02QuZrkNossC8TWHalB76nC-3.1569481482.fit_lim.size_1050x591

GFI LanGuard Network Scanner

Hello Everyone!

As discussed in my previous blog what is GFI Languard and how to install the GFI LanGuard . Today we will learn how to use the GFI Languard Network Scanner. GFI LanGuard is a network audit and patch management solution that helps user to easily manage and maintain end point protection every devices within Local Area Network. It automatically discover all the elements of your Network. computer, mobile, tablet, printer, servers, virtual machine, router- switches and laptop etc.

Features of GFI Languard

As we see there are so many features of GFI Languard we will use some of them.

Lets Begin!

Launch the GFI Languard Network Scanner, GFI Languard dashboard

configure the scan, click on scan tab to scan the network or system. Here i choose localhost in which my GFI Languard is running.

click on profile there is 20 type of scanning choose your option whatever you want to scan like full scan , full vulnerability assessment , hardware audit etc.. Here i choose the full scan. when you finish the scan setting click on scan button .

Now it start scanning the localhost it will take sometime be patient until the scan finish.

Scan completed for localhost check the interface

Once scan in completed check the scanning result and vulnerabilities

click on localhost left side of the interface then click on vulnerability assessment then check the vulnerability, High, low, potential, missing etc .

click on high security vulnerability and check, in my case autorun is enable, this is the high security vulnerability.

As you can check all the vulnerabilities like High, low, potential etc..

After vulnerability assessment Now check the Network and Software Audit. Click on it and check one by one .

click on Network and Software Audit then ports and check the TCP UDP port issues.

click on hardware here check all hardware information one by one. Like Network Device, USB device, Processor Motherboard memory, Storage details etc..

Here i check the Network Device information mac address IP address Hostname etc..

After the hardware information you can check the software information. click the software check one by one software related information.

Here i check the General Application information, what applications is running in my system.

Like a Hardware and software information system information option is also available. click on system information and check the system’s information

Here i click on user and check the users information.

Click on Dashboard then overview, here is the all overview of the scan .

Here we can check the one by one information by single tab like computer information, History, vulnerability, Ports etc..

click on patch and we can to check how to patch the vulnerabilities.

Final we can generate the Report of complete scan. click on report tab and select the report type like want to generate computer security report, vulnerability status, patch status etc.

click on report type and then click on generate report. Here I generate the vulnerability status report.

We can generate report according to the security standards like PCI DSS Compliance, HIPAA, SOX, GLBA, SIPA, ISO/IEC 27001, FISMA etc..

click on security standard in my case PCI DSS compliance and then click on Audit policy and click on generate report.

Here i generate the PCI DSS Audit Policy report.

Thanks For Reading!

Follow us On LinkedIn, Facebook, Twitter

Selection_373

GFI LanGuard Installation

Hello Everyone !

GFI LanGuard is a network audit and patch management solution that helps user to easily manage and maintain end point protection every devices within Local Area Network. It Offer the IT administrator to scan the computer and server on the network to detect and resolve the security threats. It supports windows, Mac, Linux computer and mobile device offers vulnerability assessment, patch management, and network Audit. It has a check database to identify the system and network weakness. It uses the top 20 vulnerability guidelines OVAL, CVS, SANS etc.. source

GFI LanGuard uses the database server to store the the information from security audit and remediation. It can be any of the both SQL Server Express 2008 R2 or later | SQL Server 2008 R2 or later.

GFI LanGuard is available both as a licensed product for large network and also as a free full featured version scanning up-to 5 IP addresses.

Download

You need to create a account to download GFI LanGuard and it will send you a key in your mail.

System Requirements

system requires for 1 to 100 computers, Processor –> 2GHz Dual core , Physical storage –> 5 GB , RAM –> 2GB, Network bandwidth –> 1544 kbps

Operating System

Installation

Launch The GFI LanGuard Installer. Popup will show select the language and click on next.

Select GFI LanGuard and click Next. The installation will automatically download and install any missing components.

Fill the detail username password that used when register for download GFI LanGuard and click on sync it will automatic detect the license key, if you don’t have account or license key then signup here.

Or you can manually enter the license key.

In the Database server configuration it will detect the server name and SQL database name if you have SQL server installed in your system.

Provide the SQL server authentication or use the windows Authentication.

In the Gfi Languard a welcome popup will show click on next.

In the License agreement screen read the license agreement and select I accept the terms in the License Agreement and click Next

Attendant service credentials Enter the Administrative credentials and password and click on Next

Click next to install to the default folder or change to choose another.

Click Install the final GFI Languard installation

GFI languard Installation complete click finish and launch it.

Launch the GFI LanGuard

GFI Languard Interface Now its ready to scan the target.

Thanks For Reading.

Follow us on LinkedIn , Facebook, Twitter

go-digital-online-concepts-new-trend-with-social-network-disruption-business-situation_254791-1624

VoIP Lab Setup

Hello Everyone!

In this blog you will learn how to setup VoIP server in the Vmware, For that I’m going to use trixbox 2.8.0.4 ISO image. Trixbox is one of the most popular Asterisk-based distribution. Trixbox CE includes CentOS Linux, MySQL, and all the tools needed to run a business quality phone system. It give us GUI interface to make configuration and to operate easy. It allow the user to to setup a voice over IP phone system and other necessary application.

