Cloud. DNS. Forensics. Honeypot. SSL. Pentest. Using WinDbg to Begin Reverse Engineering Unknown Malware from Memory. Hacks. PwnedList. Registry Decoder: Digital registry forensics. Home Of PaulDotCom Security Podcast. Network Security Blog.
Security Blogs. How to check if your details have been compromised. Ever wonder where the term "Pwned" came from?
Rumour has it that is started with the game World of Warcraft (WoW), where a map designer, intending to write "the player has been owned", mistyped it as "the player has been pwned". In any case, it is widely used today to mean you have been screwed in some way. So there I was, perusing the web, and I found this rather interesting piece on Brian Krebs' blog called Are you on the Pnwedlist? , a piece which introduces a new service from DVLabs (part of Tipping Point) called PwnedList.
PwnedList introduces itself as "...a tool that allows an average person to check if their accounts have been compromised. Now this will sound like great news to a lot of people. And no doubt that it could be useful if you needed proof that your identity has been compromised and wanted to "prove" the case to your bank or other businesses you interact with. This is not the first site to offer this service. Do you use the same password on several sites? Publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=%2Fliaai%2Fselinux%2Fliaaiselinuxstart.htm. Using Debian/Hardened SELinux — Debian SELinux Handbook v0.1.
Blog TechBiz Forense Digital. Livros para quem quer aprender sobre segurança da informação. Por Gustavo Lima+ em 14/09/11 às 3:29 pm A editora Jonas & Bertlett lançou um conjunto de 12 livros focados em segurança da informação e altamente recomendados.
Estes livros compõem a série Information Systems Security & Assurance Series, ISSA. Eu acabei adquirindo na minha última compra o Security Strategies in Linux Platforms and Applications que por sinal é excelente. Esta série de livros tem como objetivo ensinar/treinar o leitor nos principais temas que envolvem segurança da informação, para isso, a editora criou um método bem interessante, no final de cada capítulo há um questionário sobre aquilo que foi explicado.
Excelente para os preguiçoso. Google is Your Friend - If You're a Lulzer. While the digital paparazzi were lined up waiting to snap photos of the Lulzboat crew getting vanned, some of us focused on how this collection of low tech script kiddies were able to knock over SONY, AT&T, the CIA, Arizona's DPS and numerous other sites and make off with highly confidential contents again and again.
It turns out that they had an accomplice, Google. Now before the good townspeople grab their torches and pitchforks and beat a hasty path to Mountain View, let it be known that Google's part in these massive hacks isn't actually Google's fault. Or perhaps it can be if the public still wants to blame them anyway and question why this information is there on Google for the taking in the first place. But that's not really the issue at all. The blame in my opinion lies once again with the administrators of the sites which were attacked. After all, page crawls weren't considered privileged information - they're all part of the "public internet" available to anyone who drops by.
A Tcpdump Tutorial and Primer. Image from securitywizardry.com tcpdump is the premier network analysis tool for information security professionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/IP. Many prefer to use higher level analysis tools such as Ethereal Wireshark, but I believe this to usually be a mistake. In a discipline so dependent on a true understanding of concepts vs. rote learning, it's important to stay fluent in the underlying mechanics of the TCP/IP suite. A thorough grasp of these protocols allows one to troubleshoot at a level far beyond the average analyst, but mastery of the protocols is only possible through continued exposure to them.
When using a tool that displays network traffic a more natural (raw) way the burden of analysis is placed directly on the human rather than the application. Options Below are a few options (with examples) that will help you greatly when working with the tool. Basic Usage Common Syntax. Coruja de TI Indica o Livro: The Art of Computer Virus Research and Defense [Paperback] Por Gustavo Lima+ em 29/09/11 às 8:16 am Rafael, um profissional que já trabalhou na pesquisa e no desenvolvimento de vacinas e antivírus, indicou o livro, The Art of Computer Virus Research and Defense, o qual foi base para o seu curso de pós-graduação focado na análise de Malware.
SSHtrix - Multithreaded SSHv1 e SSH1v2 cracker. Por Gustavo Lima+ em 17/09/11 às 9:54 pm SSHtrix é uma daquelas ferramentas que precisam constar no seu cinto de utilidades de pentest, eles simplesmente consegue realizar login cracker multithreaded em SSHv1 e SSHv2.
Simples, rápido e fantástico, essa ferramenta é muito útil na hora de realizar um teste para saber se a password utilizada para o usuário X via ssh está forte ou não. How To Set Up SSH Encrypted MySQL Replication - Network Computing - StumbleUpon.