Security Forgotten at 1&1

This is a story about me purchasing a domain and asking the help from the domain name provider. Company is 1&1 Internet. WTF is wrong with this company, they have no sense of security being in an industry where they really need you to be worried about the security.

Just read from the bottom and you can comment of course 🙂

Some information is masked for security reasons.

Continue reading “Security Forgotten at 1&1”

SSH to EC2 Instance

I have been working with AWS (Amazon Web Services) with EC2 (Elastic Computing) instances (Cloud Instances). I had some trouble connecting to them. So I thought of sharing how you could do this in few easy ways.

At the point of creating the instance you can associate an existing key pair or can create one for you. When you create the key file your key will automatically start downloading. Keep that safe and use it to connect. This will have the “pem” extension. Let’s say the file is AWS.pem
 
  • Linux Shell

This is the easiest way as long as you are on linux or cygwin on windows. Assuming you are connecting to an Ubuntu Server instance.

# using a google IP for demonstration purposes

# Using Elastic IP
ssh -i AWS.pem ubuntu@173.194.38.191

# Using Public DNS
ssh -i AWS.pem ubuntu@ec2-173-194-38-191.us-west-2.compute.amazonaws.com
  • Using Putty

Pinehead has a nice video explaining everything about using Putty. Only difference is the user name is root. For ubuntu server you can’t connect as root. It’s always “sudo” after connecting using the user “ubuntu”

Ref:

  • Other

Other commercial tools such as XShell which provides free access for non-commercial/personal/student basis have the support built-in. You can just select the keyfile to use when connecting with the user:ubuntu/root and the Elastic IP/Public DNS

Twitter outage and the aftershocks

Few days back I thought I was the only one who can’t access twitter. And tried so many things including DNS changing to anonymous proxies. First I was blaming the ISP’s DNS then it seemed there was something really wrong when Google DNS also failed to resolve twitter.

Horror!! the thing you least expect from one of the prime social networks has really happened. Twitter gone down…

This shows that anything is possible. So be really careful…. What if Google is hacked.? You create all your accounts with your email. Think about that getting compromised. This may  compromise your whole online identity. So we can’t stop the extremes. But still we should take precautions. Have a very strong Gmail password. Enable step 2 verification. And you are safe from the foreseeable threats, at least!

Reading
Mashable: How Much Data Is Created Every Minute? [INFOGRAPHIC] http://goo.gl/mag/y15Qc

Is hacking SLT ADSL possible?

Actually any system or device has the risk of being hacked. But if you are not using the available security measures then you can easily get hacked. It’s the same issue with SLT ADSL users also. Many don’t know the security level of the equipment they use and also an average user may not have all the technical capabilities about routers and other networking stuff. So if a user gets hacked or his accounts get misused who gets the responsibility. I’m quite sure SLT want, but actually they should be held responsible for configuring the equipment insecurely.

I will not tell how to hack through SLT routers, but I will explain the possibility of these threats.

  • If I have the knowledge on the SLT ADSL assigned IP ranges I can do a port scanning to find the active IPs and even the services running on the on various ports. For this there are more than enough port scanners and vulnerability scanners available. You can Google if you really want to know about them. There are very good open source tools available such as nmap.
  • Main issue with SLT is that when they configure the routers they keep the default device passwords intact.
  • So when trying to logon to those IPs most of the time the router models are also revealed and you can easily find the default password from the manufacturer’s site.
  • If you cannot find the manufacturer still there are only very few username, password combinations. You can try few randomly.
    • Admin, admin
    • Admin, 12345678
    • Etc.
  • Other than a few knowledgeable users everyone else are using the default passwords.
    • Get access to the router and you could steal the ADSL user name and password. (If you have a low bandwidth connection or a lesser quota remaining then you can hack and use someone else’s user details. this was possible some time back and I’m not sure whether SLT has blocked this)
    • Allow access to various protocols and ports
    • You name it …
  • Also the standard routes provided with SLT are not having the comprehensive security which most of the other widely available routers have. So it’s ideal if you only buy the connection from SLT and buy a known router which has most of the security enabled by default. Don’t fall for offers they give on routers. The seasonal cheap price is the actual price they buy the routers from the manufacturers. So you can expect advanced security 😛

Also many users have their wireless security off so the neighbors don’t need to buy an internet connection. You may think that you don’t need this but there is a huge risk in this. You are trying to stop external attacks with antiviruses and firewalls. But a person who comes to an unsecured network will not be an outsider. So the attacks are much easier. They can hack into most of the computers routers and completely destroy the network. Any criminal activities carried out through your network will be on your account. So better to be careful I guess 😛

There are laws but very few know about them and very few will know and use them. Even if they use them a hacker will be very careful to leave very few traces.

SLT should never configure the equipment with these two vulnerabilities for their own benefit and make the users unsecure. Of course if you are savvy on this better to implement this or get the services of a savvy person.


Related Posts: Sri Lanka Telecom: Increase the data quota given for ADSL Connections