⛔️ به لطف تحریم های اتحادیه اروپا، شرکت ابرآروان دامنه اصلی خودش یعنی arvancloud.com رو از دست داد که باعث از دسترس خارج شدن سایت این شرکت روی این دامنه، پنل مشتریان و همچنین اختلال روی سرویس CDN این شرکت برای مشتریانی که از این سرویس روی دامنه هاشون استفاده میکردن شد.
❌ ابراروان این دامنه رو به وسیله شرکت امریکایی GoDaddy ثبت کرده بود که حالا این شرکت تصمیم به قطع سرویس دهی به ابراروان به دلیل تحریم های اتحادیه اروپا گرفته و احتمالا نتونه دیگه به این دامنه دست پیدا کنه. ابراروان برای ادامه سرویس دهیش حالا همه خدماتش رو به دامنه ir منتقل کرده.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
❌ ابراروان این دامنه رو به وسیله شرکت امریکایی GoDaddy ثبت کرده بود که حالا این شرکت تصمیم به قطع سرویس دهی به ابراروان به دلیل تحریم های اتحادیه اروپا گرفته و احتمالا نتونه دیگه به این دامنه دست پیدا کنه. ابراروان برای ادامه سرویس دهیش حالا همه خدماتش رو به دامنه ir منتقل کرده.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍7👎1
#Interview #Cybersecurity
🛡How Do You Ensure That a Server Is Secure?
To secure a server, it is vital to first establish a protected connection using SSH (Secure Shell) Protocol, as SSH access encrypts data transmissions. SSH uses port 22 by default, which is common knowledge to hackers—so use port numbers between 1024 and 32,767 to reduce the risk of attack. You should also authenticate an SSH server using SSH keys instead of a traditional password. To secure web administration areas, deploy a Secure Socket Layer (SSL) to safeguard server-client and server-server communications via the internet. Intrusion prevention software, firewalls, password requirements, and user management tactics can help maintain server security.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🛡How Do You Ensure That a Server Is Secure?
To secure a server, it is vital to first establish a protected connection using SSH (Secure Shell) Protocol, as SSH access encrypts data transmissions. SSH uses port 22 by default, which is common knowledge to hackers—so use port numbers between 1024 and 32,767 to reduce the risk of attack. You should also authenticate an SSH server using SSH keys instead of a traditional password. To secure web administration areas, deploy a Secure Socket Layer (SSL) to safeguard server-client and server-server communications via the internet. Intrusion prevention software, firewalls, password requirements, and user management tactics can help maintain server security.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔹How Do You Differentiate Between Symmetric and Asymmetric Encryption?
While symmetric encryption uses a single key for encryption and decryption, asymmetric encryption uses a public key for encryption and a private key for decryption. The success of symmetric encryption necessitates a secure exchange of the key, and the technique is typically used to transfer large volumes of data. Asymmetric encryption is a slower but more secure technique that is generally deployed to transfer small amounts of data. While symmetric encryption offers confidentiality, asymmetric encryption guarantees confidentiality as well as authenticity and non-repudiation.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔹How Do You Differentiate Between Symmetric and Asymmetric Encryption?
While symmetric encryption uses a single key for encryption and decryption, asymmetric encryption uses a public key for encryption and a private key for decryption. The success of symmetric encryption necessitates a secure exchange of the key, and the technique is typically used to transfer large volumes of data. Asymmetric encryption is a slower but more secure technique that is generally deployed to transfer small amounts of data. While symmetric encryption offers confidentiality, asymmetric encryption guarantees confidentiality as well as authenticity and non-repudiation.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
#Interview #Cybersecurity
Network Layer:
The network layer has two main functions. One is breaking up segments into network packets, and reassembling the packets on the receiving end. The other is routing packets by discovering the best path across a physical network. The network layer uses network addresses (typically Internet Protocol addresses) to route packets to a destination node.
