Firewall and Web application security

Cloudflare is a cloud based web application security firewall.

https://www.cloudflare.com/security/

Security

Cloudflare Security Services reduce the risk of lost customers, declining revenues, and degraded brand by protecting against DDoS attacks, abusive bots, and data breach.

Anycast Network

With 122 data centers across 58 countries and 15 Tbps of capacity, Cloudflare’s Anycast network absorbs distributed attack traffic by dispersing it geographically, while keeping Internet properties available and performant.

Learn More
DNSSEC

DNSSEC is the Internet’s non-spoofable caller ID. It guarantees a web application’s traffic is safely routed to the correct servers so that a site’s visitors are not intercepted by a hidden “man-in-the-middle” attacker.

Learn More
Web Application Firewall (WAF)

Cloudflare’s enterprise-grade web application firewall (WAF) detects and block common application layer vulnerabilities at the network edge, utilising the OWASP Top 10, application-specific and custom rulesets.

Learn More
Rate Limiting

Rate Limiting protects critical resources by providing fine-grained control to block or qualify visitors with suspicious request rates.

Learn More
SSL / TLS

Transport Security Layer (TLS) encryption enables HTTPS connections between visitors and origin server(s), preventing man-in-the-middle attacks, packet sniffing, the display of web browser trust warnings, and more.

Learn More
Secure Registrar

Cloudflare is an ICANN accredited registrar, protecting organizations from domain hijacking with high-touch, online and offline verification for any changes to a registrar account.

Learn More
Orbit

Cloudflare Orbit solves security-related issues for Internet of Things devices at the network level.

Learn More
Warp

Automatically secure, accelerate, route, and load balance applications and services without directly exposing them to the internet.

Learn More
Workers

Cloudflare Workers let developers run JavaScript Service Workers in Cloudflare’s 122 data centers around the world.

Learn More
Access

Secure, authenticate, and monitor user access to any domain, application, or path on Cloudflare.

Learn More

Vulnerability Scanners

http://www.openvas.org/

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks‘ commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

Firesheep is an extension for the Firefox web browser that uses a packet sniffer to intercept unencrypted session cookies from websites such as Facebook and Twitter. The plugin eavesdrops on Wi-Fi communications, listening for session cookies. When it detects a session cookie, the tool uses this cookie to obtain the identity belonging to that session. The collected identities (victims) are displayed in a side bar in Firefox. By clicking on a victim’s name, the victim’s session is taken over by the attacker.^[

SQL Map Automatic SQL injection and database takeover tool

http://sqlmap.org/

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Cisco Umbrella Investigate

Investigate provides the most complete view of the relationships and evolution of domains, IPs, autonomous systems (ASNs), and file hashes. Accessible via web console and API, Investigate’s rich threat intelligence adds the security context needed to uncover and predict threats.

https://umbrella.cisco.com/products/threat-intelligence

****xerosploit

xxsstrike

Wifi , lan , wan Hacking tools and practices

Kali Linux is a great resource

Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In addition to Kali Linux, Offensive Security also maintains the Exploit Database and the free online course, Metasploit Unleashed.

https://www.kali.org/about-us/

They are really working hard to get you. They can spoof access points. They can Man in the Middle and grab your data. They can even spoof login pages to grab your credentials.

Here are the tools they are using:

AirCrack NG
PwnStar

https://arstechnica.com/security/2014/06/free-wi-fi-from-xfinity-and-att-also-frees-you-to-be-hacked/

Wireshark

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions.

Cain and able

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network …

Website Malware scanners

Its important to have a trusted third party penetration testing your site. Here are some resources for that:

Sucuri has a website scanner.

