Beware of Social Engineering Attacks

We admit the real fact today, most of us people depend our lives on social media like Facebook, Instagram, Twitter, and Tumblr among others.

As we hook ourselves on social media sites, most of us unconsciously or deliberately forget to protect our privacy and we post all details of our personal information and daily routine of our lives.

Mostly people are using social media as their diary, posting their every minute day-to-day life from waking up in the morning until bedtime in the evening.

Social media is very useful to get information for personal gains, sharing and getting news updates but very risky when it comes to giving out your personal information especially when engaging with on-line sellers and always make sure you only deal with legits and not scammers.

We cannot really stop scammers use the social media like facebook, twitter, instagram, and others but I think the best way is we have to control (stop) ourselves sharing our personal information such as location, bank/credit card accounts, passwords, etc.

Not to mention those deliberate attacks to sneak in to your private life and steal your personal media files and ruin your lives by spreading some ‘scandalous videos and photos’.

I think the best way to prevent social media attacks is to know what these attacks are:

Phishing – this is the most common social media attacks using emails, social media at instant messaging and SMS to trick victims to provide sensitive information or visiting malicious URL.

Watering Hole – this type of attack consists of injecting malicious codes into the public web pages of a site that the targets used to visit. The method of injection is commonly used by cyber criminals and hackers. Once a victim visits the page on the compromised website a backdoor trojan is installed on his computer. This method is used for cybere espionage operation or state-sponsored attacks.

Whaling Attack – this is an evolution method of phishing attacks using sophisticated social engineering techniques to steal confidential information, personal data, access credentials. 

Pretexting – the term itself indicates the practice of presenting oneself as someone else to obtain private information by creating fake identity and use it to manipulate the receipt of information.

More information on social engineering attacks: https://resources.infosecinstitute.com/common-social-engineering-attacks/#gref 

 

IT Talk: The RS 5-Layer Computer Network Model

This was submitted to Google’s On-Line Course on IT Support Specialist (The Bits and Bytes of Computer Networking) Peer-Grade of 100%)

Let’s take a look what happens at the 5-Layer Network with two networks connected to the same router establishing a TCP connection. In this 5-Layer Network model, the description includes the detailed explanation of the physical layer, data link layer, network layer, transport layer, MAC address, IP address, TCP port, checksum check, routing table and TTL or Time To Live.

I have two networks – Network R and Network S. Network R has the address space of 9.168.130.0/24 while Network S has an address space of 124.119.132.0/24. Network R and Network S are both connected to the same Router T with an interface configured with an IP of 9.168.130.1 on Network R, and an interface at 124.119.132.254 on Network S.

Now, I am connecting a desktop I labelled Computer 1 in my office as the client and part of Network R with an IP address of 9.168.130.100 and another computer on Network S as a server in the IT Department referred to as Computer 2 with an assigned IP address of 124.119.132.100 with a web server listening on Port 80.

Sitting in my office and I need some data from the IT department in another location (node/network) using my PC as Computer 1 as an end user. This is the fastest way to get data using the computer network. I opened a browser and typed in 124.119.132.100 into the address bar. The web browser communicates with the local networking stack, part of the operating system responsible for handling networking functions.

In this process, the web browser is trying to establish a TCP connection to 124.119.132.100 at Port 80. As expected the networking stack will examine its own subnet. It sees that it lives on the Network R with address 9.168.130.0/24 which means that the destination 124.119.132.100 is on another Network S.

Then my PC identified as Computer 1 knows that it has to send data to its gateway configured as 9.168.130.1 for routing to a remote network. After this, Computer 1 will look at its ARP table to determine what MAC address of 9.168.130.1 is, but it doesn’t find any corresponding entry. It’s about time that Computer 1 crafts an ARP request for an IP address 9.168.130.1, which it sends to the hardware broadcast address of all Fs (FF:FF:FF:FF:FF:FF).

