Club Hack Magazine 05 PDF
Club Hack Magazine 05 PDF
Club Hack Magazine 05 PDF
easy
And Yeh! good
news for all you
Geeks,Nerds and
Hackers. Now you
can send in your
articles to us and
guess what we will
publish it in your
very own CHmag.
Send
in
your
articles
to [email protected]
way.
Data Loss
Prevention
Introduction
Information=Money! Information can be
anything financial statements, health
records
of patients, source
codes,
intellectual property (IP), trade secrets,
design specifications, price lists - anything
from which an organization generates
profits. Information is one of the businesss
most important assets.
Business requires accessing information
from anywhere, anytime and on any device.
This desire for information to be free leads
Inside
InsideAccidental
InsideMalicious
Outside
21%
8%
63%
745
535
495
505
141
E-mail
HTTP (message boards, blogs and
other websites)
Instant Messaging
Peer-to-peer sites and sessions
FTP
151
2010
Data at Rest
This feature refers to any data that resides
in file systems, databases and other storage
methods. Primary use of this feature is for
finding sensitive data in the places where it
should not be i.e on corporate network,
employees laptops, backup media, etc. Once
it is found, data can be erased, moved to a
secured location or protected with access
privileges.
This uses the existing policy to look for any
sensitive data. Discovery scanning can be
used to fingerprint data to indentify
unstructured data elsewhere.
Data at Endpoints
Data at Endpoints constitutes agents that
run on end-servers, user laptops or
desktops, keeping watch on all activities
Multi-protocol
monitoring
and
prevention
Content-level analysis of all major
file and attachment types
Selective
blocking
and/or
quarantining of messages
Automatic enforcement of corporate
encryption policies
Conclusion
DLP is a serious issue for companies, as the
number for incidents and the cost to those
experiencing them continues to increase.
Implementing a compressive DLP program
is
essential
for
todays
working
environment.. Whether its malicious
attempt, or an inadvertent mistake, data
loss can diminish a companys brand,
reduce shareholder value, and damage the
companys goodwill and reputation. In
todays business environment, the increase
in the volume of data is such that this is a
challenge to efficiently manage new existing
data. Nevertheless, it is a problem that all
organizations need to address.
Abhijeet Patil
[email protected]
Robbed in
London: New
email scam
Recently I came across a new email scam
strategy. In this you will get a mail from
your friend's email address, saying that your
friend went to some place (London
preferably) for vacation and got mugged in
the hotel. She lost everything except the
passport. Now she needs money to pay the
hotel bills and come back to her place. So
she requests you to loan her some money
(mostly around $1000) which she promises
to pay back once she will be back. Also the
money has to be transferred through
Western Union Money Transfer. Following
is the exact content:
"From: YOUR FRIEND
Sent: Wednesday, March 03, 2010 11:15
PMSubject: Sad News!!!
Tamaghna Basu
tamahawk-techguru.blogspot.com
http://twitter.com/titanlambda
Source Code
Theft & the Law
Computer source code is the most
important asset of software companies.
Simply put, source code is the programming
instructions that are compiled into the
executable files that are sold by software
development companies.
Scenario 1:
The suspect (usually an employee of the
victim) steals the source code and sells it to
a business rival of the victim.
After 27 October,
2009
Scenario 2:
The suspect (usually an employee of the
victim) steals the source code and uses it as
a base to make and sell his own version of
the software.
After 27 October,
2009
COMMENTS:
Computer source code is the listing of
programmes, computer commands, design
and layout and programme analysis of
computer resource in any form. Computer
source code need not only be in the
electronic form. It can be printed on paper
(e.g. printouts of flowcharts for designing a
software application). Let us understand
this using some illustrations.
Login
page
Hello World
The hello.exe file created by Pooja is
the executable file that she can give
to others. The small screen that
opens up is the output of the
software program written by Pooja.
Pooja has created the executable file
using the programming language
called C. Using this programming
language, she created the following
lines of code:
Enter
password
IncorrectCheck
Correct
password
Invalid
password
Logged
in page
main()
{
printf("Hello, ");
printf("World");
CASE LAW:
Rohas Nagpal
[email protected]
CNIP2010 An
Indo UK workshop
on Critical
National
Infrastructure
Protection.
Organized by CDAC Mumbai in
association with IIT Gandhinagar &
City University London
1.Disaster
Recovery
Solution
(Revival) Revival family (family of 3
solutions) is a hardware based solution
which is storage agnostic and can work on
almost all popular storage hardware. Based
on an Intel ATOM (N270) processor revival
family uses iSCSI protocol to talk to 1TB
inbuilt storage media. Revival family gives
Synchronous, Semi-Synchronous & Optimal
DR solution by connecting 1, 2 or multiple
revival boxes in local as well as remote
locations. CDACs idea is to provide bundled
solution low or zero RTO/RPO solution for
critical data installations. To achieve the
same,
revival
also
exploits
WAN
optimization
techniques
such
as
compression & recompression.
3.Secure
Two-factor
Authentication
for
Remote
Systems (STARS) CDAC also launched
a java based two factor authentication using
text, graphical & tex-o-graphical passwords.
A demo of the same was shown where a user
can choose authentication solution of
his/her choice. STARS give user freedom to
opt for any suitable second factor such as
smart card, usb token, etc.
Rohit Srivastwa
[email protected]
OpenDLP Tool
DLP Tools
Some of the commercial DLP tools available
in the market are CA DLP by CA
technologies, Iron Port by Cisco, Data Loss
Prevention Products by McAfee.
OpenDLP
Andrew Gavin released OpenDLP (version
0.1) on 30th April 2010 on code.google.com,
a free and open source, agent-based,
centrally-managed, massively distributable
data loss prevention tool.
OpenDLP can simultaneously identify
sensitive data at rest on hundreds or
thousands of Microsoft Windows systems
from a centralized web application. It also
helps to implement basic scanning on files
lying on your organizations workstations
and servers.
OpenDLP has two
components: a web application and an
agent.
Agent
Web Application
Platform Requirement
OpenDLP tool basically runs on Windows
2000 and later versions with no special
.NET Framework requirement. It runs as a
Windows Service at low priority so users do
not see or feel it.
Future Development
Andrew Gavin has already a list of future
enhancements.
Varun Hirve
[email protected]
Counting &
Matching Text in
Files
As we are at finding leaking data, I thought
putting something related would be more
fun.
In this issue of command line gyan, well see
how we can find some text in files. Say we
are looking for a pattern of text in multiple
file. This can also be used in any such DLP
to find the leaking data.
Windows
Here we go with a simple attempt and see
how good it is
C:\windows>
C:\windows> find
find /c
/c "disk"
"disk" *.log
*.log
Output
Linux
The same can be done in Linux in following
way.
If we have to find it in a single file then
command below will do the trick.
$ grep robot
/var/log/httpd/access/access
.log| wc -l
C:\WINDOWS>for /f "delims=-"
%i in ('"find /c "disk"
*.log 2>nul | find /v ": 0"
"') do @echo %i
But our objective is to scan a complete
directory and search for the string.
Rohit Srivastwa
[email protected]