Patch management is not as straightforward as one might imagine. A main consideration is the patch management tool used, but it’s important to realize that, while the tool plays an integral part of the patch management strategy, it is just one aspect in the overall strategy. What should one consider when choosing a tool and how does one deploy a patch management tool?

Patch Management Tool

Choosing the right patch management tool is an important part of the patch management process. There are many tool s available and although there are some common requirements, each entity needs to identify others areas that may require a different type of solution or one with additional functionality.

Common Requirements for all organizations

• Supports patching of Microsoft solutions
• Third party applications
• Customizable deployment strategy
• Patch rollback
• Automatically monitors  for patches and informs you when these are available
• Allows manual control of the patch management process
• Multilingual patch support
• Allows you to deploy your own custom patches
• Alerts you of vulnerabilities that do not yet have a patch available

Requirements that differ from organization to organization

Deploying the Patch Management Tool

Proper patch management is more than just deploying patches as and when they become available. There is a process that one needs to follow.

• Configure the environment to work with the patch management tool. This can include:
  • Creating the necessary accounts on our domain
  • Setting up a test environment mirroring our main network setup in order to be able to test the patches before deployment
  • Configuring firewalls to allow the proper access for the patch management tool.

The patch management process starts with you being aware of missing patches. When deploying your patch management solution you need to configure it with this in mind as it needs to automatically look for missing patches periodically and inform you when these are found.

When we know what patches are required, the next step  is to test those patches on our test environment. At this stage we should have a mirror of our network’s various setups available on a test network. We need to deploy our patch management tool in a location where it can deploy these patches not only on our main network but also on our test network.

Provided testing goes well our next step is deployment. Some questions to ask before deploying patches:

• Will it force a reboot when deployment finishes?
• Will it allow the users to choose when to reboot or not in order to avoid disruptions?
• Can we set the deployment process to occur after working hours?

Next comes validation, make sure that after deployment is complete you use the tool to verify that the process was successful.

Finally we need to ensure the patch management tool is properly configured and can be used effectively in the event that you need to follow a disaster recovery plan. For example, if part of our disaster recovery plan includes patch rollback, is the tool configured to roll back patches quickly in case of disaster?

Deploying your patch management tool correctly is an important part of the patch management strategy. Patch management is partly meant to ensure maximum availability on your network therefore a bad deployment can hinder the stability of your network and cause the exact issues you set out to avoid in the first place.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. Read more on the importance of patch management.

* All product and company names herein may be trademarks of their respective owners.

The only purpose I started this blog 4 years ago was to make it easy for aspiring ethical hacking students learn the everything in simplified & arranged manner. It consumed plenty of my  time when I first started of & everything was scattered all over the web. And because this ‘Hacking’ industry have its Black & White hat areas, It was really hard to find any mentors for learning. So today I am reviewing one of the most organized learning system from uCertify named E312-50-v6 Prepkit.

You might be already aware that there are several exam to begin with in career in ethical hacking. Now, CEH v6 is one of the exam that most of the  aspirants have to deal with first this exam to learn & understand Ethical Hacking and Countermeasures.

uCertify E312-50-v6 is a preparation kit offered by uCertify.com, makes it very easy  to prepare yourself for CEH v6 exam, which guarantees success in the exam. Just to let you know I have personally tried using  the full version of this Prepkit, only to tell you how good or bad this Prepkit  is.

And I must say – They have covered every single detail that any ethical hacking student must know. More interesting thing I would like to specially mention is, ‘Even If you are an absolute beginner they have provided all the modules to make it easy to learn‘

Even if you have no idea what is Linux is & how it works ? The Prepkit have answer for that too !!

uCertify E312-50-v6 Prepkit Overview

As I told this Prepkit deals with basics of Ethical Hacking and Countermeasures, They have tried to make you understand everything with the Study Help modules. You get number of Exam Standard/Objectives, Articles, How To’s, Notes & Key terms which you can understand about before you are heading for the  tests.

You get numerous practice tests, some diagnostic tests & interactive tests for checking your level of understanding the topics covered. Moreover you can also add custom tests for making it more challenging to learn ethical hacking. All the tests are properly timed to check whether you are preparing well according to the timeline.

