All of the various findings, articles, videos, pictures, and other stuff I dig up on the web. Anything on this site was posted by me. Any opinion expressed here is only my own
2011/09/29
OS fingerprinting with Packets
This article goes into how to passively fingerprint a machine or device to determine what OS the machine or device is running.
2011/09/27
New Whitepapers #3
some more white papers from Source Forge for you to check out.
You must register to get these whitepapers.
Maximizing Configuration Management IT Security Benefits with Puppet
Real-time Protection for Hyper-V
Data Growth and Protection
Physical Security in Mission Critical Facilities
AES New Instructions
You must register to get these whitepapers.
Maximizing Configuration Management IT Security Benefits with Puppet
Real-time Protection for Hyper-V
Data Growth and Protection
Physical Security in Mission Critical Facilities
AES New Instructions
2011/09/24
Quick Look at Forefront Protection for Exchange
A quick overview of the advantages and features with using Forefront protection for your Exchange servers.
2011/09/23
More SSL Issues
So it seems the high amount of SSL news will continue through this whole week. Starting off with DigiNotar filing for bankruptcy after their recent compromise. Especially when word was released that over 200 certificates were issued during the compromise.
Then we find out that researchers have discovered A vulnerability resides in versions 1.0 and earlier of TLS. Their new tool, BEAST, is going to be released at the Ekoparty Security Conference. Our intrepid researchers say they've figured out a way to defeat SSL by breaking the underlying encryption it uses:
Much going on in the SSL/TLS world still........
Then we find out that researchers have discovered A vulnerability resides in versions 1.0 and earlier of TLS. Their new tool, BEAST, is going to be released at the Ekoparty Security Conference. Our intrepid researchers say they've figured out a way to defeat SSL by breaking the underlying encryption it uses:
“While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests.”This is also being discussed on the ISC Diary and other places, as there is some debate on whether or not this type of attack was discussed already in an earlier paper. Google has already included a work around in the developer version of Chrome, but i don't think there has been word on when the fix/ work around will be introduced in the consumer version of the browser.
Much going on in the SSL/TLS world still........
Want to play with malware...........?
Here is an article to get you started with your own malware lab.
2011/09/21
2011/09/20
Domain Security in Exchange 2010
The first article in a series going over domain security in the newer version of Exchange.
2011/09/19
2011/09/18
a couple of articles for you this time.....
2011/09/13
2011/09/12
CISSP Exams
I have been studying for the CISSP exam this past month and this past Saturday finally sat down for the exam. Practice exams became a big part of my study curriculum towards the end there, and here is one of the free ones I found online.
Good Luck to any who might pursue this Certification!
2011/09/11
Kill malware with SysInternals
First article in a two part series going over how to kill malware on your windows machine using the sysInternals tools from Microsoft.
2011/09/10
2011/09/09
For the Gamers out there.........
here is a weekend ready post for you just in case you needed something to do this weekend.....
Reset Glitch Hack
From their Blog/wiki website. seems like quite an effort to go through for this.....
"""
We found that by sending a tiny reset pulse to the processor while it is slowed down does not reset it but instead changes the way the code runs, it seems it's very efficient at making bootloaders memcmp functions always return "no differences". memcmp is often used to check the next bootloader SHA hash against a stored one, allowing it to run if they are the same. So we can put a bootloader that would fail hash check in NAND, glitch the previous one and that bootloader will run, allowing almost any code to run.
"""
Reset Glitch Hack
From their Blog/wiki website. seems like quite an effort to go through for this.....
"""
We found that by sending a tiny reset pulse to the processor while it is slowed down does not reset it but instead changes the way the code runs, it seems it's very efficient at making bootloaders memcmp functions always return "no differences". memcmp is often used to check the next bootloader SHA hash against a stored one, allowing it to run if they are the same. So we can put a bootloader that would fail hash check in NAND, glitch the previous one and that bootloader will run, allowing almost any code to run.