Eventually, this ARP discovery request is sent to every node on the local network, and when Router T receives the ARP message from Computer 1 with assigned IP address 9.168.130.1, it immediately responds to let Computer 1 knows about its own MAC address 00:11:22:33:44:55. Upon receiving this response and knowing its hardware address of its gateway and it’s now ready to start constructing the outbound packet.

My Personal PC which is Computer 1 has been asked by the web browser to form an outbound TCP connection, and outbound TCP port is needed. This the role of the operating system, identifying the ephemeral port of 50000 as available, then opens a socket connecting the browser to the port. The networking stack knows this as TCP connection already before it can actually transmits any of the data being asked by the web browser, and the connection must be established first.

Then after this, the networking stack starts to build a TCP segment, fills in all the appropriate fields in the header which includes a source port of 50000 and the destination port of 80, then a sequence number is chosen and is used to fill in the sequence number field.

Now, it is expected that the SYN flag is set, checksum for the segment is calculated and written to the checksum field. The TCP segment will pass along the IP layer of the networking stack, then constructing an IP header, the header is filled in with the source IP, the destination IP and TTL of 64. The TCP segment is inserted as the data payload for the IP datagram, then the checksum is being calculated and the constructed IP datagram needs to get to Computer 1’s gateway which has a MAC address of 00:11:22:33:44:55 and an Ethernet Datagram is constructed.

Then all fields must be filled with the appropriate data, most notably, the source and destination MAC addresses and finally the IP datagram is now inserted as the data payload of the Etherenet frame, and another Checksum is being calculated. Now we have an entire Ethernet frame ready to be sent across the physical layer.

Next, the network interface connected to Computer 1 sends the binary data as modulations of the voltage of an electrical current running across a CAT6 cable, which connects my PC and a network switch, that receives the frame and inspects the destination MAC address.

The network switch knows which its interfaces this MAC address is attached to, and forwards the frame across only the cable connected to this interface. The Router T can receive the frame and recognizes its own hardware address as the destination of the frame being sent.

Now, Router T takes the whole Ethernet frame encapsulation and calculates a checksum, comparing this with the checksum in the Ethernet frame header and if it matches, this means that all the data is CORRECT. Then it inspects the destination IP address and performs a lookup of this destination in the routing table.

After this, when Router T sees that every detail of the data is in order, then it’s ready to be sent to the Network S 124.119.132.0/24 with the destination address of Computer 2 124.119.132.100 on a locally connected network, then decrements the TTL by 1, then it calculates a new checksum, and creates a new IP datagram, then encapsulated by an Ethernet frame.

Then. the Ethernet frame is being sent out onto Network S and a switch ensures it gets sent out of the interface that Computer 2 is connected to. Computer 2 with IP address 124.119.132.100 immediately receives the Ethernet frame, identifies its own MAC address as the destination, and knows it’s intended for itself, then strips away the Ethernet frame, leaving it with the IP datagram, performs a CRC and recognizes that the date has been delivered intact.

After which, Computer 2 examines the destination IP address and recognizes that as its own, strips away the IP datagram, leaving it with the TCP segment and again, the checksum for this layer is examined, and everything checks out. Then Computer 2 examines the destination port 80 and the networking stack in computer 2 checks to ensure that there’s an open socket on port 80 which is in the listen state and held again by a web browser.

Upon seeing that this packet has the SYN flag set, Computer 2 examines the sequence number and stores it, since it will need to put that sequence number in the acknowledgment field once it crafts the response. After all of this, then it must get a single TCP segment containing a SYN flag from Computer 1 to Computer 2 then send the latter send back a SYN-ACK response to Computer 1 then after the same procedure has been completed, it will send back to Computer 2 an ACK flag.

This is I think a very detailed process of computer networking with my personal Computer 1 on Network R and Computer 2 on Network S on the other end connected to one Router T.

The First Hypersonic Craft Developed

>
Welcome to the Hypersonic Age!