What else you ever need to prepare yourself ?

Well, they have provided you to store test histories, reports to analyze while you progress with the learning. Prepkit covers much more smaller details and modules than mentioned here, and everything is well organized in very usable interface accessible on your home PC. I personally feel this Prepkit was good enough for any student to pass CEH exam. You never need to opt for very expensive educational institutes , No need for any mentor.

The Prepkit alone will get the job done for you. All you have to do is Download the Prepkit, Practise & Practice until you are fully prepared for EC Council CEH v6.

uCertify offers such Prepkits for many of different exams and subjects related to Computers & web, You can know more about them by visiting Official website of uCertify.

Click here to get uCertify E312-50-v6  Prepkit.

Disclaimer: For Educational purpose only, We DO NOT take responsibility of any harm caused by this method to any one or any organization.

We are using PC with Backtrack OS, You can also do it without installing backtrack but I am not going to explain around here how you can. Because if you want to really dig in to some real hacking grab Backtrack for free here & Install on your PC.

Hacking Scenario:

If you around a paid wi fi network & you need to connect to internet you need to pay per hour for any network. To use it for free hackers use the method call session stealing to bypass the Wi Fi Hotspot’s Access Control. In plain words we have to create a fake MAC address for our network card. And the fake one should resemble to some paid user already on network. (Don’t worry you’ll understand stuff in process)

You can read our Tutorial  – What is Session Hijacking For more information.

Goal: Changing your MAC Address to Someone’s Who has already purchased for using the network.

Step 1:  Verify Wi Fi Network is Around

Start Wireless Assistant in Backtrack  & confirm you have some wireless network around. Then you can click “Connect” to that network. It won’t let you connect because you are not the paid user. It will open up browser and will ask you to pay for usage.

Close it.

Step 2: Connectin up With Wi Fi Network (rausb0)

There are multiple ways you can do this & very simple would be to use Ping Scan from backtrack. I am demonstrating here by using AiroDump which will be an add on method for you to learn.

Open up your Shell or Konsole form Backtrack & now we have to put network in Monitor mode.

Type in ifconfig -a (Hit Enter)

You ll see list of network interfaces. I see “rausb0” in my list which I want to connect so type in following and hit enter again.

ifconfig rausb0 up

Now your network is up & we have to put network in monitor mode so type in following.

iwconfig rausb0 mode monitor (Hit Enter)

iwconfig (Enter again)

So now we are up in monitor mode. We have to start Airodump Next.

Step 3: Start Airodump

In the same shell type in

airo (Enter)

Then, type next

airodump –ng rausb0 (And guess what – Enter again)

Now we will see the SSID of the whole network. We have to find the user’s MAC address that is already on a network.

Step 4: Capturing MAC Address For Spoofing (of Connected User)

You ll see a list of SSID’s around there. But at the end of all lines you have to find out the name of Wi Fi access point. E.g – You’ll Find attwifi if you are on the AT&T wifi network. As shown in following image.

You have to copy the MAC address corresponding to that wifi network. And use it in following command.

airodump –ng –bssid xx:xx:xx:xx:xx:xx rausb0 (Replace copied MAC Address at XX & Hit Enter)

It will now open up the rausb0 interface & will take some time to find out network traffic. Then you’ll see some stations with its packet data flow information. For security pick up the station that have more data packets flowing. (Like more than 30-40)

Copy the MAC ADDRESS of this station.

Now you have finalized the address to replace as our MAC address, you have to put back the network to Manage mode from monitor Mode.

If you have USB dongle plugged in simply unplug it, change MAC adrdress and plug it back again. If you are not USB dongle type in following and it enter again.

Ifconfig rausb0 down

Step 5 : Changing MAC Address

In your shell type in mac and hit enter to change MAC Address.

macchange –m xx:xx:xx:xx:xx:xx rausb0 (replace xx with copied MAC address & Enter)

Now you’ll see current MAC address & Fake MAC address .

Now you have to plug back in your USB you took out few minutes ago. Or if you have used command to put your interface down use following command to put it back up.

Ifconfig rausb0 up

Now your MAC address successfully changed you can check by typing ifconfig in console.

