Security – Scriptingthewhy.com

DD Came Stopped to Party

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

people dancing a nightclub. — Which one of you spiked my drink!? I can taste my heartrate!
Photo by Mauricio Mascaro, please support by following @pexel.com

This might send you back to those feel-good party nights so prepare to reminisce and say…” No, I don’t recall that happening.” Have you ever been to a nightclub, found someone to party with, and decided that you would like to spend most of your time with them?

You both are having a really good time, the music is pumping, the people around you are jamming, and something to you smells funny but that’s okay because the pills you took five minutes ago bestowed upon you the ability to see and taste sound.

You have to take a quick break and hit the restroom, only to come back and find your chosen dance partner is oddly being blocked by a crowd of people and no matter how much you try, you just can’t seem to get within reach of them. Have you never had this happen?

Okay, so apparently Z-Daddy is the only one who has had weird times in nightclubs huh? While you are lucky enough to say you haven’t experienced this event, this often happens with computers and companies you favor. What is this go-go nonsense I’m yammering on about? This will all make sense in a moment.

large group of people walking on road. — She’s leaving with you, but she was programming with me bro. Oh wait, that’s not right.
Photo by Vlad Alexandru Popa, please support by following @pexel.com

Clubbing in Denial

What is this weird phenomenon taking place in this nightclub which often happens to a computer or network? To put it in simple terms, you’re symbolically being hit with a “denial-of-service” or DoS.

This is a form of cyber-attack where the attacker seeks to make either your machine or a network resource unavailable for intended users. Distributed Denial of Service or DDoS occurs when a mass of machines operates together to focus an attack on one target to disrupt the normal traffic of the targeted IP address.

Picture if you can, five lanes of traffic trying to fit down a one-way street. This leads to the target’s device being overwhelmed and denying legitimate users access to the desired website. In fact, one of the largest attacks on record was at GitHub, a popular online code management platform that is used by a lot of developers. They were hit with a large volume of traffic that led to the disruption of their site. Click here to find out more details. What are some other things that can suffer from an attack like this I can hear you ask.

Aside from personal computers, cell phones, public cloud services, and IoT (Internet of Things) devices that aren’t tightly secured are not off the menu, they can all suffer a DDoS attack. Depending on how bad the attack is can play into how long it takes for your site to become available.

In some cases, could be as little as 24hrs and in others can be from days to a week given how quick the response time is. Variety is the spice of life and by choosing which device to overload, you can find plenty of it.

young woman sat at computer screen in shock. — I can’t get to access my Grub Hub account…that means I have to cook tonight.
Photo by Andrea Piacquadio, please support by following @pexel.com

Dirty, Dirty, Dirty Tactics

Who and why would someone turn to use such a tactic? Trying to hinder or take out the rival competition is one reason. If customers can’t get to your competitors’ sites but find access to yours. Then it makes the choice that much easier for them to buy from you.

This is pretty much a “Two birds with one stone” situation because not only are you carrying out a hit on your competition, but you are also passively strong-arming your potential customers into buying from you.

That’s operating like a boss. Another reason someone might perform a DDoS is Hacktivism, meaning they don’t agree with something political and promote an agenda of their own by hacking. In the days before the pop-ups of “How-to”, you had to be skilled to perform such an attack but now, like with malware, you can simply go to the dark side and pick something up extra saucy if you have enough coin.

Again, your presence on the dark web is not illegal but the activity you choose to engage in begs the question. Remember to always stay legal kids.

young gentleman rushing to woman in red over coat. — Bob: Karen, I thought you were leaving him for me.
Tim: she’s with me buddy. Your access just got denied.
Photo by Two Shores, please support by following @pexel.com

Last Minute Halts

So why is knowing about a DDoS important? DDoS can and have affected many if not all industries. This ranges from being able to place bets on gambling sites to trying to clear out your cart on an e-commerce site.

Everyone with a storefront on the internet has at one point or another suffered the simulated feeling of being an employee having to work retail on Black Friday. DDoS attacks have been around for quite some time, the earliest attack was back in the late 90s and they have been evolving ever since.

man in red polo looking shocked. — We’ve all made this face at one point or another while on the toliet.
Photo by Andrea Piacquadio, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like I may have missed something about DDoS? Script a comment below.

Security, Tech

Problems Rooted in Five

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

man leaning on hand and looking away. — It was only five minutes; I shouldn’t feel this guilty.
Photo by Keira Burton, please support by following @pexel.com

So you’re at your computer sitting on your fart box, surfing the vast world of the internet and you decide to make a pit stop in the “red light district” because you have five minutes of free time and no one is around so you don’t have to feel an ounce of shame.

Given that you have five minutes means you’re on the clock and you figure downloading would be faster than streaming. After you find and download that sweet but extra spicy file to handle your developing situation, once the fun is had and the mission is complete, a moment of clarity happens.

