Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories by Hurricane Labs

Written by Rick Deacon Recently I’ve been faced with a very difficult type of question, and it isn’t even technical. No, it’s not the typical ‘How do you find a buffer overflow?’ or ‘Can you write me code entirely in assembly in 20 minutes?’ It’s much more difficult to answer. It’s answer, to many people, may be the ‘key’ they are looking for in this industry. The question is very often phrased as “So what did it take for you to get where you are?” or “How do I get into the security industry?” and even sometimes “How do I become a hacker?” There are many different approaches to this subject, and I firmly believe there only a few ways to truly succeed in security or IT in general. A lot of people assume four years of school is going to land you your dream job, where you’re a hacker in your own peaceful office behind a wall of 6 monitors watching packet captures fly... (more)

IPS Updates, Splunk, Check Point and You

IPS Updates, Splunk, Check Point and You How I Learned to Stop Hating the Term “Zero-Day” but Not Really By: Bill Mathews Zero Day attacks – you know, the ones that almost EVERY signature in your IPS claim to protect you against? Yep those guys, nasty little things. Basically, if IPS vendors are to be believed, those are the things that don’t have a patch yet and have active exploits against them. You update your IPS signatures and BOOM protection from zero day! The problem we always run into, and this is with almost every IPS vendor so I’m not just picking on Check Point here, is... (more)

IT Security: The Cobbler Effect

If anyone has been reading the news lately you have probably noticed that some information security focused organizations are pretty bad at actual information security. From the NSA allowing a low level administrator to walk out with sensitive data (and I’m not getting into that one) to SSL certificate providers having bad SSL certificates, the problem is widespread and affects so many security firms. I have always had the stance that if you can’t secure your own stuff you have no real hope in securing anyone else’s, this is especially true of consulting houses. Of course no one ... (more)

Verifying CRIME, SSLv2 and Plain Text TLS Injection with OpenSSL

If you are a system administrator or penetration tester, you need to be able to check for common vulnerabilities. When configured incorrectly, SSL/TLS has many. There are tons of SSL auditing tools out there, some with more functionality than others, but why add more tools when you can do it yourself? So this is a tutorial on how to install Openssl from source on a Debain system with a few easy modifications so that you will be able to test for CRIME, SSL version 2 and TLS plain text injection. First, you’ll need to make sure you have these programs installed: $ sudo apt-get up... (more)

Cisco Security Routers

Below is a list of suggested commands to be implemented on your Cisco Security Routers at the global configuration level. These are not meant to secure your network, however, they are meant to help secure your network equipment from the network. no service pad  – This disables the packet assembler/disassembler commands and connections between PAD devices. service tcp-keepalives-in/service tcp-keepalives-out – This allows the VTY lines to maintain upkeep on active network connections to the router. service timestamp debug datetime msec localtime show-timezone – This allows date ... (more)