Man has developed a hypersonic jet known as “scramjet” – supersonic combustion ramjet that could reach a maximum speed of Mach 15 – nearly 10, 000 miles per hour. This could mean two-hour flights from New York to Sydney.

It could also mean missiles capable of hitting targets on another continent at a moment’s notice, and when you put it that way, it’s not surprising that militaries around the world—the U.S., Australia, China and perhaps others—are trying to build them.

After decades on the drawing board, it seems scramjet technology is finally about to arrive.

Ordinary jets have a major limitation: They can’t go faster than Mach 3 without their turbine blades melting. Rocket ships can reach Mach 25, but they have to carry tremendous amounts of liquid oxygen to burn their fuel. The space shuttle, for example, weighs only 165,000 pounds empty, but it must carry 226,000 pounds of liquid hydrogen and 1.4 million pounds of liquid oxygen to reach orbit. An air-breathing jet engine with no moving, meltable parts, such as a scramjet, can solve these problems.

A scramjet is an advanced form of a “ramjet,” an engine that takes the air rushing into the engine and “rams” it into the combustion chamber, creating intense pressures that can sustain combustion at the furious rate that Mach-3-plus speeds demand.

But ramjets have limits too. The air entering the engine has to be slowed to subsonic speeds for it to run efficiently. And that air is so hot that no matter what measures are taken to cool it, a ramjet-powered craft must stay under Mach 5 to keep from disintegrating.

But a scramjet—a “supersonic combustion ramjet”—changes things. A scramjet does away with the diffuser that a ramjet uses to slow down incoming air, allowing the air to move through the engine at supersonic speeds so it can fly above Mach 5.

The tradeoff: A scramjet engine in flight is a delicate system. Achieving balanced combustion at those speeds is an engineering challenge often compared to keeping a match lit in a hurricane.

More about this topic: http://www.popsci.com/popsci/aviationspace/a3bfe2e6fb5c6110vgnvcm1000004eecbccdrcrd.html

The Complete article about Scramjet

Nick Kaloterakis
Silver Bullet: If it works, the HTV-3X will be the first reusable scramjet-powered plane. It will be able to take off from a runway, fly at speeds of up to Mach 6, land safely, and then do it again.

The Hypersonic Age is Near
Recent breakthroughs in scramjet engines could mean two-hour flights from New York to Tokyo. They could also mean missiles capable of striking any continent in a moment’s notice. No wonder the race to develop them is as fierce as ever.

Last March, engineers from Pratt & Whitney Rocketdyne (PWR) gathered in the control room of a high-temperature tunnel at NASA’s Langley Research Center in Virginia. After a countdown, a jet of blue flame fueled by methane gas roared down the 12-foot length of the tunnel. A low rumble crept into the control room. It sounded like a rocket firing, which actually wasn’t far from the truth.

“Okay to inject,” a test director announced when the flame had reached full force. An angular pedestal covered in bolted copper plates rose from the floor of the chamber, placing an experimental scramjet engine called the X-1 into the inferno. “AOA modulating,” called the test director as the engine tilted slightly. “Model on centerline.” Then, “We are in ignition.” And with that, an exhaust flame even hotter than the 2,000°F-plus methane jet around it began to dance behind the activated engine, growing brighter as it ramped up to full thrust. After one minute, the engine shut down and descended through the floor.

The test was part of the X-51A Flight Test Program, a research project funded by the Air Force Research Laboratory and the Defense Advanced Research Projects Agency (Darpa), the Pentagon’s research arm. The X-51A project is, in turn, one piece of a global effort—part collaboration, part race—to build jet-powered aircraft that fly as fast as rocket ships. And the technology that will make this breakthrough possible is the scramjet, an engine that inhales air at tremendous speeds, squeezes the air until it’s thousands of degrees hot, and then mixes that air with fuel to generate massive thrust at higher speeds than any other jet-engine design.