The transport layer:
takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session layer. The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving device, and error control, checking if data was received incorrectly and if not, requesting it again.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Network Layer:
The network layer has two main functions. One is breaking up segments into network packets, and reassembling the packets on the receiving end. The other is routing packets by discovering the best path across a physical network. The network layer uses network addresses (typically Internet Protocol addresses) to route packets to a destination node.
The transport layer:
takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session layer. The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving device, and error control, checking if data was received incorrectly and if not, requesting it again.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
#Interview #Cybersecurity
Flow control mechanisms can be classified by whether or not the receiving node sends feedback to the sending node. Flow control is important because it is possible for a sending computer to transmit information at a faster rate than the destination computer can receive and process it.
Flow control tells the sender how much data should be sent to the receiver so that it is not lost.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Flow control mechanisms can be classified by whether or not the receiving node sends feedback to the sending node. Flow control is important because it is possible for a sending computer to transmit information at a faster rate than the destination computer can receive and process it.
Flow control tells the sender how much data should be sent to the receiver so that it is not lost.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
#Interview #Cybersecurity
Binary search is an efficient algorithm for finding an item from a sorted list of items. It works by repeatedly dividing in half the portion of the list that could contain the item, until you've narrowed down the possible locations to just one.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Binary search is an efficient algorithm for finding an item from a sorted list of items. It works by repeatedly dividing in half the portion of the list that could contain the item, until you've narrowed down the possible locations to just one.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
#Interview #Cybersecurity
Merge sort is a sorting algorithm based on the Divide and conquer strategy. It works by recursively dividing the array into two equal halves, then sort them and combine them. It takes a time of (n logn) in the worst case.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Merge sort is a sorting algorithm based on the Divide and conquer strategy. It works by recursively dividing the array into two equal halves, then sort them and combine them. It takes a time of (n logn) in the worst case.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
#Interview #Cybersecurity
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Confidentiality :
is roughly equivalent to privacy. Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent measures can then be implemented according to those categories.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization.
Confidentiality :
is roughly equivalent to privacy. Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. More or less stringent measures can then be implemented according to those categories.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
InfoSecTube
#Interview #Cybersecurity Confidentiality, integrity and availability, also known as the CIA triad, is a model designed to guide policies for information security within an organization. Confidentiality : is roughly equivalent to privacy. Confidentiality…
🔹Integrity
involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).
🔹Availability:
means information should be consistently and readily accessible to authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).
🔹Availability:
means information should be consistently and readily accessible to authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
🔹What is the Diffie Hellman algorithm used for?
The Diffie-Hellman algorithm will be used to establish a secure communication channel. This channel is used by the systems to exchange a private key. This private key is then used to do symmetric encryption between the two systems.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
The Diffie-Hellman algorithm will be used to establish a secure communication channel. This channel is used by the systems to exchange a private key. This private key is then used to do symmetric encryption between the two systems.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔹What are some common techniques used to extract information from malware samples?
Some common techniques used to extract information from malware samples include reverse engineering, static analysis, and dynamic analysis.
Reverse engineering involves looking at the code of a malware sample to understand how it works.
Static analysis involves analyzing the code without running it, in order to understand what it does.
Dynamic analysis involves running the code in a controlled environment in order to observe its behavior.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔹What are some common techniques used to extract information from malware samples?
Some common techniques used to extract information from malware samples include reverse engineering, static analysis, and dynamic analysis.
Reverse engineering involves looking at the code of a malware sample to understand how it works.
Static analysis involves analyzing the code without running it, in order to understand what it does.
Dynamic analysis involves running the code in a controlled environment in order to observe its behavior.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔥1
🔹Can you explain the difference between a virus, worm, and Trojan horse?
