Glasswire Review – The Complete Network Monitor

Glasswire might just be your complete network monitoring and security tool, for both professionals user and home users. I have found from use that it becomes an asset to your security policy, being that at work or home.

Glasswire - Free Features

Glasswire is packed full of features that are designed to not only make your life easier, but also give you piece of mind that your computer is safe from malicious software such as remote Keyloggers and Trojans. This proves evident when you consider the Webcam and Mic detection feature that will notify you if your webcam or mic is activated. And after the leaked documents from Edward Snowden, this concern is ever more prominent. The amount of people you see with tape or a cover over their laptops webcam is not to be ignored.  And rather than placing a sticker or tape over your webcam you could simply turn on the webcam and mic detection feature.

Glasswire -Webcam Detection

The webcam and Mic detection feature can also be used in conjunction with the network monitor, and if Glasswire detected the webcam was in use and you are to see suspicious network activity you would be able to deduce that there could be a Trojan or other remote element on the PC. These features combined make Glasswire a force to be reckoned with in regard to preserving your privacy and preventing your system being compromised.

GlassWire - NetworkScreen

Have you ever wanted to know what or how many devices are connected to your WiFi network, well Glasswire has the solution. Under the network tab you can choose to scan your network and from there it will build a list of all of the device connected to the network.

This will then let you label each device. The ability to label the devices is a nice touch considering in some household there could be as many as 4 iPhone’s that would all be identified by the same name.  And by labeling all of your devices each time you notice an unrecognised device on the network you will be able to carry out an investigation and remove any labeled device from the equation.

As well as this it also has a built in firewall, that can alow you to block or allow certain applciaitons from accessing the outside world. This feature could be very useful if you are to notices some suspicous activity and your first port of call could be to block its network access before investigatong further. This could potentaly save you a massive amount of trouble depending on the type of malware it is.

This slideshow requires JavaScript.

The user interface is warm and welcoming, and offer a few different skins so the user can add their own personal touch to it. And due to all of the option being very clear and easy to access it s quick and smooth to navigate without having to jump through hoops to find certain elements of the application.
GlassWire PricesGlasswire does offer a free option, and for most users, that might be all they need. It will still allow you to monitor your data usage and see a visual representation of network activity.
But considering the ‘Basic’ option starts at $49, paying for the added features will not break the bank and in most cases will cover your average user who may just want to see what is connecting to their wireless network and see what is using data on their PC (This could be beneficial if on a metered internet plan)

The next package the ‘Pro’ comes in at $99 but if you break that down at cost per computer it is only $33 a system. And bundle that with the remote monitoring ability it could be ideal if you have a home server, or multiple devices that you wish to kep an eye on.
And finally there is the Elite version, this I would imagine is targeted at business uses due to the number computers. But depending on your home set up it could be used for a home set up and with that many devices in the home a remote monitoring ability could save a huge amount of time, stress and worry.

To conclude, I personally feel that Glasswire take ‘Cyber Space’ and gives the user a real-time visual representation that would otherwise remain hidden or hard to interpret. It offers the user a nice and smooth experience while also delivering the information in a manner that you do not have to be a network engineer to understand. And I would highly recommend it to anyone who is looking to bolster their security policy at home or work.

Passwords – Good Practise

Recently I have started to use a new password manager and got asked why I did not just use the same password across all of my accounts online. And this lead to me thinking that people as a rule don’t know effective and secure practice to follow when using online accounts and passwords.

Firstly you should always use a different password for each of your online accounts, this could be having one password with many variations such as different letters or symbols within it. This is necessary these days as it only takes one of the platforms you use to get hacked and you could potentially lose access to all of your accounts.

So Here Are Some Good Password Practice

Password Practise
The steps above are a fairly comprehensive guide to develop a highly secure password, by memorizing a sentence you have written, the arduous task of having to remember your new or complex password is reduces. you can also incorporate information about the account you are logging into meaning each accounts password will be a lot easier to remember.

TrueKey is a password manager utility from Intel, and not only does it store information for online accounts you can also put in information like your social security number. This turns out to be very useful when paired with the mobile app. TrueKey also offers a feature that will generate a password for each account, and then log you straight in from the application. Meaning once you have secured all of your accounts you will only ever need 1 password to gain access to them.

This final method is a touch old school I know. But in my opinion nothing can beat a trusty notebook (Granted I am probably one of a few that still like handwritten notes.) But the beauty of using a notebook is that you never have to worry about getting hacked and they can be carried on you at all times. Ok, so this option might not be the best if you tend to lose things but other than that its a sure fire way to manage multiple account details offline.