Encryption Resources

RSA message encryption: http://people.cs.pitt.edu/~kirk/cs1501/notes/rsademo/

Image steganography: http://mozaiq.org/encrypt

Find when a users password expires – windows command prompt

The net user command is a very useful tool. The instructions were confusing. when they say to type /domain, they mean it. not your domain or the users. the actual word domain.

cmdpromtnetuserscreen1

Cross Site Scripting Prevention Cheat Sheet

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

Creating and maintaining secure passwords using Password Generators

Creating secure passwords can be pretty lame. Most sites have different requirements such as number of characters, the need to include special characters, capital letters, and numbers. I have found some great resources for creating passwords generated to specifications such as number of characters, special characters and other requirements.

Norton is a trusted security software suite, and they offer a free password generator on their site.

Dee Dubs Has A Solution To Intellectual Property Protection

The Distortion of Sharing

In the physical world, if you wanted to come over and listen to music with me, you don’t have to buy a copy of the music.In fact, I could even give you the cds and movies that I bought, and you could take them home and use them whenever you want. But then, I wouldn’t have it. And that is where the term sharing has become distorted. If I give the media to you, but I still have a copy that moves beyond sharing to piracy. This has a huge impact in economics as well, according to the Recording Industry Association of America, with the music industry losing half of its profits in just one year. The two-chamber or “bicameral” setup of Congress operating on a standard envisioned in 1787, is currently debating on this topic and how to combat this problem of online piracy and intellectual property theft. They have drafted a bill with two sections: “Combating Online Piracy” and “Additional Enhancements to Combat Intellectual Property Theft.” The “Stop Online Piracy Act” (SOPA) is still being debated in the House, with what seems like a large battle ahead of them. This bill, as currently written, would give the U.S. Attorney General the power of disabling the DNS (domain name server) records that point to suspect or illegal sites. A large number of security experts believe that the bill could disrupt the underlying architecture of the Internet. The Protect Intellectual Property Act (PIPA).is SOPA’s Senate companion bill that is still in debate in the chamber. is intended to combat “rogue” websites operated oversea but offers a wide spread power that will affect people worldwide. This bill has drawn so much opposition that most senators have withdrawn support and news sources such as Techspot.com are reporting that PIPPA has collapsed. I am opposed to the bills as written right now due to the ambiguity of the power and its usage. The adverse effects on the backbones of the Internet architecture are also a major concern. I believe the bills need re working and also software developers need to get more innovative when it comes to intellectual property rights and security. Come on application developers and investors, all these apps for whip noises and beer mugs when we need a good way to secure movies music and videos.

DeeDubs Has A Solution For Net Neutrality

Donald Denney
CS 101 Essay 2
3/18/2012

According to research I read at the New York Times, Net Neutrality is a way of classifying Internet access and the web in its current state. They say that the entire Internet must available to anyone with the desire to access it, on an equal basis. This is currently a hot topic in the media because of the legal battle between citizens and the large corporations backed by billions of dollars. The government is forced to deal with large corporations who are spending hundreds of millions of dollars lobbying Congress to get rid of net neutrality. One problem lies with the type of information that is available. There is always a certain age for this movie or that game. Its a way of feeling that we are helping people who can’t use their own judgement about what information to access. With identity theft, child porn and sexual predators rampant, the way the Internet is presented to an end user must be monitored and distributed to the user as seen fit by some kind of standards. Opposition say to leave it to the family to monitor and secure their families internet access, but much like guns, booze, drugs and porn, there must be some kind of organized prevention continuously looking after the greater good. Perhaps new standards of surfing the web with credentials of some kind to verify age and identity could be a valuable tool for law enforcement, parents and educators. On the other hand, Net Neutrality is essential when it comes to large corporations limiting the flow of data, and access speeds of all sites but their own, for power and profit. An article on Free Press.com can be summarized by saying that reliable and high speed access to the free internet is the only way for developers all over the world to continue to contribute to new technology , software, and applications . The consequences of losing Net Neutrality would be devastating.Large corporations would take over, choices would be eliminated and life would be driven by decisions made in a corporate boardroom. We must continue to fight for and support the Internet Freedom Preservation Act of 2009 to safeguard the future of the open Internet and protect Internet users from discrimination online.