An identification attack is a type of social engineering attack in which the attacker tries to gain information from public sources such as public records and directories, data listings from websites and social media sites, or through research. This is a form of information gathering that is done for any number of reasons, however, this type of attack should not be confused with the more targeted attacks that are generally done to more specific target groups....

The Packet Details Pane in Wireshark is where you can see the details of the individual packets captured by Wireshark. The pane is divided into several sections, each of which provides different types of information about the packet. the Packet Details pane contains several functions that can help you to analyze and interpret the captured packets....

Chntpw is a utility that is available on Ubuntu (and other Linux operating systems) that allows users to reset the password of a user account on a Windows installation that is stored on the same computer. This can be useful in cases where the password for a Windows user account has been forgotten or lost. To use chntpw, you will need to boot your computer from a live Ubuntu USB drive or CD. Once you are logged in to Ubuntu, you can use the chntpw utility to access the Windows installation on your computer and reset the password for a user account. To reset your password using chntpw, you will need to open a terminal window and use the following command:...

Passwords can be cracked using a variety of techniques, including brute force attacks, social engineering, and dictionary attacks. In this article, we will look at Phishing and Social Engineering Techniques and how they can be used by attackers to crack passwords....

Computer networks are composed of or contain many pieces of hardware and software. To simplify network design, various networks are organized and arranged as a stack of layers of hardware and software, one on top of another. The main purpose of each layer is just to offer and provide services to higher layers that are present. This is the Protocol Hierarchy....

An “Endpoint” in simple terms is the logical endpoint that communicates back and forth with a network to which it is connected. It refers to a unit at the end of a communication channel. These are designed to perform specific or limited functions. In a network, it is the logical endpoint of separate protocol traffic of a specific protocol layer.  An IP endpoint will only send and receive packets to specific IP addresses. In Wireshark, a Conversation is between two Endpoints (one side of the Conversation)....

Prerequisite: Wireshark Packet Capturing and Analyzing...

One of the features of Wireshark is that we can capture packets from multiple interfaces. We can start analyzing multiple interfaces by pressing the left CTRL key and then clicking on the multiple interfaces displayed on the main window of the Wireshark....

Source Port Randomization for Caching DNS is a technique used in the Domain Name System, which is a set of text files that translate alphanumeric domain names like “google.com” to numerical IP addresses like “74.125.79.125”. It is important because DNS is one of the most common ways to get around firewalls and proxy servers, which makes them useful in malware, and cyberattacks. When source port randomization for caching DNS is enabled on a local computer’s TCP/IP setup or firewall settings, it can make it difficult for these networks to target the computer for malicious activity because they would not be able to predict what its source port will be each time it connects with them....

Heartbleed bugs are categorized as Common Vulnerabilities and Exposures, the standard information security vulnerability name managed by MITER as CVE-2014-0160. This is a buffer over-read-if the system allows data access, that should be restricted. This allows an attacker to steal the private key of the server certificate. If the server version is vulnerable to heartbleed, cybercriminals can obtain the private key and impersonate the server. The results can be quite disastrous, as it makes it impossible to connect securely to the server and personal information can be easily disclosed. By exploiting the heartbeat option and not performing proper boundary checks, an attacker can gain access to personal information such as names and passwords and private keys that encrypt transmitted content. Breaches can include primary and secondary key materials, actual content, and promotional materials....

Servers are dedicated computers for a specific purpose, and unlike the Desktop computer, these computers are made for durability, longevity, and for working for long periods of time as compared to a desktop PC. The idea of server misconfiguration is not a new one. Since servers are often left with default settings, this often leads to security vulnerabilities. One way to prevent this problem is by making sure that your server configuration file is up-to-date. This ensures that any updates have been successfully completed and confirms that the files are not outdated....

Insufficient Transport Layer Protection is the use of an insecure encryption layer to transmit data across a network without the benefit of cryptography. A TLS packet that is transmitted with this protection will be vulnerable to tampering by virtue of its unencrypted state.  The most common example of this happening is found in the transmission of FTP packets, where plain-text passwords are sent across the wire and could be intercepted, manipulated, and sold on the dark web to cybercriminals. This will result in those who have invested time and money into their systems as opposed to making end users secure paying a hefty price for it later on down their line. In this scenario, the sender and the receiver, if not all parties in between, are at risk of having their login credentials stolen. This can prevent hackers from gaining access to files on a remote server....