You notice something, it’s a strange shortcut on your desktop named “This is nothing to worry about”. Thinking to yourself, “Hmm, that wasn’t there before. Oh well, I’m sure it’s nothing to worry about.” But wait sweet child of mine, it is something to worry about indeed.

Like a chick who partied too hard and left a frat party the next morning, how would you feel if I told you; You just may be pregnant? Don’t understand? Let me explain.

a woman with headache checking her phone. — Don’t tell me I just missed another script from Z-Daddy.
Photo by Polina Tankilevitch, please support by following @pexel.com

Rooting to the Core

You see, while you were in the red-light district of the internet seeking your jollies. Someone has provided something called a “rootkit” to get into your computer and well, have its way with your machine.

A rootkit is a type of malware that can provide administrative privileges to hackers for complete control of a targeted device. There are five types of rootkits and none of which are pleasant to deal with.

Hardware (Firmware) rootkit infects your computer’s hard drive, the BIOS (Basic input/output system), and your router.

Bootloader rootkit, your bootloader is an important tool since its loads when your computer is turning on, however, when booting, the system can be attacked and even replace your computer’s bootloader with a tainted one.

Memory rootkit hides in the computer’s RAM (Random Access Memory) and like football players running plays in the backfield, carry on any number of malicious tasks in the background. A good thing to note is they only live while your computer is on and sometimes go away after a simple rebooting, however, in some cases, you may have to do more.

An application rootkit will replace a file in your computer with a malicious file or files. This could also alter the way an application works such as Word or Notepad. A problem with this is trying to figure out which program is infected because an infected program will operate normally.

Lastly, kernel mode, the worst one in my opinion, hits the core of your computer’s operating system and can change how the OS functions. Where in some cases if not most, turns your computer into a zombie.

man standing with laptop saying "you've been hacked!" — Your computer will passively tell you this.
Photo by Saksham Choundary, please support by following @pexel.com

Crackers Seeking Control

Who are the people who use such a thing? Hackers originally were called “crackers” because they were working to crack a code or into a network and not hack but hackers just stuck I guess. These cybercriminals use such tactics to make like your nosey neighbor and eavesdrop on your interactions.

Hackers can intercept personal information via keyloggers which are devices that collect your keystrokes while typing on a keyboard. Yes, to all of you keyboard peckers, if were to equate your typing to internet speed, hackers would consider you to be dial-up. But while logging keystrokes, hackers, as mentioned before, can gain control of your operating system.

While eavesdropping, hackers can also conceal their digital footprint on a compromised system leaving a backdoor for frequent visits without being detected. So this is in a sense, your nosey neighbor jimmying your door and being allowed to free roam while you’re sat on the couch watching tv.

gang of friends with tattoos on street sunbeams. — Star Wars or Star Trek, choose your answer wisely.
Photo by Khoa Vo, please support by following @pexel.com

Nerds and Drive-by Exploits

Why is knowing about rootkits so important? Well, if you had experience with dealing with a stalker, you know things can get uncomfortable, however, if you find that not only, they are stalking you but are also inside the house. Things can ramp up very quickly.

Rootkits have the same behavior, a rootkit’s goal is to get into your system, bury itself deep within your OS, and change, collect, release, or even perform a combination of all three in your machine. But like stalkers, rootkits don’t just limit themselves to your house, smartphones, and other devices are not off the menu as they have several exploits such as GPS, battery, and voice.

There are ways to check for a rootkit, one way is looking for any strange behavior such as your machine is operating on its own. Another is performing a memory dump analysis which is to take all the information from the RAM and put it onto a storage drive for later analysis. Performing a factory reset will typically remove some infections but like cockroaches, some will survive.

The use of anti-virus programs like Norton or McAfee will not get rid of a rootkit, especially if they’re not up to date. As with any other type of malware, the absolute best way to avoid a rootkit infection is to never get it in the first place.

This might be easier said than done since visiting some sites will trigger an event where a file will be downloaded onto your computer without any action on your end. This is called “drive-by downloading”. I thought drive-bys were just limited to being in “da hood”, apparently, they can happen in IT too.

The thought of gang-affiliated nerds beefing with each other and doing drive-bys just broke me, I’m sorry. This event is hard to keep up with as it’s not just limited to any unknown sites, well-known and legitimate sites could have embedded code in them.

But if you have to visit some unknown sites because your curiosity about the darknet is killing you then keeping your operating system and all your software up to date will aid in the protection of your machine from rootkits.

man in hat looking with evil intent. — Z-Daddy wants to know why you haven’t joined ZeroClay Nation yet. Subscribe today and no one gets hurt.
Photo by Fariborz MP, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Feel like I may have missed something? Script a comment below.

Cloud Talk, Security, Tech

Cloud, Hackers, and a Wallet

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Cloudy with a chance of emptied accounts.
Photo by Nicolas Jaramillo, please support by following @pexel.com

In the great big world of IT (Information Technology) things in cybersecurity have always been but, even more now, getting more interesting with every new technology or model that pops up.