A virus is a type of malware that is able to replicate itself and spread to other computers. A worm is a type of malware that is able to spread itself without the need to attach to other programs or files. A Trojan horse is a type of malware that is disguised as a legitimate program or file in order to trick users into downloading and installing it.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
A virus is a type of malware that is able to replicate itself and spread to other computers. A worm is a type of malware that is able to spread itself without the need to attach to other programs or files. A Trojan horse is a type of malware that is disguised as a legitimate program or file in order to trick users into downloading and installing it.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍4🔥1
Reloadium: Advanced Hot Reloading & Profiling
• Reloadium adds hot reloading and profiling features to any Python application
📌How to install:
>>>
>>>
° Django
° Flask
° Sqlalchemy
° Pandas
✔️Github: https://github.com/reloadware/reloadium
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
• Reloadium adds hot reloading and profiling features to any Python application
📌How to install:
>>>
pip install reloadium
📌How to use:>>>
reloadium run example.py
✅ Supports:° Django
° Flask
° Sqlalchemy
° Pandas
✔️Github: https://github.com/reloadware/reloadium
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔸What do you understand about polymorphism in context with malware analysis?
Polymorphism is a technique that malware authors use to make their malware more difficult to detect and analyze. By changing the code of the malware slightly each time it is run, or by encrypting it in different ways, the malware can avoid detection by signature-based detection systems. This makes it more difficult for analysts to understand how the malware works, and makes it more likely to slip past security defenses.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸What do you understand about polymorphism in context with malware analysis?
Polymorphism is a technique that malware authors use to make their malware more difficult to detect and analyze. By changing the code of the malware slightly each time it is run, or by encrypting it in different ways, the malware can avoid detection by signature-based detection systems. This makes it more difficult for analysts to understand how the malware works, and makes it more likely to slip past security defenses.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
❤3
#Interview #Cybersecurity
🔸Domain Name Server(DNS)
Consider DNS as the phonebook of the internet. All the IP addresses and the name of the links are saved in it. For example, you want to go to google.com. You type this on your web application. Then, this name goes to the DNS server, and the DNS server finds the IP address of google.com. Then, the DNS server returns it to your computer with the IP address.🕸
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Domain Name Server(DNS)
Consider DNS as the phonebook of the internet. All the IP addresses and the name of the links are saved in it. For example, you want to go to google.com. You type this on your web application. Then, this name goes to the DNS server, and the DNS server finds the IP address of google.com. Then, the DNS server returns it to your computer with the IP address.🕸
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Machine_Learning
🔸Machine Learning Steps
🔹1)Collecting Data:
As you know, machines initially learn from the data that you give them. It is of the utmost importance to collect reliable data so that your machine learning model can find the correct patterns. The quality of the data that you feed to the machine will determine how accurate your model is. If you have incorrect or outdated data, you will have wrong outcomes or predictions which are not relevant.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Machine Learning Steps
🔹1)Collecting Data:
As you know, machines initially learn from the data that you give them. It is of the utmost importance to collect reliable data so that your machine learning model can find the correct patterns. The quality of the data that you feed to the machine will determine how accurate your model is. If you have incorrect or outdated data, you will have wrong outcomes or predictions which are not relevant.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#Interview #Cybersecurity
🔸DHCP
Dynamic host configuration protocol is a protocol that assigns an IP address to any device that wants to connect to the internet.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸DHCP
Dynamic host configuration protocol is a protocol that assigns an IP address to any device that wants to connect to the internet.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍1
#DDoS #Cybersecurity
🔸Distributed Denial of Service
It is an attack used to restrict a user from accessing the resources by flooding the traffic that is used to access resources. A botnet controller controls all the bots that are under it. The attacker sends a command to the botnet controller that tells all bots to attack a server so that the server will be flooded. When a user wants to access a website, he will not be able to, as the traffic on the website will be at full capacity.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
🔸Distributed Denial of Service
It is an attack used to restrict a user from accessing the resources by flooding the traffic that is used to access resources. A botnet controller controls all the bots that are under it. The attacker sends a command to the botnet controller that tells all bots to attack a server so that the server will be flooded. When a user wants to access a website, he will not be able to, as the traffic on the website will be at full capacity.
🔝 @InfoSecTube
🖥 youtube
🍁 instagram.com/info_sec_tube
👍2