Hello to everyone,
my group is specialized on network security issues.
We inform you that SlowDroid has just been release on the Google Play Store.
It is a necessary tool for testing the robustness of servers.
SlowDroid is able to execute Denial of Service (DoS) attacks directly from your mobile device.
Main characteristics:
multi-protocol (SlowDroid is able to affect HTTP, FTP, email, SSH, file sharing, etc...)
tiny amount of attack bandwidth needed
tiny CPU and RAM usage
configurable (see below; please contact us if you are interested on a pro version of the tool)
transparent to server logs during the attack execution; logs are usually updated once the attack is interrupted
it's by far better than alternatives such as LOIC or Slowloris
Detailed instructions of how SlowDroid works and detection algorithms to protect from this attack are available at the following address:
security.ge.cnr.it/projects/slowdroid/
The URL above also include download links for the tool.
SlowDroid is a work of the NetSec Group at CNR-IEIIT of Genoa, Italy.
Hoping SlowDroid may be useful to every system administrator willing to test the robustness of his own network.
Related
I've been given a school final year project but I can't think of what kind of healthcare app I should build with a server needed. Just a prototype. Please suggest.
The objective of this work is to design and implement a prototype mobile healthcare system that uses Android mobile devices. The system should consist of three parts: A mobile application, secure channels and a centralized server application.
The mobile application should gather healthcare information from the suer and forward it to a centralized server for processing. The secure channel is used to transmit client private information to the server. Finally the server stores the information into a database and prepares some feedback to the client.
1) What apps would it be?
2) What is the easiest secure channel to be used yet safe?
Thanks
Make an app to support caring for the elderly.
Each nurse has an android devices, stores patient data, complaints, medical issues on the device, which gets forwarded to the server.
The next nurse on the shift can retreive the same information from the server again and work with the same data.
Options would be auto patient detection depending on gps coordinates etc.
Patient data could be forwarded or looked at (pictures with device camera?) by a doctor etc...
Good enough?
Originally Posted by timothyon Saturday October 20, @08:27AM
from the that's-why-they-buy-guns dept.
Trailrunner7 writes "There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Researchers from a pair of German universities conducted a detailed analysis of thousands of Android apps and found that better than 15 percent of those apps had weak or bad SSL implementations. The researchers conducted a detailed study of 13,500 of the more popular free apps on Google Play, the official Android app store, looking at the SSL/TLS implementations in them and trying to determine how complete and effective those implementations are. What they found is that more than 1,000 of the apps have serious problems with their SSL implementations that make them vulnerable to MITM attacks, a common technique used by attackers to intercept wireless data traffic. In its research, the team was able to intercept sensitive user data from these apps, including credit card numbers, bank account information, PayPal credentials and social network credentials."
Refrence http://yro.slashdot.org/story/12/10...mentations-leave-many-android-apps-vulnerable
I myself have implemented them for shopping apps (SSL for anything dealing with user details, payment, etc.). When you're communicating with an external service that requires (or where you want to use) encrypted connections and that service only offers SSL (this is probably 90% of the time) you need to use it. Now the catch here is that the standard SSL handlers available to you in Android provide an "ideal" setup, where servers and certs are exactly as they "should" be. The problem is unless you are paying rediculous amounts for dedicated SSL services and high quality certs your setup will not be the "ideal", and you'll have to make exceptions by overriding code.
As an example, in the shopping system I set up there were two sets of certs, one set was signed [payment gateway] the other wasn't [user control panel]. I had to jump through a few hoops, and the app would be open for man-in-the-middle if set up right - but luckily all they'd get would be user login details, address and phone number - billing is all external and requires a separate authorization.
As spreading news about the issue among would only be able to protect privacy and crucial information of the consumers
all discussion regarding this issue are being welcomed kindly try to focus to fix this issue
Sometimes our website or server fail to open, but you don’t know how to deal with it, it is so terrible. Now you don’t worry about it anymore.
In order to repay our dear customers, Letswin Technology have developed a FREE professional webmaster APP- V&WEB (support Android and iOS) , you can monitor your website or server in real time 24/7/365. V&WEB fully functional, there are websites ALEXA ranking, IP check, Ping features, domain WHOIS check, Port Check, and so on.
You can visit the following website to get free V&Web APP: app.vandweb.com/
Or you can go to Google Play to download play.google.com/store/apps/details?id=cn.letswin.vandweb
The following is the introduction of V&WEB functions.
Monitoring: V&Web APP is a free website (server) monitoring tool with 24/7 support. We will monitor your server or website every 20 minutes after you set the corresponding address. Once failure, you will receive a push notification.
Ping: You can ping a server or website to test the response speed of the local network to the server. There are 20 ping results for each time, and you can also repeat ping, and share your ping results to your friends easily.
Whios: You can check the registration status of domain names, or view the current owner contact information, or view the current status of them, etc., and you can also share the whois results to your friends with one key.
