Part III in .NET

Writer QR Code JIS X 0510 in .NET Part III
Part III
Qr-codes scanner with .net
Using Barcode Control SDK for .net framework Control to generate, create, read, scan barcode image in .net framework applications.
How PDAs Are Hacked, and How to Protect Them
QR Code writer for .net
using visual studio .net toinclude qr-codes for web,windows application
Figure 6.5: A pocket PC connected to a LAN and showing its IP address
scan quick response code on .net
Using Barcode scanner for Visual Studio .NET Control to read, scan read, scan image in Visual Studio .NET applications.
Figure 6.6: The pocket PC s IP address found
Barcode recognizer with .net
Using Barcode recognizer for .net framework Control to read, scan read, scan image in .net framework applications.
Barcode barcode library with .net
using visual studio .net crystal tobuild bar code for web,windows application
Exploiting PDAs
Control qr code data in c#
qr data for visual
Now that the IP address has been found, it can be pinged as shown in Figure 6.7.
QR Code JIS X 0510 barcode library in .net
use web qr-codes creation toembed qrcode on .net
Figure 6.7: Pocket PC being pinged by its IP address
Control qr codes image on visual basic
use .net qr code iso/iec18004 encoder todeploy qr code for visual
You can see that the Pocket PC can be pinged. In essence, a possible victim has been discovered and has the potential of being attacked directly. It is important to realize how critical it is to remain stealthy when utilizing a mobile device. Attackers are going to spend their time trying to exploit devices they can find, not ones they can t. Upon finding a victim, the next logical step is to enumerate the system in an attempt to find information about it. Figure 6.8 shows that the Pocket PC divulged the local hostname as username MMGILL. The WM_ preceding the MMGILL tells me that it is a Windows Mobile system. The WM_ gets added by default to the front during the synchronization process.
Bar Code barcode library with .net
use visual .net crystal barcode generation tocompose barcode for .net
Figure 6.8: Hostname and username discovered on a Pocket PC
Bar Code barcode library for .net
using visual .net todraw barcode on web,windows application
Part III
Barcode 3 Of 9 integrating on .net
generate, create barcode 3 of 9 none in .net projects
How PDAs Are Hacked, and How to Protect Them
UPC - 8 barcode library on .net
using barcode drawer for .net control to generate, create ean-8 supplement 5 add-on image in .net applications.
By a person performing the simple act of using their Pocket PC at a sandwich shop, an attacker is able to find the device, identify that it s a Windows Mobile device, and determine a username from it. If this were an enterprise PDA that had sensitive information on it, that enterprise should be nervous.
Control gtin - 128 size on
to get ean128 and gtin - 128 data, size, image with barcode sdk
Making a PDA Stealthy
Draw code 128c with .net
using barcode printer for local reports rdlc control to generate, create code 128b image in local reports rdlc applications.
The enterprise does not want their PDAs to be detectable, let alone to give up user information. The answer to the problem is to utilize a firewall on the PDA. The firewall in Figures 6.9 and 6.10 is part of Trend Micro Mobile Security. This firewall also has IDS functionality, which makes it pretty interesting. Let s start by looking at the logs from the Pocket PC s firewall. Figure 6.6 showed me using SuperScan how to find a victim. That action was caught by the IDS logs, as Figure 6.9 shows. Note how it detected a synflood. A synflood is the act of sending a bunch of SYN requests, the beginning of the three-way handshake, to determine if a live host is present.
Java upc-a supplement 5 creatorfor java
using java togenerate upca for web,windows application
Figure 6.9: Trend Micro Mobile detecting a synflood
Connect barcode in java
using java toconnect barcode with web,windows application
Next I configure some firewall settings. The most important rule in making a device stealthy is to stop it from responding to pings. To do so for this Pocket PC, I apply a rule blocking all inbound Internet Control Message Protocol (ICMP). Figure 6.10 shows this rule in place. With the rule in place, I try pinging the device again. The ping request now times out because of the newly created firewall rule blocking inbound ICMP. The simple addition of this software and a firewall rule has increased PDA security tremendously. You may also want to put in a firewall rule to block that UDP 137 port that SuperScan found.
1d Barcode generation for excel
use office excel linear 1d barcode development todisplay 1d barcode in office excel
PDF 417 barcode library in none
Using Barcode Control SDK for None Control to generate, create, read, scan barcode image in None applications.
Exploiting PDAs
Control ecc200 data on office word
to connect ecc200 and barcode data matrix data, size, image with microsoft word barcode sdk
Figure 6.10: Setting a rule to block inbound ICMP
Control gtin - 13 image for office word
generate, create gtin - 13 none on word documents projects
PDA Firewall Applications
A PDA that is connected to shared networks, such as the Internet, needs to be protected by a firewall. This is to provide stealth capabilities and to protect against direct attacks to the PDA. A number of PDA firewall applications are available on the market. I list just a few here.
Trend Micro Mobile Security (for PDA)
This is the firewall that was used in the previous example. Just by reading that example, you can get a good idea of the firewall s capabilities. Those capabilities include the following:
Intrusion detection Granular firewall rules Three preset firewall levels: low, medium, and high Logging Comes bundled with antivirus
Airscanner Mobile Firewall (for Pocket PC)
Airscanner is a rather robust pocket-PC firewall. Notable Airscanner features include the following:
Monitors your inbound and outbound TCP/IP communication Filters packets at the network level
Part III
How PDAs Are Hacked, and How to Protect Them
Controls full alerting and logging functions Quickly selects security zones of varying strength Has the option to ignore (drop packets from) a particular IP address Presents a real-time connection overview that lists all currently open ports and their state (e.g., a netstat for the Pocket PC) with connected IP address Provides built-in protection filters Provides the ability to define custom filters Allows trusted computers based on IP address Lets you fine-tune your denial-of-service (DoS) detection and protection (SYNscan detection)
I found the fine-tuning DoS feature to be pretty interesting. It allows you to define how many packets per second (of particular types of packets) would dictate a DoS attack. Figure 6.11 shows this configuration screen.