behavior
of the system via different platforms. The Social media platforms such as
Facebook, Linkedin, Twitter, and Instagram are the tools used in this, a method
to know exactly about the system.

The Open Source
Intelligence tools that are mostly used by the Analysers/Attackers are

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

?       Shodan-
Internet Search Engine

?       Recon-ng-
Web Reconnaissance framework

?       Foca-
Metadata Extraction

?       Maltego-
Open Source Intelligence and Forensics application

?       Censys- It is a search engine
that allows computer scientists to ask questions about the devices and networks
that comprise the Internet. Driven by Internet-wide scanning, Censys lets researchers find specific hosts and
create aggregate reports on how devices, websites, and certificates are
configured and deployed.

?       Data
Sploit – A tool to perform various OSINT techniques, aggregate all the raw
data, visualize it on a dashboard and facilitate alerting and monitoring the
data.

?       X
Force Intelligence- The tool from IBM can be used to examine the system and
find out the security threat into it if available, to aggregate and to
collaborate with the peers. The logged in users can access all the
functionalities of the tool such as searching, commenting, collections and
sharing (Johari & Sharma, 2012).

?       Spider-Foot-
The Spider Foot is an open source tool available to all it fetches the data
from various platforms and gathers it one place to deliver you virtually.

There
are a number of tools available that can be used for open source intelligence
and grabs the information about the target. Everything depends on the use of
tools it can be used to point out the security threats and vulnerabilities to
enhance security functions of the system and save it from any possible breach.
However, still, some of the people known as the attackers use these tools to
know the weak points of the system to exploit them (Sood & Enbody, 2013).

Exercise 3:
Security Auditing – Logging

As
mentioned in the portfolio description this exercise concerns with the login
approaches among Linux and Windows. In this particular piece of information, we
have discussed the difference between the Linux and Windows with respect to
security aspects.

Firstly
we are covering the difference between the Linux and Windows that affects the
login approaches in both the operating system.

1.     
Full
Access Vs No Access

The
very first difference in between the Linux and Windows is the access to the
varied code at the heart of the operating system. The Linux belongs to the GNU
Public license that ensures that the users have the access to the mother code
which is the foundation of the system. In Linux, you can access the central
coding system from where the OS is being operated (Rhodes-Ousley, 2013).
However, the Windows users are not so lucky to have access to the code of the
system without acquiring a special permission which is very tough to get.

 

2.     
The
License Restrictions

Along
with access comes the difference between the licenses. I’m sure that every IT
professional could go on and on about licensing of PC software. But let’s just
look at the key aspect of the licenses (without getting into legalese). With a
Linux GPL-licensed operating system, you are free to modify that software and
use and even republish or sell it (so long as you make the code available)
(Spremic, 2011). Also, with the GPL, you can download a single copy of a Linux
distribution (or application) and install it on as many machines as you like.
With the Microsoft license, you can do none of the above. You are bound to the
number of licenses you purchase, so if you purchase 10 licenses, you can
legally install that operating system (or application) on only 10 machines.

Below is the list of the
logging tools that are most commonly used in Linux and Windows for log
management.

1.     
OSSEC-
It is an open source unique system that is used to manage the log data in the Linux, Windows and network devices and it is
also a real-time data log analyzing platform for the experts. It includes a set
of useful default alerting rules as well as a web-based graphical user
interface (Rasheed, 2014). If you in the initial stage and starting up your log
review program the best choice.

2.     
Rsyslog-
It is the most notable advancement of the Syslog services that use the
traditional configuration file, however, there is Windows association but still
has a front end named phpLogCon.

3.Snare agent and Project
Lasso remote collector
(sourceforge.net/projects/lassolog) are used to converting Windows Event Logs
into syslog, a key component of any log
management infrastructure today (at least until Visa/W7 log aggregation tools
become mainstream)

B.

#include
#include
#include “system.h”        //
SysShutdown();
#include “log.h”
 
bool LogCreated = false;
 
void Log (char *message)
{
            FILE *file;