.
- Block solving (mining) to create more currency.
- Mining pools to make block solving more efficient.
- Limited economy to control inflation.
- Decentralized peer to peer purchases.
- Edit: Wireless Encryption technology
- Locating insecure networks.
- Performing advanced diagnostics on encryption used.
- Performing attacks on wireless systems to gain useful data.
- Decryption of Unique IV's to gain WEP keys.
- Performing dictionary and brute force attacks on WPA/WPA2 four way handshakes.
Through this there are a number of projects that I would like to experiment further with and for specific reasons.
FreeNAS.
This FreeBSD based OS was recently updated to version 8.0.1 to include support for the latest version of ZFS, Zettabyte File System, however in the process of being updated, a number of features that the previous version (7.2) supported, such as a Bittorrent client, and UPnP AV. Hopefully I will become more competent with this OS when the next version (8.1) is released with these features, until then I will continue to use it on my fileserver.
MySQL injection.
I am just very curious in this method of illegitimately gaining information from webservers, as it can be very easily stopped however many system admins are lazy and don't screen the SQL commands so you cant use them.
Metasploit Framework.
Again this method of gaining access to a system makes me extremely curious. Being a framework of tools for tech savvy security specialists, its like giving the keys to a tank to an 11 year old boy. They will probably work very, very hard to learn how to drive that tank even though it will take them years and years. Just because its got so much power behind it.
When I want to learn more about this I am going to do so through an OS called BackTrack Linux. A platform with the Framework built in, specifically designed for network penetration.
Bitcoin.
I'm slowly investigating the efficacy of starting a Bitcoin mining operation, generate some more cash on the side while doing very very little. I believe this to be a very interesting concept, and regardless of the profitability of the venture it should be a worthwhile project considering security and other management and administration.
Edit:
Wireless Technology
I also recently became interested in the security of local WiFi networks. As it is, I have come to the conclusion that without above average technical know how, many ordinary people have no idea of the security (or lack thereof) in place on their network, and have absolutely no idea that they are vulnerable to local security threats. I did an analysis of the vulnerability of all the local networks in my area (of which there are many, and 40%-60% of the networks, are not only vulnerable to intrusion, but some of them were such blatantly easy targets that anyone given the willingness to do so, could learn to break the encryption used and gain access to their networks. However this was not my goal, my goal was to gain knowledge of this technique (knowledge can't get you arrested, or can it?) so I set up my own router to mimic the security level of these surrounding vulnerable networks, and proceeded to attempt to break into my own connection. It took me about 2-5 minutes each time I attempted to recover my "lost" key, depending on how much traffic was going through the router and how much interference there was on that particular channel (the place where I live has no wireless channels that don't have more than 2 networks on them already). I also tried setting up my router to use the highest level of encryption available to a home user. This cracking method is much more time and power consuming, as it involves using a program to generate keys that match a specific criteria and then pipe them through to another program which then hashes them against the 4 way handshake. Unfortunately for those of use who don't go to work and use a supercomputer every day, this method can take years to crack a single key as there is an incredibly large number of combinations as the minimum number of characters for a WPA password is 8 (I quickly gave up on trying to decrypt my key which was incredibly complex). However using a dictionary of known and commonly used passwords can be quite successful in recovering a lost password or gaining entry into a local wireless network.
I am now eagerly looking forward to the day when the processing power required to brute force a password such as this is publicly available.
These tools/skills are all invaluable to technically minded people living in a digital age, somewhat akin to knowing how to make a bow and arrow in ancient times. I think that mere knowledge of the existence of these tools is not enough, knowing that food exists and knowing how to find/cook it was an important factor in staying alive. Nowadays, food has been replaced by information and knowledge.
No comments:
Post a Comment