People are always asking me – “Why should I have you run an Alpha scan for me?” Because a hacker may have been there already – not a “good” ethical hacker, but the Black hat variety: As the Internet Storm Center discusses today: the Infosec community forum post There are certain ports that should not … Read more
nmap.org has some info, but we also review sites with insight into scanning. Nmap is short for Network Mapper. Ethical hacking – Penetration Testing By Bhargav Tandel Nix Craft also a good site about nmap insights NixCraft is an online community of new and seasoned Linux / Unix sysadmins who want to make the … Read more
how to test for vulnerable Bash shell: Execute the following: $ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” on the command line, if it comes back with this is a test then the system is vulnerable If the system returns: bash: warning: x: ignoring function definition attempt bash: error … Read more
Taosecurity has an interesting post. Is your network a jumble of wires andnetwork equipment but not yet ordered? Hiring a 19 year old hacker without an Associates degree and some hacking knowledge does not make a secure corporate environment. The ststaement by blogger Richard Bejtlich “Young has repeatedly assigned Brewer to hack into Butler’s computer system. … Read more
The Onion gives a joking reference as to how some choose their passwords. Putting your livelihood in the ability of hackers to guess your favorite TV show is funny. Some in the security industry recommend passwords to be built with lots of special characters 8 digits long, upper and lower characters, even as that method … Read more