|preview endpoint threat protection 11 2017.pdf|
Dear PenTest Readers,
We would like to present you our newest issue, that will mainly focus on endpoint threat protection solutions. We hope that you will find many interesting articles inside the magazine and that you will have time to read them all.
First, we will start with holistic endpoint threat protection approaches where Chinmay Hegde will tell you about next generation models. Later you will be introduced to Webroot SecureAnywhere and Windows Defender ATP mechanisms and shown their possibilities. We have also prepared a short tutorial on how to manage DOS attacks using Deception Techniques for you.
With this issue you will also receive a guide for cracking software based on a practical case. Moreover, you will be able to read an article about malware droppers, their functions, and use in pentesting. Last but not least, we have prepared two detailed step-by-step tutorials about server monitoring using Nagios and network monitoring using Wireshark.
Enjoy your reading!
Table of contents
Holistic Endpoint Threat Protection
by Chinmay Hegde
The world of technology is evolving day-by-day and so is the sophistication of the threats in the cyber world. The complexity of threats is increasing and tackling them has become a highly challenging task for the security officers and administrators. Every system with an increasing set of advanced features and facilities brings unimaginable types of vulnerabilities that attract the exploiters inevitably.
Endpoint Security: a Working MSP’s Evaluation of Webroot
by Tom Updegrove
Endpoint security, or endpoint protection, is an approach to the protection of computer networks and client devices. Because the connection of workstations, laptops, tablets, mobile phones and wireless devices to corporate networks creates attack paths for security threats, a comprehensive method of protecting these devices is necessary. Endpoint security attempts to ensure that such devices follow a definite level of compliance with existing security policy. Webroot SecureAnywhere is an excellent example of a Next Generation Anti-Malware defense delivery mechanism.
Endpoint Advanced Threat Protection
by Ahmed Nabil
Windows Defender ATP is a new security service offered recently by Microsoft to detect and respond to advanced targeted attacks. Windows Defender Advanced Threat Protection is based on Windows 10 clients/endpoints and serves as a post breach protection for investigating and responding to threats.
Managing DOS attacks using Deception Techniques
by Muruganandam Chandrasekaran and Sumalatha Chinnaiyan
The endpoints of the network are often the attractive targets for DDOS attacks. As the rest of the network matures in defensive capabilities, the vulnerable workstations, printers and other hand held devices represents easy targets. This article will explain how to analyze and defend using deception techniques.
The DOS and DDOS attacks involve bombarding an IP address or group of systems with a large amount of traffic. The principle is that the malicious traffic is generated from multiple sources.
Cracking for Beginners – A practical guide for cracking software
by Gustavo Palazolo Eiras and Deivison Pinhero Franco
Have you ever wondered how crackers can create various keygens and patches to circumvent non-free software licenses? How is it possible, only with the binary file compiled, to find out how the algorithm that validates a serial key works? This is possible through reverse engineering.
Thus, this article aims to serve as a study of a practical case about reverse engineering for those who are still starting in the field, where we bring a practical case of reverse engineering of software created by ourselves for tests and didactic purposes.
What do you know about Malware Droppers?
by Alisson Moretto
Malware droppers are used so that a malware can be distributed without there being a possibility that the malicious executable is delivered directly to a computer, but rather through an intermediary, which if complex, can manage the type of malware or architecture that is transferred and executed on the current machine according to its other and its geographic location, in addition to providing a way to avoid a threat of capture by security solutions.
Network Monitoring using Wireshark
by Nainita Thakkar
This article covers how network monitoring in real time can be done using the “Wireshark” tool. Here, some of the filters are explained to understand how the packet is filtered out from the all the traffic.
Server Monitoring using Nagios
by Nidhi Thakkar
The purpose of this article is to provide an overview of the Nagios tool and show how it is a very useful tool for networking monitoring and essentially reduces the burden of the network administrator. Nagios has key features like automatic checking of devices and service status and error reports. In this article, first, I will give you an introduction of Nagios and then I will show you the installation process and configuration process of Nagios.