Burp Suite and Wireshark are said to be the best tools for penetration testing. I'm curious what the difference is between them, and the pros and cons of each.
Burp Suite is an application penetration testing tool that functions as a web proxy server between the browser and target application. It acts on the application layer (OSI-7), finding exploits and vulnerabilities. It is an MITM tool that deals with the HTTP/HTTPS protocol, and is mainly used by application security professionals and developers.
Wireshark (formerly Ethereal) is a network packet sniffer that mainly deals with raw data capture at the packet level. It can be used to analyse protocols other than HTTP/HTTPS/TCP, and acts at lower levels of OSI model (1 through 4) than Burp Suite. It is mainly used by network and security engineers.
Security engineers use both of these tools for secure testing and analysis.
Related
RTMP being an insecure unencrypted protocol, suffers from attacks like MITM and network sniffing. Naturally so, FB uses RTMPS: https://ppc.land/streaming-facebook-moves-live-videos-completely-to-rtmps/
Why is Google lackluster about adopting this secure approach? Is it due to less compatibility for the RTMPS protocol with streaming software and providers?
Azure does not provide RTMPS, at least their official developer doc does not mention that.
RTMPS was never an official standard. Adobe has a custom encryption called RTMPE, but that was never really supported outside Adobe software.
Because RTMPS is not official most high end video equipment and a lot of server software does not support it.
I noticed that JavaCard 3.0 may have the ability to use HTTPS from the Oracle website (oracle.com/technetwork/articles/javase/javacard3-142122.html).
Are there any ways to create HTTPS connections to a normal Internet website ?
Basically with Java Card Classic you are limited to the APDU interface. This interface has been specified in the Java Card API and the ISO/IEC 7816-4 standard.
It is of course possible to channel any kind of protocol through an APDU interface, but you would have to program it yourself. Furthermore, you would have to do so on the terminal side as well, because Java doesn't know anything about TCP/IP, name resolution etc. As Java Card environments are very limited, it would be tricky to create something that resembles an HTTP client.
There have been demonstrations that implemented a tiny web server on a Java Card. Those obviously also require some kind of proxy on the terminal side.
The Connected Edition - if you can find it anywhere - uses the same idea; it implements a web-server for e.g. authentication. It doesn't provide a client to my knowledge.
A1: There are no JavaCard Connected (which describes such option) devices publicly available.
A2: Classic JavaCard does not specify/allow any kind of connections.
I study the construction of mobile networks and began to study MVAS. But could not find a specific iinformation what protocols are used in the VAS or MVAS.
I understood that main protocol using SMS - it SMPP.
It would be great if someone made a list of the protocols used, or links where I could read more information about the protocols used.
There is such a list; it is published by 3GPP in specification TS 23.039.
3GPP (earlier ETSI) specified the GSM, UMTS and LTE systems, with standard protocols for most of the interfaces. They did not specify any standard protocol between Short Message Service Centres and external messaging servers though.
Instead, this was left open, and each SMSC developer specified their own protocol. An early and successful SMSC developer was an Irish company called Aldiscon, which was later taken over by Logica. They developed the Short Message Peer-to-Peer protocol (SMPP), and published it as an open standard, which is the reason why it's so widely used today.
What is the difference between SIP and H.323, I mean what are the salient features between them?
To start with ,
SIP is text based while H.323 is binary.
SIP is by IETF while H.323 by ITU.
SIP is basically request-response based like HTTP, while H.323 is not like that(is based on session).
What were the motivating factors which led to SIP's development?
How is one advantageous from other?
Both are relatively the same on the technical side - there are differences, but you can use both to run a VoIP service.
They both started at about the same time to develop, with H.323 gaining more traction in the beginning and SIP taking center stage in the past several years.
The main advantages of H.323 is the level of interoperability it provides in existing video conferencing equipment - something that can't be matched by SIP today (yet), and the fact that it holds most of the deployments of video conferencing in enterprises.
The main advantages of SIP is a larger ecosystem and dominance in voice calls and PBX systems. And the fact that it is viewed as the future of VoIP (at least to some extent).
I also wrote about it in the past in my company's blog: http://blog.radvision.com/voipsurvivor/2011/03/24/ask-an-expert-which-protocol-do-you-prefer-sip-or-h323/
H323 is familiar to telecommunications people. It reuses many concepts, terms and protocols from ISDN.
SIP is familiar to internet people. It's a lot like HTTP, re-uses all the response codes and standards like URI-s, uses the DNS well, etc.
I am trying to use the new OTA enrollment and device management capabilities in iOS 4 to provide wireless app distribution for the enterprise. So far, I have come across a lot of third party MDM providers that seem to charge by the device. I don't believe this is something very hard to do on our own, especially as a prototype.
My search has led me to some open source software for SCEP. Together with the OTA configuration reference from Apple, I want to believe that the next step would be to actually implement an MDM server. Now, the WWDC talk had slides on various MDM queries supported by iOS 4, including installing and removing provisioning profiles, but there's no reference implementation or even exposed API that I could find.
Does anyone have any experience trying to fully develop an enterprise distribution and management system without third party software?
MDM providers that I've seen are acting as SCEP proxies so that you don't have to expose your certificate server to the internet.
The best open source SCEP server I've found so far is Dogtag (http://pki.fedoraproject.org/wiki/PKI_Main_Page)
woops I was meaning to comment.. not answer.