Network Monitoring in a Box - Proactive Security for NextGen

The SecurityBox - NetMon

NetMon SecurityBox is a robust network management system based on opensource linux with a combination of Network appliance and the application based on linux. It is light & stable, handy & secure and does all the proactive security measures of maintaining 100% uptime of network resources. Network Management is often misunderstood as optional measures but when it comes to security, it is the first step towards securing businesses. Our solution requires less space, neglible cabling and cost effective affordability. It has a modern pre-configured, customized and ready-to-deploy Nagios Core image designed to run on low-cost device. At its core NEMS is a lightweight Debian Buster deployment optimized for performance, reliability and ease of use.



Social Engineering : Creating Autorun.inf , SMS and Caller ID Spoofing


Creating Autorun.inf file

During Social Engineering Attack penetration test, you may also consider a case, where you have left a removable media (say a USB) or a CD/DVD. It is human nature, that out of curiosity he will try to find out what is the USB all about and what is the data stored inside.

In this section, we will learn how to how to create an autorun file, which would automatically execute, when the USB is plugged into the computer.

Autorun.inf is a configuration file which contains information about the actions to be performed whenever the disk/drive is inserted into the system. It could also contain other details about the media such as its label and icon.

In some of the penetration test cases, what I saw was that the employees were curious enough to check a USB drive lying on their office table. What I did was leave a USB, with my autorun configuration file in it, and getting access of their computer.

 

Here are few simple steps to create an autorun.inf:

  1. Create a file in your removable media with the name autorun.inf.
  2. Write the following lines of code in it :

    [autorun]

Open=shell.exe
label="Hello World"

  1. Place your Trojan, with the name shell.exe, which reverse connects to you on executing.


SMS SPOOF/CALLER ID SPOOFING



Another technique used by attackers to gain the trust of the target is using spoofed IDs for calls and text messages. This feature has widely been exploited in the past and is been continued till now.

This method utilizes the VOIP service, in order to make phone calls and sms messages and change the originating address.