Welcome!

Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Hurricane Labs

IPS Updates, Splunk, Check Point and You How I Learned to Stop Hating the Term “Zero-Day” but Not Really By: Bill Mathews Zero Day attacks – you know, the ones that almost EVERY signature in your IPS claim to protect you against? Yep those guys, nasty little things. Basically, if IPS vendors are to be believed, those are the things that don’t have a patch yet and have active exploits against them. You update your IPS signatures and BOOM protection from zero day! The problem we always run into, and this is with almost every IPS vendor so I’m not just picking on Check Point here, is how do you know when an update is available? As much as most vendors would like it we are simply not logged into their console all day long so their automated “hey you have an update” thingy is not useful. This was a big problem for us because we manage a lot of firewalls so what to do, wha... (more)

So You Wanna Be an Information Security Superstar?

Written by Rick Deacon Recently I’ve been faced with a very difficult type of question, and it isn’t even technical. No, it’s not the typical ‘How do you find a buffer overflow?’ or ‘Can you write me code entirely in assembly in 20 minutes?’ It’s much more difficult to answer. It’s answer, to many people, may be the ‘key’ they are looking for in this industry. The question is very often phrased as “So what did it take for you to get where you are?” or “How do I get into the security industry?” and even sometimes “How do I become a hacker?” There are many different approaches to... (more)

CodeMash 2010: Show Report

I've had the pleasure of spending yesterday and today (and I'll be here tomorrow too) at the 2010 CodeMash conference in Sandusky, at the spectacular Kalahari resort (if you've never been here, its way worth it). We attended the "precompiler" presentations yesterday, and have been to 3 presentations so far today. While the conference seems very heavy on the Microsoft and Ruby fronts (almost every presentation has had C# or Ruby code, some of them have had both), there's a lot of good stuff to come away with anyways. For example, the two presentations we attended yesterday discussed... (more)

The Ins and Outputs of TCPDUMP

The Ins and Outputs of TCPDUMP By: Nicholas Beris As a Network Engineer, I spend a lot of time on, in, and around the terminal. Many of the systems that I work with are remote and taking the time to download a packet capture in the middle of an emergency call and waiting for Wireshark to get the necessary details is just too much of a hassle. (Plus, it makes me feel like I’m an operator in the Matrix with the scrolling code.) Now don’t get me wrong, Wireshark is a great tool and has many uses, but a lot of times it’s just not practical. Besides, are you really going to download ... (more)

Review of Certificate of Cloud Security Knowledge

By Bill Mathews Recently (well, last night) I had the opportunity to take the Certificate of Cloud Security Knowledge exam and just wanted to put out some of my thoughts while they were fresh in my head. I always like to take a random sampling of certifications. It’s fun to challenge myself (some are more challenging than others) and it gives me a good idea of what sorts of training and certificates I’d like my guys to have (if any). I’ve never been the biggest fan of some of the bigger ones out there, but we’ll save that for another post. The bulk of the CCSK covers the Cloud ... (more)