Recent Twats
- @PatrickElOso Today I don't feel like doing anything I just wanna lay in my bed Don't feel like picking up my phone, so leave a message...
- RT @RealGilbert: The RIP Eddie Murphy reports are false! The cops found a dead black guy and just assumed it was either Eddie Murphy or ...
- Why Twitter’s new policy is helpful for free-speech advocates - http://t.co/lMFgD7F1
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
Monthly Archives: July 2009
Reduce ssh brute force attempts…
In case you’re still running sshd on port 22 (which you should change!) you’re probably getting hammered with brute force attempts. Take a peak at /var/log/secure or /var/log/wtmp or the “last” command and have a looksy. There’s a great little application … Continue reading
Penetration Testing & Capture the Flag
Penetration Testing Nowadays penetration testing is where it’s at. Whether trying to learn security, becoming a white hat, or consulting it’s a must have skill. However, it can be intimidating on where to start. Besides picking up books the next … Continue reading
Posted in forensics, hardware & software, news
1 Comment
Recap of Twitter document leak
There’s a great recap of the recent Twitter document leak here: http://www.thefaredge.com/?p=6996 In summary: HC accessed Gmail for a Twitter employee by using the password recovery feature that sends a reset link to a secondary email. In this case the … Continue reading
Posted in news
Leave a comment
Incident Response Plan Testing
Having a documented incident response plan is a must for any business (unless you’re using managed security services). However, I’ve found that few organizations are actually testing their plans. This also goes for DR and BCP plans — I don’t … Continue reading
Posted in news
Leave a comment
Malware Analyzers Part deuce
Several weeks ago I posted about different free malware analyzers (sandbox environments). I’ve stumbled across another free tool from Mandiant which is their Red Curtain offering. Red Curtain will scan a given local directory or drive and analyze each file … Continue reading
Posted in hardware & software, malware
Leave a comment
Google Hacking
Google hacking has been around for a while but unfortunately it is still very relevant. Basically because the Google crawler is so powerful you can use this to your advantage to discover sensitive data. You can find password files as … Continue reading
Posted in google
Leave a comment
UNetbootin: Live CDs to thumb drives made easy
I’ve always found it a major pain to correctly install a Live CD on a thumb drive. You want to do this because of SPEED. Have you tried running Backtrack from a thumb drive? Load times are incredible and there’s … Continue reading
Unlock iPhone: Run unofficial applications
I just came across these steps in Wired to unlock your iPhone: 1. Update iTunes and Iphone app installe 2. Download Pwnage Tool 3. Select “simple mode” and install Cydia *If anything goes wrong you can reverse the process using … Continue reading
Posted in apple
Leave a comment
Sourcefire (Snort) Network Security Seminar
Last week I attended a seminar by Sourcefire. Their CTO, Martin Roesch, was the speaker. The topic was “Your Network Security Isn’t Good Enough Anymore“. This seminar was ultimately a sly sales pitch for Snort, their IDS product. Roesch talked … Continue reading
Posted in networking, news
Leave a comment