What is VoIP

Voice over Internet Protocol (VoIP) also called the IP Telephony (voice over IP) is a method and technologies for the delivering of voice communication and multimedia sessions over internet protocol network. Reference

Ordinary phone –> ATA –> Ethernet –> Router –> Internet VoIP phone –> Ethernet –>IP-PBX –> Router –> Internet

Let’s get start!

Download the trixbox ISO image

Open the vmware click on file and and click new virtual machine. This will show a new window click on I will install operating system later then click on next.

Now it will show you the another window select a guest operating system select the Linux option and select Ubuntu version and click on next, next and final click on finish.

Again click on Virtual machine setting to open the setting and click on CD/DVD and choose the ISO file “trixbox 2.8.0.4”. In the Network Adapter setting Select the Bridge connection and Click on finish.

click on Start up the guest operating system to start the trixbox.

It will start booting automatically and trixbox CE installation below steps:

Once you need to enter on this screen after that it will show you a dialogue box to select the Keyboard Type select the US option and hit enter.

Again it will show you a dialogue box to ask you to select the time zone you can select according to your zone. I’m selecting the Asia/kolkata

Now for the root user we need to enter the password 2 times and click and ok

Now the installation will take some time, it will install all the dependencies till that be patient.

After successfully complete the installation it will ask you to login . Login username:root password the you give while installation, in my case password:admin1

after login check the ip address

Open the vm window (window 7, 10 ) browser and enter the the ip address it will show the trixbox interface.

Now we need to create the user account by assigning the extension number for that we need to switch the user mode to admin mode by click the top right corner.

when we click on switch for admin mode we need to enter the credential the by default credential is username-maint and pass- password enter credential to get into the admin mode. when you login the admin mode a dialogue box will popup for registration we don’t need to register just close it.

This is the trixbox admin interface. now click on now click on PBX option and select PBX setting option from the menu.

Now click on extension that highlighted in below image

now we need to create the extension inside the server select device generic SIP device and click on submit.

After device setup add the extension

user extension: any 7-8 digit number (later on we will use as a phone number to make a call )

Display Name: any user name we can give

Add the Device option

secret 123 and dtmfmode: default (rfc2833 ) Click on submit.

Same as add one more extension, we can add multiple extension we this time we need only two extension.

We add the extension for caller and receiver one is Secoceans and 2nd is Technology with number. Now we need to save the configuration for that click on yellow option apply configuration changes. again it will show a yellow popup click on Continue with reload. Extension is successfully added.

Now download the ZOIPER application for making and receiving call.

Zoiper is software program (softphone) with that user can make voice call video call, chat etc .. So here we are using the 1 zoiper in our system and 1 in our phone for making and receiving call . One its download we need to configure the it.

One it installed it will show a popup click on free account then next after that enter the credential:

extension number@server ip [email protected] and password 123 click on login.

It will detect the server IP automatic click on next.

Skip the Authentication and outbound proxy

Account 1: Username: Technology Phone number 1234567 password 123

Now Zoiper is ready to make or receive call in the system .

Install zoiper in the phone and configure it as we configured in the system.

Use Account 2: Username: Secoceans phone number: 12345678 password:123

Enter [email protected] Pass- 123

Enter the user number and IP and click on create account

Zoiper is ready to use for make and receive call.

Both Zoiper account is ready to use.

Lets make call from account technology 12345678 –> secoceans 1234567

calling from account 1 Technology 12345678 (from android phone ) –> account 2 secoceans.

secoceans is geting an incoming call on the system as shown in the given image. Click on an answer for accepting a call from technology.

secoceans received the Technology call, call is connected and both are having conversation over the VoIP call.

We configured the VoIP server on the local network , now we can make voice call, video call , or chat over the VoIP call.

Video Poc

Thanks for Reading !

Follow us on LinkedIn, Facebook, Twitter .

hack-like-pro-metasploit-for-aspiring-hacker-part-4-armitage.1280x600

Armitage Penetration Testing Tool

Hello everyone!

Armitage is a GUI tool for managing and performing all the task that could have been performed by metasploit. It is free and open source tool. It visualize the target and recommends to exploit, and exposes the advanced post-exploitation features in the framework. It is Developed by Raphael Gudge goal is to help the security professionals better understand hacking and helps them to realize the power of metasploit. User may launch scan and exploits. It uses the advanced feature of metasploit Framework’s meterpreter.

Installation

If you are using older version of Kali Linux than Armitage is a preinstalled but if you are using latest version of Kali Linux then use need to install it

Click here to Download the Armitage tool

Before running the Armitage first you need to run the PostgreSQL and metasploit service.

Now open the Armitage Directory where you download extract it and give executable permission sudo chmod +x filename.

Now launch the Armitage

Click to connect and it will ask to start RPC server click ok to start

This is how look like the Armitage tool

Now the Armitage console is running, we can scan the target and exploit it.

Now we will start Nmap to scan and enumerate the target to do so go to Host then Nmap scan select any scan that you want to perform

Scan is start and wait for the target to appeal

Now we need to check the possible attack right click on Host and select the attack or click on exploit -> windows and then exploit name then double click on exploit , it will show the popup you need to fill the requirement and click on next exploit is running now.

Wait to exploit the target and it will give you the meterpreter session.

In this blog you learn about Armitage tool for cyber attack management using metasploit. Armitage uses the Nmap and metasploit and saves a lot of time while performing the penetration testing. Armitage test multiple target at a time.

Thanks for reading !

Follow us on LinkedIn, Facebook, Twitter