If you haven’t been living under a rock no less an underground bunker, chances are you have heard about the cloud and all the wonders it has to offer to make your life and even your business flow a little easier however, in the landscape having access to a monolith of services and your choice of pay models looms something in the midst.

Whatever pay model you choose, you may be offering the same choice for an unwanted guest. Don’t know what I mean, let me script it for you.

I could be reading script right now, but I have to fix this stupid car.
Photo by Malte Luk, please support by following @pexel.com

Cloud from Underground

For those who finally came out from underneath that rock or finally believe the air is breathable and things in America and around the world are getting better, I welcome you. Let me give you this quick overview of the cloud and all its glory, all hail Hydra- I mean the mighty cloud.

The cloud or better known as cloud computing is a massive network of distributed services. There are services for housing and examining big data, environments for building applications, and creating automation to execute certain tasks are some of the things you can do in a cloud.

The list of what you can do goes to no end and it’s still expanding. As far as providers go you have the big three and yes this will be biased so be prepared to not agree which you’re welcome to do. They are AWS (Amazon Web Services), Google Cloud, and Azure from Microsoft. What about IBM’s cloud, you ask? Simple, IBM and I don’t talk, AWS all the way baby.

Back on the point, the cloud offers serverless computing, this is the execution model where the CSP puts together machine resources on demand and is done on behalf of the customer.

So, in short, the term serverless doesn’t actually mean there aren’t any servers, serverless means that all of the backend infrastructure is handled by the vendor. For all of you who came out of a bunker, you can go back in now, things haven’t gotten any better.

Enjoying so far?

Check out this other script on cloud. Click here.

It’s just a DDoS, there’s nothing to worry about. It’s not like I need to keep my job or anything like that.
Photo by SHVETS production, please support by following @pexel.com

Denial of a Panic

So, why is this important? How does this information benefit you? Again, you’re offered a pay-as-you-use model for a lot of services. This means attackers have more options when it comes to performing an attack.

DoS (Denial of Service) or DDoS (Distributed Denial of Service) are events where someone is trying to access a website but can’t because the website’s servers are being overwhelmed by traffic from zombies (slave bots).

This is a somewhat normal event and SOC (Security operation center) teams are prepared, for the most part, to deal with them. However, with the addition of the cloud, things have become more complex.

The name of the new challenger is called DoW (Denial of Wallet). And before you ask, yes, I’ll tell you what’s in your wallet when this attack is done.

I don’t think this is what Z-Daddy meant by denial of wallet, it’s more like denial of money.
Photo by Andrea Piacquadio, please support by following @pexel.com

Wallets Racking Up Prices

As mentioned before a DoS/DDoS is not having access to a resource like a website because the server is being overwhelmed by traffic. DoW works similarly but the difference is you run out of money to request resources and services in the cloud.

An attacker can gain access to your account in a variety of flavors and once in, they can begin to rack up charges in your name or your business’s name. This is because to use or to have access to a cloud a credit card must be on file to charge.

Once the card on file reaches its limit and money can no longer be drawn for services, resources are stopped until the bill is paid. Here’s some small math for you, let’s say you were using a server and it cost $0.10 per minute to run that server but you have it scheduled to run between business hours, five days a week. $240.00 USD in a week isn’t a problem because you may have that amount on hand.

However, your account gets hacked and changes the server schedule to run every hour including the weekends changing that $240.00 to $1,008.00 USD in the first week. But not only that, other resources were added and set to run every hour including the weekends. Money runs out quickly in the cloud when you’re hacked and not paying attention. Just when you thought the sky was the limit.

Kim: Girl, you never use the root account. Ain’t you read Scriptingthewhy?
Sarah: What’s that?
Kim: Girl, here. go to the site and you’ll be hip to the games.
Photo by Andrea Piacquadio, please support by following @pexel.com

Accounting for the Root

At this junction, you’re probably sitting at your computer wondering how you can prevent from seeing another bill you either can’t or simply don’t want to pay sneaking its way into your email. Well, I have some good news, following best practices when setting up your or someone else’s cloud.

Always employ the use of setting up a general account, and do not for the love of Sam Smith’s Unholy, do not use the root account because if that account gets hacked, you can kiss your cloud goodbye.

For those who might not know why not to use the root account, it’s like using the admin account on your computer, if someone gains access to it, they can do whatever they want since it’s the highest level of privilege. And if you set up someone’s cloud and the only account is the root, well needless to say unemployment is in your future, that’s cloud 101 and you should know better.

Shaming aside, using multifactor authentication adds another layer of security for accounts and the most important action to take is setting up a budget with multiple avenues, like emails and text messages to reach you as this will alert you when you are approaching your undesired limit for your budget.

And checking in periodically with billing and usage along with checking logs could see you better off as this helps to keep you alert as well. It’s great to have your head in the cloud but fending off unwanted bills can help keep you grounded and employed.

Scriptingthewhy has helped me keep money in my wallet. Z-Daddy, you strike again.
Photo by Lukas, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Did you have a time where you may have encountered a DoS situation? Script about it below.