Port Check: This tool can be used to scan whether the common port or specified port is open or not. Multiple ports need to be separated by a semicolon when checking.
LETSWIN TECHNOLOGY is the gold medal proxy in that lots of high-quality server room rental, we are an excellent global IDC service provider in Great China Region, offering global dedicated server hosting, Web hosting, VPS, domain name registration and various solutions for you. Please feel free to contact us, we are honour to provide you with comprehensive services, we are looking forward to your inquiry.
-----------------------------------------------------------------------------------
Our site://app.vandweb.com/
My skype: vandweb
Twitter: @ Letswin Jan Facebook: Letsidc Letsidc
Email: [email protected]
Tel: +886-2-8228-7256(Taiwan) Fax:+886-2-8228-7269(Taiwan)
Head quarter:1st F,No.54 Anping Rd., Zhonghe dist., Taipei, Taiwan
Sometimes our website or server fail to open, but you don’t know how to deal with it, it is so terrible. Now you don’t worry about it anymore.
In order to repay our dear customers, Letswin Technology have developed a FREE professional webmaster APP- V&WEB (support Android and iOS) , you can monitor your website or server in real time 24/7/365. V&WEB fully functional, there are websites ALEXA ranking, IP check, Ping features, domain WHOIS check, Port Check, and so on.
You can visit the following website to get free V&Web APP:
app.vandweb.com/
Or you can go to Google Play to download play.google.com/store/apps/details?id=cn.letswin.vandweb
Youtube link: youtube.com/watch?edit=vd&v=-XN-nx_Nrrc
The following is the introduction of V&WEB functions.
Monitoring: V&Web APP is a free website (server) monitoring tool with 24/7 support. We will monitor your server or website every 20 minutes after you set the corresponding address. Once failure, you will receive a push notification.
Ping: You can ping a server or website to test the response speed of the local network to the server. There are 20 ping results for each time, and you can also repeat ping, and share your ping results to your friends easily.
Whios: You can check the registration status of domain names, or view the current owner contact information, or view the current status of them, etc., and you can also share the whois results to your friends with one key.
Port Check: This tool can be used to scan whether the common port or specified port is open or not. Multiple ports need to be separated by a semicolon when checking.
LETSWIN TECHNOLOGY is the gold medal proxy in that lots of high-quality server room rental, we are an excellent global IDC service provider in Great China Region, offering global dedicated server hosting, Web hosting, VPS, domain name registration and various solutions for you. Please feel free to contact us, we are honour to provide you with comprehensive services, we are looking forward to your inquiry.
-----------------------------------------------------------------------------------
Our site: app.vandweb.com/
My skype: vandweb
Twitter: @ Letswin Jan Facebook: Letsidc Letsidc
Email: [email protected]
Tel: +886-2-8228-7256(Taiwan) Fax:+886-2-8228-7269(Taiwan)
Head quarter:1st F,No.54 Anping Rd., Zhonghe dist., Taipei, Taiwan
Now I want to recommend you one hot and FREE professional webmaster APP- V&WEB (support Android and iOS) , you can monitor your website or server in real time 24/7/365. V&WEB fully functional, there are websites ALEXA ranking, IP check, Ping features, domain WHOIS check, Port Check, and so on.
You can visit the following website to get free V&Web APP:
app.vandweb.com/
Or you can go to Google Play to download play.google.com/store/apps/details?id=cn.letswin.vandweb
The following is the introduction of V&WEB functions.
Monitoring: V&Web APP is a free website (server) monitoring tool with 24/7 support. We will monitor your server or website every 20 minutes after you set the corresponding address. Once failure, you will receive a push notification.
Ping: You can ping a server or website to test the response speed of the local network to the server. There are 20 ping results for each time, and you can also repeat ping, and share your ping results to your friends easily.
Whios: You can check the registration status of domain names, or view the current owner contact information, or view the current status of them, etc., and you can also share the whois results to your friends with one key.
Port Check: This tool can be used to scan whether the common port or specified port is open or not. Multiple ports need to be separated by a semicolon when checking.
LETSWIN TECHNOLOGY is the gold medal proxy in that lots of high-quality server room rental, we are an excellent global IDC service provider in Great China Region, offering global dedicated server hosting, Web hosting, VPS, domain name registration and various solutions for you. Please feel free to contact us, we are honour to provide you with comprehensive services, we are looking forward to your inquiry.
-----------------------------------------------------------------------------------
Our site: app.vandweb.com/
My skype: vandweb
Twitter: @ Letswin Jan Facebook: Letsidc Letsidc
Email: [email protected]
Tel: +886-2-8228-7256(Taiwan) Fax:+886-2-8228-7269(Taiwan)
Head quarter:1st F,No.54 Anping Rd., Zhonghe dist., Taipei, Taiwan
Server monitoring with 20 minutes between each check are not really helpful ?
And the UI is really ugly.
Link to Google Play:
https://play.google.com/store/apps/details?id=cn.letswin.vandweb