Passwords – Good Practise

Recently I have started to use a new password manager and got asked why I did not just use the same password across all of my accounts online. And this lead to me thinking that people as a rule don’t know effective and secure practice to follow when using online accounts and passwords.

Firstly you should always use a different password for each of your online accounts, this could be having one password with many variations such as different letters or symbols within it. This is necessary these days as it only takes one of the platforms you use to get hacked and you could potentially lose access to all of your accounts.

So Here Are Some Good Password Practice

Password Practise
The steps above are a fairly comprehensive guide to develop a highly secure password, by memorizing a sentence you have written, the arduous task of having to remember your new or complex password is reduces. you can also incorporate information about the account you are logging into meaning each accounts password will be a lot easier to remember.

unnamed
TrueKey is a password manager utility from Intel, and not only does it store information for online accounts you can also put in information like your social security number. This turns out to be very useful when paired with the mobile app. TrueKey also offers a feature that will generate a password for each account, and then log you straight in from the application. Meaning once you have secured all of your accounts you will only ever need 1 password to gain access to them.

6a00d8341cc8d453ef01157025645b970c
This final method is a touch old school I know. But in my opinion nothing can beat a trusty notebook (Granted I am probably one of a few that still like handwritten notes.) But the beauty of using a notebook is that you never have to worry about getting hacked and they can be carried on you at all times. Ok, so this option might not be the best if you tend to lose things but other than that its a sure fire way to manage multiple account details offline.
 

And hopefully if you follow some of the steps listed above you should be able to maximize your online security. As it is commonly known that the weakest point in most security systems is the human element. And that is because a lot of people have poor security knowledge or training. And this can be down to a number of thing such as age or use case.

But again hopefully this helps and you can share it with your friends and colleague to again increase everyone online safety.

How to Setup an Ethical Hacking Lab

I have recently been setting up a Virtual Lab to use with Kali Linux, to safely practice some pen-testing. And just messing around with some stuff, but the first thing I needed to do before I started was to create a safe environment for myself to practice in. I did this by using VMware

VMware is a virtual machine package allowing you to run virtual machines on your main devices, this can be used for a number of different things. Such as setting up a forensics test environment to discover how some application change the machines as they are used. Or to practice ethical hacking in a safe and secure environment. This can be important because unless you had permission to practice on a real network you would be in breach of a number off different laws depending on the country your in.

This means without having access to a functional lab you’d struggle to either practice away from your studies or to even get started without the worry of getting yourself into trouble. Due to these reasons I went about setting my self up a little lab using VMware. This was very straight forward and simple to-do. And now means I can practice to my hearts content without the risk of breaking any laws.And here is how I did it.

VMWare Downlaod Page
First thing you will need to do is go to the VMware website, and download the VMware Workstation Player (And don’t worry its free for personal use)
VMware Welcome Screen
Once you have downloaded and installed VMware, you will be greeted by this window. From here we are going to select “Create a New Virtual Machine”
Create VM 1
Once you have selected to create a new virtual machine, you will have to select the ISO you wish to install (I will leave a list of Linux ISO below)
Create VM 3
Once you have selected your operating system you will be asked to enter information about the user
Create VM 4
The next step is to decided where you want to save your VM files and to name the VM if you have multiple VM’s of the same operating system this is usefulto manage and keep track of them.
Create VM 5
You will then be asked to select how much storage you want the virtual machine to have, I usually leave it around the 20GB mark but you can do what ever best suites your needs. As I only use mine for testing purpose and never store any data on them.
Create VM 6
This is the final stage before powering on your VM, and is also the stage you are give the option to assign how much hardware the VM will receive.
Create VM 7
Once you have decided how many cores and how much ram your VM is going to require you need to go down to the networking option and select Host-Only. This means that you will only be able to communicate with machines on the same virtual network as yourself.
Create VM 8
And finally you should be able to power on your virtual machine and install the operating system. Once this machine boots up you will be in your own virtual network and can practice your hacking in a safe and secure environment.

 

So if you follow all of the steps above you will be able to repeat this step to install OS such as Kali Linux, this is my go to operating system for practicing ethical hacking as it has all the tools you could need and is used within industry meaning you will have access to tools that are used by professionals.

I found it useful to play around with some older operating systems to practice on first, this tended to be Windows XP or an older version of Ubuntu. This is due to the security features on Windows 10 for example and more advance making it more of a struggle to practice. I also found the easiest way to get a Windows XP key was to have a look around the house and try and find an old laptop that ran windows XP and use the serial off that. But if you don’t have any laying round the house you can buy them on eBay for about £30.

 

Linux ISO Downloads