And hopefully if you follow some of the steps listed above you should be able to maximize your online security. As it is commonly known that the weakest point in most security systems is the human element. And that is because a lot of people have poor security knowledge or training. And this can be down to a number of thing such as age or use case.

But again hopefully this helps and you can share it with your friends and colleague to again increase everyone online safety.

What is Kali Linux?

In one of my recent post I explained and easy and safe way to set up your own Digital Forensics Lab and I mentioned a Linux based operating system by the name of Kali Linux. But what is it? and why would you use it in your virtual hacking lab?

Kali Linux is a Debian based operating system that uses the Gnome desktop environment, but unlike Ubuntu and Gnome Kali is packed full of usefully tools and applications for cyber security and digital forensics. Meaning that it is pretty much a one stop shop for just about any tools you could need, this makes things very convenient as you do not have to search around and download multiple applications they are already there in one place. It makes use of the Gnome menu system and groups all of the tools into named folders with the type of tool it is. This again means there is no hunting around when you have installed all of your tools.

There are a number off different use cases for a package such as Kali and the could be from a general curiosity to using it in industry as a professional. I personally use it along side my degree as is part of my course. But with it being free you can start using it when ever you want and with the many tutorial online it is really simple to get started and learn how to use it.

Because it uses the Gnome desktop it feels nice to use just like Ubuntu or Gnome, and it doesn’t feel like a tool your using. Granted a lot of people would be very unfamiliar with either of these Linux system but after a little bit it feels natural or like using any other graphical operating system. It also means that you could use it as a daily operating system if you were that way inclined. And don’t worry about requiring the latest computer hardware to run it because due to it being Linux based it doesn’t require all to much. Granted for certain task an application a little extra power wouldn’t go amiss but if you where to run it on 1 or 2 cores with 1 or 2 GB or ram it wouldn’t feel sluggish. And better yet you can run it live from a USB stick so you don’t even have to install it to benefit from it tools and features.

I tend to run it through a virtual machine, this is due to the safe lab that I mentioned before, and again it runs just like any other system within a VM. One benefit of doing this is that you can play around with the hardware the VM will supply it with. So if you have the hardware to spare you can build a beefy Kali System.

Tools Included in Kali

  • AirCrack
    • AirCrack is a WEP and WPA (Router Password) cracking tool, meaning that if you where preforming a penetration test on a company you may be able to gain access to there network through the WiFi.
  • Burp Suite
    • This package allows you to test the security of web applications, it does this by canning the application the searches for possible vulnerability. This is a very helpful tool for developers who wish to make there product as secrecy as possible.
  • Hydra
    • Hydra is a brute force password cracking application that on the surface looks limited and outdated. But in reality is a powerful tool allowing you to attack one or many users with either a single password or from a list of passwords.
  • John the Ripper
    • John the Ripper is another password cracking application that is command line based, although you can use a graphical version in the form of Jonny the ripper. It has been know for its speed at being able to crack passwords.
  • Maltego
    • This is one that you are very unlikely to have used or heard of and it is Maltego, this application is an effective relationship tracker that can work on social media platforms, Computer networks and websites. Once it scans the target location it produces a map using graphics making it clear and easy to understand.
  • Megasploit Framework
    • This is another application that works well for developers or system admin, Megasplot Framework runs simulated attacks on your network trying to find vulnerabilities. This allows you to patch or alter the vulnerability and make your system as secure as possible. And because it is all simulated there is no negative effects on the network its self.
  • Nmap
    • Is another command line application that has a graphical front end application as well this time its in the form of Zenamp. The purpose of this tool is to preform network discover scan and also security auditing.
  • Zed Attack Proxy
    • The Zed Atatck Proxy or ZAP is another penetration testing tool targeting web applications, It supports the Open Web Application Security Project or OWASP and is pack to the brim with functionality and features.
  • Sqlmap
    • Sqlmap is again a penetration testing tool but this time it is targeting SQL databases and looks for weakness in SQL injection, In some cases SQL injection can compromise an entire database. This could potentially leave the target in a whole heap of trouble.
  • Wireshark
    • Wireshark is a network protocol analyser, it boast some features such as being able to scan hundreds of protocols and preform offline analysis.

Other Similar Operating Systems

All of the above are aimed to provide a similar services to Kali Linux, and although I have limited hands on experience with each of them. I do know from others that they are good at what they do and that they should be considered as an alternative to Kali. Some of them are more tailored towards anonymity online while other are again forensics packages.