Monday, June 13, 2016

Internet of Things (IoT)





The buzz surrounding the Internet of Things.

What’s the buzz? The Internet of Things revolves around increased machine-to-machine communication; it’s built on cloud computing and networks of data-gathering sensors; it’s mobile, virtual, and instantaneous connection; and they say it’s going to make everything in our lives from streetlights to seaports “smart.”

Let’s look at one example. In 2007, a bridge collapsed in Minnesota, killing many people, because of steel plates that were inadequate to handle the bridge’s load. When we rebuild bridges, we can use smart cement: cement equipped with sensors to monitor stresses, cracks, and warpages. This is cement that alerts us to fix problems before they cause a catastrophe. And these technologies aren’t limited to the bridge’s structure.

If there’s ice on the bridge, the same sensors in the concrete will detect it and communicate the information via the wireless internet to your car. Once your car knows there’s a hazard ahead, it will instruct the driver to slow down, and if the driver doesn’t, then the car will slow down for him.

Okay. What are the advantages here? 

The Internet of Things; it’s the one that’s going to give us the most disruption as well as the most opportunity over the next five years.

Friday, September 25, 2015

The Future of Currency : Bitcoin

                       
In 2008, the world’s financial systems were in disarray. Depending on who you asked, there was always a different cause—predatory lending, artificially low interest rates, or maybe speculators. However, everyone knew it had something to do with the banks. Many went further and attributed the global economic situation to the banks’ banks: central banks. These are institutions which control the supply of money for a specific currency. In America, this is done by the Federal Reserve, which uses manipulation of interest rates to influence markets and regulate the value of the US dollar.

An anonymous programmer, known only by the pseudonym Satoshi Nakamoto, developed a revolutionary idea that would remove central banks and even governments from the monetary system. It would be a decentralized peer-to-peer digital currency called Bitcoin

How Bitcoin Works:

                  First step that everyone must take is to install a Bitcoin wallet. Once the wallet is installed, your very first Bitcoin address will be generated.

Just as you can share your e-mail address to get paid with digital currency providers like PayPal, you can share your Bitcoin addresses with your family, friends, business partners, and customers to have them pay you in Bitcoins. The difference, however, is that every generated address should only be used once and then discarded. As Bitcoin describes it, sending Bitcoins is just like sending an e-mail to someone – the only difference is that you’d be sending them from a new e-mail address every single time.

Each wallet is associated with the Bitcoin block chain, a necessary component to keep the complex trading system accurate and fair. The block chain tracks wallet balances, verifies new transactions, and makes sure all information is up-to-date at any given time.

How to Acquire Bitcoins :Getting your hands on even a single Bitcoin can take a bit of work, but you have a few options. Purchasing Bitcoin takes less effort than mining it, but obviously comes at the cost of your hard-earned cash. Mining, on the other hand, takes computer processing power and often bears very little fruit. First, let's talk about how you can buy a Bitcoin and then look at the mining process.

How to buy a bitcoin :
 As previously mentioned, storing and using Bitcoins requires wallet software or an online service. The wallet software requires quite a bit of disk space and you have to find a Bitcoin seller in order to acquire any of the actual currency. An online wallet, on the other hand, makes the entire process much easier. As a result, we're going to focus on that process. To set up an online wallet and purchase your first Bitcoin, just follow these steps:
  1. To create a wallet, sign up for an online service like My Wallet (UK) or Coinbase (US). For these instructions, we'll use Coinbase because they provide a simple, integrated purchase process with two-factor authentication for added security.
  2. From the lefthand menu, click "Linked Accounts" and add a bank account. It can take several days for Coinbase to successfully link a bank account, so if you intend to purchase any Bitcoins you should plan ahead.
  3. Once your account is all linked up, click the Buy/Sell Bitcoins link. The page will default to the Buy Bitcoins section so just enter the number you want to purchase, choose your bank account (if you linked more than one), and click the Buy Bitcoins button. The transaction may take a few days to complete, but you'll receive a notification when the Bitcoins have been safely transferred to your wallet.
The purchase process doesn't take much effort, but rather just involves a lot of waiting. The Bitcoin exchange rate changes over time, so while at the time of this writing you have to spend $75.93 USD for just one you may find them cheaper next month. Of course, you can come across Bitcoin for the cost of your CPU cycles by engaging in the mining process instead.

How to Mine Bitcoin :

  
Mining Bitcoin involves running software on your computer that processes complex mathematical equations. If your computer solves one of these equations, you get a payout in Bitcoins. The issue, however, is that your computer is up against large groups of computers that will likely solve the problem before you. That means your machine may end up doing a bunch of work and it will be a very long time before you ever see a payout. As a result, you want to join a mining group. This makes it much more likely that you'll receive a payout, but you'll also receive only your much smaller share. Nevertheless, without a farm of supercomputers you'll earn more in the long run by mining with a group. Because mining is a very complex process, we don't have room to get into the details in this post. Business Insider offers a very simple method you might want to try (it didn't work for us due to Java issues), or check out popular mining pool BitcoinCZ (also known as slush's pool).

