Monthly Archives: August 2014

Google Map Tracking is Real

Logging into Google Maps builds more of a complete travel landscape than one might think. After checking this article and logging into the google maps chart, you will see Google Maps and logged in users are certainly tracked.

You can see a day by day chart of your location history with google by logging into said location history page on Google. This has been one of those theories I had for some time, but seeing the charts vividly prove the suspicions is really surreal. It also appears that some triangulation occurs by cellular towers, as I keep my GPS function off most often to preserve battery.

Interesting stuff indeed. Lots of power and money in that tracking data, I am sure. Please give these charts a read, if you doubt the level of tracking in the world today. Because the proof is in the pudding.

Spoof Attack Theories

Oh hey.  One of my theories about IP and attack spoofing being leveraged to make ‘enemies’ appears to be a real thing..  If you also thought it was convenient that attacks from “China” matched up with current global news, then got extra suspicious when “Russia” became a buzzword source of hacking theft claims, to match local and national news… you might be interested in Monstermind.  This is a NSA project.

Samba is likely a familiar topic for any Linux users, who interact with Windows environments.  Last week or so, it was disclosed that an exploit allowing Root (superuser) access was found in the SMB equivalent, Samba.

Also of note are the newer cars with big old exploit issues.  Bluetooth running on the same bus as the steering and brake systems, is kind of a huge issue. Top models to be exploited are:

    [*]2014 Jeep Cherokee
    [*]2014 Infiniti Q50
    [*]2015 Escalade
    [/list]

     

    TOR has been shown to be violated a few solid times now, but also in the last week or so, more info on the tainted endpoints has been covered.  Also of note, Blackhat 2014 conference was within the last week or so.  As this is where some of these conversations hit the public dialog.

    This may be a re-covering of the http://www.wired.com/2014/08/operation_torpedo/]malware that was planted on some Tor nodes to infect users, by that good olde FBI.[/url]

Domain Exploration

I may have noted this before, but I do quite a bit of local domain exploration, service detection, backup system verification, design and implementation. Finding devices and tagging them is a very helpful process, as I have seen quite a few 3rd party contractor run organizations over the years. The most fun part, is when you are local and have been asked to survey said network, you are within the letter of the law, able to help fix things, and in my case, having fun along the way.

Common thread 01: Verify all backups.
– You will be told everything is being backed up, but do not believe it. The tricky part in validating this, is knowing enough about the business systems to identify the types of data systems and file shares they utilize. Are the MSSQL driven, do they have file shares and DB pointers, etc.

How are the backups run, what is being backed up, on what schedule, full or differential, local and remote backups? Especially in the realm of contractors, you need to validate all of this. I have seen many assumptions that “backing up the main file server” will catch everything. However in reality this tends to be false. Does the application or users rely on local information? Does that replicate somewhere? Virtual / DFS a factor too?

As you can see, questions are a huge factor to mapping an existing network. Be polite to the prior contractor if you are able to obtain information before they leave. Even a subtle hint can go a long way. What backup systems are in use? Can you show me the main backups? This will establish the known systems and applications used for data backup.

From there, I am currently mapping each server to backup systems. Since there are multiple backup utilities in place, I am logging use of each one on every server. Since I have some DBA experience, I find mapping each portion to be effective in delivering a more concise end-report. Think of it as System Normalization. Once the Server Side is mapped, I will correlate the Business systems to backup methodologies.

Speaking of Business Systems / Application Data… Do not be afraid of working with end users. They will possibly and probably be your best indication of where information is being stored. Either by them telling you, or checking their mapped drives and local / web based application configurations.

:) From Week 02 of my new gig. Tons of data and business systems here. As I have encountered many times in the past, the belief of “everything being backed up properly”, is a huge bluff. Thank goodness at least most essential systems are here. Believe me when I have seen places with 0 active backup systems.
Since I am an employee here, they will not get all pissed about me finding problems and resolving them.

Interview wisely, my friends. There are many many many bad companies out there. Try to find the better ones, even if you go without pay for a longer time period. Your life and mind will thank you.