J Wolfgang Goerlich's thoughts on Information Security
Browse the Web over command line with Ncat

By wolfgang. 16 August 2010 08:03

Ncat is the updated version of Netcat that ships with Nmap. You can use it to connect over TCP ports and send/receive ASCII data. One fun thing to try is to test your knowledge of the HTTP RFC by browsing over a command line. How far can you GET, PUT, and POST your way thru a website? Bonus points for acting as a HTTP server.

Browse a website over HTTP:

C:\Program Files (x86)\Nmap>ncat www.jwgoerlich.us 80
GET / HTTP/1.1
Host:www.jwgoerlich.us


Browse a website over HTTPS:

C:\Program Files (x86)\Nmap>ncat www.jwgoerlich.us 443 --ssl
GET / HTTP/1.1
Host:www.jwgoerlich.us


Create a webserver:

C:\Program Files (x86)\Nmap>ncat -l 127.0.0.1 80


Traditional telnet can be used for browsing over HTTP, but telnet cannot to HTTPS or serve as a webserver.

Tags:

Systems Engineering

Social networking and loose lips

By wolfgang. 12 August 2010 12:05

Do you remember the World War II poster with the slogan “loose lips sink ships”? Every errant word or a disclosure of sensitive information is a threat to an organization. Before social networking, such threats were limited to the employees’ social circle. With the advent of social networking and blogging technologies, the disclosure of sensitive information has no practical limit. Any outsider with access to the Internet can see what any insider shared. While this may not sink the ship, it certainly can cause embarrassment, a loss of competitive advantage, a scuttled deal, or a fine for insider trading.

Focus has several tips on an individual improving their security: “be discreet, be skeptical, be thoughtful, be professional, be wary, and check privacy policies.”

The Security Risks of Social Networks
http://www.focus.com/fyi/it-security/security-risks-social-networks/

Tags:

Security

Hard Link Shell Extension

By wolfgang. 4 August 2010 08:44

Hermann Schinagl has a new version of his hard link shell extension online. Get it while it's hot.

http://schinagl.priv.at/nt/hardlinkshellext/hardlinkshellext.html

"Link Shell Extension (LSE) provides for the creation of Hardlinks , Junctions , Volume Mountpoints , and Vista's Symbolic Links, (herein referred to collectively as Links) and a Folder Cloning process that utilises Hardlinks or Symbolic Links. LSE, as its name implies is implemented as a Shell extension and is accessed from Windows Explorer, or similar file/folder managers.  The extension allows the user to select one or many files or folders, then using the mouse, complete the creation of the required Links - Hardlinks, Junctions or Symbolic Links or in the case of folders to create Clones consisting of Hard or Symbolic Links. LSE is supported on all Windows versions that support NTFS version 5.0 or later, including Windows XP64, Vista and Windows7.  Hardlinks, Junctions and Symbolic Links are NOT supported on FAT file systems, and nor is the Cloning and Smart Copy process supported on FAT file systems. "

 

Tags:

Systems Engineering

    Log in