What is DNS Spoofing and how it works

The DNS is responsible for resolving human-readable domain names to numeric IP addresses. It is a protocol designed in the early days of the internet, and features only weak security mechanisms. DNS Spoofing, also known as DNS Poisoning or DNS Cache Poisoning, involves corrupting an Internet server’s Domain Name System table by replacing a valid Internet address with that of another, rogue address. When a web user looks for the affected page, the request is redirected to a different address where a worm, spyware, web browser hijacking program, or other malware can be downloaded to the user’s computer from the. Basic Overview of DNS Spoofing DNS spoofing occurs when a particular DNS server’s records of “spoofed” or altered maliciously to redirect traffic to the attacker. This redirection of traffic allows the attacker to spread malware, steal data, etc. For example, if a DNS record is spoofed, then the attacker can manage to redirect all the traffic that relied on the correct DNS record to visit a fake website that the attacker has created to resemble the real site or a different site completely. DNS is a Domain Name System, which has all the websites names and its corresponding IP address in…

What is Blowfish Algorithm in Cryptography?

In cryptographic circles, plaintext is the message we are trying to transmit. The process of encryption converts that plaintext message into ciphertext, and decryption converts the ciphertext back into plaintext. Encryption algorithms are technically classified in two broad categories- Symmetric key Cryptography and Asymmetric Key Cryptography. In symmetric type of Cryptography, the key that is used for encryption is same as the key used in decryption. Examples of various symmetric key algorithms are Data encryption standard (DES), Triple DES, Advanced Encryption Standard (AES) and Blowfish Encryption Algorithm. In Asymmetric Cryptography, two unique keys are used for encryption and decryption. One is public and the other one is private. Examples of various Asymmetric key algorithms are Elliptic-curve cryptography (ECC), Diffie–Hellman key exchange, Rivest-Shamir-Adleman (RSA), etc. Overview of blowfish Algorithm Blowfish is another algorithm designed by Bruce Schneier in 1993 to replace DES. This symmetric cipher splits messages into blocks of 64 bits and encrypts them individually. Blowfish can be found in software categories ranging from e-commerce platforms for securing payments to password management tools, where it used to protect passwords. It’s definitely one of the more flexible encryption methods available. Blowfish is a symmetric block cipher that can be used as…

What is Session Hijacking in Cyber Security?

Now a days, the usage of web based applications are increasing and the session vulnerabilities are very common in all web applications. Information security is a vital area of concern for all users, which goes beyond the technical domain. It is likely to affect the entire human race if not properly handled. Security is the degree of conflict to, or defense from harm. It applies to any susceptible and precious asset, such as a person, dwelling, community, organization, or nation. The Internet has become immensely popular and used by people of all different backgrounds. It has increased the development of web applications in recent years. Simultaneously, the impact and amount of security vulnerabilities on web applications are also on hike. Overview  of Session Hijacking? Session hijacking is an exploitation of a valid web application session or session key, to gain unauthorized access to information or services in a computer system. Due to the stateless nature of the HTTP protocol, web applications require additional measures to keep their users authenticated. To achieve this criterion, session identifiers are used for the authentication process. After a successful authentication, the web application generates the session ID, which will be transmitted to the client. Every…

What is Access Control in Network?

The need for network security is a relatively new requirement. Security incidents are rising at an alarming rate every year. As the complexity of the threats increases, so do the security measures required to protect networks. Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: Physical, personal and organizational. Overview of Access Control Access control is generally a policy or procedure that allows, denies or restricts access to a system. It may, as well, monitor and record all attempts made to access a system. Access Control may also identify users attempting to access a system unauthorized. It is a mechanism which is very much important for protection in computer security. Access control approaches determine how users interact with data and other network resources. Furthermore, access control measures ensure data are protected from unauthorized disclosure or modification. Access control is the traditional center of gravity of computer security. It is where security engineering meets computer science. Its function is to control which principals have access to which resources in the system—which files they can read, which…