Step 6: Connecting to Hacked Wi Fi Network

Now you are done at Bypassing Wi Fi HotSpot’s  Access Control Using Session Stealing & you can connect to hotspot as follows.

1. Open Wireless Assistant.
2. Select Network
3. Hit Connect

And you’re done !!!

You can thank me, give suggestions, ask any question in comments section below.

Session hijacking is widely used method by hackers for temporarily stealing network connections or login sessions. You might have heard this term used a lot by hackers & some of you have emailed me to explain it in brief.

So this post will explain you what exactly is session hijacking & I have written another one for hacking wireless hotspot using session hijacking step by step for understanding the concept.

What is Session

We see lot of Wireless network services offering us to use Wi Fi based on pay per use model – where you have to pay for usage and it costs really high but gives you high speed connectivity.

Evry user that pays for the service get connected. A unique MAC address of his laptop/netbook is stored in Service providers database for every paid user. Every time he gets connected to the paid network it creates a session and Session ID.

Every other user do not having authenticated MAC address and Session gets no connectivity. So this unique connection between user & wireless connectivity provider is session.

Black hat hackers have been using this technique from a long time to get unauthorized access to Paid Wi Fi network.

What is Session Stealing

In session hijacking we create a fake MAC address on our network interface & replace it with original one that we have by using MAC changer utility. And the fake MAC address that we are using is of certain user who is on the network &has already paid the wireless network usage.

So we spoof the MAC address & let network determine us through his MAC address as authenticated user. This is what we call Session Stealing or Hijacking.

Check out this cool article on how you can bypass the Wi Fi Hotspot Access Control by Session Stealing

One aspect of network security that is often overlooked is checking a network for issues using a vulnerability scanner. Vulnerabilities are issues, weaknesses or misconfiguration in software that an attacker can exploit to gain unauthorized access to his victim’s system. Through the use of a vulnerability scanner, these issues are pinpointed and reported to the administrator.

Perhaps the primary reason why vulnerability scanning is taken for granted is because vulnerabilities are considered to be issues which are fixed through patch management. It is a common misconception that with a patch management strategy, the vulnerabilities found on the network are also being taken care of. This is partially true when considering how a chunk of vulnerabilities are in fact software issues that are fixed by patching, however it is not always the case. Vulnerabilities can be caused by mis-configurations, software that is inherently problematic or even software issues for which the vendor has not yet released a patch.

What can we do about vulnerabilities?

The first step is to see if your system does in fact have any vulnerability. For this you need to use a vulnerability scanner or, although not recommended if your budget is limited, you can run a vulnerability scan manually.

Running a vulnerability scan manually:

It is possible to do a vulnerability assessment without the use of any software, although this will have an intrinsic amount of inaccuracy and will be very time consuming. In order to determine if there are vulnerabilities on your network through a manual vulnerability scan, you should first get a list of applications / services installed on your network. Once the list is available, check each software’s official site to see if there are any issues / insecurities reported by the vendor. Some vendors will also offer guides on how their application should be configured securely. Generally, such guides will also contain information on what configuration options to avoid. This information is very useful and it is definitely a good idea to read them. The next step is to check vulnerability database sites for the latest lists. Sites like the National Vulnerability Database and Bugtraq are a central location for known vulnerabilities – checking these sites regularly in relation to what software is running on your network is highly important.

Running a vulnerability scan using a vulnerability scanner:

A more effective way to do vulnerability scanning is through the use of a vulnerability scanner. These scanners will have a database of vulnerabilities that is automatically updated by the vulnerability scanner vendor whenever a new vulnerability is discovered. An administrator can set up the scanner to automatically scan the network periodically and issue reports when a new vulnerability is detected. It might also offer remediation options or a detailed description of what is causing the vulnerability and what should be done to fix that vulnerability.

Regardless of whether you run a vulnerability scan manually or using a vulnerability scanner, your network should be monitored for vulnerabilities.  Most vulnerabilities will lead to a system compromise of some degree which in turn can result in serious consequences for the business.  Vulnerability scanning is a preventive measure that can potentially save your business’s reputation and assets.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI vulnerability scanner

*All product and company names herein may be trademarks of their respective owners.