Network Monitoring in a Box - Proactive Security for NextGen

The SecurityBox - NetMon

NetMon SecurityBox is a robust network management system based on opensource linux with a combination of Network appliance and the application based on linux. It is light & stable, handy & secure and does all the proactive security measures of maintaining 100% uptime of network resources. Network Management is often misunderstood as optional measures but when it comes to security, it is the first step towards securing businesses. Our solution requires less space, neglible cabling and cost effective affordability. It has a modern pre-configured, customized and ready-to-deploy Nagios Core image designed to run on low-cost device. At its core NEMS is a lightweight Debian Buster deployment optimized for performance, reliability and ease of use.

Social Engineering : Tabnapping phishing Attack

Tabnapping is a phishing attack, much more sophisticated than the normal phishing method .

It targets users who have multiple tabs open in their browser, often for long periods of time. The attacker uses JavaScript to change the contents and label of an already open tab which has been inactive for a while. The attacker then changes the inactive tab to look like alog-in screen of a bank/email provider/online shopping store or anyother desired website.

When a user goes back to the inactive tab, he sees the login screen of a web service he often uses, which makes him to think that he has forgotten to log into that website. As soon as they log in, the logged in credentials goes to the attacker, and this completes a classic phishing attack.

The attack can be made more powerful and more likely to succeed, if the script checks for web sites from the user’s history, and then loads the phishing page of one of them.

The inactivity of the user could be judged by :

1.Checking for mouse movement
2.Checking for scroll bar movement
3.Checking for keystrokes

Even if JavaScript is disabled,this attack can be carried out using the meta refresh" . It is an HTML attribute that is used for page redirection, and can be modified to navigate to a particular URL after a fixed given time.

The attacker can even put a warning message on the phishing website saying "Session expired Please login again", which will be able to make the victim believe that he has been logged out of that particular website, due to inactivity, as a result of which, he logs in to the attacker’s phishing page.