How to install a HoneyPot?

There are many software package available under this name but here we will discuss about Honeybot and Kfsensor.

Step 1.First download Honeybot – Click Here and install it in your box.

Step 2.Now open up it  and click on the start button and wait for all the sockets to load(see at the bottom).

Step 3.Having done that click on option and configured to your convenience or as show below.

Step 4.You can see the View option to set few more settings. Now the honeybot is configured and just minimize to system tray.

There is another software-Kfsensor which is a shareware but the trail version is available. You need to install WinPcap latest version before you install this package.I would prefer using Kfsensor compared to Honeybot as it has got more details evaluation options.

One can also view the ports accessed by the attacker as shown below by selecting the view port option.

HoneyPot surely can be used for intrusion detection and malware analysis in secure the system from future attacks but still then I would repeat the line which is one of the fav among the hackers community is “still then it can be hacked”….yeah there are methods by which the presence of a honeypot can be detected and by that one can avoid the trap set for him/her.Research is still on in this field and hope some advanced features would come up.

A couple of days ago I find great hacking (e)book called The Hacker’s Underground Handbook, (e)book that comes as an aid for all those that are starting journey to learn how to hack It was made specifically for the beginners who really want to get into hacking and for those of us who began and got lost.

The Hacker’s Underground Handbook

Download

This book will guide you in the right direction helping you understand password cracking, phishing, network hacking, wireless hacking, malware, Windows hacking and etc.

I was really surprised how this book laid out the information, presenting it in an easy to read and understandable fashion. In each chapter the author first introduces you to the topic and then shows you a real-world example with step-by-step instructions with images. It makes hacking look so easy!

Once you complete reading this book, the author explains where to go from there and how to keep learning. You will never again be lost and overwhelmed by all the hacking information out there.
If you think this book is something you would be interested in, you can get it here. Hacker’s Underground Handbook

We have seen exploits in plug ins & apps are helping hackers to find vulnerabilities & intrude inside a secured system or a network, I came across the news from cnet.com which says that two researchers from Israeli security firm Radware have found out a way which gives access to a computer by updating any software mostly affects the Skype &  other applications.

This is terrible, It raises a question that we should download an update or not ? according to these two geeks named Itzik Kotler and Tomer Bitton more than hundred applications can be targeted from cnet.com downloads, which is one of the most trusted downloading site for all  Internet users.

The tool is named as ippon (Means ‘Game Over’ in the game of Judo), It gives 3d View pf user who is trying to connect to the update server.

It scans the local Wi-Fi Network & checks whether any victim is trying to check updates through HTTP requests, it detects the victim & try to reply before the update server & gains command over the updates.

According to the makers the Microsoft browser is not vulnerable to this Malware attack as it uses digital signature to check for update. And they are yet to test Firefox & other major browsers which could possibly go under this Malware threat. What is more important that they have shown a security companies another hole to secure for.

Software basically sends message that ‘Updates are available’, when user accepts request they send infected piece of code to that Vitim, which gives them command over  any PC.

So folks, think twice before using a public wi-fi (specially the unsecured one)

Mozilla Firefox, which is one of the most downloaded browser, has been a great platform for hacker to test it against various vulnerabilities. And before some days Mozilla Firefox 3.5 was released with great expectations from the company. And guess what the Firefox 3.5 is vulnerable for Heap spray exploit.Let us take a closer look at what exactly heap spraying attack means.

Heap spraying basically termed as the substitute to ‘Arbitrary Code Execution’. In plain English, intruders try to enter in the system by executing some sort of code from your browser. (If you want me to explain everything in plain English, STOP READING)

Heap spraying was introduced back   2001, & started spreading its wings with the help of browsers in year year 2005. This exploit have done major damages in similar year, as it was first tried in bowers that time. This term is generally used in cyber criminals & computer security world to define arbitrary code execution.

This Code which sprays the heap attempts to put a certain sequence of bytes at a predetermined location in the memory of a target process by having it allocate (large) blocks on the process’ heap and fill the bytes in these blocks with the right values.

These heap blocks will approximately be in the same location every time the heap spray is run, & it is well known fact for hackers for today. This gives them advantage over testing Firefox 3.5 against the heap spray exploit.

Mozilla might have forget to close all its open doors for such a common vulnerability, may be they are more excited about its new version launch of Firefox 3.5

But I trust , Mozilla will introduce patches in next update. (This article is published for the same.) Because I am its loyal user too.

Have great time, but keep reading all security updates from hackers enigma.

Read More : Technical stuff about Heap Spray Exploit in Firefox 3.5

Source : Milw0rm Exploits & Vulnerabilities

Vulnerabilities are the tricks-of-the-trade for hackers, giving an intruder the ability to heighten one’s access by exploiting a flawed piece of logic inside the code of a computer. Like the hackers that seek them out, vulnerabilities are usually quite mysterious and hard to prove they even exist. They are confusing or undocumented source code, usually performing a series of tasks which don’t make a considerable amount of sense to the uninformed. In unfamiliar environments or using unfamiliar techniques many vulnerabilities may exists.

Getting acquainted with vulnerabilities and how they are exploited, the methods of exploitation seems random and chaotic – each and every one with seemingly unpredictable results. It has been theorized that this comes from the fact that bugs are mistakes, and does not follow the course of intelligent reason. However, vulnerabilities can be categorized in ways that make more sense to the person investigating the problems at hand.

Both categorization and the exploitation logic, stemming from a centralized “gray area” approach is explained here.  Also, how one could take any form of vulnerability at any level and use it to control computer systems, the users, and administrators.

 Following general vulnerabilities definition and nature, investigators can mirror the tracks of a hacker’s logic as they intrude upon a computer network and understand the reasoning that goes on behind the attack.

Ethical Hackers and Network Security Administrator’s conducts vulnerability assessment for finding out the general forms of vulnerabilities and for hardcore inspection they perform black box penetration tests.