 

Wednesday, January 21, 2015

Shodan :the scariest search engine


"When people don't see stuff on Google, they think no one can find it. That's not true."

 

That's according to John Matherly, creator of Shodan, the scariest search engine on the Internet.

Unlike Google (GOOG), which crawls the Web looking for websites, Shodan navigates the Internet's back channels. It's a kind of "dark" Google, looking for the servers, webcams, printers, routers and all the other stuff that is connected to and makes up the Internet.Shodan uses CADA (Supervisory Control and Data Acquisition)

How does SHODAN work?

                  SHODAN does what Google does but spits out specific and greater amounts of data. It’s just like Google except that, instead of indexing web page content,  it indexes banner information. It indexes data on HTTP, SSH, FTP, and SNMP services for a good portion of the IP net blocks that make up the Internet.You can do basic searching for free. An account is required for some features, and others require the purchase of credits.The basic SHODAN search filters are country, net, os, and port. There are others but these will get you started. So let’s say an attacker wants to identify all Siemens Simatic devices in the US by their SNMP banner. The search looks like this  


               port:161 country:US simatic

This search returns about 25 results. Hopefully that helps to start understanding the SCADA implications.

To cloak a computer from Shodan, systems should simply refrain from responding to either the first crawl or subsequent connection attempts by configuring their firewall to block unknown sources from connecting.

Another example :

If you wanted to execute a more specific search you’d use a string like this:

port:121 country:US hyper-v

Port:121 – this narrows the search down to specific ports.
Country – obvious.
Hyper V – this identifies all web servers using Hyper V in the UK (for example) by their SNMP banner.
To cloak a computer from Shodan, systems should simply refrain from responding to either the first crawl or subsequent connection attempts by configuring their firewall to block unknown sources from connecting. I should note that this is not the same as trying to hide the computer from search engine crawling by configuring a robots.txt file to tell Google, Yahoo, Bing, etc. to leave you alone.

How to defend ? 
The net filter allows you to search by an IP range, which is important for using SHODAN from a defense perspective. We may not care about all the other people exposing their PLCs to the Internet, but we do want to verify that we are not.

So the first step in the process of using SHODAN from a defense perspective is arguably the most critical: identify your public IP address space. One place to start is with the Regional Internet Registry (RIR) for your region. There you can perform a WHOIS search for your organization. In North America, ARIN is our RIR and you can find the advanced WHOIS search page here. You may not own all your IP space, however, so the identification process should not stop there. Make sure you identify and include all IP ranges for public carrier lines, leased circuits, wireless communication, etc… Hopefully internal documentation and diagrams will help with this task as well.

Another note about attacks: a traditional, targeted attack may follow a similar identification process and then scan your IP ranges to look for interesting or vulnerable targets. SHODAN doesn’t really change anything with this approach. What it does change is the ability for someone to find vulnerable or interesting targets in a non-targeted manner and makes the process quick and easy. Hence the concern and advisory from ICS-CERT, especially when combined with default passwords and other problems with control system servers and devices. But I said I wasn’t going to complain about that… at least not in this post.

Once you have a list of your public IP address ranges compiled, you can use this information to filter your SHODAN search. So you could search like this using CIDR notation:   net:123.123.0.0/16

Cyberpunk spider :

Shodan’s big lesson is that the internet is more diverse than we think. Think webserver, and you’ll probably think of Apache or Microsoft, or maybe Nginx, but Shodan’s database of nearly 144 million webservers shows that they’re not the only ones out there — not by a long shot. According to Shodan, Microsoft’s Internet Information Server, or IIS, runs about 8.5 million web servers. Allegro Software Development’s RomPager, which runs on more than 22 million machines. IIS may run big websites such as MSN.com, but RomPager runs on millions of routers, switches, and printers.

When Shodan went live in 2009, it was no Google. Matherly ran the search engine on an old Dell Vostro that ran in his closet. He took the name Shodan from the rogue artificial intelligence entity in the 1999 cyberpunk video game System Shock 2.

Today, the Shodan operation is much more sophisticated, but it’s still a one-man show. Matherly has a half-rack of servers in San Diego that store his core data on the more than 1.2 billion devices he’s tracked on the internet. There’s also his network of probes, which add new data on 200 to 400 million devices each month.

Like most attack tools, if used proactively, SHODAN can be used as part of a defense strategy.