Entry # 3

Last week Friday, we didn’t have our COMSEC class due to the extreme unpredictable weather that’s why classes were cancelled. Hay hahaha. But before that, we had a discussion last week Tuesday and it was about reconnaissance and foot printing. Basically, it was about data and information gathering about a specific target that you want to attack. Before the attack, one must should do foot printing so that the person could learn all the important things about the target. There were many ways to extract the needed information and Sir Comsec showed us the ways.

tumblr_m0miayX13Z1qafj58.gif

There was using Google hacks to find more information about the target. Google hacks was used in our earlier activity but it is a helpful hack since you can gather more information of the target through the use of one of the best search engine in the internet. Other tools are the websites that could give us information about the target’s location. It was Google Earth and Google Maps which gave us the location of the target’s house and other useful images of different location. That’s why try Google now!! 😛

But enough of promoting Google into your lives, we also had another set of tools and this were designed for a different target; a website. These tools were Netcraft, IPvoid, Who.is, and even command prompt ( Wow!!! :O ) we also had our activity about this topic but unfortunately the internet was slow and unresponsive (BEST. INTERNET. EVER, APC center of IT excellence HAHAHA ) that’s why we did the activity in our homes.

Angry-Woman-GIF.gif

My groupmates and I were chatting so that we can help each other to finish the activity on time and we did it!! ( Yehey!!! Goal accomplished) I can say that this activity was interesting and was fun to do. It was filled with new boundaries and new terms that broaden our simplistic view of information extraction ( Miss Universe version of “Masaya gawin at may natutunan ako” HAHAHAHAHA) I am expecting more activities that could help use to learn more about the subject and security in whole. See you next time! YAHOO!!

tumblr_m78mwmcsrF1ry24igo1_500

Advertisements

Entry # 3

Last week there was a holiday that’s the reason why we didn’t have class in INVESTI. (Aw so sad). But this week we had our INVESTI Class and we had a new lesson about Digital Evidence. Before discussing it I remembered last night that Adrian and I discussed something familiar about Digital Evidence 😛 that was about evidence in ‘general’ and the cases where in the suspects our found not guilty because of the mishandling of evidences. Adrian shared to me some articles about that which involve the mishandling of evidence. At first those lengthy article but as soon as I read the first paragraph I was shocked about the suspect going freely because of the amateur forensic done in the case.

tumblr_mivcvr7uLQ1rl2tqio1_400

Moving on, our topic yesterday was about evidence but in digital form. We’ve learned about what digital evidence is and how important is. Digital evidence is about any evidence which could convict the suspect of the crime but it has a unique definition and that is digital evidence is stored in a digital device or electronic. This includes log files, SMS messages, documents, MMS messages and email. They can contain information which will either prove that the person in question is involved in the crime or if he/she is innocent.

computer-crime.jpg

 

We had an exercise yesterday and it was about the cases involved in this book that Sir Investi recommended to read. It was Daemon by Daniel Suarez, and it involved murders and cases which was focused with digital evidence. We came up with our analysis and we got many digital evidences from the given chapters of the book. It was interesting and fun to read because when I read it, I imagined that I’m the investigator and I realized that this is the steps of conducting a proper investigation.

4699575.jpg

 Bye! 🙂 Thank you for reading!

Entry #2

This time we had our first activity which is about Apple vs. FBI regarding to the San Bernardino Shooting and my group chose to be in the FBI side. Before we had our activity which is the case study about it, Adrian and I were arguing if which side is the best 😛 We search about facts, videos, Wikipedia ideas about the San Bernardino Shooting and at that time I’m in the Apple Side and he chose to be in FBI side because he thinks that it is more interesting and the best if you’re in the side of FBI. I chose Apple side, because I think that if they will going to check Farooq’s iPhone about San Bernardino Shooting. It has 50 50 possibility that they will get an information and as what Apple Inc. said, FBI is ‘over the bakod na’ which means they may violated the law of Apple Inc. I also thinks that it is right to ask permission to the owner of the phone, but unfortunately the suspects are dead. At that time, I agree to what Apple said that if the FBI will going check and access the phone, their security will bababa even though its just only one phone and if they will show the information to the FBI, maybe other companies will think that like for example they will say “Ay bakit si FBI pinakita niyo sa kanila dapat samin din” And there a big possibility that customers of Apple will be lessen if that is the case, but Adrian said that National Security is the one that FBI is protecting for and Farooq’s iPhone was an outdated OS and he said that para na rin maprotektahan ang future phones na gagawin.

apple-vs-fbi-national-security-justice-or-mass-surveillance.jpg

In this Exercise, I learned to think deeply about the case and to share my opinion to my groupmates even though I was so shy. Hehe. I also learned that it is really important to read a lot of information about what will be going to discuss. Honestly, when I was in Elementary I really hate reading! Grabe super hate! But now I can say that it is very important to read, to add more knowledge and it will be a great help for you to understand more about the lessons and more about what you want to know.

