Sunday, February 21, 2021

[DLP]DLP Test Websites

https://dlptest.com/

http://dataleaktest.com/

https://www.dlp-test.com/

https://www.dlptest.net/

[DLP][Snort]Snort Rules for DLP

 #Credit Card Number Identification:

alert tcp any any <> any any (pcre:”/4d{3}(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”VISA card number detected in cleartext”;content:”visa”;nocase;sid:9000000;rev:1;)

alert tcp any any <> any any (pcre:”/5d{3}(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”MasterCard number detected text”;content:”mastercard”;nocase;sid:9000001;rev:1;)

alert tcp any any <> any any (pcre:”/6011(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”Discover card number detected text”;content:”discover”;nocase;sid:9000002;rev:1;)

alert tcp any any <> any any (pcre:”/3d{3}(s|-)?d{6}(s|-)?d{5}/”;msg:”American Express card number text”;content:”amex”;nocase;sid:9000003;rev:1;)


#Idenfiy Social Security Number:

alert tcp any any <> any any (pcre:”/d{3}(s|-)?d{2}(s|-)?d{4}/”;msg:”Social Security Number is found”;content:”ssn”;nocase;sid:9000004;rev:1;)


Saturday, February 20, 2021

[SSL][PKI][OpenSSL]OpenSSL Cheatsheet

 Reference: https://cheatography.com/albertx/cheat-sheets/openssl/


Installation:

# apt-get update

# apt-get install openssl


Generating Key-ring:

The following example is to generate a 4096 bit private key and export it to a key file:

# openssl genrsa -out ./private-key.key 4096

Or generate a password-protected private key as such:

# openssl genrsa -aes256 -out ./private-key.key 4096

The public key could be generated upon the key-ring as shown below:

# openssl rsa -in ./private-key.key -RSAPublicKey_out -out ./pubic-key.key


Add/Remove Password-Protected function on a private key:

Adding Password-Protected function could be done as follows:

# openssl rsa -aes256 -in ./private-key.key -out ./private-key.encrypted.key

And Removing Password-Protected function is done as shown below:

# openssl rsa -in ./private-key.encrypted.key -out ./private-key.key


Creating Certificate Signing Request (CSR):

Creating a Certificate Signing Request (CSR) by using an existing private key:

# openssl req -new -key ./private-key.key -out ./request.csr

Read the CSR file:

# openssl req -text -noout -in ./request.csr

Read the public key from the CSR file:

# openssl req -pubkey -noout -in ./request.csr


Sign a certificate through Certificate Signing Request (CSR):

# openssl ca -in ./request.csr -out ./certificate.crt -config ./CA/config/openssl.cnf

Read the information sitting in the certificate:

# openssl x509 -text -noout -in ./certificate.crt

Extract the public key from the certificate:

# openssl x509 -pubkey -noout -in ./cert.crt


Generating Key-ring and Self-Signed Certificate concurrently:

# openssl req -newkey rsa:2048 -nodes -keyout /etc/ssl/certs/key.pem -x509 -days 365 -out /etc/ssl/certs/certificate.pem

Or:

# openssl req -newkey rsa:2048 -nodes -keyout ./private-key.key -x509 -days 365 -out ./cert.crt


Identifying Key-ring and Certificate:

Utilize MD5 hash function to identify all files:

# openssl dgst -md5 ./* 2>/dev/null


Combine Private Key and Certificate into PKCS #12 format file:

# openssl pkcs12 -export -out ./cert_key.p12 -inkey ./private-key.key -in ./certificate.crt