What is Secure Hash Algorithm (SHA) in Network Security

Cryptographic hash functions cannot be thought of outside mathematics. Cryptographic hash functions are a valuable tool in cryptography. They are applied in many areas of information security to provide protection of the authenticity of messages; data integrity verification which prevents modification of data from going undetected, time stamping and digital signature scheme. The hash functions that are used in various security related applications are called cryptographic hash functions. Secure Hashing Algorithms, also known as SHA, are a family of cryptographic functions designed to keep data secured. Overview of SHA The SHA i.e. Secure Hash Algorithm is basically based on the concept of hash function. The basic idea of a hash function is that it takes a variable length message as input and produces a fixed length message as output which can also be called as hash or message-digest. The trick behind building a good, secured cryptographic hash function is to devise a good compression function in which each input bit affects as many output bits as possible. In computer cryptography, a popular message compress standard is utilized known as Secure Hash Algorithm (SHA). Its enhanced version is called SHA-1. It has the ability to compress a fairly lengthy message and create…

What is Secure Socket layer (SSL) and How it Secure the Network

The boom of internet, web technologies bring the whole world under a single roof. Transferring information through e-ways leads security to be an important aspect to deal with. In recent years, there has been tremendous development in Internet. Right from retrieving information about any subject, you can use Internet for many purposes. But when two parties like client and a server are communicating over the Internet. Secure Socket layer (SSL) is vital to Web security. It provides a strong sense of confidentiality, message integrity, and server authentication to users. Overview of SSL SSL stands for Secure Sockets Layer protocol developed by Netscape and is the standard Internet protocol for secure communications. SSL (Secure Sockets Layer) is a standard security protocol for establishing an encrypted link between a server and a web browser. This link ensures that all data exchanged between the browser and the server remains secure. SSL allows your website and your visitor’s browser to transmit private, sensitive information without the worry of eavesdropping, web forgery, and data tampering. The main role of Secure Socket layer (SSL) is to provide security for Web traffic. Security includes confidentiality, message integrity, and authentication. SSL achieves these elements of security through the…

What is Digital Identity in Network Security and How it Works

Having an identity and expressing it have been of that importance from the early time. Digital identity related mechanisms are the core of modern systems, networks, and applications security. In an increasingly borderless and digital world, privacy and security cannot be ensured through the construction of walls around sensitive information. Identity is the new frontier of privacy and security, where the very nature of entities is what allows them to complete some transactions but be denied from completing others.  To understand the importance of identity and the criticality of strong identity protocols that protect against cyber-risk and suit the needs of transacting parties, it is essential to understand what identity is, and its role in enabling transactions. Overview of Digital Identity Digital identity is said to be at the heart of many contemporary strategic modernizations and innovations, ranging from crime, misconduct, offence, internal and external security, business models etc. This necessitates disclosing the personal information within ubiquitous environment. A digital identity is an online or networked identity adopted or claimed in cyberspace by an individual, organization or electronic device. These users may also project more than one digital identity through multiple communities. In terms of digital identity management, key areas of concern…

What is Cross Site Scripting (XSS or CSS)

Nowadays, with the network expanding quickly, especially Web 2.0 increasing, internet is not anonymous to us anymore. It is a good platform for users to communicate, chat, do business or play game together. For instance, we usually go to Google to search information, Amazon or E-Bay to buy books and many other goods and we also go to My-Space to communicate with friends. Therefore, there is no doubt that Internet is gradually becoming an integral part our daily life. So providing a beneficial and safe networking environment is significantly necessary. If there is vulnerability in a famous website, a lot of visitors will be attacked customers and the result cannot be imagined. XSS is the most common security vulnerability in software today. This should not be the case as XSS is easy to find and easy to fix. XSS vulnerabilities can have consequences such as tampering and sensitive data theft. Overview With the Internet expanding quickly, there are more and more vulnerabilities which threaten billions of customers. Therefore, we must prevent these vulnerabilities from happening in order to provide a safer environment for surfing the Internet. Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute…

Insert math as
Block
Inline
Additional settings
Formula color
Text color
#333333
Type math using LaTeX
Preview
\({}\)
Nothing to preview
Insert