The X-1 scramjet engine, which will eventually power the X-51A aircraft, is the most advanced scramjet engine ever built. The blowtorch blasting through the chamber was meant to simulate the extreme heat generated by flying faster than Mach 6. In all, the team at Langley would repeat this test 44 times. “We tested it at Mach 4.6, 5.0 and 6.5,” says Curtis Berger, the X-51A program manager at PWR. “The amount of time that this thing was actually running and creating thrust was just about 17.8 minutes.” He pauses to let that sink in. “Over 17 minutes of time on this engine. That’s a lot of time for a scramjet engine.”

To put things in context, the world’s fastest jet, the Air Force’s SR-71 Blackbird spy plane, set a speed record of Mach 3.3 in 1990 when it flew from Los Angeles to Washington, D.C., in just over an hour. That’s about the limit for jet engines; the fastest fighter planes barely crack Mach 1.6. Scramjets, on the other hand, can theoretically fly as fast as Mach 15—nearly 10,000 mph.

This could mean two-hour flights from New York to Sydney. It could also mean missiles capable of hitting targets on another continent at a moment’s notice, and when you put it that way, it’s not surprising that militaries around the world—the U.S., Australia, China and perhaps others—are trying to build them. After decades on the drawing board, it seems scramjet technology is finally about to arrive.

A Match in a Hurricane
Ordinary jets have a major limitation: They can’t go faster than Mach 3 without their turbine blades melting. Rocket ships can reach Mach 25, but they have to carry tremendous amounts of liquid oxygen to burn their fuel. The space shuttle, for example, weighs only 165,000 pounds empty, but it must carry 226,000 pounds of liquid hydrogen and 1.4 million pounds of liquid oxygen to reach orbit.

An air-breathing jet engine with no moving, meltable parts, such as a scramjet, can solve these problems. A scramjet is an advanced form of a “ramjet,” an engine that takes the air rushing into the engine and “rams” it into the combustion chamber, creating intense pressures that can sustain combustion at the furious rate that Mach-3-plus speeds demand. But ramjets have limits too. The air entering the engine has to be slowed to subsonic speeds for it to run efficiently. And that air is so hot that no matter what measures are taken to cool it, a ramjet-powered craft must stay under Mach 5 to keep from disintegrating.

But a scramjet—a “supersonic combustion ramjet”—changes things. A scramjet does away with the diffuser that a ramjet uses to slow down incoming air, allowing the air to move through the engine at supersonic speeds so it can fly above Mach 5. The tradeoff: A scramjet engine in flight is a delicate system. Achieving balanced combustion at those speeds is an engineering challenge often compared to keeping a match lit in a hurricane.

So far, the most public scramjet project has been the National Aerospace Plane, or NASP. Unfortunately, it was a spectacular failure. Announcing the project in his 1986 State of the Union address, President Reagan called it “a new Orient Express” that would be able to reach Tokyo from Dulles Airport in two hours; the goal was to have it running by the late 1990s. NASP was meant to be all things to all customers—America’s next space shuttle as well as the Air Force’s next bomber and the next big thing in passenger travel. But by 1994, it appeared that research had stalled, and President Clinton canceled NASP. That might have been a good thing. “We didn’t stop our research,” says Charlie Brink, a scramjet program manager at the Propulsion Directorate at the Air Force Research Laboratory. “We reevaluated it and said: Now that we’re not trying to make a Mach-0-to-25 vehicle take off from a runway, let’s take the technical problem and break it down into more manageable chunks.”

“What you’re seeing now is a transition of the technology out of the laboratories into the flight-test domain,” says David Van Wie, a scramjet research scientist at the Johns Hopkins University Applied Physics Laboratory. Armed with a new understanding of hypersonic aerodynamics and air-breathing propulsion, Van Wie says, “it’s really to the point that people who work in the field feel they’re ready to take the steps into flight test, experimentation and demonstration.”