Well, aside from that I was so excited to do our next activity which is about hashing and file recovery. Wooo! I really want more exercise and works than thinking. I already tried the hash calculator and I found out that is is quite easy but in our activity Sir INVESTI said that it is time pressure that’s why I wanted to have more practice at home 😉 Yay!

cartoon-school-smile-spongebob-spongebob-squarepants-Favim.com-291858_large

                Yesterday, June 29, 2016, we had our discussion about PPA and ECPA Law and after that we had our two activities 🙂 I’m so happy that I easily understand what the two laws are all about. Thank God!! Wooo. These laws convinced me to read more about it.

And… finally my most favorite part, the lab activities!!!! YEHEY! Hashing and File Recovery.  We had finished early the exercise about the hashing. We found out that if the contents are the same but different type format, their has value will be the same, but in terms of upper cases, symbols, spaces that is added to the content but the same type format their hash values will be different.

untitled

In the File Recovery exercise, medyo matagal but we completely finish all of the questions asked. Hay! More of Exercises pa sana! :))))))))))

5-Questions-to-Ask-About-your-Data-Backup-e1374017874330-830x459.jpg

 

 

Entry # 2

Well, we had our first activity but Sir Comsec is not around 😦 sad……. But we still continue our lab exercise about Wireshark and with that, the exercise also have theoretical questions that will going to answer based on what we will going to do. Our groupmates divided the tasks, since we’re only 3, RJ said that he will be going to answer the theoretical and Adrian & I will be going to do the Wireshark. At first, nahirapan kami because we are just following the direction without analyzing it, e pag ganun pa naman Adrian and I are always arguing na “Mali ka, ako tama”, “Ganito nga kasi”, “Ay nako bahala ka dyan”, “Intindihin kasi yung question”. Hahahahaha then we got it! Yung sa 3 way handshake. Then, when we’re in the middle of the lab exercise, we found it interesting! Paunahan kami! Haha. In the last part, we are arguing again about bakit di nalabas yung HTTP… etc = POST. And still nagpapaunahan kami. Sa pinoy exchange lumabas naman yung = POST pero bakit sa tipidpc hindi 😦 sad.

5-reasons-to-wireshark_FEATURED

We’re running out of time. Then we found out that when you type the pinoyexchange.com, wala siyang https, but the other one which is the tipidpc.com ay meron. Natawa kami!! Adrian said that dahil daw pop up yung ‘sign in’ sa pinoy exchange kaya nalabas yung = POST, sa tipidpc daw di pop up. HAHAHAHAHAHA so funny! Ayun pala ang dahilan because mas secure yung TipdPc while the pinoy exchange doesn’t have. YEHEY!!!!

15669999

Next meeting, we had our discussion with Sir Comsec. Wooooh! For me the discussion is fairly easy because some of the topic discussed was what we learn in ITCONCE, DATACOMM, and in INFOSEC. It is an advantage that we had our INFOSEC before, because the lessons are fresh from our minds but I had forgotten some of the topics and I need to review those lesson that I had forgotten. Hehe.

I also want to share about our recent lesson which is about Cryptology. When Sir discussed / reviewed the lesson, it was clear and more defined to me.  I made more sense to me than before, because it was elaborated and studied upon.

crypto_logo

Sir Comsec told us to download a new software called “Burp Suite” and tomorrow (July 1, 2016) we will explore what it does and what it is for. Yehey!!!

Finally, the activity today was about the decoding of the encoded message from the website given to us by Sir Comsec. It was a message that was encode into a Base64 link that was supposed to be associated to a link of a page. Sir explained that links or the URL of the pages of websites are encode for security reasons. After getting the message, the next task was to find out the password for the account. The account was from tipidpc and we had to do a dictionary attack so that we can access the site. A dictionary attack is an attack by guessing the password using a dictionary or collection of possible words that maybe the password itself. We had use Burp Suite to launch a dictionary attack and we found out that when the password has been presented, it had to have a different length compared to the other words. We retrieved the password and it was aardvarks. After that activity, there was one final task that Sir Comsec had given to us and it was to crack a zip file that has a txt file containing a plaintext. He said that there were clues on the site and we found out the hidden message in the message box. It was encrypted using the Caesar cipher and through trial and error, we crack the zip and successfully extracted the txt file.

Well…….. “LESSON FOR TODAY” …….. DO NOT OVER THINK 🙂

tumblr_mur9elUY6o1re6xeqo1_500