Cybersecurity for Beginners

 “Information is the oxygen of the modern age. It seeps through the walls topped by barbed wire, it wafts across the electrified borders.” - Ronald Reagan





It could be argued although I am sure many would disagree that our presence on this earth, our value in any position is dependent on the information we share with the people near us. This is why maybe, we evolved or some higher being had us evolve to have a mouth to share, ears to hear and words to speak, all so that information could be exchanged. However, in the mid 1990s and 2000s a new era of information exchange was introduced, the world wide web, that forever changed the way we look at information exchanges. Never before have we consumed so much content in the form of words and images, never have we ever been more informed or misinformed depending on your allegiances on subjects that matter. Never before have I been able to simply click a few buttons and share a call with someone thousands of miles away from me and never before has it been easier to listen in on this exchange of data. 

Our computers, phones and devices are portals into who we are, what we are doing and where we will be going and that information is openly available for a skilled agent to extract. You could still think oh! But we have firewalls, passwords and a veritable arsenal of other tools that protect us, or the corporations we loan this data to will protect us well…as for the corporations we will let you in on their secrets later on but all of us should understand that maybe our systems, our data, our lives are not as secure as we might think. 

In 2024 alone, there were 500 million cyber attacks in the first quarter of the year. Imagine that. Statistics often show that ransomware attacks - attacks where a malicious entity enters a system and encrypts your private information and decrypts it only when a ransom is paid is one of the most common forms of blackmail being used these days. Phishing attacks increase 71% year over year and data breaches in IoT setups and data breaches using AI are now commonplace. 

Now you might be scared. Well don’t be. Cybersecurity starts at home and you don’t have to be  a master coder or someone with a strong technical background to protect yourself. All it takes is a little understanding. So, here are five tools anyone can use, mainly based on a GUI or what you might call a graphical user interface that requires no code or configuration setups whatsoever. 

We’re talking about Hping3, OWASP Zap, Zenmap, Acunetix and Have I been Pwned? 

Hping3 is a command line tool, which means to use it you would need to use the command prompt on your systems. Simple enough to access just search for it, it already exists on your system. Hping3 works on the concept of sending something like a ‘ping’ to someone. A ping is a message right? Except here the message consists of the integral component of all computer networks that is a packet. A packet can loosely be described as a sort of car in which data is carried. So, when you send a message to someone on let’s say whatsapp, your information is transmitted to the person you want it to go to in a packet. Hping3 sends various types of packets for various types of networking protocols like TCP, UDP, ICMP and HTTP. Networking protocols are rules which packets follow which make sure that they are delivered intact and to the right destination. Hping3 does something where it lets you customize exactly how you want your packet to look, which protocol you would like to use and where exactly you would like to send it, specifically which port number on your computer will be receiving the packet. Now it’s only logical that when you send a message you except a message in return. When packets are sent in a protocol it is generally accepted that packets are sent back as a response and the flow of these packets is controlled by the port number. Hping3 analyzes the port behaviour and the flow of data transmissions from the port to investigate your devices network security. With Hping3 we can detect network bandwidths, port numbers, packet injections, protocol weaknesses and even the operating systems installed on your device. Now it is a command line tool which means you will have to write certain lines of code but I assure you it is minimal. Hping3 can only be installed and used on a Linux system but it is a powerful tool used by ethical hackers that is easy and fast. 

OWASP Zap is a website security scanner. Websites can have hidden weakness, maybe in the way they are constructed or in certain applications on the website and those weaknesses are like cracks in the wall that can be exploited. Zap is an automatic web crawler that checks websites for SQL injections and XSS (Cross Site Scripting) which refers to the injection of malicious codes in websites. Zap acts as a sort of middle man for the basic networking protocol upon which all websites work. HTTP or it’s secure version HTTPS is based on a request/response framework and analyzing it makes it easier to spot improper authentication measures and insecure cookies. 

