Wednesday, June 25, 2014
Labels:
data breach
,
disclosure
,
opinion
,
reporting standards
Read More
We've Found No Evidence...Means What Exactly?
For its part, LexisNexis confirmed
that the compromises appear to have begun in April of this year, but said
it found “no evidence that customer
or consumer data were reached or retrieved,” via
the hacked systems. The company indicated that it was still in the process
of investigating...
Thursday, June 12, 2014
Labels:
back track 5
,
metasploit
,
postgresql
Read More
BackTrack 5r3: Make it a Team Effort
Background
In October 2012, I was prepping for our finals round in the Global CyberLympics competition (where we took 2nd place).
From previous practice sessions, my team and I agreed the best way to distribute information rapidly (and visually) among team members was to use Armitage's...
Friday, April 18, 2014
Labels:
CTF
,
forensics
Read More
Write-Up: [SOLVED] SANS Easter Challenge - The Mystery of the Missing Easter Bunny
WARNING
Complete spoilers ahead! If you want to try the challenge first on your own, do not read this post. You've been warned.
Bunny-Napped!
Scenario: The Easter Bunny has been kidnapped, and YOU have to save him! Quickly collect yourself and help save him. Put...
Tuesday, April 1, 2014
Labels:
security
Read More
Spring Cleaning the Security Settings
Clean Up Those Security Settings!
I Decided did at a minimum each Spring I would endeavor to review my security settings across websites, apps, browser, and devices to make sure all security switches were enabled to the fullest extent possible. I'm posting this entry as a cheat...
Friday, March 21, 2014
Labels:
packet analysis
,
Wireshark
Read More
Packet Analysis 101 - Wireshark's Packet Details
"The time has come," the Walrus said,
"To talk of many things:
Of bits-and bytes-and frame headers--
Of trace routes-and pings...
You've already seen how to use Wireshark to take a packet capture, how to set capture filters, and how to set display filters. In this post, we're...
Labels:
headers
,
http
Read More
HTTP Host Headers
Why are Host Headers important?
Host Headers are sent in the HTTP GET request to instruct the webserver to send content back for a specific website. This is necessary for webservers that host multiple websites (think shared hosting), so the hosting server can match the content to the Host Header and serve up what website.
Here's a video demonstrating multiple sites...
Wednesday, March 19, 2014
Labels:
CTF
,
maccdc
Read More
MACCDC 2014: Virtual Quals Lesson Learned
MACCDC 2014 - Virtual Qualifier Round
Some found my MACCDC 2013 write-up helpful, and more information is always better, so here's this year's lesson learned for the virtual qualifier round.
Choose a later time slot
This lesson is pretty subjective and I don't mean for it to...
Tuesday, March 18, 2014
Labels:
CTF
,
maccdc
Read More
MACCDC 2014: Sahana Eden Write-Up
This year, I was tasked to a linux box, even though my greater strength is in Windows. With the theme of this year's MACCDC being related to disaster recovery, I discovered the distro I had was Sahana Eden.
The tl;dr of this part is that I recommend once you learn of...
Tuesday, February 18, 2014
Labels:
packet analysis
,
Wireshark
Read More
Packet Analysis 101 - Wireshark Display Filters
Now that you're familiar with capture filters, let's discuss display filters.
It's a port scan!
Display Filters
Display filters can be applied during a live packet capture, as well as when reviewing an old packet capture like the one above (provided for the MDC3 forensics qualifying...
Friday, January 31, 2014
Labels:
packet analysis
,
Wireshark
Read More
Packet Analysis 101 - Wireshark Capture Filters
We're going to first discuss one of the two types of filtering available with Wireshark: capture filters. Before I go any further, if you're confused about what filters are and/or what Wireshark is, check out my first blog post to learn how to take a packet capture.
Capture...
Tuesday, January 28, 2014
Labels:
packet analysis
Read More
Packet Analysis 101 - Initiating the Capture
Let's Look at the Packets!
How often have you heard, "This application isn't working. Is it the [IPS/IDS/Proxy/Firewall] again?"
Ten years ago, when someone couldn't check their email or perform a web-based task, it was always a question of whether the server was actually receiving...
Sunday, January 12, 2014
Labels:
HTTPS
,
SSL
Read More
HTTPS, SSL, and [Perfect] Forward Secrecy
The events of 2013 have raised awareness about the capability to eavesdrop on Internet conversations many thought were protected from eavesdropping. There are many articles about HTTPS, SSL, and [Perfect] Forward Secrecy, but I've found that none really reference the information...
Subscribe to:
Posts
(
Atom
)