Escape from the Lab
In 2002, Australian researchers with the HyShot program at the University of Queensland’s Centre for Hypersonics made history by conducting the world’s first scramjet “flight.” They strapped a small scramjet engine into the nose cone of a solid-fuel rocket and launched it to the edge of space. Then, some 200 miles up, the rocket dropped off, the scramjet shed its protective fairing and, as planned, nosed over and plummeted back toward Earth at thousands of miles an hour. At an altitude of 20 miles, the scramjet engine kicked in, firing for five seconds and reaching Mach 7.6, or more than 5,000 mph, before slamming into the ground. It wasn’t graceful, but it was a historic achievement and a scientific success—a low-cost way to gather data from a scramjet while subjecting it to brutal heat and incredible velocity outside of a wind tunnel.

Nick Kaloterakis
How to go really, really fast isn’t the only problem facing the designers of hypersonic vehicles. Thermal management—that is, making sure your aircraft doesn’t melt while doing Mach 10 —is a huge challenge, and one that will drive the design of any scramjet-powered craft. Here are a few of the ways engineers hope to solve that and other problems.

Since then, a loose federation of researchers from NASA, the Air Force, the Navy, Darpa and the University of Queensland, working on a variety of projects, has conducted a number of tests outside the lab. So far, no engine has pulled off more than a few seconds of sustained flight. But there have been major breakthroughs along the way. In 2004, NASA’s unmanned X-43A—a disposable, rocket-boosted craft that was launched from a moving airplane—reached Mach 9.6, setting the world speed record for a jet-powered aircraft. It took only 10 seconds of scramjet power to get it up to that speed. And HyCause, the program that succeeded HyShot, conducted tests in Australia last summer that reached Mach 10, but only for three seconds.

A scramjet that can stay lit for several minutes could power a hypersonic long-range missile. That, at least, is the idea behind a joint Darpa and Navy project called Hypersonics Flight Demonstration, or HyFly. Last fall, the program carried out the latest in a series of test flights in which a scramjet was dropped from an F-15 fighter jet off Point Mugu in California and boosted to operating speed by rocket. The goal was to reach Mach 6 and keep the scramjet going for 100 seconds or more. (It didn’t make it that time, but the tests will continue, program officials say.)

A HyCause rocket with a scramjet
engine on its nose takes off.

Chris Stacey/University of Queensland

A payload-carrying, piloted craft that can take off and land under its own power will need an engine that can produce power for a lot longer than 100 seconds, though. Breaking that barrier is the goal of the X-51A Flight Test Program, whose engineers spent much of last year torching its X-1 engine design in Langley’s high-temperature test tunnel. So far, the X-1 has had to take more punishment than any scramjet engine ever built. It’s made of a steel-nickel alloy that stays strong up to 2,100°F, and its leading edges are coated in a heat-resistant carbon mesh. Even these materials aren’t enough, though, so the X-1’s engineers borrowed a technique from rocket designers, who typically circulate fuel—in this case, the same petroleum-based jet fuel that powered the SR-71—along channels within the engine’s walls before it enters the combustor. This both cools the 3,000°F-plus combustor and preconditions the fuel, turning it into a hot gas that packs 10 percent more energy than it does in liquid form.

The X-51A’s target is five minutes of uninterrupted scramjet-powered flight. If it works, longer-burning scramjets should quickly follow. “The five minutes of flight we’re talking about is not limited by the propulsion system,” Berger says. “That’s just how much gas we have in the tank.” On a modified vehicle with a bigger gas tank, that five minutes could easily turn into an hour or longer. And that, says Mike McKeon, PWR’s manager of Hypersonic and Advanced Programs, is key. “This engine has demonstrated that the propulsion technology is ready for application,” he says of the X-1. “It’s no longer in the research-technology mode.” Next-generation engines based on the X-1 are already being built at PWR’s plant in Florida.

