Ratan Jyoti

Blockchain is today’s most discussed technology and will remain so for more time. Crypto Society most often criticizes banks for being over-centralized and many times being overpriced and monopolistic. In contrast, Blockchain can be a viable option as it is decentralized and a cost-effective solution.

To expand banking business to new customers, new channels, new geography and new markets, cloud computing is an effective tool. Cloud computing is not only expandable and swift but provides competitive advantage and better customer service with significantly less infrastructure costs. Some organizations have reported that business simulations which took more than 20 hours in a physical infrastructure setup took just 20 minutes in a cloud infrastructure. This alone explains the capability of… Show more

To expand banking business to new customers, new channels, new geography and new markets, cloud computing is an effective tool. Cloud computing is not only expandable and swift but provides competitive advantage and better customer service with significantly less infrastructure costs. Some organizations have reported that business simulations which took more than 20 hours in a physical infrastructure setup took just 20 minutes in a cloud infrastructure. This alone explains the capability of cloud-based infrastructures. However, questions have been raised about the security of such an infrastructure. Show less

Given the increasing financial and reputational costs of breaches, an organization can no longer overlook human aspect of Cyber Intelligence

In a TCP SYN flood attack, the malicious client begins a three way handshake which the client never finishes. The client only sends TCP SYN packets and no final ACK packets, and by virtue of which the server reserves memory slots for each incomplete connection. By this process, the server’s memory gets filled with increasing incomplete connections until the server can no longer no longer accept the other incoming requests (both genuine and malicious) in want of free memory. The goal of this… Show more

In a TCP SYN flood attack, the malicious client begins a three way handshake which the client never finishes. The client only sends TCP SYN packets and no final ACK packets, and by virtue of which the server reserves memory slots for each incomplete connection. By this process, the server’s memory gets filled with increasing incomplete connections until the server can no longer no longer accept the other incoming requests (both genuine and malicious) in want of free memory. The goal of this simple technique is to deny the TCP services to the legitimate clients by creating a large number of half open TCP connections that fill the host’s listen queue. Usually, these TCP SYN packets use counterfeit IP addresses to prevent detection and because of these nonexistent IP addresses, no responses are returned to the server. Show less

The era of internet escalated banking has brought the banking channels to customer’s hand. This is possible because of communications and exchange of a very large set of data. Many of these communications involves interchange of confidential data. As the data belongs to customers, their security is the prime concerns for the banks. Privacy preservation is of also equally important as no party can be trusted enough over the public networks without checks and verification.

To expand banking business to new customers, new channels, new geography and new markets, cloud computing is an effective tool. However, questions have been raised about the security of such an infrastructure.

Wireless Sniffing through KARMETASPLOIT

By Ratan Jyoti

Karmetasploit is a Metasploit implementation of famous wireless sniffing tool KARMA (KARMA Attacks Radioed Machines Automatically) which passively listens to 802.11 Probe Request frames. Wireless Clients are generally targeted by creating Rogue AP and harvesting of user credentials which is carried out by exploiting client side vulnerabilities.

Distributed Denial of Service (DDoS) attack is a strewn challenge where the spurious or fake packets are sent to the victim in abnormally large number. DDoS attempts to block important services running on victim’s server by flooding the victim’s server with packets. The difference with DoS is that DDoS attacks do not originate from a single host or network but from multiple hosts or networks which might have already been compromised. One of the main challenges here is to find the location of… Show more

Distributed Denial of Service (DDoS) attack is a strewn challenge where the spurious or fake packets are sent to the victim in abnormally large number. DDoS attempts to block important services running on victim’s server by flooding the victim’s server with packets. The difference with DoS is that DDoS attacks do not originate from a single host or network but from multiple hosts or networks which might have already been compromised. One of the main challenges here is to find the location of attackers and then block traffic at points near to the source of the attacks. Layer 7 DDoS attacks target the application layer at web or mail servers (eg. HTTP(S), SMTP, FTP etc) such that the service can be denied in effective way to bring web server to lock up or crash. Since they operate at the application protocol level which is OSI Layer 7 ,this attack is known as Layer 7 DDoS attack… Show less

Banking with the cloud is definitely a game changer

The burden of possessing, managing and maintaining the IT infrastructure has been the key challenge for financial sector. Banking with the cloud has definitely been a game changer. Many banks have already placed their less critical application to cloud computing as a low-risk exercise. The major benefits to the bank are:
• No upfront capital costs and reduced technology costs
• Faster implementation • High flexibility and… Show more

Banking with the cloud is definitely a game changer

The burden of possessing, managing and maintaining the IT infrastructure has been the key challenge for financial sector. Banking with the cloud has definitely been a game changer. Many banks have already placed their less critical application to cloud computing as a low-risk exercise. The major benefits to the bank are:
• No upfront capital costs and reduced technology costs
• Faster implementation • High flexibility and scalability
• Multi-channel reach Show less

Efma journal n° 239 July August 2013

Tackling the theft of data

The rising incidence of cardholder data theft has become a major concern for banks. Besides leading to fraud and operational losses, the impact on a bank’s reputation is significant. Ratan Jyoti from Vijaya Bank explains what needs to be done to minimise risk.

This is the web based information system for insect
collections is developed at Indian Agricultural Research Institute, New
Delhi by Ratan Jyoti et al., 2002. It is known as Information System on
National Pusa Insect Collection (ISNPIC), which is one of the biggest
insect collections in Asia with more than half a million specimens
comprising of approximately 17,000 identified species.