"""
2011/09/08
Android apps for Network Admins
Yes, there is an app for that now. Why you would allow your mobile devices on your internal network, is still beyond me, but if you do, here are some apps you could use.....
15 Android Apps for Network Admins
15 Android Apps for Network Admins
2011/09/06
need to update once again.............
This is just a quick reminder to everyone in the wide internet world, that the recent CA getting hacked has resulted in over 500 invalid certificates being issued for very popular websites. Updates for various products are being released today and in the past few days, please make sure to update your OS, your browser, and any other application that can go on the internet.
TOR announcement of compromised certificates
This is the complete list of domains compromised.
2011/09/05
New Whitepapers #2
Take Steps Now to Safeguard Print Devices and Printed Data
Future-Proofing Your Authentication Infrastructure
7 Criteria for Evaluating Securityas-a-Service Solutions
The Art of Teleworking
Countering modern threats requires hunting intruders
Put Together a Data Protection Plan
S e l e c t i n g a F i l e A c t i v i t y Mo n i t o r i n g S o l u t i o n
Future-Proofing Your Authentication Infrastructure
7 Criteria for Evaluating Securityas-a-Service Solutions
The Art of Teleworking
Countering modern threats requires hunting intruders
Put Together a Data Protection Plan
S e l e c t i n g a F i l e A c t i v i t y Mo n i t o r i n g S o l u t i o n
2011/09/03
2011/09/02
MIT Researchers Craft Wireless Defense Against MITM
Not so sure about this, but glad they are looking at it.
MIT Researchers Craft Wireless Defense Against MITM
MIT Researchers Craft Wireless Defense Against MITM
5 Features of vSphere 5 That You Should Care About
5 Features of vSphere 5 That You Should Care About
Pretty cool. I know they had talked about doing this awhile ago, but this is nice to finally see.
"With vSphere 5 auto-deploy, you can provision new ESXi hosts amazingly fast. With this new method, the physical server boots over the network using PXE/gPXE, contacts the auto-deploy server, and loads ESXi into memory. Then, the auto-deploy server works with the vCenter server to get the new ESXi host properly configured (according to host profiles and new vSphere 5 answer files).With auto-deploy in vSphere 5, you can deploy tens or hundreds of ESXi servers faster than ever before possible. For more information, watch this presentation on vSphere 5 auto-deploy."
Pretty cool. I know they had talked about doing this awhile ago, but this is nice to finally see.
"With vSphere 5 auto-deploy, you can provision new ESXi hosts amazingly fast. With this new method, the physical server boots over the network using PXE/gPXE, contacts the auto-deploy server, and loads ESXi into memory. Then, the auto-deploy server works with the vCenter server to get the new ESXi host properly configured (according to host profiles and new vSphere 5 answer files).With auto-deploy in vSphere 5, you can deploy tens or hundreds of ESXi servers faster than ever before possible. For more information, watch this presentation on vSphere 5 auto-deploy."
Windows GPO Management Part II
Ccontinuing our tutorial on Change Control Management for Windows GPO Objects
2011/09/01
New Juniper Books
Here are a couple of new Networking Books that have been released for you all to check out.......
Developing Basic QoS
Mobile Security for Dummies
QoS Enabled Networks
Developing Basic QoS
Mobile Security for Dummies
QoS Enabled Networks
Google as DoS tool
Google as DoS tool
can you imagine this? harnessing all of the bandwidth that Google has to literally punish a server? This guy doesn't go that far, but he most certainly brought his server to its knees.
can you imagine this? harnessing all of the bandwidth that Google has to literally punish a server? This guy doesn't go that far, but he most certainly brought his server to its knees.
New Tool! (New HTTPD DoS tool)
Slowhttptest is sending partial HTTP requests, trying to get a denial of service from the target HTTP server.
This tool actively tests if it's possible to acquire enough resources on an HTTP server by slowing down requests to get denial of service at the application layer.
This tool actively tests if it's possible to acquire enough resources on an HTTP server by slowing down requests to get denial of service at the application layer.
Subscribe to:
Posts (Atom)