Tuesday, September 30, 2014

Kali-Tor-Blocked-Content-download

Just a snap about blocked content [by Organization/ISP/Govt./Country/etc.] download on Kali using TOR network.


TOR
torsocks
Blocked Contents
Kali
Tails Linux

Monday, September 29, 2014

IBM Security Network Protection

IBM Security Network Protection (IPS/IDS)

Downloaded the following from IBM site.

1. VMware image of the IBM Security Network Protection (XGS) Virtual Appliance for Demo.
2.  30 day license for all features, functionality and updates.
3. Demo Setup Guide for ISNP (XGS) Virtual Appliance.

VM settings for  IBM Security Network Protection


Custom Interface /dev/vmnet4 is crucial in this configuration as it works in bridge sniffing mode.


 VM settings for DVWA (live CD)

DVWA is accessing through IPS/IDS bridge.

Sample application access monitoring and blocked URL.



 Event Log entry created 

URLs accessed for file access IPS entry :- http://192.168.116.133/vulnerabilities/fi/?page=../../../../../../../../../../etc/passwd

Wednesday, September 24, 2014

Demostrating-WebApplicationFirewall

The WAF was able to block almost all attacks against the Damn Vulnerable Web Application.
The attack was generated by Burpsuite professional, Acunetix and manual from Burp.

Alerts created on WAF during the web attack : -

SQL Injection alert details

XSS alert and blocked

Example blocking of attacks
video

Saturday, August 2, 2014

IP2Country

Just a note about the script created to print out IP=country from a list of IP addresses

#for i in $(cat temp-ips.txt);do echo $i = $(whois $i | grep country | awk '{print $2}'| uniq);done