Met Dr. Jamie Saunders, Director of UK's National Cyber Crime Unit at the London office of National Crime Agency .Had a good knowledge sharing session and also I presented him my Book on Cyber Crime & Cyber Law.
Thursday, April 28, 2016
Wednesday, April 27, 2016
A Fast Flux Network is a network of compromised computers and some public DNS records that change frequently. As a result, the IP address associated with the corresponding domain name changes frequently. This technique is often used by the attackers to hide their malicious websites from detection. Botnets are large groups of compromised machines (bots) used by miscreants for the most illegal activities (e.g., sending spam emails, denial-of-service attacks, phishing and other web scams). To protect the identity and to maximise the availability of the core components of their business, miscreants have recently started to use fast-flux service networks, large groups of bots acting as front-end proxies to these components. Motivated by the conviction that prompt detection and monitoring of these networks is an essential step to contrast the problem posed by botnets,
Attackers typically compromise one or more victim computer systems with malware and exploit those to establish a fraudulent website like a Phishing website. The problem of the attackers with this approach is, these websites can be easily tracked down by public DNS name and IP address to shut them down immediately.
Peer-to-Peer (P2P) botnets have emerged as a serious threat against the network security. They are used to carry out various illicit activities like click fraud, DDOS attacks and for information exfiltration. These botnets use distributed concept for command dissemination. These botnets are resilient to dynamic churn and to take-down attempts. Earlier P2P botnet detection techniques have some shortcomings such as they have less accuracy, unable to detect stealthy botnets and advanced botnets using fast-flux networks. In this paper, we list recent P2P botnet detection techniques that overcome the weaknesses of previous techniques with higher detection accuracy.
So, the attackers started using server address obfuscation. They often use a group of proxy servers to redirect network. But, this approach also does not prove to be much convenient for them because of limited scalability. Moreover, these websites can still be tracked down quickly by international cooperation.
So, the attackers started using Fast Flux Networks.
The basic idea behind a Fast Flux Network is to associate multiple IP addresses to a malicious domain name. These IP addresses are swapped in and out with extremely high frequency, may be in every 3 minutes, with the help of changing DNS records. As a result, a browser connecting to the same malicious website in every three minutes will see different IP address each time and connect to the actual malicious website via different infected computers every time.
In Fast Flux Networks, attackers compromise a number of computer systems with malware and then exploit their bandwidth and computation power to build the Fast Flux Network.
In Fast Flux Networks, attackers often use a number of compromised computers as front end systems. These front end systems get the requests from the victims to connect to the malicious website and redirect those requests to the back-end servers.
So, the large pool of rotating IP addresses do not correspond to the actual back-end servers. Instead, they fluctuate among many front end servers which in turn funnel the requests and redirect them to the actual back-end servers.
Fast Flux motherships are the main controlling elements behind the front end servers. They are similar to Command & Control or C & C servers, though they have much more features compared to the C & C servers.This mothership node is hidden by the front end servers, which make them extremely difficult to track down. They often host both DNS and HTTP services and use web server virtual hosting configuration to manage content availability.
Fast Flux Networks are responsible for many illegal practices like online pharmacy shops, money mule recruitment sites, phishing websites, illegal adult contents, distribution of malware etc. Even other services like SMTP, POP, IMAP etc can be delivered using Fast Flux Networks.
image courtesy : Wikipedia
Sunday, April 24, 2016
Monday, April 4, 2016
This List is Public 😇
🔵 Password Hacking Software
10.Cain And Abel
🔴Wireless Hacking Software
🔵Network Hacking Software
19.Angry IP Scanner
🔴Packet Crafting To Exploit Firewall Weaknesses software
🔵Traffic Monitoring for Network Related Hacking software
🔵Packet Sniffers To Analyze Traffic software
🔴Test By High-Tech Bridge
Rootkit Detectors To Hack File Systemsoftware
41.PF: OpenBSD Packet Filter
🔴Debuggers To Hack Running Programs software
🔵Hacking Operating Systems software
65.Samurai Web Testing Framework
🔴Intrusion Detection System And The IDS Tools
🔵Hacking Vulnerability Exploitation Tools
78.Social Engineer Toolkit
🔵Vulnerability Scanners tools
🔴Web Vulnerability Scanners tools
Navy man gets 2 years Jail for Child Pornography, cyber crime in India : Cyber crime conviction By Prashant Mali In the case of D...
Mobile Phone SIM Swap or SIM Exchange fraud and how to protect your selves? By Prashant Mali I have clients who have lost Rs. 1,...
What does Google know about YOU? Did you know that unlike searching , when you search on Google, they ? That means they know every search y...
SIM Swap or SIM Exchange Fraud Solution which India should Adapt By Prashant Mali Being a long-time crusader of SIM swap fraud victim...