Zap has a capability known as spidering that can automatically crawl through a website and give you an accurate construction of the website and the URLs attached to it. Zap can be easily installed on Windows by accessing www.zaproxy.org and downloading the file. To get started on it access the user manual attached with the link given below. 

https://www.zaproxy.org/getting-started/

Zenmap is the graphical user interface for Nmap, a powerful network scanning tool. Imagine a neighbourhood filled with houses (devices) and streets (connections). Zenmap creates a map of the neighbourhood showing you all houses where doors (ports) are open. It essentially maps out a front end implementation of Nmap. Zenmap is a Linux based distribution but it functions in Windows as well. To download the technology on a windows interface refer to: https://nmap.org/download#windows

Acunetix has automated vulnerability scanning to find 7,000 vulnerabilities in web applications and it provides comprehensive reports on the vulnerabilities found and potential fixes. Acunetix uses a deep crawling mechanism to identify security issues in web applications, API’s and websites. It can be downloaded locally on your device or you could use it online as well. It is especially helpful in detecting SQL injections or XSS (cross site scripting), check out this tool on the link given below. 

https://www.acunetix.com/

Finally the last one is Have I Been Pwned? Or HIBP is a website created by Troy Hunt and it collects and analyzes data from numerous data breaches creating a database of compromised accounts. So, you simply have to enter your email or phone number and the website will check if your account has been compromised at any point in time. It can also check if your password has been compromised in the tab, HIBP is free and in my opinion one of the best ways to proactively monitor your security. 

That’s it for now, be safe, stay secure and always remember, if it feels like the whole world is revolving around you….well safe to say if you are hacked by someone that just might be the case so, cheer up! At least the validation is real.


Comments

Post a Comment

Popular posts from this blog

The Social Slot Machine

Image
  “There are only two industries that call their customers ‘users’ - illegal drugs and social media” -Edward Tufte (American statistician and Professor at Yale University) Ever had that tingling, unbearably irresistible feeling of grabbing your phone and scrolling through every single media outlet that is possibly available at your fingertips? We see flashing icons before us Google, Facebook, Instagram, Snapchat, Tumblr, Pinterest, Reddit, Youtube, Tiktok, Whatsapp, Telegram, Twitter, Threads, Quora ... .okay I’m out of breath now. These flashing icons all offer us something our brain craves the most, information. We often look at information as a boring article that no one wants to read in a newspaper but really information is all around us and we consume it voraciously every day.  Consider the analogy for a second that likens our brain to a data processing machine. A machine that can process images, sounds, taste, touch and smells and produce something meaningful out of it. ...
Read more

Introduction to TechTok

Image
Introduction We begin this blog by asking a simple question, what is technology. If we pose this question to you, our readers, we are sure you would know what it is but wait, question yourself again. Do you really know what it is? According to Webster's definition of technology- technology is the practical application of knowledge in any field and the capability that is produced through this application. We have a different answer to give you. Technology, in our humble opinion is a process, a journey of a hundred miles that began when our ancestors stepped out of their little caves and created fire.  In this world, in the world that we know, technology has become irreplaceable with our existence. We are defined by the car that we drive, the computer that we own and the company that we work and all of these are some by-products of the technological revolutions we have faced or are currently undergoing. It motors past us but we rarely stop to look and think, as the great inventors of...
Read more

The Zero IQ Machine That Rules Our World

Image
The Computer Was Born to Solve Problems That Didn’t Exist Before — Bill Gates At first glance, you might wonder—what exactly are we talking about? A computer? A calculator? The machines we rely on to solve our problems effortlessly? We often think of computers as intelligent problem solvers, but in reality, they have zero IQ . Why? Because they don’t think for themselves. They simply follow instructions— our instructions . Take a simple math operation: if you input 1 + 2 × 3 , it returns 7 . But if you actually meant (1 + 2) × 3 , which equals 9 , the computer won’t correct you. It doesn’t “understand” the problem—it just executes exactly what it’s programmed to do. Ironically, this lack of independent thinking is what makes computers so powerful. They don’t get distracted, make emotional decisions, or second-guess. They process vast amounts of data in fractions of a second—something that would take humans years. That’s why, despite being "brain-dead," computers dominate indu...
Read more