The blog has moved…

November 9, 2008

After much thought and consideration, I decided to move my blog from wordpress.com to my own domain.  The decision has nothing to do with the service provided by wordpress.com. I have never had any problems with this blog while it has been hosted by wordpress.com.

There are other things I want to do with the blog that will be easier if I have more control over the software and how it is setup.

So, it now lives here: http://www.infosecramblings.com.

If you are subscribed to the RSS feed via http://feeds.feedburner.com/InfosecRamblings, you shouldn’t need to do anything.  The changes I will make to the feed should be transparent to you.  If you are are subscribed to the http://infosecramblings.wordpress.com/feed, you will either need to change to the feedburner feed or use http://www.infosecramblings.com/feed instead.

Kevin


Interesting Information Security Bits for 11/07/2008

November 7, 2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

  1. Virtualization: How to Isolate Application Traffic
    Lori has penned a nice article pointing out how we can use VLANs to isolate application traffic. She makes and excellent point in the article, “we’ve grown to use VLANs as an architectural tool rather than a security tool, and often don’t consider how valuable such a simple, existing technology can easily be applied to more emerging, cutting edge concepts.”
  2. Typical Injection Points in a Web Application | Startup Security
    Damon fills us in on some good spots to check for vulnerabilities in web applications.
  3. Discovering Rogue Access Points With Nmap
    Nifty way to detect rogue wireless APs from the wireside.
  4. Researcher: Android may not need antivirus software
    Now I’m not saying you have to have anti-virus software for your mobile device, but I sure don’t agree with several of the statements made in this article.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin


Interesting Information Security Bits for 11/06/2008

November 6, 2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

  1. TaoSecurity: Defining Security Event Correlation
    Richard has a good post up on defining security event correlation. Go check it out.
  2. Why use Firefox << Techdulla
    Techdulla tells us why he uses Firefox for his browser. I agree with everything he says and will add that putting the AdBlock add-on into place makes it even better.
  3. HiR Information Report: Xorg.conf for OpenBSD MacBook / Parallels
    Ax0n is here to help you get Xorg running on your Mac using Parallels.
  4. Android-Powered G1 Gets Antivirus Software — Google Android — InformationWeek
    Looks like you can get Anti-virus software for your G1 phone.
  5. Once thought safe, WPA Wi-Fi encryption is cracked
    Oops. Time to upgrade to WPA2. Okay, you don’t have to run out right now and do it, but it looks like some researchers have found a method of getting the TKIP key in a short time frame.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin


Interesting Information Security Bits for 11/05/2008

November 5, 2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

  1. CSI Stick – So who has a copy of your phone? << SANS Computer Forensics, Investigation, and Response
    This is both very cool and very scary. Tool that allows you to quickly and easily suck the data out of a cell phone or smart phone. So much for locking the keyboards on those puppies.
  2. Assuming the breach: What is good pen-testing?
    Planet Heidi has some good guidance for effective pen testing. You should go read it if do them and, more importantly, if you get the results.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin


Interesting Information Security Bits for 11/04/2008

November 4, 2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

  1. /dev/random >> Blog Archive >> Critical dns2tcp Vulnerability!
    Looks like dns2tcp has a vulnerability that needs to be taken care of. Time to upgrade.
  2. TrueCrypt – Free Open-Source On-The-Fly Disk Encryption Software for Windows Vista/XP, Mac OS X and Linux – Documentation
    A new version of Truecrypt is out. Version 6.1 was released on October 31st, 2008.

    Hat tip: Xavier at http://blog.rootshell.be

  3. Research Blog – Research – SecureWorks
    A very nice description and review of the worm that is trying to take advantage of MS08-067.
  4. PCI Blog – Compliance Demystified >> Blog Archive >> Cloud computing security and PCI
    Another good article about PCI and cloud computing.
  5. Tenable Network Security: Log Correlation Engine 3.0 Released
    Like the title says, Tenable has released a new version of their Correlation engine.
  6. Man cops to $1m phony bar code shoplifting scheme * The Register
    Real life shopping cart hacking :)
  7. Security at the point of sale
    An interesting article about the different ways that thiefs are exploiting retail checkout systems.
  8. Core Security finds critical Adobe Reader hole | Latest Security News – CNET News
    Looks like it’s time to patch Adobe Reader again.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin


Resources to increase your info security knowledge and benefit your infosec career…

November 4, 2008

@GeekGrrl posted a note on her blog asking this question:

1) How would you recommend getting started on a career toward Network Security/Network Pen Tester?

She has some follow-up questions to that first one requesting some specific information. Go read her post and then come back.
.
.
.
.
Okay, here is what I suggested. Obviously, not exhaustive.

Here is a good blog post that might help.

http://www.leune.org/blog/kees/2008/10/-tips-for-getting-started-1.html

1) Certs -

  • If you want to be technical, I would start with the SANS GSEC cert. Make sure you go for the GOLD cert and not just the silver. This cert will give you a good base to build on.
  • From there, move on to firewalls, ids, etc.  as appropriate.  SANS certs are the best technology agnostic certs around.

2) Cons

  • Defcon – cheap and worthwhile.
  • Keep doing what you are doing, watch and read the presentations after they are posted. Garret Gee over at Infosecevents usually posts links to archives when he comes across them.

3) Associations

  • See if there is an Infragard chapter nearby.  Free and often strong in cyber security.
  • Start a chapter of http://www.naisg.org/. You will probably learn more and meet more people that can help you doing this than anything else.

4) Books

5) Other

Finally, VirtualBox is a great free virtualization platform for Windows and Linux that will let you setup VMs like DVL to hack against.

Go ahead and offer up your suggestions in the comments.

UPDATE: On the drive home I today, I was still thinking about this question and I realized I left off one things that an individual can do that will probably reap more benefits than any of the items listed above.

Find a mentor.

Find somebody who has been in the business for a while who is willing to let you bounce questions off of them and is willing to give you the benefit of their experience when you hit situations that you are not familiar with. Somebody who can offer you those second opinions that can be so helpful.

Here is a link to a bunch of articles on finding a mentor and the mentoring relationship. The articles are not infosec related at all, but still apply.

http://www.inc.com/guides/growth/24509.html

Kevin


Interesting Information Security Bits for 11/03/2008

November 3, 2008

Good afternoon everybody! I hope your day is going well.

Here are today’s Interesting Information Security Bits from around the web.

  1. Microsoft: Trojans are huge and China is tops in browser exploits | Latest Security News – CNET News
    An interesting report has been put out by Microsoft that is worth a gander.
  2. Google patches Android security flaw | Latest Security News – CNET News
    There is a patch available for your G1 phone. Better go get it done if you haven’t already.
  3. Cloud Computing: It’s the destination, not the journey that is important
    Lori has a very good point here. You should go read her article because it applies to all of us.
  4. PortSwigger.net – web application security: [MoBP] Filtering and deleting content
    Interesting things going on with the Burp Suite. New features and a major release just around the corner.
  5. PortSwigger.net – web application security: [MoBP] The new target site map
    More cool stuff.
  6. ToorCon X Presentations | Infosec Events
    Yup, more reading.
  7. OWASP NYC AppSec 2008 Video | Infosec Events
    and watching.
  8. Network Security Blog >> PCI Compliance in the Cloud: Get it in writing!
    Martin has written a article that you should read if you have any responsibility for PCI.

That’s it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin


Follow

Get every new post delivered to your Inbox.