With any luck, sometime in 2009, the X51-A will shatter all previous records for sustained scramjet ignition. The PWR team imagines that a B-52 bomber will take off from Edwards Air Force Base in California’s Mojave Desert, head toward the coast and, at 45,000 feet, drop the X-51A from the plane. A solid-fuel rocket attached to the X-51A will fire, blasting it up to 60,000 feet and past Mach 4.5, and then drop off to let the scramjet ignite. For five minutes, the scramjet will accelerate the X-51A to a peak speed past Mach 6 and an altitude above 80,000 feet. Then it will fly into the Pacific, its data safely telemetered to engineers on the ground. The test will also mark the moment when scramjets move from flash-in-the-pan science experiments to useful tools. “This is an airplane,” Berger emphasizes, “not just something where you light a scramjet and fire it and see where it goes. This is really beyond something you might do for a weapon application. The whole idea is to prove the practicality of a free-flying, scalable, scramjet-powered vehicle.”

The Real Race Begins
The first true reusable, free-flying scramjet could be Darpa’s HTV-3X. Also known as Blackswift, the unmanned vehicle looks like an alien spaceship, with black curves, a rapier-like prow and oval exhaust ports. It’s still only in the planning stages as part of Darpa’s Falcon program, but it could represent the biggest breakthrough in aeronautics since the jet engine itself. It will demonstrate for the first time all the technologies needed for a practical scramjet-powered aircraft by taking off and landing under its own power and running on scramjets as long as needed to complete its mission.

The HTV-3x could make its inaugural flight as early as 2012. Here’s how a perfect mission would go: The unmanned craft taxis out of a hangar at Edwards Air Force Base. Its twin conventional turbine engines throttle up before it accelerates down the runway and climbs into the desert sky, followed closely by a chase plane. The chase plane keeps pace until shortly after the unmanned craft hits the speed of sound. At Mach 2, doors just within the jets’ inlets close off the turbines and open the airflow to the scramjet engines, which fire out of the same nozzles used by the turbine jets. On the ground, engineers watch their bird hit Mach 6, twice as fast as any turbine- jet-powered craft ever built. The test completed, the craft slows to subsonic speed, switches to turbine jets, and lands back at Edwards, mission accomplished.

Darpa officials are keeping quiet about Blackswift for now. Spokesperson Jan Walker says no project engineers could give interviews for this article because “it’s a very busy time for the program.” But Pratt & Whitney Rocketdyne is already at work on the engine that HTV-3X will use—a combined-cycle turbine-scramjet engine—and although Lockheed Martin won’t confirm it, the company’s famously secretive Skunk Works division is widely believed to be building the vehicle itself.

Meanwhile, there’s competition. Last July, engineers from China showed up at the American Institute of Aeronautics and Astronautics Joint Propulsion Conference in Cincinnati and revealed a growing scramjet research program of their own, including a new hypersonic wind tunnel in Beijing and work on rocket-powered combined-cycle scramjets. None of the American scramjet experts we talked to would discuss their reactions to the Chinese revelations. But Craig Covault, an editor at Aviation Week & Space Technology who reported on the conference, believes one of the main reasons the Chinese attended was to glean all available intel on Western scramjet research. “I would bet that they have a serious research program under way that has a lot more going on than just the few papers that they issued at this forum,” Covault says. “The reason that they issued them was just kind of a message to the rest of the world that they are engaged in these high-tech things. It also allowed them to get the 500 or more other papers in propulsion technology of all kinds delivered at the conference.”

Scramjet projects have failed before, and some of the initiatives under way today could fail too. But many researchers say that this time around, scramjets are for real. “Advanced propulsion technology has a development timescale that appears to be on the order of decades,” says Johns Hopkins’s Van Wie. “The first scientific paper on rockets was published in 1903, and rockets became practical during World War II, 40-some years later.” He points to a seminal conference in 1960 during which researchers first hashed out the major challenges to building practical scramjets. “So if you look at that—1960 to now, 47 years or so—it’s kind of on the same timescale to see this roll out.” In other words, that two-hour flight to Tokyo just might be leaving sooner than you think.

See more pictures of the test program in action, launch the gallery here.